As regulatory consultants, we have become accustomed to the reaction we get from clients when we mention the word ‘remediation’. The word itself is an indication of failure, that policies and procedures were either not in place or were not followed correctly. However, there are several reasons why a customer record may become ‘out of date’, through no fault or failure of the financial institution.

In response to the legislation and regulatory expectation to keep customer records ‘up to date’, many firms have developed a ‘remediation’ approach to maintaining customer records. This means that periodic reviews and trigger events are used to determine whether the records are still up to date, but for many organisations, a customer won’t be picked up in a periodic review for many years, and might never hit a trigger event, which ultimately results in remediation activity being required.

At Deloitte, we have developed an approach to reviewing customer records that is designed to prevent future remediation work by applying a robust, risk based, future looking regulatory gap analysis and ongoing approach to KYC. The key components of our approach are as follows:

• Identification of gaps - perform sample testing to identify categories of customers where there is a greater risk of documentation and information deficiencies

• Standards and future proofing - set the standard against which customer files are reviewed

• Jurisdictional differences - standardise group requirements and ensure that they are sufficient to meet local requirements

• Technology - use technology to develop the most appropriate operating model for the ongoing management of KYC

Read more about our process and how it was implemented at a Global Wealth Manager here.