AML 6: Prepare for audit-proof Business Partner checks

Money laundering involves concealing the origin, ownership, or destination of illegally acquired funds by funneling them through legitimate businesses, financial institutions, or other entities. According to the United Nations, the estimated global annual money laundering amount ranges between 2 and 5% of the global GDP, translating to $800 billion to $2 trillion US dollars in current values.

To combat this significant threat to the integrity and stability of the global financial system, governments and regulators have enacted various laws and regulations mandating businesses to verify the identity and legitimacy of their customers and partners. These regulations are known as Know Your Customer (KYC) or Anti-Money Laundering (AML) processes.

In this article, let's delve into the background, importance, and implications of business partner checks in the AML context.

Background to business partner checks in AML legislation

AML law encompasses a set of regulations aimed at preventing and detecting money laundering and terrorist financing. It encompasses various aspects of financial transactions, including customer due diligence, record-keeping, suspicious transaction reporting, and sanctions screening.

A critical component of AML legislation is the requirement for companies to conduct business partner checks. This entails verifying the identity, ownership, and risk profile of their customers, suppliers, agents, intermediaries, or other third parties they engage with. Business partner verification is also known as customer identification and verification (CIV), customer due diligence (CDD) or enhanced due diligence (EDD).  Depending on the due diligence and depth of the review, identifying the ultimate beneficial owner (UBO) contributes to an even more in-depth review of the business partner.

The purpose of verifying business partners is to ensure companies are aware of who they are dealing with and to prevent involvement in illegal activities. It also aids companies in compliance with relevant laws and regulations, avoiding legal sanctions and reputational damage while protecting their assets and interests.

Importance of business partner verification in AML compliance

Business partner verification is crucial for several reasons:

#1

It helps companies identify and mitigate money laundering and terrorist financing risks by recognizing and assessing potential warning signals such as:

• Customers or partners located in high-risk countries, such as those with weak AML/CFT regimes, tax havens, or sanctioned entities.
• Clients or partners operating in high-risk industries such as gambling, cryptocurrencies, art, or precious metals.
• Clients or partners who have complex or opaque ownership structures, such as shell companies, trusts, or nominees.
• Customers or partners who exhibit unusual or inconsistent behavior, such as requesting cash payments, using multiple accounts, or frequently changing their contact details.
• Customers or partners who are politically exposed persons (PEPs), such as heads of state, high-ranking officials, or their close associates, who may pose a higher risk of corruption or influence peddling.

#2

It aids compliance with AML directives such as the 5th AML Directive, the fifth revision of the European Union's AML/CFT framework, which came into force in January 2020. The 5th AML Directive introduces several changes and improvements compared to the previous version. Among others, these are the following changes that companies must consider in their daily business practices:

• Expanding the scope of obliged entities to include virtual currency providers, art dealers, and tax advisors.
• Lowering the threshold for identifying customers in certain transactions, such as prepaid cards or e-money products.
• Requiring the establishment of centralized beneficial ownership registers for companies and trusts and making them accessible to the public.
• Enhancing the cooperation and information exchange among national authorities, financial intelligence units (FIUs), and other EU bodies.
• Harmonizing the criteria and methodology for assessing and mitigating the risks of money laundering and terrorist financing at the EU level.

#3

Furthermore, the upcoming 6th Money Laundering Directive, expected to take effect by the end of 2025, introduces additional regulations such as:

• Information from sender / recipient of crypto transactions must be collected.
• Revised risk factors guideline.
• Travel Rule Guidelines.
• Extension of the risk-based AML/CFT guidelines.
• Guidelines on internal policies, procedures, and controls to ensure the implementation of Union and Member State restrictive measures.

By verifying their business partners, companies can align with the standards set by AML directives and avoid non-compliance consequences such as fines, sanctions, or license revocation.

Why a company should carry out business partner audit and how is it related to risk analysis?

During a business partner audit, companies verify information provided by partners and assess compliance with AML guidelines. Depending on the company's size and complexity, audits can be conducted internally or externally by service providers.

The audit aims to:

• Ensure accuracy and completeness of collected data and address any discrepancies.
• Evaluate the effectiveness of KYC/AML processes and identify areas for improvement.
• Monitor partners' risk profiles and apply appropriate mitigation measures.
• Demonstrate commitment to AML compliance to regulators and stakeholders.

A business partner audit aligns with a company's risk analysis, which involves identifying, assessing, and managing money laundering and terrorist financing risks. This analysis comprises risk identification, assessment, and mitigation steps.

• Risk identification involves analyzing business activities, partners, and regulatory environments to identify potential risks.
• Risk assessment evaluates the likelihood and impact of identified risks.
• Risk mitigation entails implementing policies, procedures, and controls to reduce risks.

A business partner audit can support and enhance a company's risk analysis, by providing reliable and relevant data, feedback, and insights about the risk profile and compliance status of the business partners, and by suggesting and implementing corrective and preventive actions.

Read more about customer due diligence

Explore statistics around third party risk management in this blog article and see crystal clear why you need to know your business partner.

Should you have any questions or wish to discuss this topic further, feel free to reach out to us.

Drop me an email at thomas.spitzer@cdq.com Reach out to me on LinkedIn