How to Beat the KYC Remediation Cycle

Updated: Oct 3, 2019

KYC remediation, the process of rectifying or updating customer client due diligence (CDD) information, is a process which most financial institutions go through. Despite KYC remediation being a common issue, and a big [and expensive] headache – it is avoidable.

KYC remediation is normally driven by a number of internal and external factors:

  • Internal drivers for initiating a remediation programme may include audit findings/points, changes (i.e. uplifts) to CDD standard or changes to a firm’s risk appetite (which may in turn be driven by external market and/or regulatory factors).

  • External drivers include regulatory intervention and changes in money laundering regulation (two of which will come into force in 2020 within the EU and the UK (regardless of BREXIT)).

KYC remediation is often seen as a cycle which comes about circa every 5 years if suitable controls are not in place. The cycle beings with a need to remediate customer CDD information. Whether this is driven by internal or external factors, the programme will almost certainly be high on the agenda of executive management and funding will be ringfenced to fund the programme. Year 1 will see a lot of investment and increase in personnel to carry out the remediation - this usually extends into year 2. By year 3 the remediation is generally complete, and focus has shifted away from the initial issue.

Year 4 may see the on-going refresh programme not being met and not being a key focus – this often results in a backlog of high risk customer refresh reviews. Year 4 may also see the higher volume low risk customer KYC coming up for refresh resulting the volume of customer requiring refresh, or with expired CDD, reaching a critical point.

At the end of this typical cycle the regulator may also be undertaking their regular visits which adds the pressure resulting in a full-scale remediation programme being instigated by the financial institution once again.

What can be done to break the remediation cycle?

1. Cost

Cost is always a driver when undertaking a KYC remediation programme. By understanding the realistic cost of remediation will help to ensure that the correct level of investment is provided which will result in a successful and realistic outcome.

Based on our research in delivering successful remediation programmes over the past 10 years, the average cost to remediate each customer will range from c.£1500 for a mature processes with appropriate systems and controls, to upwards of c.£6000+ for an institution with complex and inefficient processes.

2. Firm-wide buy-in:

A remediation programme is likely to touch upon every function within an organisation. Having firm-wide buy-in and acknowledgement of the programme will help understand and identif