How to create a strong Customer Identification Program – CIP?

The CIP is the key to how you identify the entities that you interact with, whether they be physical persons or legal entities. A strong Customer Identification Program (CIP) is essential for ensuring compliance and mitigating risk. 

 

As the second pillar in the framework for establishing a Robust and Automated Risk & Compliance Management Program, a well-structured CIP not only helps businesses meet regulatory requirements but also strengthens their overall risk management efforts.

 

In this article, we’ll delve into the key elements of creating a strong CIP and explain its critical role within the larger compliance ecosystem. To explore the other four pillars of a comprehensive compliance strategy, be sure to download the full Whitepaper.

 

What do you need for a strong CIP?

 

What you need in this customer identification program, or counterparty identification program, if you prefer to call it that, is reliable entity identification

You need a reliable means to identify the entities that your business interacts with. 

 

This means the people as well as the companies that they represent.

That also means back to the UBO, the ultimate beneficial owner. You need to understand who the people are that are behind the companies you’re interacting with. 

 

You need accurate identity verification, so you need an efficient and accurate means of ascertaining that the identities provided are legitimate and truly representative of the businesses you’re dealing with.

 

You need the entity’s objectives and history, so you need to verify the nature of the relationship and the past activities of the entity to determine that the contemplated relationship has a clear business purpose and that the entity is legitimate and representing itself for what they are. 

Remote onboarding is difficult and the levels of fraud are on the rise today, so you need an automated customer identification program to manage this risk and scale.

 

First step

 

The first step in your customer identification program is to identify the customer, and the old way is to speak to them and have them provide you with documents. You review those documents and certify the ID of the customer. 

 

The new way is to let customers complete a digital identification process on a secure portal that they can do with their phone or their computer.

The new result is that customers can onboard 24-7 automatically from the convenience of their own home or office. 

 

There’s no more need to travel to onboard a customer. This does, however, involve new challenges, but using a digital customer identity portal will improve both the quantity and the quality of your customer’s experience and will reduce fraud and provide data protection for you. 

 

 

The second step

 

The second step is to gather additional information, and the old way is to ask the customer for more documents in what is typically a back and forth done with at best email and often with telephone or even more primitive means of communication, and the old result is that you would receive these documents by various channels bit by bit and manually check and review them. 

 

The new way is to allow the customers to digitally upload those documents via the same secure portal that they onboard themselves on.

 This results in faster onboarding, document requirements are clear, and the customers are happy because it’s easier for them to complete the process and much, much more efficient.

 

By using a digital customer identity portal, customers upload all the documents they need using direct upload of PDFs, and JPEGs, take pictures as needed, use a clear and automated to-do list showing everything that they need, and you get your deals done faster and more securely. 

 

The third step

The next step is the initial verification. Once you’ve received all of these documents, you do a visual inspection in the presence of the representative in the old way, and the results depend on the experience of the particular individual and the subject, they’re subject to bias and weaknesses that may be apparent in the individual doing the job. 

 

For example, the person reviewing the documents may simply be tired and miss something that they should see. 

 

The new way of doing this is to maximize our leverage of artificial intelligence and computer vision to assist and speed up the inspection and analysis of documents remotely collected.

 

We also use programmatic means to do things such as verify phone numbers provided and obtain risk assessments from telecom companies

 

The new result is that you get better risk management, faster onboarding, and happier counterparties. So using computer-assisted verification, leveraging AI, the initial check of an identity can be programmatically advanced so that the final decision is faster, more objective, and more reliable.

 

If you’d like to learn more check out our social media, and book a call with us. We’d love to have a conversation and see if we could help you out, see if we’re a good fit, and give you a price. Looking forward to meeting you.

What Are The 5 Pillars Of A Robust Compliance Program 

It is possible to automate compliance that’s easy to use, but building the tools is technically very challenging and requires specific skills. KYC3 is the only team dedicated to solving this for AIFM, private equity, transfer agents, and wealth management. We’ve got more than 15 years of experience in the regtech space, and 30 years of experience in technology overall.

 

Jed Grant, the founder of KYC3 has been developing software since the 1990s, and he knows how to build systems that just work. 

So let’s get down to it. In this article, we want to run through the five major functions of your compliance program, and then we’ll share with you detailed articles on each of these pillars,coming soon.

So let's talk about the first one, getting the fundamentals right.

 

So when you work on your compliance program, you really need to understand your Risk Tolerance. You need to get your risk acceptance, get your processes, and make sure that they are well governed and reliable.

The second pillar is your Customer Identification Program.

You need a strong way to identify the entities that you interact with, and that means both individuals and corporate entities, all the way back to the UBOs and controlling individuals of those corporate entities. So you need to have the procedures, tools, and policies in place to ensure that you’re identifying your customers reliably, correctly, and with accurate determination of who they really are and who they represent.

 

 

The third pillar of your compliance program is your Customer Due Diligence.

You need to review the documentation, you need to conduct due diligence checks, you need to understand the risks, and you need to remediate those risks. 

This means that the information provided by your customers needs to be corroborated by third parties.

 

The counterparties you interact with should have proof of existence, they should be documented, and you should be able to find that they are legitimate business entities and individuals acting in the manner and for the purpose that they disclose to you. 

The fourth pillar of your compliance program is your Customer Monitoring,

and this is the ongoing monitoring of all the counterparties that you interact with, and understanding the risks involved there. 

You need to control for PEP and sanction involvement, you need to understand adverse media, and you need to understand the dossiers and reassess periodically the risk that they represent.

This means you need a deep understanding of not only your counterparties, but the products, the channels, and the geographies in which you operate with those customers. 

 

This is very important on an ongoing basis, and it means daily. 

And the fifth pillar of your compliance program is your Audit and Reporting.

You need to have reliable, accurate, and consistent reporting. 

You need data to drive your decisions, you need data to provide to your auditors, you need accurate records of who decided what, when, and who accepted which risk at what time, and you need all of these decisions well documented, well chronicled, and auditable. 

You need to be able to easily provide this information to your internal auditor, your external auditor, and your regulator.

 

If you can get all five of those fundamentals correct through your whole compliance program, you will have an efficient and effective program that will run cost-effectively in the background without causing friction for your customers, and without costing an arm and a leg. 

 

So if you’d like to learn more, book a call with us. We’d love to have a conversation and see if we could help you out, see if we’re a good fit, and give you a price.