Master client onboarding in accounting with our comprehensive guide. Learn about KYC, CDD, AML, and CFT checks to ensure legal compliance and risk management.
The first stage of any new accounting engagement is getting acquainted with your client. You need to know who this business is, what they do, what industries they trade in and who the main people or entities are in the company. Completing this onboarding and due diligence is vital, so you can have complete comfort that this entity is legitimate, lawfully trading and not carrying out illicit activities.
To help you get a handle on this onboarding process, we’ve outlined the key stages of the process, from Know Your Client, to Client Due Diligence and Anti-Money Laundering (AML).
Know Your Client (KYC) checks are a fundamental part of your initial client onboarding process *cough cough* and should be something you are constantly thinking about with every client interaction – the details you collect during this initial process are great, but so are the little tidbits you pick up along the way that help you to build a total picture of your client. Back to onboarding though – the chief aim of these KYC checks is to verify that your prospective client is who they say they are. In essence, you’re asking a very clear and straightforward question: is this a genuine organisation that exists as a legal entity, or could it be a front for illicit or criminal activity?
It can be a hard mindset to get into, but in a recent Firmcheck-hosted webinar, AML Advisor Dr Nicholas Gilmour mentioned the importance of “being suspicious about everyone… your best clients will be the most likely money-launderers hiding in plain sight”.
The first port of call in determining whether your client is who they claim to be requires you to go through several processes to check, verify and confirm their identity.
Check their legal name – request and verify the client's legal name as it appears on official documents, such as their birth certificate, passport, or business registration certificate. Make sure the name matches the name provided on the onboarding documents your client has completed.
Tip #1💡: Sometimes you might be provided with documents where there is a different surname, which could be due to a recent marriage, for example. But not all is lost, if you receive a passport with one surname, and then a utility bill showing another – it’s simply a case of asking the client for some further information so you can confidentially verify what’s correct. In the marriage example asking for a copy of the marriage certificate (and then verifying its authenticity) is one way to do this. You may also choose to cross check this with other public registers or publicly available information.
Check their trading address – verify the client's residential or business address through official documentation, such as utility bills, leases, or bank statements. Cross-check the address against publicly available records to confirm its validity.
Check their contact Information – collect the client's primary contact information, including their phone number and email address. Verify the authenticity of this information by requesting confirmation emails or test calls.
Tip #2💡: there are several ways you can collect this information, and quite often we hear it’s done manually, either in person, but sometimes through email. Consider the privacy implications of collecting documents or requesting information via email, especially with email scams on the rise – a great way to protect yourself during this data collection and verification process is to leverage one of the many different AML software out there – if you’re unsure on where to start you can read this guide on what could be right for you. Spoiler: Firmcheck isn’t always the best solution, it depends on your firm's processes, what other tools you may or may not be using, and how you typically engage prospective clients.
Once you’ve verified and got a better understanding of your prospective new client, you need to go one step further and assess the broader risk – this is where your Client Due Diligence (CDD) comes in as the next stage in the client onboarding process. Carrying out CDD is an integral part of the compliance process, helping you drill down on a deeper level into the entity's trading activities, background and suitability as a client.
Managing your risk as a firm is a big part of protecting your brand and reputation. CDD ensures you’ve got a complete picture of the client beyond just making sure they who are they say they are, thus reducing your risk of getting into a client relationship with a bad client. CDD also adds an additional layer in the combating of money laundering.
To tick all the right CDD boxes:
Request and review their official documentation – get copies of their business registration certificates or incorporation documents. Verify the business name, registration number and registered address against official records. Also check the identity and ownership interests of any individuals or beneficial owners who hold significant control or ownership of the client.
Verify the client's ownership structure – get a handle on the legal structure of the entity, for example, are they a sole trader, partnership or a limited company. Review the corporate documents, such as articles of incorporation, bylaws, or partnership agreements, to confirm the ownership structure. Identify, verify and confirm the roles of the key personnel, including directors, officers and authorised representatives.
Gather information about the client's business activities – collect detailed information about the client's business activities, including their industry, products or services, target market and competitive landscape. Understand the client's revenue streams, cost structure and key financial performance indicators (KPIs).
Review the client's financial statements – review the client's financial statements, including their balance sheets, income statements and cash flow statements. Analyse the financial statements to assess the client's financial health, profitability and liquidity. Look for any potential red flags, such as high debt levels, unusual transactions or discrepancies between their financial statements and other information.
Perform background checks on the client and key personnel – conduct thorough background checks on the client, their directors, officers, and key personnel to identify any criminal records, adverse media mentions, or bankruptcy filings.
Verify the source of funds and wealth – investigate the source of the client's funds and assets, so you can be sure they’re legitimate and not linked to any illicit activities. Scrutinise their financial transactions and verify the origin of all funds, wealth and assets.
Implement enhanced due diligence when necessary – for high-risk clients or those with complex financial structures, conduct Enhanced Due Diligence. This may mean adding in verification steps, monitoring of transactions and ongoing risk assessments.
KYC and CDD essentially become part of your overall AML assessment or ‘check’, but AML checks aren’t just one-and-done.
A critical component of protecting your firm's reputation and also remaining vigilant to potential signs of money laundering is ensuring you keep on top of your client relationships. And from an AML compliance perspective that means establishing ongoing practices – this is one of the biggest gaps we often hear in discussions, and a recent ICAEW report also identified that ongoing management of due diligence and AML is something where firms have a gap.
Establish a transaction monitoring system – put a transaction monitoring system in place to flag suspicious transactions and potential money laundering or terrorist financing activities. Set the parameters based on your previously carried out risk assessments and industry norms for the client’s specific sector.
Conduct regular risk assessments and reviews – regularly review the client's risk profile and update your due diligence procedures accordingly. Adapt your risk assessments based on changes in the client's business, financial health and activities – it’s essential to do this at least once per year, but if there are obvious changes in client behaviour, or you add more services then you should be updating and reviewing your risk assessment accordingly.
Report suspicious activities to the authorities – it’s mandatory for your firm to report any identified suspicious transactions or potential money laundering or terrorist financing activities – this is done by submitting a suspicious activity report (SAR) to the UK Financial Intelligence Unit (part of the National Crime Agency).
Getting acquainted with the background, finances and personnel of any potential new client is an incredibly important part of your onboarding process.
As you know there is a lot to get through to meet your compliance obligations, both during onboarding and the ongoing management of clients, and just for fun, there are too many acronyms to wrap your head around. But bringing together your KYC, CDD (and potential EDD elements) into one place doesn’t need to be a challenge every time you onboard a new client.
Firmcheck helps you:
Build a more organised AML process by bringing your KYC and CDD into one place
Create a more secure environment for your customers and your firm – no more paper or photos of passports sent via email
Easily understand who to verify, and reduces data duplication across systems with our link to Companies House
Manage existing clients periodically and conduct ongoing reviews in just a few clicks.
Book a Firmcheck demo today and see how managing AML compliance, and documenting KYC and CDD can be as easy as ABC.
Latest news, events, and updates on all things app related, plus useful advice on app advisory - so you know you are ahead of the game.