Themanager of a bank’s KYC teamdiscovers that ahigh-risk customer’s activity was not reviewed last quarteras required by the bank’s internal compliance schedule.
What should the KYC team manager do?
A.
Submit a referral to file a Suspicious Activity Report (SAR).
B.
Remove the customer from the bank’s high-risk list.
C.
Contact the customer’s relationship manager to suspend account access until the periodic KYC review is completed.
D.
Evaluate the KYC review process to understand why the review did not occur as required and take corrective action as necessary.
RegularKYC reviewsensure that high-risk customersare monitored for potential changes in their risk profile.
Option D (Correct):TheKYC manager must determine why the required review was missed and implement corrective measures to prevent future failures.
Option A (Incorrect):A missed reviewdoes not necessarily indicate suspicious activity, so filing a SAR at this stage isnot appropriate.
Option B (Incorrect):Removing a customer from the high-risk list without reassessment is a compliance violation.
Option C (Incorrect):Suspending account access without due processmay belegally questionable.
Best Practices for KYC Compliance Management:
Ensure automated KYC review tracking to avoid missed reviews.
Conduct risk-based periodic reviews on high-risk customers.
Implement escalation protocols for overdue KYC reviews.
[Reference:, FATF Recommendation 10 (Customer Due Diligence), 6th EU AML Directive (6AMLD) on Periodic KYC Reviews, Wolfsberg Group Guidance on KYC Risk Management, , , , ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit