Customer Due Diligence (CDD) and Know Your Customer (KYC) measures are crucial for combating money laundering and terrorist financing risks. UAE AML Laws and Regulations mandate that regulated entities, including financial institutions (FIs), designated non-financial businesses and professions (DNFBPs), and virtual asset service providers (VASPs), implement appropriate CDD and KYC measures. However, many of these entities often fail to meet legal standards regarding KYC and CDD. This infographic outlines common shortcomings in these areas.
Regulated entities must ensure compliance with legal obligations and effectively combat financial crimes by adopting robust KYC and CDD measures.
Common Shortcomings in KYC and CDD Measures
-
Absence of defined KYC and CDD procedures
Many regulated entities lack established procedures for conducting CDD and KYC. It’s crucial to define clear roles and responsibilities and create standardized operating procedures to ensure consistent implementation of KYC and CDD measures. Without formal procedures, entities may resort to unreliable methods for identity and address verification. -
Inadequate Customer Due Diligence
Some regulated entities fail to verify customer IDs adequately, with some not ensuring the legibility of photos on identification documents. -
Inadequate EDD measures for High-Risk customers
High-risk customers are required to undergo Enhanced Due Diligence (EDD). Regulated entities must collect ID, proof of address, source of funds, and source of wealth, and obtain senior management approval before onboarding such customers or facilitating transactions. Payments should be made from bank accounts held in the customer’s name. Some entities neglect these requirements, risking regulatory fines and penalties. -
Incomplete Documentation
Certain regulated entities do not gather complete documentation from customers. Information regarding the nature of the business, transaction purpose, and monthly or yearly account activities is often overlooked. -
Missing Authorizations
KYC and CDD documentation must be verified and authorized according to the firm’s procedures. For high-risk customers, approval from top management is essential. Some regulated entities lack adequate controls to ensure compliance with these requirements.
It is vital for regulated entities to comply with legal standards and avoid inadequate or incomplete KYC and CDD measures. For further information on CDD requirements and best practices, refer to our eBook “A Complete Guide to Customer Due Diligence.”