Know Your Customer (KYC) : Know Your Customer is the process of verifying the identity and integrity of customers. European regulations require this verification in order to prevent corruption, money laundering, tax fraud and the financing of terrorism (AML-CFT). Changes in the regulatory framework (EBA, Sapin 2, AML-CFT...) requires certain establishments to extend their knowledge of their suppliers: Know Your Suppliers(KYS).
KYC remediation: KYC remediation involves updating, cleaning up and periodically reviewing the information you hold on your customers. You hold your customers' information in documents such as IDs, KBis or any other required document. This data needs to be regularly updated in line with the regulations in force in your industry and the level of money laundering risk assigned to your customer based on his or her information. AP Solutions IO screening tools fully automate this process, filtering information through millions of records (see list quality).
AML-CFT The fight againstmoney launderingand terrorist financing. With the constant evolution of regulations, this has become a major concern for companies, which are subject to heavy fines in the event of non-compliance, and can engage the criminal liability of company directors.
- Before entering into a business relationship: obligation to identify the " Beneficial Owner"; even for an occasional customer, and to screen the lists of Global/Regional Sanctions, Assets Freeze, Politically Exposed Person, RCA Relatives and Close Associates, Unfavorable Media, identification of countries and currencies under embargo...
- Throughout the business relationship: the third-party repository must be constantly updated, and any change in information (such as an IBAN change, company closure or merger, etc.) must lead to a new verification by the teams in charge. PEPAny change in information (such as IBAN changes, company closures or mergers, RCA exposure, etc.) must be re-verified by the teams in charge, so daily screening is a must.
- At the end of the business relationship: once the Ultimate Beneficiary's account has been closed, all related documents and information must be archived for a period of 5 years.
AML (Anti-Money Landering): The term anti-money laundering, or AML, refers to laws, regulations and procedures designed to combat financial crime. Although anti-money laundering laws cover a limited range of transactions and criminal behavior, their implications are far-reaching, covering all types of business today, far beyond financial services alone.
LAC : WrestlingAnti-Corruption, Fight against corruption. The Sapin 2 law requires companies with at least 500 employees to implement preventive anti-corruption measures, yet 70% of companies claim to have set up preventive measures, according to a survey by the French Anti-CorruptionAgency(AFA). The AFA survey is one of the objectives of the multi-year national anti-corruption plan of January 9, 2020.
Companies subject to the Sapin 2 law must set up a procedure to evaluate third parties - customers or suppliers, JV partners or acquisition targets - to ensure that they offer guarantees of probity in line with the company's requirements. Our tools are here to help you!
Export Control: Manufacturers, exporters, financial institutions and insurance companies are all subject to exportcontrol rules, and can be held liable, at the very least, on the grounds of complicity and/or AML/CFT regulations.Export control, which involves checking compliance with international sanctions and trade embargoes , is now a key concern for regulators and companies alike. AML-CFT to verify that the customer's transaction is not subject to international sanctions or trade embargo.
Sapin II Act: With the Sapin 2 Act, France has introduced innovative tools to effectively detect, prevent and punish corruption and breaches of probity. The law aims to respond to the aspirations of the French people for transparency, ethics and justice in economic matters. "Ethics must be the compass of public and economic life", declared Michel Sapin, for whom "this text will contribute to making our country a modern democracy, based on solid values, and not a democracy of suspicion. It will help build an economy that serves everyone" and eliminate "unbridled finance at the service of corruption and speculation.
Assets FreezeAsset Freeze
Freezing assets is an economic and financial sanction in the fight against terrorism and money laundering. The freezing of assets is designed to restrict access to the financial resources of any person committing a breach of the law AML-CFT. In concrete terms, any change in the volume, amount, location, ownership, possession, nature and destination or use of funds or economic resources will be blocked by these measures.
The consequences of freezing assets are diverse:
- General or targeted import or export restrictions;
- Restrictions on access to financial markets, prohibitions on granting loans or credit, transferring funds or providing insurance or reinsurance services.
International Sanctions & Embargoes
Transaction screening is an obligation AML-CFT to check that the customer's transaction is not subject to an international sanction (counterparty under sanction) or trade embargo (restriction of activity for certain countries).
