AML KYC Periodic Reviews and Renewals (Low, Medium, and High-Risk Clients)


Financial regulators require banks and non-banking financial institutions to perform AML KYC due diligence when onboarding a new customer and also on a periodic basis (6-12-18-24 years) throughout the life of the relationship.

Periodic KYC CTF reviews are conducted on a periodic basis to ensure that existing customer information is kept updated.

Your firm or compliance group should also perform periodic reviews to confirm that each customer’s assigned risk rating continues to reflect the appropriate AML risk rating.

In addition, conducting regular AML reviews ensures that your financial firm is able to capture any material change in the customer’s profile or any potentially suspicious activity that was not detected by the firm’s real-time transaction monitoring platforms.

The-AML-KYC-Onboarding-Lifecycle-Process-Flow

Image Source: AdvisoryHQ



When to Perform KYC Periodic Reviews

The frequency for performing KYC AML reviews varies across the financial industry.

On average, however, based on my years of managing large-scale AML implementation projects for top Wall Street firms, the standard frequencies are as follows:

  • High-risk clients: periodic AML KYC reviews should be conducted every 6-12 months
  • Medium-risk clients: periodic AML KYC reviews should be performed every 12-24 months
  • Low-risk clients: reviews should be performed every 24-36 months


What to Consider When Performing AML KYC Periodic Reviews

In general, when conducting periodic AML KYC reviews, AML and compliance officers normally review the elements below:

  • Review each customer's information: name, address, ID number, certificate of good standing (if applicable), and the customer’s original information to determine if there are any material changes
  • Rescreen each customer’s information against specially designated and country-based sanctions lists (OFAC lists)
  • In instances where there is a substantive change (i.e., a different country of residence), the compliance staff needs to reassess and reapply the risk rating for that customer
  • Review the types of transactions performed by each client and compare against the forecasted or anticipated account activity (normally performed via automated transaction screening tools)
  • Determine any potentially suspicious activities that were not detected by the firm’s real-time transaction monitoring platforms.


AdvisoryHQ (AHQ) Disclaimer:

Reasonable efforts have been made by AdvisoryHQ to present accurate information, however all info is presented without warranty. Review AdvisoryHQ’s Terms for details. Also review each firm’s site for the most updated data, rates and info.

Note: Firms and products, including the one(s) reviewed above, may be AdvisoryHQ's affiliates. Click to view AdvisoryHQ's advertiser disclosures.