Knowledge Sharing Session

Customer Due Diligence & Know Your Customer

2017

www.firstbanknigeria.com 1
Learning Objectives
At the end of this session, you will better understand:

Know Your - Customer

&
Customer Due Diligence

www.firstbanknigeria.com 2
 Outline

Background
Importance of Compliance
Know Your Customer
KYC Regulations
Objective of Customer Due Diligence Procedures
Risk Based Approach
Consequence of Non-Compliance
Suspicious Activity Reporting
Conclusion

www.firstbanknigeria.com 3
 BACKGROUND

It has been observed that there has been an increase in

regulations being released by the Central Bank of Nigeria,
which we must adhere to. Failure of compliance can result in
sanctions in the forms of penalties and fines.
RULES AND REGULATIONS CAN BE :
Internal External

EVERY REGULATION COMES WITH A RISK

4
The Importance of Compliance

GOOD BUSINESS PRACTICE

Why?

Lower your Regulatory

Risks Bank of preferred choice

5
How Well Do You

6
Know- Your Customer Program
Customer Identification Program

Collect & Document a Customers name, date of birth,

Address and Verify identification presented

Obtain Information to
Customer Due Diligence verify the Customers
Identity and Assess
the Risk

Determined as High Risk? Determined as Low Risk?

Enhanced Due Simplied Due

Diligence Diligence

7
CDD: A Global Requirement

Financial Institutions the world over have CDD recommended as a

minimum requirement for the establishment of account relationship
with customers, KYC/KYCB therefore, provides the pedestal upon
which this can be efficiently done.

The quality of KYC/KYCB done will, to huge extent, determine the

amount of CDD that can be exercised on customers and their
transactions.

It is therefore critical to understand the basic dynamics of CDD

That is why we are here!

www.firstbanknigeria.com
 Know Your Customer (KYC)
What is KYC?

KYC is the process by which a bank or financial institution checks the

identity, background and other aspects of the source of funds of potential
and existing customers (also known as due diligence checks) before
entering into or continuing relationship with them.

KYC ensures you know your customer

KYC helps to reduce reputation/financial risks as it involves:

checking that a prospective customer is not listed on any sanction lists

Checking that the customers source of funds is legitimate PEPs/FEPs

for instance.

www.firstbanknigeria.com
What Do The Regulations Specify?
Section 3 of the Money
Laundering (Prohibition) Act,
2012:
requires that bank customers
must be Properly Identified
before entering into account
relationship with them.

s.14 (1) of the Central Bank of

Nigeria AML/CFT Regulations
2013:
states a financial institution
shall identify their customers,
whether permanent or
occasional, natural or legal
persons or legal arrangements
and verify the customers
identities using reliable,
independently sourced
documents, data or information
10
KYC Regulatory Requirements
S.3, MLPA 2012 (As Amended)

A Financial Institution (FI) shall identify and verify its customers

identity and address before:

opening an account for the customer,

issuing a passbook to the customer,
entering into fiduciary transaction with the customer,
renting a safe deposit box to the customer, or
establishing any other business relationship with the
customer.

www.firstbanknigeria.com
KYC Regulatory Requirements
S.3, MLPA 2012 (As Amended) Individual Customer

An individual customer shall be required to provide proof of his

identity, by presenting a valid original copy of an

official document bearing his name and photograph
address, by presenting originals of receipts issued
within the last three months by public utilities.

www.firstbanknigeria.com
KYC Regulatory Requirements
S.3, MLPA 2012 (As Amended) Corporate Customer

A body corporate shall be required to provide proof of its identity

by presenting its:

Certificate of incorporation, and

Other valid official documents attesting to the existence of the
body corporate

Other requirements are summarised thus:

A proxy to an account shall provide a power of attorney,

Information as to the true identity of the principal shall be sought
where it appears that a customer may not be acting on its own
behalf

www.firstbanknigeria.com
 KYC Regulatory Requirements
CBN AML/CFT Regulation 2013