Navigating through all the regulations, lists and appendices relating to sanctions and embargoes, as well as the relevant jurisdictions, can be a real obstacle course! The importance of the stakes associated with non-compliance with these principles has quickly become apparent to all business players. The fines imposed by the regulatory authorities have multiplied, culminating in a sad record of $8.9 billion to be paid to the US Treasury by a French company for circumventing an embargo!
The analysis must first determine whether the operation or transaction is likely to fall under one or more economic sanctions regimes (national, EU, US and international sanctions).
It must also present and assess the other risks associated with the transaction, such as reputational or operational risks directly linked to financial flows, or the AML/CFT risk associated with trade finance. Precise documentation of all the analysis, contextual elements and regulatory framework must be traced, dated and archived. Our solutions support you in managing, analyzing and tracking these risks.
Politically Exposed Persons(PEP) are people who are considered, at international level, to be exposed to "higher risks" of money laundering or corruption. These are people who exercise, or have ceased to exercise for less than a year (our detection criteria allow this period to be modified), political, jurisdictional or administrative functions on behalf of France, a foreign state or an international organization.
Relativesand Close Associates. These are people close to PEP, such as spouses, children and parents. Persons closely associated with PEPincluding through a company or legal structure (such as a trust), or who have a close business (commercial or economic) relationship. Beyond this regulator definition, and depending on your risk appetite, we can go even further in the granularity and completeness of the information to be processed, thanks to the power of our third-party relationship filters.
Adverse MEdia (AME) or Negative News
The broad spectrum of offences linked to money laundering has made it necessary, since the European Union's 6th Anti-Money Laundering Directive (6AMDL came into force at the end of 2020), to adjust the filtering process on negative press to ensure correct identification of breaking news about customers or third parties. Given the amount of work this process would entail, automating the filtration of negative media is an indispensable tool for sorting and prioritizing new media information, and assessing the extent to which it could alter a customer's risk profile or damage your establishment's reputation .
The third party being assessed is not limited to the "apparent" or "facial" third party. The notion of beneficial owner is the result of the transposition of the 3rd Directive AML-CFT and establishes the criteria of holding more than 25% of the capital or voting rights of a client company, and of exercising, by any other means, a power of control over the company within the meaning of the French Commercial Code. As a result, reporting organizations are required to identify and verify the identity of the beneficial owner of their customers in a business relationship. The documents collected for this purpose must be regularly updated, just as for the customer in a business relationship. The 4th Directive AML-CFT has clarified the notion of beneficial owner. In this respect, the introduction of the Beneficial Owners register of companies - kept by the commercial courts - is an aid for reporting bodies, without exempting them from their obligations to identify and verify the identity of Beneficial Owners. Since the 5th Directive, it has been stipulated that a proof of registration or an extract from the register containing information relating to Beneficial Owners must be collected by reporting bodies when entering into a relationship with a legal person or entity covered by the registration obligation.
ORIAS: ORIAS registers intermediaries (legal entities or individuals in France) in insurance, banking and payment services (IOBSP), financial investment advisors (CIF), tied agents for investment services (ALPSI), participatory finance advisors (CIP) and intermediaries in participatory finance (IFP). By filtering these lists, our tools enable you to check the validity of the Orias number, the accreditations obtained and the expiry dates of these accreditations.
INPI: Financial analysis, decision support, statistics... The French National Institute of Industrial Property (INPI) is making it possible to consult - in downloadable form - non-confidential information from the annual accounts of French commercial companies, compiled in the National Register of Commerce and Companies (RNCS).
Data INPI: what data is available?
company legal identity data from all commercial court registries, centralized by INPI in the National Trade and Companies Register (RN CS): e.g. date of creation, registration, legal form, share capital, company name, trade name, acronym, principal activity, representatives, Beneficial Owners, and addresses of establishments. These data can also be used to track the life of a company: modifications and deletions, data relating to articles of association and company deeds, as well as non-confidential annual accounts (balance sheets, income statements, fixed assets, depreciation and provisions).
