Comprehensive guide to automating ongoing customer due diligence

How can you manage ongoing customer due diligence (OCDD) when faced with a large volume of ever-changing customer data? This article explains how automating your ongoing monitoring processes can help you stay compliant.

Checking a customer's identity is not a one-and-done process. People, places, and businesses change fast in today's globalised economy, which means the risks associated with them are constantly shifting too.

Someone may not have been a politically exposed person (PEP) when they first became a customer, but they may become a PEP during your business relationship with them.

That’s why ongoing monitoring is essential to meet Anti- Money Laundering (AML) obligations.

But while OCDD is a critical part of your Anti-Money Laundering/ Countering Financing of Terrorism (AML/CFT) obligations in New Zealand, it can be labour-intensive and expensive to do manually – especially when checking customers against ever-changing global watchlists and reverifying customers against vast volumes of data.

How do you stay compliant?

This article explores the importance of  OCDD and how automating the process can help you stay compliant, while reducing manual effort, cost, and risk.

What is ongoing customer due diligence? 

Ongoing customer due diligence (OCDD) is a set of monitoring processes to make sure the information you have collected about a customer or beneficial owner is up to date and accurate, while also ensuring the individual’s circumstances haven’t changed, particularly their risk rating.  

OCDD is mandatory for reporting entities in New Zealand according to the Anti-Money Laundering and Countering Financing of Terrorism Act (2009) of New Zealand.

The importance of ongoing customer due diligence for AML compliance

OCDD is mandatory for good reason: it ensures you stay on top of changes impacting customer risk levels, meaning you can protect your business from financial crime.

Here are some critical reasons you need ongoing customer due diligence:

1. Avoid regulatory fines and penalties.

 Complying with OCDD regulations is critical to avoid heavy fines and penalties. Fail to check customers on an ongoing basis, and the consequences can be severe.

In New Zealand, in 2020, the Department of Internal Affairs (DIA) took enforcement action against an Auckland-based money remitter and Christchurch-based money remitter, who were fined NZ$3.1 million and NZ$4.485 million, respectively, for AML/ CFT breaches. One company had never submitted an annual AML/CFT report.

2. Detect suspicious activities and protect your business.

Global politically exposed persons (PEPs) and sanction lists can change daily, and staying up to date with these changes means giving your business better protection from high-risk individuals and the penalties they bring.

3. Minimise reputational damage.

Being caught for non-compliance can lead to reputational damage and loss of customers, which can be difficult to recover from. Customers want to know they can trust businesses to protect them from financial crime, so if you're shown to be shunning that responsibility, they'll simply give their business to another organisation.

OCDD regulatory requirements: What do you need to do?

OCDD for AML compliance involves ongoing monitoring for changes in customer status (movement between risk categories) and changing fraud signals from customer identities.

This requires rescreening customers against PEP and sanctions lists to check their risk status.

What's involved in rescreening a customer?

You need to consider the risk rating that suits your business and what type of rules you want to apply.

Frequency is important too. The more regularly you rescreen your customers against the latest PEP and sanctions watchlists, the better. Daily screening ensures you are getting real-time results.

Why you need automated ongoing monitoring

PEP and sanctions lists are constantly updating, so how do you keep up when you are doing regular rescreening? Manual processes can quickly drain resources and add up in costs.

That’s where automated ongoing monitoring comes in. 

When you choose ongoing monitoring with Cloudcheck, your customers are automatically checked against the latest global and local watchlists from Dow Jones, including OFAC, MFAT, EU and PEP, to detect anomalies and changes to their associations. This helps you meet your compliance obligations and adjust customer risk levels. Cloudcheck also provides information back on individuals formally accused of, arrested for, or convicted of serious crimes, for example - trafficking, organised crime, money laundering, terror etc. 

Automated ongoing monitoring helps you stay up to date with PEP and sanctions data lists, so you’ll know when your customer’s risk profile changes in real-time and can respond with the appropriate trigger, assessment, and reporting obligations.

It also gives you the flexibility to configure rules and risk ratings to manage false positives to your needs.

Automating ongoing monitoring can reduce the costs associated with manual processes. Cloudcheck offers transparent and flexible pricing to suit all business types, meaning you only pay for what you use. 

Conclusion

The world doesn't stand still, and neither do your customers. With ongoing monitoring beyond onboarding, you can stay up to date with customer changes, be better protected from high-risk customers, and stay compliant.

Cloudcheck's automated Watchlist Monitoring service allows you to rescreen your customers daily to ensure that you remain compliant, without putting additional strain on your resources.