July 12th, 2018 | Melissa Kluttz, Sterling Talent Solutions
Mitigate the Risk: Best Practices for Employee, Client and Third Party Due Diligence in the Financial Services Industry
Hiring the right talent, maintaining accountability for those you hire and managing through the complex regulatory landscape has never been more important – and more challenging for financial institutions. Sterling partnered with Compliance Risk Concepts (CRC), a business-focused team of senior compliance consultants and executives, to publish the White Paper, “Employee, Client and Third Party Due Diligence: The Cost of Ineffective Monitoring Procedures.” We share the importance for the financial services industry to have the correct ongoing due diligence procedures in place for new hires, clients, third-party partnerships and vendor relationships. Operating with stale knowledge makes you vulnerable to increased operational and reputational risk, as well as potentially exposing client and firm resources and information to fraud and misappropriation.
The Financial Services Sector is Highly Regulated
Due Diligence is a fiber that is woven throughout the entire regulatory landscape, impacting various areas, including, but not limited to, cybersecurity, information security, custody and books and records. Many of the agencies that govern the financial services sector, such as Financial Industry Regulatory Authority (FINRA), the Securities and Exchange Commission (SEC) and the Foreign Corrupt Practices Act (FCPA), require stringent due diligence procedures.
Employee and Registered Representative Due Diligence Best Practices
When onboarding new hires and registered representatives, firms should obtain and verify information such as an individual’s education and work history, industry qualifications and certifications, criminal background checks and fingerprinting, credit checks, disciplinary information and outside business activities, among other things.
Businesses who operate in the financial sector should use a reputable FCRA compliant background screening vendor or follow up and confirm all screening information that they receive from new hires and reps to ensure its accuracy. Firms should implement ongoing screening processes and disclosure monitoring that cover a nuanced array of areas outside business activities, political contributions donor lists and ongoing credit checks among other things. Firms need to be sure that they are capturing the whole picture when it comes to reps and employees by screening professional and financial information as well as continuing criminal background checks.
Three factors that financial businesses should consider when performing due diligence for employees are:
- Data Collection: Businesses should develop a comprehensive process that will result in a detailed risk profile per individual.
- Monitoring: Companies should have ongoing monitoring tools which utilize comprehensive data points which can screen for factors that traditional monitoring might miss, such as criminal activity, liens and judgments.
- Verification: Organizations should have procedures in place to verify the information that is provided during data collection and monitoring process. Information should be reviewed from a variety of sources.
Client Due Diligence
Due diligence should be performed across the board. Reviewing clients is important to minimize risk. Under the Financial Crimes Enforcement Network’s (FinCEN’s) new Client Due Diligence rule, which went into effect on 5/11/2018, financial institutions should have Anti-Money Laundering (AML) processes already in place. Such procedures, as with Counterparty and Firm Representative Due Diligence, protect the organization’s reputation, limit exposure to litigation, fines or enforcement actions, and mitigate the risk of exposing client information and funds to fraud.
Regulators currently expect that financial institutions obtain customer information at account inception, compose a customer risk profile, and use this profile during ongoing monitoring to identify potential red flags. Firms should focus on the five principles:
- Identification and Verification
- Ownership and Control
- Certification Form
- Updating UBO Information for Existing Customers
Third Party and Vendor Due Diligence
Standardization is key when counterparty due diligence is concerned. Companies should strive to implement repeatable procedures for due diligence that include drafting standard vendor and third party due to diligence questionnaires, anti-money laundering checks, employee training, a multi-level approval process that leverages Compliance Department and adherence appropriate record-keeping practices. Financial institutions should use not the same but similar review practices, questionnaires, and recordkeeping practices for all applicable vendors and intermediaries to mitigate the risk of missing material information from even seemingly innocuous vendors, counterparties or relationships.
It’s no longer the case that vendors can be approved and be permanently classified as low-risk or “approved.” Vendors and counterparties must be engaged and performing, and constantly reviewed by the firm to confirm that they still meet initial criteria and that Due Diligence Questionnaires (DDQs) have been updated to account for any new concerns or regulatory implications.
Reputational and Operational Risks of Inadequate Due Diligence
While counterparty relationships are critical for the growth of an organization, they also expose it to various risks, including bribery, corruption, organized crime, money laundering or fraud. Non-compliance with anti-bribery and corruption and KYC/AML regulations, inadequate, or inappropriate due diligence processes can expose businesses to enforcement actions and fines, negative press and reputational damage, criminal penalties, sanctions against firms and covered individuals, and time wasted dealing with investigations and remediation. Continual monitoring, risk assessment and review of information are imperative to protect a business’s assets and personally to identify information.
Sterling helps the world’s top banks, brokerage houses, private equity firms, insurance companies and other financial services firms efficiently screen and hire top talent while maintaining stringent compliance standards. Find out more information about the importance of continuous due diligence monitoring to mitigate the risks in Employee, Client and Third Party Due Diligence: The Cost of Ineffective Monitoring Procedures.
This publication is for informational purposes only and nothing contained in it should be construed as legal advice. We expressly disclaim any warranty or responsibility for damages arising out this information. We encourage you to consult with legal counsel regarding your specific needs. We do not undertake any duty to update previously posted materials.