Just when you thought you had got on top of your Customer Due Diligence (CDD) requirements, AUSTRAC has revised Chapter 4 of the AML/CTF Rules in a few small but significant ways.
(a) Collection of information about a customer
Previously, when undertaking customer identification and verification activities, a reporting entity was required to obtain the requisite information from the customer. The new amendment removes the obligation to collect KYC from the customer and now permits a reporting entity to collect information about a customer instead.
The use of the term ‘about’ allows flexibility for reporting entities to choose the most efficient and effective way to gather information in regard to a customer’s identification, whether directly from the customer or by other means. Practically speaking, this will allow reporting entities to pre-populate KYC forms with information available to them and then check the information with the customer for verification purposes.
The Government has estimated that this wording change could result in an estimated annualised saving of $7.2 million to financial institutions and $7.9 million to customers (individuals) and reduce the manual data entry time by an estimated four minutes per customer.
(b) Consistency in electronic safe harbour provisions
The electronic safe harbour provisions for customers have also been amended to change the information that needs to be verified and to provide consistency in the verification requirements of customers and beneficial owners. Previously, the electronic safe harbour provisions for individual customers required the verification of both the customer’s name and residential address, plus either the customer’s date of birth or customer transaction history.
The key change for reporting entities using the electronic safe harbour provisions is that they are now required to verify the customer’s name and the choice of one of the following:
(i) the customer’s date of birth; or
(ii) the customer’s residential address; or
(iii) both the date of birth and residential address; or
(iv) that the customer has a transaction history for the past 3 years or more.
Another key point is that the need to verify the information from two separate reliable and independent data sources only applies to verification of the date of birth and residential address. So for reporting entities relying on the transaction history option this will reduce their KYC activities even further.
(c) Extension of exemptions to beneficial owners and PEPs
Finally, the current customer identification exemptions have been extended to include beneficial owners and politically exposed persons (PEPs), avoiding the previously anomalous situation whereby a reporting entity was exempt from undertaking KYC on a customer but was still required to undertake KYC on the beneficial owner and/or PEP.
Theses changes came into effect on 16 September 2016, however, the updated amendments have yet to be incorporated into the Rules. AUSTRAC has advised that it expects the updated Rules to be published and available on Friday. However, in the interim, the amending instrument can be found here.
Now is a great time for you to review your current KYC processes against the new amendments to see if you can leverage from the suggested efficiencies. Just remember, if you do choose to make a change to your KYC activities that you make sure to update your KYC forms, your Part B Program and obtain approval for the changes from your Board.