OPEN DATA: Open Data or "open sources" refers to all activities and methods for disseminating, collecting and analyzing information obtained from a public source, i.e. information available to everyone. These sources include newspapers, websites, books, scientific magazines, radio broadcasts, television programs and so on. In addition, there are many other public databases that have emerged from the general movement to open up public data.
Open sources can contain reliable information, but they can also contain information that should be treated with caution: false information, information whose validity is outdated, or whose basis is subjective or biased. This is why AP Solutions IO does not include screening of unverified sources as standard, but can integrate any type of OPEN DATA list you wish, depending on your risk appetite.
An anti-corruption or AML-CFT includes a preventive procedure to assess the integrity of third parties. The aim of this assessment is to guard against the risks of a breach of probity to which an organization is exposed by its relationship with a third party, be they customers, suppliers and service providers, intermediaries, subcontractors, holders of public contracts, concessionaires, delegatees, beneficiaries of subsidies, users, partners, etc., i.e. any natural or legal person with whom the company has a relationship and who may expose it to potential risks of a breach of probity.
APScan allows you to identify sensitive individuals: people under sanctions/asset freezes (national, EU & international sanctions, Assets Freeze), politically exposed persons (PEP) and their relatives (RCA - Relative & Close Associates), reputational risks / negative press (AME - Adverse MEdia), Country risks (EmbargoVigilance), other open data lists...
This detection is done using fuzzy logiclogic imposed by regulations.
Identity verification is carried out upstream ofAPScan using an internal tool where you have collected information on the third party and supporting documents. The more qualitative input data we have: Last name, First name, Gender, Date of birth, Country of birth, Nationality, SIREN... the more our filtering limits false positives. AP Scan integrates more than 70 parameters, enabling us to precisely define the alerts to be excluded during sanctions / / Adverse Media screening . PEP / Adverse Media screening.
APScan performs data enrichment:
- Obtaining the Beneficial Ownersfor a legal entity: the Sapin II - Anti-corruption law, even requires that companies subject to the law check that the BEs declared by their Third Parties (customers, suppliers...) are the same as those referenced by the authorities,
- Possibility of obtaining additional information about the legal entity,
- Verification of the validity of the Orias number (Organisme pour le Registre unique des intermédiaires en assurance, banque et finance, an association under the law of 1901, under the supervision of the French Treasury).
A report of suspicion must be made before a transaction is carried out, to enable Tracfin* to exercise its right of opposition. This report must also be made without delay in the event of suspicion arising after the transaction has been carried out.
*TRACFIN is an intelligence service under the authority of the French Ministry of the Economy, Finance and Industrial and Digital Sovereignty. It contributes to the development of a healthy economy by combating clandestine financial circuits, money laundering and the financing of terrorism.
Professionals must therefore refrain from carrying out any transaction they suspect may be linked to money laundering or terrorist financing. The law does not set a threshold for reporting suspicions. Tracfin must be informed without delay of any new element that may invalidate, confirm or modify the content of the report. Professionals are required to keep all documents collected as part of their vigilance for a period of 5 years.
Without a powerful detection and filtering tool AML-CFT it's virtually impossible to meet your reporting obligations, which in the event of non-diligence can result in heavy fines and criminal liability for the manager!
Measures can be implemented and monitored using our follow-up system. Depending on the due diligence carried out, APScan displays a list of actions to be taken. You can check off the action as it is taken. You now have all the information you need to analyze and make your mandatory declarations to TRACFIN.
Artificial Intelligence is becoming less and less intelligible(Black Box). Users want and need to understand how a program's AI works, and how to evaluate the results obtained(Glass Box). In terms of AML-CFT traceability and explicability are, according to regulators, absolutely mandatory. Justifying a recommendation does not depend on the illusory transparency of the algorithm, but on the traceability of the rules used to build it.Augmented Intelligence, by combining Human, Collective and Artificial Intelligence, guarantees both the Justification and the Legitimacy of the decisions made, because it puts the human at the center of the decision and the machine at its service.
AP Solutions IO offers you high-performance detection & reduction intelligence that's perfectly traceable & explainable, for justified recommendations that lead to legitimate decisions.
