AML measures for non-face-to-face customers

AML measures for non-face-to-face customers

Financial institutions and DNFBPs have moved to the next level of customer service. One such aspect that they cover is non-face-to-face customer onboarding or transactions. However, the ML/TF risks associated with such customers are high, and that is why you need well-defined and strict AML measures for non-face-to-face customers.
A customer’s physical absence during onboarding is a red flag of money laundering or other financial crimes. Also, such customers avoid meeting the officials of regulated entities. In some cases, customers are present at the time of onboarding but conduct all transactions remotely. Such non-face-to-face (NFTF) customers have a high risk of money laundering for these entities.
To negate the chances of money laundering, you need to be extra careful during identity verification. That is, again, a task since you must have more documents to verify identities and addresses.
The task of onboarding a remote customer is full of challenges, and here is the article that provides insights on implementing appropriate AML measures for non-face-to-face (NFTF) customers.

How do non-face-to-face clients pose a threat to your business?

Technology has made rapid inroads into DNFBPs, VASPs, and FIs. Customers require on-demand, anytime, and anywhere services. They want to perform remote and digital transactions to avoid physical presence and visits. These are digital transactions conducted via mobiles or the internet.
ID verification and KYC software make all of these possible. Many regulated entities, especially banks and other financial institutions, have embraced such digital business methods.
Customers prefer digital transactions to avoid visiting the vendor’s offices.
AML measures for non-face-to-face customers
The biggest demotivators are the hassle of visiting the office, providing hard copies for conducting transactions and standing in queues. Digitally, you can manage several transactions at your convenience with online documentary proof. So, less effort and faster service.
But, in such cases, money laundering risks for the regulated entity increase. Remote onboarding of non-face-to-face customers exposes DNFBPs and VASPs to the following risks:

Fake identities

Customers can use fake identities to open an account with your business and conduct transactions. Since you won’t be able to associate their wrongdoing with a face and identity, it becomes difficult to capture them. This anonymity of non-face-to-face customers increases the ML, TF, and PF risks for your business.

Limited visibility of customer behaviour

Physical interaction with customers enables an understanding of their behaviour. In the absence of such face-to-face meetings, you have no idea of their conduct and actions. So, it becomes difficult to identify suspicious behaviour, activity, or transaction.

Transaction speed

Digital transactions are faster than normal in-person transactions. So, money launderers prefer to engage in non-face-to-face transactions so that criminal activity occurs faster before anyone detects suspicious behaviour.

Hidden ownership structures

In the case of non-face-to-face customers, understanding the ownership structure is challenging. They might be using this anonymity feature to hide their beneficial ownership. There might be possibilities of the presence of shell companies to conduct transactions. This is a widespread way by which non-face-to-face clients launder money.
With in-person onboarding, the compliance team gets a chance to ask questions and counter-question the customer. Remote onboarding works in a pre-defined way and offers little flexibility. Further, the human element is missing, so judgement is on technology to identify suspicious customers and their activities.

Cross-border transactions

Engaging in cross-border transactions is the most effective way for non-face-to-face financial criminals to conduct crimes. Identifying the origin and destination of funds in transactions conducted across different jurisdictions is challenging. Also, it becomes easier for anonymous customers to hide these details or produce false documents. This is how money laundering occurs predominantly in such cases.

Third-party risks

DNFBPs and VASPs who rely on third parties to conduct KYC and CDD expose themselves to ML/TF risks if the third parties do not adopt adequate procedures for customer identification and verification. The criminals may exploit the vulnerabilities existing in third-party KYC and onboarding procedures and misuse the system.

Data security and privacy

Online onboarding exposes the firm to data security and privacy breaches. The genuine customers’ accounts may be taken over by criminals to perform their illegal activities, and this exposes the DNFBPs and VASPs to various types of ML/TF risks.
You must devise and apply effective AML measures to reduce the risks of such occurrences and fight the money laundering threats.

Common ML/TF Typologies employed through NFTF Channels

Smurfing and structuring are the most common ML/TF typologies employed by criminals onboarded through NFTF channels.

Structuring

Criminals are resorting to structuring split large transactions into several small transactions to avoid their detection. Normally, regulators across the globe have specified thresholds for reporting cash transactions. The criminals smartly plan their transactions to avoid crossing the thresholds.

