Special Contributor Resource: A template for Enhanced Due Diligence involving Corporate Customers
Friday, April 6, 2018
Posted by: Brian Monroe
By Muhamad Rizwan Khan
Chief Risk Officer, Premier International Exchange, Dubai, UAE
April 6, 2018
Here is a sample template that a bank’s compliance staff can use when visiting higher risk customers requiring more extensive, enhanced due diligence procedures:
Date of site visit: March 25, 2017
Title: Enhanced Due Diligence “M/S. XYX General Trading Co.”
Visitation reasons, goals: This is in reference to our team site visit of “M/S. XYX General Trading Co” dated 25.03.2017 for enhanced due diligence (EDD) of mandatory documents verification and review of financial transactions, inventory inspections, source of funds verification and staff interviews on awareness of business and KYC verification programs, processes and procedures application and effectiveness.
Company description: This company mostly deals with Auto Parts, Food products, Electronic Equipment and Industrial Machinery.
Stated, expected regional footprint: The company’s major markets are China, Pakistan, Hong Kong and the United States.
Narrative description, findings of visit: As a part of stringent EDD procedures, we verified all the documents that we received at the point of inception. During the visit our team – Mr. X and Ms. Y, met with Mr. Salman, who is a 49 percent partner of the company.
At that time, we discussed with him some key recent business developments, and company representatives informed us that most of the orders they process are executed by them through Pakistan.
That is not surprising as the company has strong historical ties to wholesalers and retailers in Pakistan. In the food market, the company told compliance staff that it holds a significant share of certain food items, including spices, rice, chilies and the like.
To get a better sense of any mismatching funds flows, compliance staffers also checked the financials of the company, including balance sheet/profit and loss statements, cash flow statements, receipts and payment vouchers, purchase orders, purchase requisitions, bid comparison and delivery challans and bank statements of local and foreign accounts.
As a result of the review, the uncovered that the current capital of the company is roughly $300,000 annually, with annual revenues and top limit funds flows in the $10 million range, which the compliance team on the ground considered on the higher side of what would have been expected.
One other key part of the company’s risk matrix and revenue stream is engaging in third party transactions as a commission agent and also at times working as a sole agent in maintaining warehouse facilities for their local customers.
As a part of AML/KYC procedures, we further collected the local bank account details of the company, the organization chart to understand the hierarchy of the company and to better identify the transparency, or any lack thereof, of beneficial owners and to obtain a list of clients, customers, and related business relationships, with a description of their stated purposes.
We also took some office images too to better get a more holistic understanding of AML compliance understanding, professionalism and assess the overall control environment.
In particular, the list of customers helped us to determine the geographic view of the customer’s customer, referred to as KYCC.
To the company’s favor on the risk front, most of the customers were based in countries considered to be broadly in compliance with financial crime standards set out by global watchdog body, the Financial Action Task Force (FATF).
But there were a smaller percentage of customers with ties to regimes considered more non-compliant, which we cataloged and will keep tabs on if this side of the business rises or falls.
We collected the details of where the company banked earlier, and determined if any prior banks dropped the company for reasons that could adversely effect its financial crime compliance risk profile.
But according to top business executives, the reasons to start business with new banks was chiefly to diversify the exposure of business continuity with different financial institutions – in essence a desire to spread the concentration of risk if one bank runs into financial or liquidity issues.
One of the most challenging areas related to AML risk related to the business is that most of the transactions are done in cash, which needs more stringent and continuous monitoring to determine the source of funds accordingly and if any of the answers given by customers don’t make sense – thus raising the related risk rankings of corresponding customer populations.
Conclusions, compliance next steps:
· Mostly orders for this business are coming from a high risk jurisdiction, Pakistan, and because of the huge volume, more vigilance is required.
· Diversification in business is a big challenge for this customer.
· Due to the customer being a cash intensive business, it requires additional monitoring and attention, and should be firmly planted in the “high risk” category.
· As a result of the “high risk” designation, the customer must document the source of funds before executing the all transactions and consider dropping customers that don’t want to divulge the information.
· Engaging in third party transactions is a big challenge. To mitigate that, the customer should collect available licenses and documents to better monitor and aggregate customer flows for individual customers and related businesses.
· Preemptive screening of third parties should be a part of the compliance program.
· As a going concern, the bank needs to closely monitor the customer’s overall capital adequacy and liquidity, which could directly effect, and potentially lower, related compliance controls – allowing more risk than the company, and this bank, can mitigate.
This account opening decision is subjected to management approval after reviewing all above-mentioned points. In the case of starting formal business relations with this customer, it should be assigned to the High Risk Category in the Risk Module.
Manager Compliance (signature and/or final thoughts)
Manager Operations (signature and/or final thoughts)