Overcoming KYC and AML Obstacles in the Middle East

This article was originally published by PaymentsSource.

In the global fight against financial crime, each world region faces unique challenges, and those faced by the Middle East are, arguably, some of the most complex.

Geographical proximity to less stable countries inevitably makes members of the Gulf Cooperation Council (GCC) vulnerable to money laundering and terrorist financing risks but as a thriving global financial and trade hub, the Middle East takes financial crime very seriously. The GCC, as a full member of the Financial Action Task Force (FATF), is committed to implementing FATF’s 40 Recommendations and as sanctions screening requirements across the region have steadily become more stringent, organisations have turned to automation in order to meet their AML/CFT obligations.

According to a recent industry survey[1], 52% of organisations in the region now use automation technology as the primary monitoring technique for fraud and economic crime, and 82% agree that the use of continuous real-time monitoring helps their organisation combat fraud.

Automation brings huge benefits, allowing institutions to accurately and efficiently screen customers and transactions, without negatively affecting the customer experience. With new payment methods facilitating instant payments, customers’ expectations are shifting and a smooth and seamless service is almost a fundamental requirement. The Middle East, however, presents some significant and unique challenges when it comes to AML, CFT and know-your-customer (KYC) compliance checks.

What’s in a Name?

An individual’s name is the starting point for many compliance checks, notably KYC and politically exposed person screening. In Western cultures, identification checks are reasonably straightforward – individuals typically have a surname and one or more given names (although there may be spelling and abbreviation issues to address). If a name is flagged for any reason – for example, similarity to the name of a Politically Exposed Person (PEP), the next level of checks applies, such as address and date of birth.

Traditional Arabic names, though, can complicate compliance checks considerably. Typically, an Arab Muslim name has up to five elements.

  • The first three are patrilineal: a personal name; their father’s name: and grandfather’s name, sometimes separated by ‘bin’ (son of) or ‘bint’ (daughter of).
  • That is usually followed by a ‘nisba’, or family name, which could be a tribal name, ancestral name or even place of birth.
  • In some cases, a ‘laqab’, or descriptive epithet, is also included, and/or a ‘kunyya’, the name of their eldest child (preceded by Abu if the parent is male, or Umm if female).

Obviously, the potential for duplication or confusion is huge, exacerbated by translation and the fact that Arab spelling can be fluid (Mahmoud and Mehmood for example).

Some names are also extremely common; there are an estimated 150 million men and boys in the world named Muhammad, for example. It is hardly surprising that Arab names are the single biggest cause of false positive alerts from compliance software; 34% of companies in the Middle East say their systems routinely generate large numbers of false positive alerts[2].

Beyond the Name

Commonality of names is by no means the only difficulty in the Arab world. A number of other cultural issues complicate customer due diligence further:

  • Date of birth. It is not common practice in some regions to obtain a birth certificate when a child is born, with the result that many people have a birth date registered as 1 January, the date routinely used in a passport application.
  • Residential address. The use of PO box numbers, rather than a street address, is widespread. PO box numbers are not accepted as proof of address, and an added complication is that utility companies do not always specify the residential address where services are supplied.
  • Tax-free jurisdictions. The paperwork and data generated by a tax system is useful for due diligence and compliance checks, however, regulatory reports are limited in tax-free jurisdictions and reporting practices tend to be less rigid and reliable. Tax-free jurisdictions also tend to encourage a culture of opacity and a reluctance to disclose financial information.
  • Islamic banking conventions. Special purpose vehicles, usually domiciled offshore, are widely used in Islamic financing, as they are a crucial tool in the implementation of Islamic bonds, or Sukuk, which pay investors in profits rather than interest. The charitable income distribution scheme, Zakat, also creates high volumes of transfer activity that need to be screened for compliance.

Complex naming conventions, scarcity of adequate data and volumes of false positives has meant financial institutions in the region have had to be even more cautious in their approach.

False positives add a layer of cost and complexity to customer onboarding and screening. As such, the customer relationship could suffer; if extra checks are for enhanced due diligence, a normally rapid on boarding or transaction screen can be significantly delayed.

The Risk for Correspondent Relationships

Rightly, compliance with AML/CFT legislation is a priority for banks, payment service providers and other NFIs (Non-financial institutions) in the Middle East, not least because banks’ desire to minimise AML risk has had a significant impact on correspondent banking relationships (CBRs).

Derisking by many global banks has led to a marked decline in CBRs in any jurisdiction that is perceived as high risk, irrespective of the reason. Accuity research found a 25% reduction in CBRs between 2009 and 2016, partly driven by regulatory demands and enforcement actions against institutions that breach AML laws.

The Middle East has been hit particularly hard; a joint survey by the Arab Monetary Fund, World Bank and International Monetary Fund found that about 40% of respondents in 17 Arab countries had experienced a significant decline in CBRs.

The correspondent banking network in the Middle East has been complicated recently by the flurry of consolidation; around 20 institutions in the Gulf, responsible for assets of more than US $1 trillion, are in merger talks or have recently agreed to a deal. But a reduction in choice of correspondent banks in the region does not negate the need for strong compliance – in fact, it reinforces it.

Compliance, Screening and Reputation

The implementation of effective, efficient AML and sanctions screening across the region would send a clear message that the Middle East has arrived on the global financial stage.

Financial institutions across the Middle East have recognised this, which is why we have seen a trend for institutions to screen domestic transactions as well as international payments – which isn’t yet required by law.

A recent report by Deloitte highlighted that financial institutions and companies in the Middle East are ‘becoming increasingly proactive about financial crime compliance’. But if the region is to avoid the many consequences of de-risking, it added, ‘countries will need to demonstrate that a sound AML/ CFT framework is in place, and will need to coordinate on a cross-border compliance level.’

We believe the potential hurdles to effective screening in the Middle East can be overcome with the right mind-set, knowledge, regional focus and resources. Financial crime screening solutions that are fuelled by high quality sanctions, PEP and screening data will be a crucial component to achieving success in this complex compliance environment.

To learn more:

Accuity is hosting a webinar “The Financial Crime Screening Landscape in MENA”. The webinar will deeper explore some of the challenges raised in this article and delve into greater detail as to how to overcome them. Register here.