Section 46: Duty to obtain identification evidence

FI must be satisfied that, a prospective customer is who he/she is or

claims to be before agreeing to carry out banking service or provide
advice to a customer.

the FI must verify the identity of both the customer and the agent/trustee
if the customer is acting on behalf of another.
Section 47: Nature and Level of the Business

FIs are required to obtain sufficient information on the nature of the

business their customer intends to undertake, including the expected or
predictable pattern of transactions.

www.firstbanknigeria.com
KYC Regulatory Requirements
CBN AML/CFT Regulation 2013

The information collected at the outset for this purpose should

include:

purpose and reason for opening the account or establishing

the relationship;

nature of the activity that is to be undertaken;

expected origin of the funds to be used during the

relationship; and

details of occupation/employment/business activities and

sources of income.

www.firstbanknigeria.com
 WHAT IS OUR RESPONSIBILITY?
Know what the law says:

Identification Address Business

KYC / KYB

Maintain all accounts with the required documentation

Review account activities to gain full understanding of

transaction patterns
16
KYC/KYB REQUIREMENTS
Proof of Identity any of the under listed and where applicable

Identification

National
Identification
Valid Valid
International National
Passport Driving
License

17
Identification standards (contd.)
THIRD PARTY IDENTIFICATION:

Where the Customer does not have an identification card, the option of using
a third party to identify him is available based on the following requirements:

Provide any of the acceptable national IDs (Drivers License, International

Passport, Tax Identification Card, Voters Card and National ID).
Introduce in writing, the prospective account holder and ensure that the third
party identifiers signature and KYC status is verified.
Filling the Identification Form
Be a First Bank account holder with complete KYC details (including address
verification).
Please note , In line with the CBN Financial Inclusion Policy requirement,
you are required to render returns to Compliance Department on any
account opened using a third party identifier.

18
KYC/KYB REQUIREMENTS
Proof of Address any of the under listed

Address Original copies of utility bills e.g. PHCN, water rate,

tax receipts etc. bearing address

Letter from the Landlord/caretaker; to support bill

where applicable

House rent receipt bearing address given & name of

customer

Letter from the Village Head/Community Leader,

local government, etc confirming knowledge of
person & place of abode
Other reasonable & valid means of address
identification subject to verification/discretion of the
BM

19
 State source of
funds
State type of
Know Your Customers Business business
State turnover
where applicable
State
creditors/debtors
State country of
Accurately complete relevant section (KYB) on business
account opening form
Business
Regularly update/annotate fresh information
/changes in customers business on file by way of
memos after contact where applicable

Be aware of PEP accounts and monitor closely place any

unusual public/media report on file

Complete risk assessment form and diarise to examine

accounts according to risk ratings

Maintain regular contact with customers when ever necessary

Adopt various discretions in knowing the customers business

20
 CRITICAL POINTS TO NOTE

Evidence of identity for the account holder

For individual
Evidence of Address
Account obtain:
Source of income

Evidence of Identity for each signatory to the account

Evidence of Address for each signatory to the
account
Evidence of Address of the company
For Corporate All relevant company formation documents
Account obtain: Memart
Form C07, C02
Board Resolution
Conduct Search
Etc.

21
 WHAT WE MUST DO

Obtain all relevant documents. This is a must.

Create a Mandate file containing all documents
For New Account which have been duly received, verified and
Individual/Corporate: originals sighted
Account opening form must be duly completed by
the customer

Contact customer in any form - visitation, writing, phone

For Corporate
call, etc to provide missing documents
Account obtain:
Diarize all necessary follow-ups and induce action

22
The Importance of KYC/B

KYC / B UNUSUAL SUSPICIOUS

You can not get to

Suspicious General
Rule
unless you get to
Unusual
and you can not know what is unusual
unless you:
Know Your Customer , and
Know Your Customer s Business.

www.firstbanknigeria.com
How can we enhance KYC quality?

