Performing KYC/CDD at Different Stages of Customer Lifecycle

GRC

KYC/CDD at Different Stages of Customer Lifecycle  

KYC CDD and Stages of Customer Lifecycle

Customers need solutions to their needs and wants and explore different financial options, to choose suitable institutions for collaboration and services. They need quick responses and easy solutions to their account opening and financing needs. 

The financial objectives of the customers might include obtaining finance or funds, to utilize or invest in some profitable business or company or they may require other services that these financial institutions provide, such as credit card, payment gateway, digital payment solution, etc.

When we talk about the financial service industry, such as banks, money exchange businesses, money service businesses (MSBs), remittance companies, insurance houses, payment gateways, etc. the needs of most of the consumers are linked with their financial objectives. 


Table of Contents:

Customers of Financial Institutions

Different Stages of Customer Lifecycle with Institution

Stage 1: Performing KYC/CDD Before Onboarding

Stage 2: Performing KYC/CDD Ongoing

Stage 3: Performing KYC/CDD Event Driven

Stage 4: Performing KYC/CDD Exit

Conclusion


Customers of Financial Institutions?

The customers of the financial institutions may include:

  • salaried individuals, 
  • business start-ups, 
  • sole proprietors, 
  • traders, 
  • housewives,
  • students, 
  • small and medium enterprises, 
  • corporate entities, 
  • not-for-profit organizations, 
  • charitable organizations, 
  • welfare trusts, 
  • governmental organizations, 
  • Institutions. etc. 

Different Stages of Customer Lifecycle with Financial Institution

There are different key stages of the relationship between a financial institution and a customer. These stages are important to note because, a financial institution may need to perform the Know Your Customer (KYC) and Customer Due Diligence (CDD) measures, for different reasons and purposes The reason and purpose of performing KYC/CDD at different stages of customer lifecycle may include:

  • the initial identification of the customer, 
  • update of customer's existing business and risk profile (BRP), 
  • happening of a specified event or a transaction, and 
  • exit, termination, or account closure.   

The different stages of the customer lifecycle are:

Stage 1: Onboarding

Stage 2: Ongoing

Stage 3: Event Driven

Stage 4: Exit or End of Customer Relationship 


Other GRC Articles


02 Use of Data Analytics by Compliance Function

 

Stage 1: Performing KYC/CDD Before Onboarding

Before availing of any product or service offered by the financial institutions, the customers are required to prove their identity, source of income (SOI), source of wealth (SOW), and genuine reasons for availing of the finance or services offered. In case the prospective customer is a legal entity, then the entity's legal and business information is required as part of the initial KYC and CDD process. 

The identification of the customer by the financial institution, known as the KYC/CDD, starts from the very early stage, when the customer first comes in contact with any representative of the financial institution, to discuss his or her financial needs or wants. This is the stage before onboarding.

Customer identification information is obtained including details about the source of income, source of wealth (if any), reason or purpose of establishing a business relationship, etc. This initial identification information is analyzed and verified by the financial institution. Sources used to verify the information should be reliable and trustworthy. As part of the verification, name screening and negative media searches are performed, to ensure that the prospective customer is a legitimate person or individual. Once all basic or simplified due diligence measures are performed, the account is opened or a business relationship is established. Necessary approvals are obtained by the officials of financial institutions, as per their internal policies and procedures, before opening any account.

Stage 2: Performing KYC/CDD Ongoing

During the relationship journey with a customer, the financial institution may require performing the KYC/CDD again. This may be due to a normal process of updating the BRP records of the customers.

The financial institutions should establish appropriate arrangements and practices, to ensure that they are aware of their customers and their activities. Customers are contacted at different periods to ensure that their initial information, which was provided at the time of opening an account, is still relevant or required to be updated in the institution's record. In case the profile changes, which may be due to various reasons, the records are updated by the relevant authorized official of the financial institution. The reasons for the update of the KYC profile of a customer may include, changes in the business activities of the customer, the change of source of income, such as the transition from an employee to an entrepreneur, growth in the business activities, market expansion, etc.  


Stage 3: Performing KYC/CDD Event Driven: 

Event-driven performance of KYC/CDD measures may be due to the occurrence of a specific or series of transactions in the customer's account, causing the breach of the transaction threshold of the customer. 

Transaction threshold means the limit of the amount that is allowed for a particular customer. If the transaction in the customer's account breaches that limit, then the financial institution contacts the customer to ask for the reason and justification of the limit breach. In case the reason provided by the customer is found genuine, which may include the growth in business activities of the customer or expansion of customer base, etc., then that customer's risk profile (BRP) is updated and a new transaction limit is set for the account.

