ITIL : Practical process improvement learnings have also been taken from common….

ITILITIL : Practical process improvement learnings have also been taken from common….

Over and above KYC procedures EDD files rely upon initial client screening.

This definition requires revalidation of the customer’s identity – knowing the client’s identity, not who they say they are.

EDD processes should use a tiered approach dependent upon the risk.

Crucial to the integrity of any EDD process is the reliability of information and information sources, the type and quality of information sources used, properly trained analysts who know where to look for information, how to look and how to corroborate, interpret and decide the results.

Open source intelligence companies such as World Compliance and C6, aggregate this information and compile it daily into a comprehensive database.

Estate Engineer (Civil) Sunil Ch.Das, Agartala Searching on Google, for example, means different things to different people.

Experience has shown poor returns from staff that believed they were experienced, but in practice were not and consequently failed to find relevant information.

Reasonable assurance What is reasonable depends upon factors including jurisdiction, risk and resources.

For sanction matches it depends upon information provided by regulators.

In all cases the suggested standard is to the civil standard of proof i.e.

on the balance of probability.

Relevant adverse information Information obtained from any source, including the Internet, free and subscription databases and the media, which is directly or indirectly indicative of involvement in money laundering, terrorist financing or predicate offenses.

Examples include fraud and other dishonesty, drug trafficking, smuggling or other proscribed offences, references to money laundering, or conducting business, residing in or frequenting countries deemed by the Financial Action Task Force and/or (institution) as being countries under sanction or countries with which (institution) does not do business; to official sanctions or watch lists; and to investigations, convictions or disciplinary findings by authorized regulatory bodies.

KYC Process Capability Maturity Model A draft KYC Capability Maturity Model was published [3] and shared with a range of international KYC practitioners in 2009 and 2010.

An updated and peer-reviewed version will be published in the ACAMS [4] ACAMS Today magazine in early 2011.

The KYC Maturity Model is based on the typical 5 levels of the standard Capability Maturity Model.

These levels are typically described as Initial, Repeatable, Defined, Managed and Optimized and have very strict meanings.

The KYC maturity has however been somewhat simplified, renamed and re-built as follows: Chaotic, Reactive, Proactive, Service Managed and Value Managed.

Practical process improvement learnings have also been taken from common manufacturing and IT productivity methodologies such as Lean, Agile, 6-Sigma, ITIL and Balanced Know your customer Scorecard.

3 Continuous due diligence CDD refers to the monitoring of clients and their activities to see if the client does not change markedly over time.

In effect this combats the possibility that an individual (or more often an organisation) that has passed KYC is still who they say they are and doing what they said they would do when they underwent KYC checks.

For example a corporate account set up honestly and openly by one person who passes KYC checks could be passed years later to another person that would not, without CDD the services provider would not know that the new owner is present.

KYC (CDD) policy would normally demand KYC checks on the new owner regardless of the account history.

Laws by country • India: The Reserve Bank of India introduced KYC guidelines for all banks in 2002.

In 2004, RBI directed that all banks ensure that they are fully compliant with the KYC provisions before December 31, 2005.

The purpose was to prevent money laundering, terrorist financing and theft.[5] • South Africa: The Financial Intelligence Centre Act 38 of 2001 (FICA) • USA: Pursuant to the USA Patriot Act of 2001, the Secretary of the Treasury was required to finalize regulations before October 26, 2002, so KYC is now mandatory for all US banks • New Zealand: Updated KYC laws were enacted in late 2009, and entered into force in 2010.

KYC is mandatory for all registered banks and financial institutions (the latter being given an extremely wide meaning).

[6] References http:/ / www.



ca/ multimedia/ education/ c1/ pop/ 4-4-eng.

asp?s=1 Learn How to Make Your Goals SMART web page, retrieved November 5, 2006 (http:/ / www.


com/ smart-goals.

html) http:/ / www.


com/ resources/ whitepapers.

html http:/ / www.


org “Why KYC is mandatory now” (http:/ / business.


com/ report/ 2010/ oct/ 18/ perfin-why-kyc-is-mandatory-now.



Retrieved 25 Oct 2010.

[6] “AML CFT 2009” (http:/ / legislation.


nz/ act/ public/ 2009/ 0035/ latest/ DLM2140720.



[1] [2] [3] [4] [5] External links

Read more about ITIL:

Accredited ITIL Foundation, Intermediate and Expert Certifications

Accredited ITIL Foundation, Intermediate and Expert Certifications, Learn more about ITIL HERE:

ITIL and Accredited ITIL Foundation, Intermediate and Expert Certifications
ITIL - Accredited ITIL Foundation, Intermediate and Expert Certifications
ITIL and Accredited ITIL Foundation, Intermediate and Expert Certifications
ITIL - Accredited ITIL Foundation, Intermediate and Expert Certifications

Recommended For You