Our intelligent automation solutions make it possible to limit the need for human intervention in repetitive, time-consuming or low value-added tasks, while securing the analysis of your flows in real time (up to 98% fewer false positives...) Result 100% Compliance, 100% Aligned with your risk appetite, 100% Fast
Under the anti-money laundering and combating the financing of terrorism (AML-CFT), companies must monitor their customers' activities using automatic person and transaction filtering systems, which generate alerts on suspicious persons or financial movements. These alerts are then validated or dismissed by the company's compliance officer. Confirmed suspicious cases are consolidated in the form of a "suspicious transaction report", which must be forwarded to the Treasury Department or the Tracfin financial intelligence unit.
Regulations require detection using fuzzy logic, i.e. detection with orthographic, graphic or phonetic approximations...
This imposed detection typology leads to the generation of numerous suspicions known as " false positives". The more suspicions there are, the more business is slowed down, and the more company operators have to manually review customer files.
Our tool for detecting sensitive transactions or people offers powerful reduction engines. This step consists of eliminating false positives "The result is up to 98% reduction in false positives!
It is essential, particularly in the event of an inspection by a regulatory authority, to be able to explain and demonstrate the reasons for automatically eliminating a suspicion. Finally, all these steps would be in vain if the tool were not connected to the information system, CRM, ERP... of the companies, subsidiaries with this need for detection.
The Bad Guy is, by contrast, the listed entity that has matched on part of the transaction. These are the individuals or entities simply present in the lists. This ultra-simple practice is taught to you during the commissioning of your tools.
API : API stands forApplication Programming Interface. An API enables remote access to an application's functions or data, generally from another application, via a standard application interface. A request is sent to the target software, if possible respecting open standards.
Saas : Software as a Service(SaaS) is a distribution model for hosted computer applications available via the Web. The SaaS solution offers improved access to data from any networked device. It makes it easier to manage privileges, control data use and enable everyone to consult the same information at the same time, in complete security.
- Alert generation
- Qualification of whether the alert is TRUE or FALSE (called a False Positive)
- Third-party due diligence (generally results from the qualification of alerts) :
- Establishing a risk level
- Define the category of Third Party (SCT, PEP, AME...)
- Customer decision: ACCEPT (+ level of vigilance), REFUSE
These steps enable fine granularity of the processing carried out vis-à-vis a Third Party.
APScan goes one step further with a profiling system that lets you automate part of the risk classification process, based on fully configurable scoring rules.
Users can export reports, or individual sheets, to demonstrate that mandatory due diligence has been carried out.
In addition to stand-alone mode APScan can also be integrated into an Information System (IS) thanks to its " Full API* " architecture. Our tools use the latest standards in terms of API/Web Services, giving you simplified connection/integration.
(*) API API stands forApplication Programming Interface, a software solution that enables two applications to communicate with each other.
(*) CRM (Customer Relationship Management). A set of tools implemented by companies to optimize customer relations, build customer loyalty and increase sales.
(*) HRIS: An HRIS, or Human Resources Information System, is a system that integrates several software packages to manage - and sometimes automate - a number of human resources functions. Depending on the solution implemented by the company, the HRIS may cover employee identification, payroll management, career development, training and recruitment.
Technologically, our API is designed according to the latest market standards: Web Service in REST/JSON format with a secure OAUTH2 authentication system (Bearer Token). The no-code feature lets you evaluate the full power of our solutions simply and in real time.
Our solutions feature a comprehensive security package: Secure data transfer using https encryption with certificate, segregation of spaces using an application China wall, non-reversible password storage / Encryption of attached documents / Regular data backup (main and backup servers) / Data located and backed up in France / BCP / DRP ...
We ensure the integrity, confidentiality and traceability of content throughout the entire process, from capture to long-term preservation.
(*) GDPR The acronym GDPR stands for General Data Protection Regulation (GDPR). GDPR provides a framework for the processing of personal data within the European Union. The legal context is adapting to keep pace with changes in technology and our societies (increased use of digital technology, development of online commerce...).
(*) Saas: Software as a Serviceis a distribution model for IT applications in which a third-party provider hosts the applications and makes them available to customers via the Internet.
- In terms of the perimeter used,
- Update frequency,
- Time for re-screening relationship entries (EER) and customer portfolio.
