FACEBOOK RONALD
ALMEIDA 09OUT2019
SANEAMENTO BÁSICO DO SISTEMA BANCÁRIO BRASILEIRO. PARTE 3.
COMO OS BANCOS PRIVADOS E PÚBLICOS (INCLUINDO O BNDES
E O BNDESPAR, CEF, BB, BANCO NORDESTE ETC.) PODEM MELHORAR SEUS SISTEMAS DE
CONTROLE INTERNO E EXTERNO E IMPEDIR A CORRUPÇÃO SISTÊMICA.
MAIOR TRANSPARÊNCIA, TECNOLOGIA E EDUCAÇÃO PARA
AMPLIAR E APRIMORAR O CONTROLE SOCIAL SÃO INDISPENSÁVEIS. URGENTES
TEXTO EM INGLÊS.
WHAT DOES CDD (CUSTOMER DUE DILIGENCE)
MEAN FOR BANKS AND FINANCIAL COMPANIES?
[27aug2019]
Source: JUMIO; BY DEAN NICOLLS; AUGUST 27, 2019
Access RAS
2019-10-09
 |
|
You
wouldn’t hire a new employee without making sure they’re the right fit for
the job, right? Just as employers thoroughly
vet candidates, banks and financial institutions need to have a good read on
their prospective clients before allowing them to open an account. This is
where customer due diligence comes into play.
|
[1] WHAT IS
CUSTOMER DUE DILIGENCE?
Customer due
diligence (CDD) is at the heart of Anti-Money Laundering (AML) and Know Your Customer (KYC)
initiatives, and is designed to help banks and financial institutions verify if
customers are who they say they are, confirm they’re not on any prohibited
lists and assess their risk factors. Put simply, CDD is the act of performing
background checks on the customer to ensure that they are properly
risk-assessed before being onboarded.
[2] WHY IS
CDD IMPORTANT?
When you
consider what’s at stake, it starts to make a little more sense why banks and
other financial institutions are spending big money on AML compliance.
These countermeasures are designed to thwart the growing threat of money
laundering, which unfortunately isn’t a tactic used by drug cartels alone
— it’s now being used across a broad range of criminal enterprises.
Here are a
few reasons to take CDD seriously:
BIG
COMPLIANCE FINES: Enforcement actions related to AML
have been on the rise. Since 2009,
regulators have levied approximately $32 billion in AML-related fines globally.
Most of these have been leveled against U.S. firms.
Sophisticated
Cyber Threats: Criminals are using more sophisticated means to remain
undetected, including globally coordinated technology, insider information, the
dark web and e-commerce schemes.
Reputational
Risk: AML incidents put a financial institution’s reputation on the line.
In fact, the average value of each of the top 10 bank
brands is $45 billion.
Rising
Costs: Most AML compliance activities require significant manual effort,
making them inefficient and difficult to scale. The cost of AML compliance
across U.S. financial services firms equaled $25.3
billion per year, with some major financial institutions spending up
to $500 million annually on KYC and customer due diligence (Thomson Reuters).
Poor
Customer Experience: Compliance staff must have multiple touch points with
a customer to gather and verify information. Perhaps not surprisingly, one in
three financial institutions have lost potential customers due to inefficient
or slow onboarding processes.
[3] SOME
QUICK CDD LEGALESE
Now that
we’ve established for CDD as part of AML compliance, let’s cover off on some
legal definitions to get us on the same page.
The application of customer due diligence is required when a firm
covered by money laundering regulations enters into a business relationship
with a customer or a potential customer. This includes occasional one-off transactions even though this may
not constitute an actual business relationship. A customer/business
relationship is defined as being formed when two or more parties engage for the
purposes of conducting regular business or to perform a one-off transaction.
The term “business relationship” applies where a professional, commercial
relationship will exist with an expectation by the firm that it will have an
element of duration.
[4] A BETTER
CUSTOMER DUE DILIGENCE PROCESS
Given the
time-consuming and manual nature of most CDD processes today, there’s little
doubt that these processes can be streamlined and automated through better use
of technology. The process starts with an online identity
verification process. While there are a number of alternative verification methods,
more and more companies are now relying on a government-issued ID (e.g., a
driver’s license) and a corroborating selfie. But, this is just the start of
the CDD process. Ideally, the process would also include a liveness check
to ensure the applicant is physically present and not spoofing the system with
a picture of someone else or using a doctored video.