In case the customer does not provide a genuine reason or a fake justification, then an investigation may be initiated through the compliance function or Money Laundering Reporting Officer (MLRO) or Deputy Money Laundering Reporting Officer (DMLRO) of the institution.

Stage 4: Performing KYC/CDD Exit or End of Customer Relationship

In the customer lifecycle, the last stage is the exit of the customer termination of the business relationship, or closure of the account. KYC/CDD is performed at this stage as well, and the latest information is updated or recorded in the respective customer's file.

There may be different reasons for the exit or closure of the account, which may also include regulatory reasons. Usually, customers give their consent to close their accounts, if they no longer require the services or products from the financial institution. Accounts are closed through the normal account closing process, where the customer fills the account closure form, which is then scrutinized and approved for closure of account, as per internal policies and procedures of the institution.

Other reasons for the closure of the customer account or the exit of the customer, include the identification of suspicious activities in the customer's account, which may require closure after investigation and conclusion by the authorized representative or officials of the financial institution.

Another reason for account closure or termination of customer relationship may be due to the customer after opening an account, is found to be involved in money laundering or terrorist financing activities or frauds. This may be apparent due to any recent media news or identification by any reliable source, such as informed by internal audit, regulatory authorities, or law enforcement agencies (LEAs).

Conclusion:

The institutions should adopt policies and procedures, which must require the performance of KYC/CDD measures for their customer at different stages of the customer lifecycle. These policies and procedures should be approved and implemented down the line, for compliance purposes. Further training should be provided to the employees, regarding the performance of KYC/CDD at different stages of the customer lifecycle. All training records should be maintained by the institution.    

Check Governance, Risk, and Compliance GRC Courses
      
Usman is an experienced GRC Trainer, and Consultant. He can be reached at: liboctober@gmail.com

Newsletters and eBook

Name

Email *

Message *

Popular GRC Posts

Introduction to Compliance Risk Assessment

GRC
Image
Introduction to Compliance Risk Assessment Before starting the Compliance Risk Assessment (CRA), it is important to know about some important factors that increase the importance of performing CRA. High competition, changes in business practices, complex products and operations, adoption of technology and digital payment mechanisms, increase in expectations of customers, and increase in numbers of financial crimes, including but not limited to money laundering, frauds, insider trading, human trafficking, market abuse, etc. have led to the emergence of new risks, including compliance risks. This is because, in order to control the above-mentioned broader risk factors, the organizations or institutions are required to take appropriate and robust measures, to ensure that these risks are managed to avoid losses, including financial and reputational losses. Regulators are also working to further, strengthen the regulatory frameworks, which are required to be complied with by the organizatio
Read Article

What Is Regulatory Compliance

GRC
Image
What Is Regulatory Compliance To understand Regulatory Compliance, we need to know about Compliance first.  What is Compliance? In general terms, Compliance means the act of identifying and practicing the particular information, received from some reliable source. Now, if we think about Compliance by a business, entity, or organization, then Compliance will be defined as follows: Compliance means the identification, understanding, and practicing of the provisions of applicable laws, regulations, standards, policies, circulars, etc. that are issued by the State or the Regulatory authorities. Now, Regulatory Compliance means, compliance with the provisions of applicable regulations issued by the regulator. Who is a Regulator?  Regulator The Regulator is the supervising body or institution, which issues a license, provides directions, issues frameworks and regulations, and provides oversight to the entities or organizations, which are registered with it.  For example, The Securities and E
Read Article

Who Is Your Customer? Know Your Customer (KYC)

GRC
Image
Who Is Your Customer?  A customer is a person, including the individual, business, corporate, organization, etc. to whom the products and services are provided, as part of the business relationship. Customers are the source of business and profits for the organizations.  Customers are required to be treated with care and in an ethical manner, and regulatory authorities require companies and organizations to ensure that fair dealing policies and practices are adopted and implemented. Types of Customers? Customers may be real person or individuals or legal businesses or entities. Customers usually include  salaried individuals,  business start-ups, sole proprietors, traders, housewives, small and medium enterprises, corporate entities, not-for-profit organizations, charitable organizations, welfare trusts, governmental organizations, etc. Nature and types of customers vary from organization to organization.  Customers may belong to different jurisdictions or countries therefore; they pos
Read Article