By doing the following:

All standard questions in the KYC form/checklist are

answered with sufficient clarity (e.g. nature of business,
professions, etc). All information must be received and no
blank spaces should be left on the form. Where information
is not available, state so.

For higher risk (Medium & High) accounts, obtain (and duly
document) additional information to support the decision
making

For other accounts, additional KYC information is useful.

This will help in alleviating doubts of the customers source
of income and/or if s/he is involved in money laundering or
any financial related crimes. When in doubt, ask more
questions and document the answers
www.firstbanknigeria.com
Account Opening Documentation Requirements
Detailed documentation to be obtained for various account
types/categories have been uploaded on the portal.
The various account types include the following:
Savings Account & Current Account
Accounts of Association/Clubs/NGOs/Charities/Religious
Bodies/Political Parties/Trustees/Union
Sole Proprietorship Account
Partnership Account
Corporate Account
Accounts of Schools/Colleges & Universities
Government Account; with the exception of Federal Government
accounts which have been moved to the Treasury Single Account
at the CBN
Co-operative Societies
Residents & Non-residents Accounts
Diaspora Accounts, etc.
www.firstbanknigeria.com
 KYC Red Flags
Customers who are involved in new line of business but reluctant to
provide information on their business activities, location & directors

New customers who provide incomplete, conflicting or inconsistent

information when establishing relationship

Residential addresses provided by applicants that, in reality, are merely

mail drop

Businesses that present financial reporting that is at odds with similar

sized businesses in the same industry size/turnover

Opening of multiple business relationship by an individual using the

same address, or different individuals using the same address

Establishment of numerous accounts or relationships using variations

of the same name.
www.firstbanknigeria.com
 The Customer Due Diligence Process
Customer Due Outcomes
Inputs
Diligence

Client Profile Client

Identification
Client
Beneficial Owners
Identification
Prospect Client

& Controllers Risk Acceptance of

Factors the Relationship

Client
&
Relationship Rating
Client Verification SoW/ SoF
Structured KYC
Screening File
Solutions -
PEPs, Media

SoW Source of Wealth

SoF Statement of Financials

27
Objective of Customer Due Diligence

Enable the bank predict with relative certainty the types of

transaction in which a customer is likely to engage

Assists in helping the bank in determining when transactions are

potentially suspicious

28
 Risk Based Approach
The risk-based approach to CDD and ongoing monitoring (RBA) is recognized as an
effective way to combat ML/TF. The general principle of an RBA is that where
customers are assessed to be of higher ML/TF risks, FIs should take enhanced
measures to manage and mitigate those risks, and that correspondingly where the
risks are lower, simplified measures may be applied.

A Risk Based Approach means focusing time and effort on the highest risk
customers. Generally this means:

Low risk - simplified or lesser amount of due diligence

Medium Risk - Standard Due Diligence (e.g., more due diligence than
Low)

High Risk - Enhanced Due Diligence (EDD) (e.g., deep information

gathering)

www.firstbanknigeria.com 29
 High Risk Geography, Products, Businesses

When you know where the risks are you know where to focus your resources

www.firstbanknigeria.com 30
Risk Categories
Risk factors used to assess a business money laundering and terrorist financing risks
generally fall into three categories:
Customer - Certain types of customers have
been associated with an increased risk of money
laundering:
Cash Intensive Businesses such as
Supermarkets
Money Service Businesses
Casinos and Gambling e.g. Betting shops
Unregulated Charities/NGOs
Foreign Financial Institutions
Shell Companies
Politically Exposed Persons
Dealers in High Value or Precious Goods
e.g Jewelry dealers, Electronic dealers
Products and Services - Certain products and
services have been associated with an
increased risk of money laundering or terrorist
financing because they allow a customer to
conduct unusually large or rapid transactions or
they allow transactions to occur with relative
anonymity:
Products that allow customers to convert
cash to other monetary instruments (such
as travelers checks, money orders,
cashiers checks and bank drafts)
Products or service that allow customers
to readily move value from one
jurisdiction to another
Private banking services
Correspondent banking services
www.firstbanknigeria.com 31
 Risk Categories