In addition to the search engine, the entire compliance system is audited by the regulators. This must be fully aligned with the company's "theoretical" compliance policy, hence the need for a flexible, configurable tool... But above all, precise and complete traceability and explicability.
The more than 70 parameterization criteria of our tools enable a very fine granularity in the implementation of the Compliance Policy compared to the "theoretical" compliance policy. APScanis the tool that adapts to your policy, not the other way around!
Supervisory authorities are very sensitive to the alignment of practice and theory. This setting also makes it possible to automatically reduce a large number of alerts and thus automate decisions. Fewer alerts to review =
- Fewer operators/users required (HR cost optimization)
- Business fluidity (less waiting for file validation = less prospect abandonment = more signatures)
The solution also automates the daily updating of the various lists, and screens the entire customer portfolio (database) at no extra cost. Of course, previous alerts that have already been reviewed do not need to be revised. Only new and/or updated alerts need to be reviewed by users/operators.
So that users/operators don't have to log on to the application every day, APScan can inform them only when alerts are due for review, by email notification.
- Compliance (obligations, regulations, etc.),
- Operational (review of alerts, etc.),
- Product (needs, functionalities...),
This expertise means we can meet any challenge without ever being caught out. This will reassure you in your choice during the Demo, Project and Consulting phases. Our expertise also enables us to keep a close watch on regulations , so as to anticipate future constraints and ensure that we have a firm grasp of current ones.
Fewer alerts to review = Fewer suspicions to clear
- Fewer operators/users required (HR cost optimization)
- Business fluidity (less waiting for file validation = less prospect abandonment = more signatures)
Subscription fees depend on the number of third parties to be filtered, and the type of lists selected for filtering. There are no license fees, the number of users is unlimited, and there are no start-up costs. Subscription is for 12 months, renewable, with the option of leaving free of charge during the first 3 months.
Billing is based on the number of names screened, regardless of the number of queries on a given name. 1 record is valid for the entire annual subscription, with an unlimited number of screenings. If you perform 5, 10 or 100 queries on the "Dupont" client, the billing remains the same... 1 unit. In other words, billing is not based on the number of queries, but on the number of customers filtered; whereas some companies bill by the number of screenings, knowing that it is mandatory to screen your portfolio of Third Parties on a daily basis!
A starter kit is included in our offer - technical support (referencing and opening of authorized accounts, etc.) and functional support (study of "false positives", etc.). false positives "study, configuration, training...). Thereafter, support is ongoing. Since AP Solutions IO owns all its resources, it's easy to modify or upgrade a few parameters. This is essential, as your needs will evolve over time, particularly when you are installing your first system.
Our interface has been optimized to allow rapid review of alerts, and a drastic reduction in "false positives". false positives ". Where it used to take more than twenty clicks to close a file, today with APScan, our latest-generation tool, you can do it in less than 3 clicks!
- Intermediate workflow statuses * (for different review/escalation levels**, for example)
- Reasons for " False positives"*** (providing a repository of reasons for disqualification, rather than "free text" comments = better reporting)
- Follow-Up actions ****
* A workflow is a series of steps linked to the processing of data, and is the modeling and management of business processes. In its simplest definition, workflow is the modeling and management of the tasks to be performed and the different actors involved in carrying out a business or operational process.
** An escalation procedure is the process of transferring a customer request to a specialist who can help. Escalation procedures are generally implemented when the customer's problem is too complex and requires specific expertise.
*** False positives occur when a system mistakenly considers an innocuous transaction to be suspicious and flags it for verification. If the compliance officer could identify false positives earlier, he or she could get on with more important tasks. AP Scan can drastically reduce false positives.
**** Follow-up literally means "to follow" or "to pursue". In fact, when we talk about follow-up strategies, we're implying that we've already made contact. Consequently, follow-up involves maintaining contact over time. This lead will be educated and progressively qualified until it becomes a customer.
Detection is instantaneous, thanks to a high-performance detection engine andFull-API integration with core-banking systems.
Filtering by data type (name, country, currency, BIC, IBAN, etc.) and an easily-configurable reduction engine minimize the number of suspicions, making your various transfers more fluid and risk-free.