Tightening AML regulation has led to stricter KYC procedures, leaving financial institutions maneuvering on a very thin line of trust between them and their clients.
March 17, 2021. Regulators continue to refine anti-money laundering (AML) safeguards to combat financial crime: the new AML6 directive introduces a more complex KYC process, mandating to drastically widen the scope of required client data. However, with the new requirements in place, financial institutions (FIs) are scratching their heads about how to balance between seemingly invasive questioning of their customers while maintaining their trust and, most importantly, remaining AML compliant.
In 2020, fines related to AML, KYC, data privacy for FIs hit a whopping $10.4 billion, thus the tightening policies are not without precedent. That said, some of the regulators opt for a more flexible approach when enforcing new regulation, for instance, The Bank of Lithuania, deemed to be one of the most progressive EU regulators.
Back in February, Jekaterina Govina, Executive Director of Supervision Services at the Bank of Lithuania, had highlighted market players should not go overboard while implementing additional compliance safeguards and only take measures that are proportionate to the perceived risks.
According to Marius Galdikas, CEO at ConnectPay, it is great to see the Bank of Lithuania standing by its position as a forward-thinking regulator. He also suggested that a more intense dialogue during the auditing could, in fact, facilitate the process even further for all parties involved.
“When trying to understand the customer’s field of business, sufficient information and documents must be obtained. Uncertainty about what is considered “sufficient” and the fear of non-compliance leads to excessive demands for the customer, which, in turn, increases friction and damages the overall customer experience. Thus, the current situation leaves little room for FIs to maneuver between compliance and facilitating a smooth KYC process,” said M. Galdikas.
“I think a more dialogue-based approach could cushion the impact of new regulations for both sides, aiding the regulator in ensuring compliance and giving more time FIs to smooth out any discrepancies,” he added.
One of the latest requirements also dictates that when carrying out transactions amounting to 15.000 euros or more, a payment service provider has to initiate a mandatory KYC process in a 24-hour timeframe in order to verify the client’s identity. This adds to the list of requirements that, according to Galdikas, at times seem excessive due to the imposed timeframe, thus may act as an unnecessary distraction for businesses.
”Complying to such requirements ends up being a significant investment, on top of providing a good customer experience and quality product, and could very likely result in confusion about where to focus the company‘s efforts,“ Galdikas said.
He delves deeper into this discussion with Claus Christensen, CEO and co-founder of regtech Know Your Customer, in their RegTalks podcast. In the interview, the two executives discussed the future of payments and financial regulations, exploring the importance of collaboration among a variety of industry players to drive innovation in financial services.
In light of these circumstances, ConnectPay has taken up to revamp their onboarding process and adopt a more case-by-case approach. This will enable them to set clear expectations for their clients from the get-go, while at the same time addressing any industry-specific compliance nuances during the pre-application stage.
“We have identified the key criterion as a separate part of the application process allowing us to segment clients more diligently. This now allows us to build automation that considers requirements from different jurisdictions, industries, etc. saving time for both us and our customers, and preempting any unnecessary communication “ping-pong” down the road.”
He also notes the new approach will help to bridge the information gap for the customers, explaining why it is necessary to collect certain data. “Disclosing regulatory requirements at the very beginning of the partnership prevents customers from feeling blindsided by a plethora of questions as they are fully acquainted with the mandatory procedures and why they are important for ensuring service security and transparency.”