On March 12th 2019, the Guernsey Financial Services Commission (GFSC) announced that it had issued a revised Handbook on Countering Financial Crime and Terrorist Financing, which came into effect on March 31st. The goal: To bring the Bailiwick’s legal structure for anti-money laundering (AML) and counter-terrorist financing (CTF) regulations in line with the international standards that the financial action task force (FATF) issued in 2012.
“How can we ensure compliance before the deadline?”
“How much will it cost us?”
These are just a couple examples of the questions raised after the announcement by every affected compliance department.
The typical reaction we see when a new set of rules is deployed is the immediate adoption of an implementation-mindset. Firms read the new rules, perform gap analysis, list a series of open points and action items…
A different perspective
However, financial firms cannot—and should not—reduce the process of applying AML and CTF regulations to implementing and adjusting a set of provisions to suit their standing policies, simply to “prove” to regulators that they have taken proper action. The implications of adhering—or not adhering—to AMF and CTF standards go far beyond just keeping in line with regulations to avoid fines and sanctions. As the FCA highlights in this short video, money laundering involves the “cleaning” of monetary proceeds from a wide variety of crimes, from fraud to terrorist attacks. Therefore, AMF and CTF regulations exist in order to prevent criminal activity and, more importantly, to ensure a safer world.
Why then are there so many blocks in the flow of know your customer (KYC) management which, in turn, make it harder to keep us safe?
What stands in the way of smooth KYC/AML management?
When regulations’ implementation requirements have a global reach and new provisions are added, a broader set of challenges come into play.
The greatest challenge: silos. Data, systems, departments—More often than not, they are all siloed!
Why? When clients provide pieces of information through different touchpoints and channels, it is collected and stored, often scattered across a multitude of systems and databases. This results in inconsistencies, pendings, and duplicates, which are all too common in this space. Because of this, processes like onboarding can turn into a nightmare of intrusive back-and-forth communication with the client. With this set of circumstances, you can safely assume that periodic risk-based reviews, too, become extraordinarily burdensome.
Another challenge which makes these processes even more cumbersome is the fragmented legal framework across jurisdictions, which renders it almost impossible for a global standard to be the unique reference policy for financial institutions around the world.
Indeed, the clients these firms serve don’t make the situation any more straightforward. UHNWIs and HNWIs are not the easiest customers to manage, as they often have a complex network of interests and households spanning across multiple territories. While they may reside in one particular country, they may have business in another, and non-residential property in another. A proper and compliant KYC practice cannot leave out any factor.
And costs... We cannot avoid talking about the challenge of costs. As an LMRR associate pointed out at Appway’s recent AML Forum in Guernsey, for most small and medium institutions, the effort and costs connected to implementing a comprehensive KYC strategy are too much to bear.
It is clear that the revised Guernsey Handbook poses particular challenges related to the implementation of the new provisions. At the same time, the revisions allow firms more flexibility in leveraging technology to handle the new framework. However, this flexibility can be overwhelming for firms who have not yet adopted a technological approach, especially one to be applied at scale.
While this may appear as a conundrum for firms who are struggling to adjust, there are ways to overcome these challenges. Stay tuned next week for Part Two, where I will discuss the steps you need to take to make use of innovative technology not only to stay in line with regulations, but also, and more crucially, to survive in the digital age.