After the person has been verified, the name is then screened against a
number of online databases including government watchlists, PEPs (politically
exposed persons), and adverse media. At this
point, banks can now assign applicants to risk pools — low-to-medium risk
individuals (those with no red flags) are allowed to create online accounts
with little friction. Higher-risk individuals (e.g., those listed on government
watchlists) are flagged for further review. These folks necessitate an extra
layer of review by bank personnel who need to capture additional customer
information to fully vet these users.
The GRAPHIC below walks
through nine steps a financial institution may go through as part of their KYC
process. We’ve talked
to hundreds of banks and there seem to be hundreds of variations of how they
perform customer due diligence. So, please consider this a strawman that
enumerates the kinds of checks that can be performed to answer these
fundamental questions:
Ø Is the applicant the person who
they claim to be online?
Ø Does the risk profile of the
applicant raise any red flags?
Low-risk individuals can be fast-tracked through the
approval process. Thanks to automation of online identity verification and AML
screening, this streamlined process can be 40% more efficient than traditional
manual processes.
This means decisioning time can be cut to under 2
hours for low-risk individuals, with this process often completed in minutes. However,
the decisioning time for higher-risk individuals may still take longer,
sometime between 48 and 72 hours, because of the extra review time needed to
vet these individuals.
Assuming that more than 90% of your applicants will
fall into the low-to-medium risk pool, the cost and efficiency gains of
automated identity verification and AML screening can have a dramatic reduction
on AML costs and improvement in the user experience.
 |
Once the customer has been successfully onboarded, the process isn’t
over. After all,
banks need to monitor their customers on an ongoing basis to ensure they remain
in compliance and flag any suspicious behavior. This part of CDD is known as
transaction monitoring.
With
transaction monitoring, financial institutions can better identify changes in
customer behavior over time and be alerted to typical money laundering
scenarios.This means banks need to monitor for suspicious activity and spot
patterns that may be indicative of money laundering, financial crimes,
corruption, drug trafficking or other criminal activity. Indeed, a transaction
involving the leader of a drug cartel is much more likely to be suspicious than
a transaction involving a “round amount” (e.g., €10,000).
Increasingly, regulators are
demanding that banks bake transaction monitoring into their CDD processes. Just as individuals were scored
and put into risk categories during the identity proofing stage, individual
transactions can also be scored and combined with advanced algorithms that
track expected vs. actual transaction behavior, and will update the banking
customer’s risk rating in real-time.
Ongoing
screening needs to occur since a customer may not have been initially on any
watchlists when they created the account, but suddenly they can appear on one
today. By continually checking and pinging established (and constantly
refreshed) databases (including OFAC, HMT, UN and thousands of other
government, regulatory, law enforcement, fitness and probity watchlists) as
well as through thousands of subscribed and global news sources, banks can be
notified immediately via an alert. If a customer appears on one of these PEPs
and sanctions lists, they can mitigate risk and take appropriate next steps.
This ensures that the bank is kept informed of any status changes to their
existing customer base in real time.
Better
identity verification and AML screening solutions are enabling financial
institutions to meet the requirements of regulators, banking partners and
auditors with an electronic audit trail of all system and user actions with
date and time stamps. These solutions help banks spot patterns and outliers by
monitoring current transactions alongside historic transaction and behavior
data.
[5] A MORE
ENLIGHTENED APPROACH TO CDD
Complying
with KYC and AML requirements has made even opening a new account a long and
complex journey for corporations. While estimates vary, banks take an average
of 24 days to complete the customer onboarding process (Thomson Reuters, 2017)
and many suspect it’s only getting worse thanks to increasing regulations.
Beyond the
time involved, customers also resent having to provide all the information
requested of them. While some may have something to hide, many balk because
they find it overly intrusive and they believe (sometimes correctly) other
institutions are not asking for the same information.
