Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.


Status message

Start your free, no obligation 10-day trial to continue exploring with full access.

It’s time for a risk-based approach to KYC

Neil Jeans | August 16, 2016

When know-your-customer (KYC) and anti-money-laundering (AML) legislation came onto the scene in the early 1990s, one might say it lacked finesse—it was highly prescriptive in nature, leaving little room for interpretation and forced banks and financial institutions (FIs) to tick the boxes of compliance controls. Within a decade, it started to become clear that one size actually didn’t fit all.

These regulations, originally based on the risks and controls related to retail banking, simply didn’t fit other business models, such as private, institutional, or investment banking and wealth management. But because compliance isn’t optional, all businesses had to comply as best they could, even if that meant shoehorning retail AML control concepts to fit their own business models while potentially missing the real risks to which they were exposed. The end result was that compliance efforts frequently failed to meet regulatory expectations. That is, until the risk-based approach (... To get the full story, subscribe now.