Smurfing

Smurfing is similar to structuring. Here, the criminals split transactions into small amounts and use multiple parties to deposit funds into the banking system.

Effective AML measures for non-face-to-face customers

Following are some of the effective AML measures that you can carry out to manage your ML/TF risks arising out of the digital onboarding of customers:

Develop a risk-based approach to respond to risks related to non-face-to-face clients

Understand that the risks from non-face-to-face clients are high. So, you must be better prepared for such customers. Your AML measures for non-face-to-face customers must be well-planned and defined. Give it due importance in your scheme of things so that you can prevent and avoid the risk.
Take a risk-based approach to such customers depending on the following factors:
  • Industry of your operations
  • Location of customers
  • Money laundering threats from customers
If customers’ risks are high, enhanced due diligence measures should also be implemented. If the risk is low, you can continue with the existing KYC and simple due diligence.

Create customised identification and verification procedures

Since the risk is high, you can have custom identity checks to protect your business. Define the minimum criteria for accepting non-face-to-face customers. This depends on the nature of your business operations. If your sector is more susceptible to money laundering threats, it’s better to avoid such remote online customers. You can define new verification procedures like submission of more documents, manual visits to the client’s office, or any other relevant action.

Conduct in-depth KYC to understand the risks of non-face-to-face customers

The first thing to match for the regulated entities is the customer’s face with the identity document. You make a decision based on a match or no match. However, in the case of non-face-to-face clients, the customer’s face is not available to match. This is a big challenge for you.
You can face such situations when onboarding a new remote customer or while conducting a transaction. So, you must have a stringent KYC policy to know your customers better. The KYC and CDD measures are the same, plus some additional aspects. Since the risk is higher, you must ensure the following:
  • Check for certification and attestation of documents. Such certification must be from specific authorised individuals or organisations. Such attestation can facilitate higher credibility in the authenticity of documents.
  • You must also ask for additional proof to know the non-face-to-face clients better. These documents must be from reliable sources that can verify these customers’ identities.
  • Have a known third party to guarantee the authenticity of such customers. Check if your existing customers, suppliers, or associates have complete knowledge of these customers. Also, ensure that you have complete KYC and due diligence of these third parties.

Consider the non-face-to-face clients’ geographical location

One aspect that you can consider critically is the geographical location of your customers. Be very careful about who you onboard as a customer. Have second thoughts if the customer is from any of the following jurisdictions:
  • Economically sanctioned
  • Weak AML controls or financial systems
  • Politically unstable
  • High levels of corruption, drug trafficking, human trafficking, terrorism, or smuggling
If your non-face-to-face customer is from any of the above jurisdictions, the smarter decision would be not to onboard them. By onboarding them, you’ll increase your risk exposure. You’ll need to put more effort into KYC and CDD before transactions.

Apply enhanced due diligence measures for non-face-to-face clients

You don’t have the customer in front of you for conducting the transaction. It means identity verification is a challenge. Since the risk is high, you can’t let it go. So, you must apply enhanced due diligence measures to prevent the risks of financial crimes:
  • Exercise caution before engaging in transactions with these non-face-to-face clients. The first payment must be from a known bank account in the customer’s name. Even for the succeeding transactions, check the details thoroughly.
  • Use safe and secure electronic identification technologies to verify the identities of your non-face-to-face customers.
  • You can also check the national registers of trade, businesses, associations, and patents. Even the population and credit data registers can help you confirm the identities of your non-face-to-face customers.
A combination of these identification and verification techniques can ensure the authenticity of your customers’ documents and identities. But do check the dates of the latest updates to these registers for timely information.

Hire third parties for identity verifications of cross-border customers

Dealing with non-face-to-face clients becomes challenging when they reside in other countries. The identity documents are different from the local UAE documents. However, you must get all possible identity and address evidence from your customers. Now, match the details provided by the customers with these documents.
One solution in these cases is to hire third parties for such certifications to prove the authenticity of documents and identities. However, you must be careful before engaging with a third-party provider. Ensure that the provider is registered and licensed in the jurisdiction of its operations. Check the quality of its KYC and due diligence technology systems and procedures. Also, management understanding and technical acumen are required to ensure quality services.