The more time and the more hurdles banks place before legitimate
customers, the higher the abandonment rates and these costs can often far exceed
the cost of any perpetrated fraud (when one considers the lifetime value of
those lost or abandoned customers).
But, there’s a bit of good news here. A growing number of banks and fintechs are
discovering how to automate their CDD (and, if necessary, enhanced due
diligence) processes resulting in a vastly better customer experience and a
dramatic reduction in online abandonment rates. You probably know where I’m
headed with this, so, instead, I will merely suggest that you explore these new
technologies to see how they can shave minutes (or even hours) off your
onboarding process. The payback will be sizable and almost immediate.
*********************************
AVISO AOS NAVEGANTES! Internet civilizada:
NOTAS DO EDITOR do Blog Ronald.Arquiteto e do Facebook
Ronald Almeida Silva:
[1] As palavras e números entre [colchetes]; os destaques sublinhados, em negrito e
amarelo
bem como nomes próprios em CAIXA ALTA
e a numeração de parágrafos – se
presentes nos textos ora publicados - NÃO CONSTAM da edição original deste documento (mensagem, artigo; pesquisa; monografia; dissertação;
tese ou reportagem). Os mencionados adendos ortográficos foram
acrescidos meramente com intuito pedagógico de facilitar a leitura, a
compreensão e a captação mnemônica dos fatos mais relevantes da mensagem por um
espectro mais amplo de leitores de diferentes formações, sem prejuízo do
conteúdo cujo texto está transcrito na íntegra, conforme a versão original.
[2] O Blog Ronald
Arquiteto e o
Facebook RAS são
mídias independentes e 100% sem fins lucrativos pecuniários. Não tem
anunciantes, apoiadores, patrocinadores e nem intermediários. Todas as publicações de textos e imagens são
feitas de boa-fé, respeitando-se as autorias e respectivos direitos autorais,
sempre com base no espírito e nexo inerentes à legislação brasileira, em
especial à LEI-LAI – Lei de Acesso à
Informação nº 12.257, de 18nov2011.
[3] A eventual republicação
de matérias de sites e blogs que vedam a retransmissão de suas publicações deve
ser considerada como ato proativo não doloso de desobediência civil (tipo Soft
Wikileak) em favor da Transparência Total e da Melhor Democracia na comunicação
privada e pública, no espírito e com base na LEI-LAI, visando apenas ampliar o
universo de internautas que buscam informações gratuitas na rede mundial.
[4] Para usuários de correio eletrônico - e-mail, Facebook e blog: O Emitente desta
mensagem é responsável pelas opiniões de sua autoria, mas não se responsabiliza
pelo conteúdo elaborado por terceiros, embora tenha agido com zelo e descortino
na seleção de textos e imagens que reproduz nas mídias citadas, evitando
propagar fakes e informações injuriosas ou ilegais. Cabe ao Destinatário cuidar
quanto ao tratamento e destino adequados da mensagem recebida, respeitando
sempre as normas do marco regulatório brasileiro da internet. Caso a pessoa que
recebeu esta mensagem não seja o Destinatário de fato da mesma, solicitamos
devolvê-la ao Remetente e apagá-la posteriormente. Agradecemos a compreensão e
a colaboração de todos quanto ao uso correto, ético e civilizado das mensagens
e documentos tramitados por meios eletrônicos.
RONALD DE ALMEIDA SILVA
Rio de Janeiro, RJ, 02jun1947; reside em São Luís, MA, Brasil desde
1976.
Arquiteto Urbanista FAU-UFRJ 1969-1972.
Especialização em Desenho Urbano e Planejamento Regional (Universidade
de Edimburgo, Escócia, 1981-83).
Registro profissional (1972-2012 = 40 anos) CREA-RJ 21.900-D
Registro profissional (2013 em diante) CAU-BR A.107.150-5
Ouvidor Nacional
das Competições da CBF (2003-2012)
Inspetor do GT e da
CNIE - Comissão Nacional de Inspeção de Estádios da CBF (2004-2012)
e-mail: ronald.arquiteto@gmail.com
Blog Ronald.Arquiteto (ronalddealmeidasilva.blogspot.com)
Facebook ronaldealmeida.silva.1
Nenhum comentário:
Postar um comentário