Geography - Certain geographic locations have been associated with an increased risk of money
laundering or terrorist financing. The fact that a customer is domiciled in such a location or a transaction
is originating or concluding in such a location, may not, in and of itself, signify an increased risk.
However, geographic risk, in conjunction with other risk factors, may provide useful information as to the
potential money laundering or terrorist financing risks:

Examples:
Drug Producing Countries

Drug Transit Countries

Drug Consumption Countries

Bank Secrecy Jurisdictions Tax Havens

Countries named by FATF as Non-Cooperative

Countries with a high level of Public Corruption

Countries related to Terrorist Financing

www.firstbanknigeria.com 32
Customer Due Diligence.

Simplified Ongoing Enhanced

Due Due Due
Diligence Diligence Diligence

Verifying the Assessing the Monitoring

customers risks associated higher risk
identity with that customers and
customer on-going due
diligence of the
customers
business.

33
Scenario Observed Methods of Due Diligence &
Suspicious Transaction Monitoring

8
Customized
transaction profile
with tailored 7
monitoring against
transaction profile 6
H
5

4
M
Source of
Wealth / 3
Financial
Statement
2
ML
1
Basic profile; L
generic
0
threshold
1 2 3 4 5 6 7 8
monitoring
Series 1 Column1

1. Generic Savings 4. Clubs and Associations 7. Money Service

Account 5. Wealth Advisors Businesses
2. Current Account 6. High Net Worth 8. Shell Companies
3. SMEs Individuals

34
Questions to ask for risk factor determination
Is there a clear business rationale for the type of product being requested?
What is the volume of products being requested and does this align to the size of
Nature of Product
the business?
Is the request for a non-NGN currency account with no pre-existing relationship
with the bank?
Is the account being opened in a location where the customer is not domiciled or
incorporated?
Geographic Is the entity incorporated in an offshore tax haven?
Is the customer domiciled or incorporated in a high risk country?
Does the customer have a business involvement within a sanctioned country?
Does the customer operate in an industry that has been associated or suspected
of corruption?
Customer Industry Does the customer operate in an industry and geographies that are known to be
Sector involved in organized crime?
Is the customer a member of a political activist group, animal rights group or
outside of the Banks risk appetite?

Does the customer have a complex or opaque ownership structure?

Ownership Structure Can the ultimate beneficial owner (an individual or entity) be identified?
Has a Corporate Director been identified?
Do any Nominee Shareholders or a Nominee Director(s) exist?

Delivery What is the expected type of transaction and frequency?

Channel What will be the method and origin of funds?

www.firstbanknigeria.com 35
Poor industry practice

An inappropriate risk classification system makes it almost

impossible for a relationship to be classified as high risk.

Higher-risk countries are allocated low-risk scores to avoid enhanced

due diligence measures.

Relationship managers are able to override customer risk scores

without sufficient evidence to support their decision.

Risk assessments on money laundering are unduly influenced by the

potential profitability of new or existing relationships.

The firm cannot evidence why customers are rated as high, medium
or low risk.