Employ video conferencing AML measures for identifying and verifying non-face-to-face customers

You can conduct a video-based process to verify the identities of your customers. This will be a secure, live, and informed audio-visual interaction between the regulated entity and the customer. You must obtain the customer’s consent before conducting such a meeting.
Manage the KYC verification process through this video conferencing method. Have a live video call with the regulated entity’s KYC expert. You will interview them with identity questions and detect their liveness. Check their identity documents live by asking the customer to hold them in the video. Match the face with the photo to verify the identity in real time. Also, click live photos for facial recognition.
However, you also need to ensure a secure way of conducting this video interview. It must be end-to-end encrypted. The video must be clear enough to verify the identity of the customer. The live GPS coordinates and date-time of the customer interview must be available in the video recording.

Use advanced technologies to confirm non-face-to-face customer identity

Technologies like artificial intelligence, machine learning, and blockchain have improved many sectors. You can use the same technologies in AML measures for non-face-to-face customers. One way to do this is to use them for customer data storage data and comparison with other documents.
You can use AI in facial recognition to verify customers’ identities based on the proof they submit. AI even helps confirm the authenticity of identity proof submitted by customers. AI makes it possible to check the passport chip of biometric passports and the authenticity of holograms. You can use blockchain technology for secure and confidential data storage. You can also implement AML software, which supports liveness checks. It will help you reduce deepfakes and strengthen your defenses against ML/TF.

Monitor transactions for unusual trends or patterns

Transaction monitoring is an effective AML measure for non-face-to-face customers. You should be careful about any unusual or out-of-pattern behaviour of customer transactions. So, when supervising their transactions, look out for the following:
  • Unusual pattern not matching with customers’ profiles or regular transactions
  • If more than one user is using the same account
  • If the user opens more than one account
  • If the customer information and IP address don’t match
  • If the customer uses different payment methods for different transactions
When you see such patterns or unusual behaviour, investigate further. You must report the issue to higher authorities and classify the transaction as suspicious.

Ongoing monitoring is a critical AML measure for non-face-to-face clients

Face-to-face customers visit you for transactions. So you can still verify their identities. It is also possible to monitor their activity and behaviour. However, in the case of non-face-to-face customers, ongoing monitoring is essential. You cannot skip it at all.
So, keep monitoring the customers’ risks. Keep an eye on their transactions to spot anything out of the usual. Maintain records of their transactions for a specific period for analysis whenever you wish. Keep repeating this exercise to prevent any potential money laundering risks.
If you have any suspicions about the customer’s activity, report it to the FIU using SAR/STR. In cases where the risks posed by customers are beyond your risk appetite, you can exit the business relationship. Carefully draft your customer acceptance and exit policies to effectively counter ML/TF.
These 10 AML measures for non-face-to-face customers can help you reduce the money laundering risks. You can confirm their identities and decide whether to proceed with the business relationship or transaction. If you still find the customer as suspicious, do not engage in a transaction. Start a business relationship if any of these verification methods prove their authenticity.
If you need help dealing with such non-face-to-face customers, hire an expert AML consultant like Niyeahma.

Niyeahma – your partner for professional AML consulting services

Niyeahma is an expert in AML Consulting services. We have guided clients throughout the journey of becoming compliant with AML laws in the UAE. You will always find us with customised and appropriate solutions to your AML concerns. Our offerings include:
  • Customized AML policies, procedures, and internal controls
  • Risk assessments and analysis of your business
  • KYC and different levels of due diligence of your customers to build their risk profiles
  • Monitoring transactions and customers to detect suspicious ones and take respective actions
  • Personalized training solutions for your AML needs and industry requirements
  • Regular health checks and audits of your AML compliance
Likewise, we also help you deal with non-face-to-face customers with appropriate AML measures. We take all possible steps to prevent money laundering and terrorism financing threats from such customers. So, don’t worry about remote, digital customers; we have the right AML measures for you.

About the Author

Linkedin

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is a Chartered Accountant with more than 26 years of experience in governance, risk, and compliance. He helps companies with end-to-end AML compliance services, from conducting Enterprise- Wide Risk Assessments to implementing the robust AML Compliance framework. He has played a pivotal role as a functional expert in developing and implementing RegTech solutions for streamlined compliance.