The recent amendments to client identification provide Reporting Entities the opportunity to streamline their client acquisition processes whilst still meeting obligations under the AML/CTF Act. Reporting Entities can collect customer identification (KYC) information “about” a customer from other sources rather than “from” a customer. Further, electronic safe harbour provisions were also eased to make verification of KYC information simpler.

Collection of KYC Information “about” a Customer

This amendment broadens the methods of collection of KYC information about a customer to include collection of the information from other sources other than the customer. This change applies to all customer types.

Previously Reporting Entities were required to only collect the information “from” a customer which is a higher threshold and needs more participation from the client. Many Reporting Entities regarded this as burdensome because they can easily find out certain details about a customer from other sources such as an ASIC Company Extract or the electoral rolls and populate the KYC form with the basic information.  The amendment provides firms with the opportunity to streamline the interaction with clients and reduce the time needed to be spent by a client in order to open an account.

Now the amendment allows the Reporting Entities to either collect the information “from” a customer or “about” the customer. This not only provides greater flexibility and discretion, but also cost savings to Reporting Entities. The estimated annual savings are $7.2 million to financial institutions and $7.9 million to individual customers. The basis for such cost savings is that manual data entry time is reduced by around 4 minutes per customer and the time it takes the average new customer to complete an application form is reduced by around 12.5 minutes.

Simpler Verification of KYC Information

Verification procedures have been made easier for those Reporting Entities adopting electronic-based ‘safe harbor’ procedures to verify customer information for individual customers with a medium or lower ML/TF risk. Reporting Entities now only need to verify 1 mandatory component (a customer’s full name) and at least one of 3 discretionary components (residential address, date of birth or transaction history for at least the past three years). Either a customer’s full name and residential address and/or date of birth must be verified against at least two separate data sources.

If your entity employs electronic data verification method, we suggest contacting your external service providers and check if they have built the functionality to implement this change.

Prior to this amendment, a customer’s full name and residential address are the 2 mandatory components of verification procedures. A reliable and independent source that only verifies against a customer’s name and date of birth that would have been considered an unacceptable data source in the past is now an acceptable data source.

Despite the benefits of this change, Reporting entities still must ensure that they apply a risk-based approach in customer identification and verification procedures in order to stay compliant with the Rules and other applicable laws.

These amendments were introduced on 8 September 2016 by the Chief Executive Officer of the Australian Transaction Reports and Analysis Centre (AUSTRAC). For more information, please refer to Anti-Money Laundering and Counter-Terrorism Financing Rules Amendment Instrument 2016 (No. 1) and its Explanatory Statement.