A UK branch or subsidiary relies on group risk assessments without

assessing their compliance with UK AML requirements.

www.firstbanknigeria.com 36
 Consequences of non-compliance AML/CFT
Requirements

Monetary Fines Imprisonment

According to the CBN AML/CFT Manual the penalty for defaulting the regulation are as
follows;

Individuals 10,000,000 Ban indefinitely or for a minimum period of

Corporates 25,000,000 5 years with the possibility of legal
prosecution

www.firstbanknigeria.com 37
 Consequences Fines
One of the consequences of non-compliance is the risk of incurring fines. In 2015
Eleven(11) banks in Nigeria were fined a total of 7.492Bn for a total of 71 regulatory
breaches. They are;
Bank Penalty Details
UBA was fined 2.968Bn for 8 infractions, which included failure to report public
sector funds, non-compliance with CBN guidelines for appointment to Management
and failure to review credit policy every 3 years as prescribed by CBN

Zenith Bank was fined 60Mn for 9 infractions which included failure to report public
sector deposits and a fraudulent NIBSS scam from account in Enterprise Bank to
the Valluci Properties Limited

GTB was fined 82Mn for 5 infractions, which included delay in transmitting list of
TSA names to the CBN, late rendition of returns and contravention of CBN circular
on prior clearance of prospective employees of banks

FCMB paid a total fine of 177Mn for 13 infractions, which included Failure to carry
out due diligence and non rendition of suspicious
transactions report (STR) and FX sales infractions to BDC transactions

Access Bank paid a total of 18Mn for a 7 Infractions

www.firstbanknigeria.com 38
Consequences Fines

Bank Penalty Details

Union Bank paid a total of 46.28Mn for 8 infractions, amongst which
included non-compliance with CBN guidelines for appointment to
Management, spot check on public sector deposits and AML/CFT infractions
Fidelity Bank paid 44Mn in fines for 8 infractions with the largest fine it paid
being 28Mn as penalty payment on CBN FINA returns

Wema Bank paid a total of 8.087Mn for 3 infractions, which included

granting loans without BVN and delay in filling return on AML/CFT and failure
to meet TSA deadline
Sterling Bank was fined 13Mn for 5 infractions, which included failure to
meet the deadline for transfer of Funds to Treasury Single Account, delay in
response to CBN Directive in respect of reporting lines of the Chief
Compliance Officer and Not classifying customers into appropriate risk
category and incomplete account opening forms
Diamond Bank paid a total of 76Mn for 9 infractions in 2015

Skype bank was fined 4Bn in 2015 for failing to render appropriate returns
to the TSA

www.firstbanknigeria.com 39
 Consequences Fines
FirstBank also encountered huge infraction cost in 2015 due to the firms inability to comply
to a number of regulatory requirement. The table below shows the details of the infraction
and the value of the fine.

Infraction 'millions
Incomplete disclosure of unremitted FGN MDA Deposit balance 1,880

Delay in providing CBN Examiner with CDD information on 8 PEPs 2

Non-compliance with CBN directive of CCO reporting line 2

Non-compliance with CBN FOREX policy on front loading 2

Failure to meet the deadline for the transfer of TSA funds 2

Failure to obtain CBN's approval before the acquisition of a property 6

Total Value 1,894

This total amount lost by the bank in 2015 due to regulatory infraction as detailed
above, is equivalent to 2.9% of the total staff cost for the year and 55.5% of the total
value of the directors remuneration.

www.firstbanknigeria.com 40
 Consequences Fines

In August 2016. we paid out on fines for the following infractions:

Infraction 'millions

Incomplete account opening documents given to the regulators for review 2

Incomplete/ non-provision of account opening files for regulators 2

Branch did not provide to CBN examiners the account opening/ KYC documents for 25
2
PEPs. Only BVN information was provided.

Failure to conduct AML/CFT compliance audit exercise in Abuja Main and Maitama 4

Breach of maximum single deposit on Tier 1 account 2

Total Value 12

www.firstbanknigeria.com 41
 Consequences Jail Term & Disengagement
In other cases non-compliance can lead to disengagement or even jail term for the party
involved.
Individual Penalty Details
Former Deutsche Bank managing director Martyn Dodgson was
sentenced to four and a half years in prison, for his part in an elaborate
scam that prosecutors said made more than 6.9m between 2006 and
2010.

