Complexity surrounding Beneficial Ownership data is undoubtedly a big challenge. Faced with increased scrutiny of Beneficial Ownership transparency, financial organizations need to establish effective data collection, identification and verification processes to meet strict regulatory requirements.
But while the requirement for granular identification and verification has intensified, access to the relevant information is still limited. Most Beneficial Ownership investigation relies heavily on customer self-certification as well as information held by company registries and financial institutions, Trust and Company Service Providers, regulatory bodies or authorities. However, many of these sources have limited or no access or contain unreliable, incomplete data. Although there is much anticipation surrounding the creation of central registries, only the UK has introduced a Beneficial Ownership public register.
Covering the Bases of Beneficial Ownership
Waiting for the creation of central registries is an unrealistic proposition as is relying solely on customer self-certification. Know your customer (KYC) and customer due diligence best practice should include self-certification, integrating/cross referencing with registry data as well as available Beneficial Ownership data against sanctions, watch lists and politically exposed persons (PEPs) together with adverse media and open source findings (i.e. Google) for enhanced due diligence.
Utilizing a reputable third-party data provider therefore is a good way to capture required Beneficial Ownership data. As well as having expertise across geographic territories, data providers are able to show the client’s entire family network, all layers of parents up to global ultimate, subsidiaries and affiliates, key principals, even key customers of customers, which are all important to identifying and verifying Beneficial Ownership. Dun & Bradstreet for example gathers data from 30,000 sources across 20 countries, owning more than hundreds of millions entity records, 19 million global linkages and local data capture for in excess of 90 million shareholder connections with checks run against sanction lists, PEPs, stock exchange and regulators’ lists. Key to this is the utilization of the Dun & Bradstreet D-U-N-S® Number — a unique nine-digit identifier for businesses. The D-U-N-S Numbers allow for data to be easily integrated into enterprise data management and propriety processes. It is then accurately referenced and linked to help ensure that the data needed is accessible when required, comparable for quick analysis and research. It also provides the ability to easily access relevant documents and information.
Third-Party Data Provider Checklist
Organizations need to carefully evaluate the risk associated with third-party data providers before adoption of any data. The compliance function needs to asses third-party risks associated with Beneficial Ownership and entity ownership data and implement effective controls accordingly. The following questions should be asked when assessing a third-party data provider for help establishing Beneficial Ownership:
- Data Accuracy and Granularity – How accurate is the entity ownership structure? Does it cover all the layers up to the global ultimate parent? What is the percentage of ownership traced?
- Data Freshness – How frequently is data refreshed and what triggers a re-fresh?
- Data Coverage – How many geographic regions does the chosen third-party data provider cover, and what is the percentage of entities covered in each region compared to the total number of registered entities?
- Data Security – How is data transferred between the third-party data provider? How is it handled and stored within the provider organization and is there any risk associated with data privacy, confidentiality breach or other security risk?
- Legitimacy, Consistency and Reliability – What are the data origins and collection methods? Is the process/procedure legitimate and reasonable? How consistently is the procedure being followed and does the third party have a compliance program in place?
- Stability – Consider how long the third-party data provider been in business, its size, reputation and financial performance.
- Integrity – How well does the provider’s data integrate into your existing corporate systems and adapt to any future upgrades?
Get it right, and third-party data append could give your organization reliable, accurate and timely customer information as well as eliminate the time, cost and issues associated with creating an internal research team.
For more information on single customer view, download our whitepaper Beneficial Ownership - Why The Devil Really is in the Detail.