Financial Crime World

Korean Financial Institutions Navigate Customer Due Diligence Compliance under Anti-Money Laundering Law

In the financial services industry, adhering to Anti-Money Laundering (AML) regulations is mandatory. These regulations aim to prevent financial transactions linked to money laundering or terrorist financing, requiring professionals to identify and assess the risks associated with maintaining a business relationship.

The primary legislation governing AML in the Republic of Korea is the Specified Financial Information Act. This act was enacted on September 27, 2001, and came into effect on November 28, 2001. The Korea Financial Intelligence Unit (KoFIU) is responsible for implementing and enforcing these regulations.

Customer Due Diligence (CDD)

Financial institutions in Korea must follow a meticulous CDD process under the Specified Financial Information Act. This process encompasses:

  1. Verifying a customer’s identity: In accordance with the Act on Real Name Financial Transactions, financial institutions must confirm the real name of their customers before processing a financial transaction. KoFIU has outlined specific procedures for this identification process in the Enforcement Decree and the Business Regulation on Anti-Money Laundering and Counter-Terrorist Financing.

  2. Confirming ownership and transaction purpose: Financial institutions must verify the ownership and transaction purpose of their customers during the onboarding process.

  3. Assessing the sources of funds: Financial institutions need to assess the origins of their customers’ funds to ensure they are not derived from illegal activities.

Outsourcing CDD

Despite the requirement for financial institutions to perform CDD, there is flexibility regarding outsourcing these checks to third parties. According to the KoFIU’s Business Regulation on Anti-Money Laundering and Counter Terrorist Financing:

  1. Financial institutions can identify customers through third parties if specific requirements are met for customer identification with financial companies.

The Financial Services Commission (FSC) has noted that identity verification for customers can be outsourced to other financial institutions as long as the Article 53 requirements are satisfied.

Relying on Third Parties

However, relying on third parties that are not obligated by law to comply with AML regulations, like WebID, IDnow, or PostIdent, comes with some limitations. While outsourcing KYC procedures is allowed, Non-compliant CDD methods seem unlikely to be permitted due to the following reasons:

  • Tightly regulated KYC procedures under the Specified Financial Information Act.
  • The purpose of Article 17 of FATF Recommendations.

Inspections and Regulations

Outsourcing duties of CDD is subject to inspection and supervision from the Financial Supervisory Service (FSS) under Article 43 of the Financial Investment Services and Capital Markets Act (FISCMA). While there’s no special license requirement for the third party, financial institutions are responsible for ensuring that the outsourced duties are carried out in accordance with the regulations.

Conclusion

With the intricate AML regulatory landscape in the Republic of Korea, financial institutions must navigate the requirements for customer due diligence while also considering potential outsourcing options and the role of third parties. A clear understanding of the legal framework and KoFIU’s guidance on these matters will help ensure compliance and effective risk mitigation.