From May 2020 to April 2021, global cybercrime spiked by 600%. How can distributed workforces and workers protect themselves from common security...
Customer Due Diligence for Banks: How Can Technology Accelerate This Process?
Use technology to streamline rote manual tasks in your CDD and KYC processes by gathering and analyzing customer information efficiently.
With bank fraud and money laundering risks riding a third consecutive year-over-year increase, the cost of financial crime compliance and customer due diligence (CDD) for banks has ballooned since 2019. By the end of Q4 2021, the average annual cost of financial crime compliance for institutions holding at least $10 billion in assets had risen to $27.8 million, up 36% from 2020 and a staggering 95% since 2019.
Financial crime prevention requirements for banks in the U.S. fall under the umbrella of the anti-money laundering (AML) and anti-terrorism financing provisions of the 2001 Patriot Act. AML regulations apply to businesses in many industries, but in the finance industry, the primary compliance controls consist of the know your customer (KYC) process and its subset process, CDD.
The CDD Rule
Since 2018, the U.S. Financial Crime Enforcement Network’s (FinCEN) CDD Rule has involved four core requirements financial institutions are obligated to meet for compliance. The CDD Rule applies whenever financial institutions acquire new customers or when existing customers change the nature of the existing business relationship, and at regular intervals with existing customers in varying degrees according to risk assessments.
The four requirements of the CDD Rule are that institutions take reasonable steps to:
- Verify customer identities
- Verify the identities of all beneficial owners of account-holding companies
- Define the nature of business relationships with customers to develop customer risk assessments
- Perform regular monitoring activities, update customer information, and report suspicious activities to authorities
Collecting and Verifying CDD and KYC Information
Banks and other financial institutions complete CDD and KYC processes by requesting client documentation. Although CDD and KYC requirements vary by institution, the minimum attributes to establish client identity will include:
- Full name
- Date of birth
- Relationship to the customer for authorized persons
- Home and business addresses
- Description of business relationship with the financial institution
To meet identification requirements, clients must submit a variety of documents containing personally identifiable information (PII) such as:
- Passports, driver’s licenses, or other government-issued IDs
- Utility and insurance bills
- Bank account statements
- Tax returns
Banks rely on clients to submit identity documentation on their own, through hard copy, email, or a secure file-sharing service. Once client identities are established, banks compare identities to lists of individuals and organizations known to law enforcement agencies to be involved in or suspected of, financial crimes. In this process, banks commonly consult:
- US Department of State sanctions list
- Specially Designated Nationals and Blocked Person Lists (SDN)
- Financial Action Task Force lists (FATF)
- State Sponsors of Terrorism list
Streamlining CDD Compliance with FileInvite’s KYC Templates
As compliance costs for CDD and other KYC/AML requirements continue to rise, banks are increasingly looking for new developments in technology and process automation to improve efficiency and mitigate losses. Just a few years ago, studies showed that software-as-a-service (SaaS) platforms for secure file sharing and document process automation were scarce and lacked sufficient security and standardization to warrant widescale adoption in the financial industry.
Today, FileInvite offers a file-sharing and document collection platform with bank-grade security that significantly streamlines many rote manual tasks in CDD and KYC processes.
For example, the CDD Rule’s first two requirements – customer and beneficial owner identification and verification – have traditionally involved prolonged, ad hoc document exchanges through email attachments and delivery of hard copies. With FileInvite’s secure document portal, customers can upload all compliance documents directly to a central repository where both customers and their representatives can monitor ongoing progress. The platform also includes:
- Mobile compatibility for customers to take and directly upload photos required in identification processes
- Standardized CDD and KYC templates – containing comprehensive lists of required customer documentation used throughout the industry – that organizations can use to jumpstart their processes
- Configurable templates for institution-specific KYC requirements – as U.S. law only provides broad guidelines rather than a definitive enumeration of requirements that applies in all cases
- Settings for automated notifications to clients and their representatives regarding impending deadlines for application documentation
- SOC (service organization control) 2 Type 2 compliance, ensuring end-to-end 256-bit encryption for all sensitive documentation in transit and at rest
For new customers, these capabilities radically reduce onboarding time – by as much as 80% in the document collection phase. As onboarding difficulties result in abandonment by 63% of new banking customers, faster processing times drive both customer acquisition and satisfaction.
For an institution’s existing customers, ongoing CDD and KYC processes – whether routine or for modifications to existing business relationships – can be a tedious time sink. With FileInvite, banks can automate document requests and notifications for ongoing verification tasks, allowing customers to upload documents at their convenience and without the risk and inconvenience of email and hard copy exchanges.