Martyn Dodgson The Guardian May, 2016

Lrus Welding was sentenced to a jail term of up to five years for
market manipulation and breach of fiduciary duties. He was the former
CEO of Icelands Glitnir bank.

Lrus Welding Iceland Magazine December, 2015

The CEO of Skye Bank, Timothy Oguntayo resigned and the other top
executives were sacked by CBN for failing to comply to the capital
adequacy requirements as prescribed by the Apex Bank. In 2015, CBN
gave the Bank a deadline of June, 2016 to recapitalize, after it had
failed to hit a minimum capital adequacy of 10%

Timothy Oguntayo Central Bank Nigeria July, 2016

www.firstbanknigeria.com 42
43
Suspicious Activity Report
What is a suspicious transaction?

FATF Rec. 20 - Countries should have law or regulation that requires

reporting entities to file suspicious transaction to the FIU

MLPA 2012 (As amended), Sections 6 Suspicious transaction is where

a transaction
involves a frequency which is unjustifiable or unreasonable;

is surrounded by conditions of unusual or unjustified complexity;

appears to have no economic justification or lawful objective; or

in the opinion of the financial institution or designated non financial institution

involves terrorist financing or is inconsistent with the known transaction
pattern of the account or business relationship.

www.firstbanknigeria.com
Suspicious Activity Report
Obligation of Financial Institutions

Where a Financial Institution has reasonable grounds to suspect a

transaction, it shall seek information from the customer relating to:

the origin and destination of the fund;

the aim of the transaction; and

the identity of the beneficiary.

In deciding what transactions to report, the key test is that there are
reasonable grounds for suspecting that the transaction involves money
laundering and terrorism financing
The reporting entity needs to explain the basis for its suspicion

www.firstbanknigeria.com
Suspicious Activity Report
Obligation of Financial Institutions Contd

Reporting must relate at least to all predicate offences as defined by

the FATF in Recommendation 3

Must also apply to attempted transactions.

No threshold must be obligatory to report all suspicious transactions,

including attempted transactions, regardless of amount.

The STR is always submitted in a standard format designed by the NFIU

Window period is 24hrs (ML) and 72hrs (TF)

Fine of N1,000,000 for everyday of non-compliance.

www.firstbanknigeria.com
Suspicious Activity Report
What are the information to report?

Information about the reporting entity

Details about the person conducting or attempting to conduct the

transaction

Details of the transaction itself.

www.firstbanknigeria.com
 Suspicious Activity Report
Tipping off & confidentiality clause

FAFT Recommendation 20 requires that Financial institutions, their

directors, officers and employees should be:
protected by law from criminal and civil liability for breach of any restriction
on disclosure of information imposed by contract or by any legislative,
regulatory or administrative provision, if they report their suspicions in good
faith to the FIU, even if they did not know precisely what the underlying
criminal activity was, and regardless of whether illegal activity actually
occurred; and

prohibited by law from disclosing (tipping-off) the fact that a suspicious

transaction report (STR) or related information is being filed with the FIU.

www.firstbanknigeria.com
 Toward best Compliance

Global basic requirement of all AML legislation and regulations is

the need for CDD also known as KYC background checks

Note
Without this due diligence, institutions can become subject to
reputational, operational & legal risks which can result in
significant financial loss.

www.firstbanknigeria.com
 Your responsibility

Think Compliance before acting

Avoid Dubious Business
Comply with all relevant laws
Report any breaches or suspicions
Respect Customer Confidentiality
Ensure that products are suitable for customer
Present products professionally and truthfully
Do not sign documentation on behalf of the customer
Do not process cheques or cash on behalf of the
customer
www.firstbanknigeria.com
Conclusion

Who is
Who is
responsible for
Who is responsible for
compliance?
responsible for compliance?
compliance?

www.firstbanknigeria.com 51
Conclusion

YOU! YOU!!!
YOU!!

www.firstbanknigeria.com 52
THANK YOU

www.firstbanknigeria.com