How entity data can help you meet regulatory requirements: why it matters and where to start
By James Redfern
14 December 2021
Uncovering entity data is a basic component of due diligence, but how does this data enable businesses ensure that they are meeting regulatory requirements? Keep reading for an overview on utilising entity data to address key global regulations.
The relationship between entity data and regulatory requirements Organisations are subject to mounting regulatory pressure to correctly identify and understand the entities with whom they are doing business. With fraud and money laundering growing at a significant rate, it is easy to see why these regulations are in place, but certain challenges may arise while conducting research on key entities, especially in jurisdictions throughout the Middle East and Africa (MEA).
Lack of cohesion in record management, information barriers, and poorly updated systems can all play a part, especially in emerging markets. The Financial Industry Regulatory Authority (FINRA) Rule 20901 and Rule 2111 (Suitability)2, for example, require businesses to keep records of the name, date of birth, and residential address of each customer. However, some local registries in the MEA region do not require or record this information, which makes expanding business into the region problematic when adhering not only to regulations, but also to Know Your Customer (KYC) best practices and other internal policies and procedures.
The same holds true for European Union Anti-Money Laundering directives3, which require businesses covered by these regulations to perform due diligence checks when there are changes in key information and when money laundering is suspected. As a result, due diligence checks are required throughout the lifespan of the customer relationship.
Such a frequent need for information-gathering requires easy access to resources but sourcing accurate entity data (ideally from independent primary sources) can be both challenging and time-consuming. Bridging the gap between complex information gathering and KYC best practices often requires the help of intelligence gathering agencies.
Why entity data matters It goes without saying that recording and maintaining up-to-date entity data is essential for regulatory compliance. If data is out of date or inaccurate, regulators have the power to issue fines for non-compliance. This is why organisations need to maintain clear, transparent records of all entities with which they have a relationship.
From a business perspective, maintaining customer data ensures relationships are above-board and appropriate. Much of the due diligence process is driven by regulations, but fundamentally, information gathering is also about good business practice. Organisations should not want to buy from or sell to someone they do not know.
For example, two high-value customers might appear to be separate entities, but information gathering may reveal that they are owned by the same parent company. Should that parent company fail, an organisation may lose two of its most important income sources.
Uncovering this information is key to meeting regulatory requirements and also protecting your organisation from financial risk.
Regulatory requirements It is crucial to ensure a thorough understanding of the regulatory requirements in force. These requirements are generally dependent on the geographic location of both the organisation and the customer, but certain industries may also be affected by specific regulatory requirements.
Some major task forces, directives, and regulations include:
Financial Actions Task Force (FATF)4 — This global regulator sets standards to prevent money laundering and terrorist financing. One key data point they ask for is the full name(s) of the entity owner(s), which could be anyone with a 25% or more stake.
Office of Foreign Assets Control (OFAC)5 — This is a U.S.-based task force similar to FATF. It administers and enforces economic and foreign trade sanctions based on U.S. foreign policy.
European Anti-Money Laundering 6th Directive3 — This directive aims to harmonise the definition of money laundering across the EU, with specific goals to block loopholes that may be present in member states.
Beneficial Ownership Regulation6 — This is a U.S. regulation from the Financial Crimes Enforcement Network (FinCEN), which requires all covered financial institutions to collect and verify information about the beneficial owners of an entity when a new account is opened.
Identifying the ultimate beneficial owner (UBO) of a legal entity is a key component of regulatory compliance to understand the links between that entity and who controls it, and ultimately the risks of its exploitation for money laundering and terrorist financing.
UBO legislation is in place to help provide transparency to firms with knowing who their customers are. However, sourcing ownership data can be difficult and there are inconsistencies from country to country and across different regulatory bodies.
Circular ownership structures, for example, come into play frequently, especially in the MEA region. These structures can be used to hide beneficial owners for the purpose of money laundering.
At Diligencia, our speciality is exposing these structures, providing clarity, and unveiling data that might otherwise be inaccessible.
Contact us to find out how we can help with due diligence solutions and corporate intelligence services across the Middle East & Africa. Our legal entity data on organisations and individuals across the region is available via our online platform www.ClarifiedBy.com.