The way technology is used in today's accounting firms is heavily reliant on the connected and integrated cloud apps in your tech stack. There are apps for bookkeeping, accounting, reporting, forecasting, billing and managing your practice workflows. But how much of your app stack is taken up with solutions that help you manage your AML compliance process, and document the potential risk you might be exposing yourself to?
You’ll be well aware of the need to perform certain checks on new clients at the start of an engagement. But has your checking process been moved over into the digital arena? We see an overwhelming number of firms still using multiple, disconnected systems to manage the AML component of their onboarding process.
Let's see why risk management is a core part of any holistic practice system and how an AML management solution can neatly slot into your current practice tech stack.
Is your app stack helping you mitigate risk?
A recent study found that 69% of global executives and risk professionals surveyed expect financial crime risks to increase over the next 12 months. If you’re taking on new clients, that’s a concerning statistic and an incentive to get on top of how you’re managing and documenting your onboarding risk.
At face value, your new client may appear to be run by a board of honest, law-abiding individuals. However, under pressurised economic conditions, there will always be the possibility of organisations being tempted to bend the rules or enter into illegal activity.
But does your current tech stack help you monitor, analyse, and check on the risk status of your new and existing clients?
In an ideal world, your practice software should help you to:
- Carry out the required business and financial checks
- Allow you to document your risk assessment and decisions
- Make it easy for you to access records whenever you need them
If your current systems or process don’t allow you to do this, you may be exposing yourself to unnecessary risk from both your industry body and your potential new clients. The good news is that there are ways to manage this and onboard new clients in a way that puts you in total control.
Getting to know your client and their organisation
When you start working with a new client, getting as rounded an overview as possible of the business and the people who run this as-yet-unknown organisation is important. The main question to ask yourself is, ‘How well do I know this business?’ and getting the answer to this question isn’t always a straightforward process.
Let’s take a look at the key components that a robust onboarding and ongoing AML compliance program might include. This isn’t an exhaustive list, but by focusing on these components, you’ll certainly build up a more robust and detailed summary of your prospective client, and continue to effectively keep on top of any emerging risk or anomalies.
Know Your Client (KYC)
The KYC component of onboarding is really all about understanding who your client is, and if they are who they say they are. It’s about verifying that this is a genuine organisation that exists as a legal entity, not a front for illicit or criminal activity. The key components of KYC that you need to carry out include:
- Verifying the client's identity through government-issued identification documents
- Gather information on the client's business structure, ownership and activities
Client Due Diligence (CDD)
This is where the acronyms of AML compliance can sometimes be a little confusing, but once you’ve collected your ID documents, verified them and have an understanding of who you are working with, the ‘due diligence’ part involves using all that information to make an informed decision about whether or not you might choose to work with this client and/or what additional measures you might want to put in place i.e. do you need to carry out Enhanced Due Diligence (EDD)?
Key things you need to do as part of your due diligence process include:
- Assess the client's risk profile, considering factors like industry, location and complexity.
- Document your risk assessment and outcomes
- Examine the source of the organisation’s funds and wealth (if your risk assessment identifies factors that may be ‘red flags’) to ensure they’re legitimate and not linked to illicit, criminal or terrorist activities
The other key differentiation between KYC and CDD is that due diligence is an ongoing process, it involves constantly monitoring or assessing things, and a key part of stating AML compliant is making sure that you’re regularly reviewing the organisations you work with – sometimes once a year might be enough, but if a business starts making large cash deposits two weeks after you start working with them that might require you to step in sooner.
KYC, CDD, what about AML?
Sometimes we hear these checks called AML checks – which isn’t inaccurate, but just to bring some clarity, KYC and CDD are components of AML. AML is the broader term describing the framework responsible for your KYC and CDD procedures – the reason you have these processes in place in the first place is to prevent money laundering and the funding of terrorism or illicit activities.
Things you might include as part of your overall AML process include:
- Ongoing transaction monitoring
- Regular PEPs and Sanctions screening
- Adverse media checks
And let’s not forget about the ongoing training requirements for all of the staff at your firm.
The need to streamline your client checking process
When you start to break it down, there is a lot that goes into onboarding a new client from an AML perspective. It’s something you can’t escape, and having a robust record of all this information is vital for your firm’s compliance.
In the first instance, you’re verifying the nature of the proposed client’s organisation and ensuring they’re safe to work with. Secondly, you’re also protecting the reputation of your firm’s brand by taking a comprehensive approach to checking the origin of your potential future clients.
But running this process, managing the compliance requirements, and staying on top of your ongoing AML compliance needs can be an extremely slow and time-consuming process.
Depending on the size of your firm, you may well have a dedicated Money-Laundering Reporting Officer (MLRO) who is responsible for AML compliance at your firm, but there’s a good chance someone in your team is just wearing an ‘AML hat’. Regardless of who is overseeing this process, manual, disjointed onboarding checks can consume a lot of your time.
The answer to this problem is to invest in an AML software solution. Technology has revolutionised almost every area of the accounting process, so why not AML checks, too?
An all-in-one AML check solution will:
- Allow you to manage every element of the client onboarding process in one place
- Reduce the time you spend uploading, managing and checking documents
- Use smart integrations to reduce the amount of data duplication across your practice tech
- Keep all your AML records in one hub, making reporting easy
- Give you peace of mind that things are secure and records documented
Firmcheck: an AML management solution for your firm
Firmcheck is an AML management system for accountants. It’s been designed from the ground up to make the process of KYC, CDD and managing your entire AML compliance obligations easier and more streamlined. With everything in one online platform, you can be sure that you are meeting your compliance requirements more confidently than before.
Want to see how Firmcheck can help you transition from a disconnected unorganised approach to AML compliance to a more robust, efficient process?
(NB: This article doesn't constitute legal advice and is only intended for general informational purposes. Always consult with a legal expert or compliance consultant for guidance specific to your firm.)