What is a Corporate Registry and How Does It Help Fight Money Laundering?

Getting to the bottom of who benefits financially from corporate entities is crucial for effective Know Your Customer (KYC) and anti-money laundering (AML) programs. Without a clear understanding of all the parties involved, it is difficult to determine the rationale behind account activities and financial transactions, let alone perform meaningful investigations.

Understanding corporate structures, the ultimate beneficial owners (UBOs) of corporate customers and transaction counterparties adds context to every customer profile and transaction, allowing FinCrime teams to make better decisions. Without accurate and up-to-date ultimate beneficial ownership (UBO) information, money laundering activity can go undetected because corporates may:

• Use overly complex corporate structures to make it harder to understand controlling or beneficial parties
• Disguise the identity of people involved, in particular, if they are known or suspected criminals
• Hide the real purpose of their account or property
• Obscure the source of their funds

Corporate registry information, while not perfect, can fill in the gaps and go a long way in helping financial institutions make more informed decisions.

What is a corporate registry?

A corporate registry is a centralized repository that holds information regarding corporations registered in a jurisdiction. It is an authoritative source of legal entity data.  

Corporate registries typically include the following basic information for each corporate on the registry:

• Company name
• Proof of incorporation
• Legal form and status
• Address of the registered office
• Basic regulating powers (e.g., memorandum and articles of association)
• List of directors
• For jurisdictions where this exists, a unique identifier, such as a tax identification number

This information is outlined in Recommendation 24 from the Financial Action Task Force (FATF).

Ultimately, registries provide a method of disseminating information about the companies operating within a jurisdiction. FATF recommends that corporate registries be public. This allows financial institutions (FIs), authorities and other relevant parties quick access to corporate data relevant for business or compliance investigations and processes. 

Why must companies register themselves?

To legally operate within most countries, a business will need to register themselves. Without registering their business with a corporate registry, a business has no legal protection and also does not have any authority to operate legally. Often times, illegitimate companies will register themselves, despite their criminal nature, because corporate registration provides several benefits. It allows them to:

• Legitimize their company in the eyes of potential customers and the government, despite any ongoing illicit activities
• Apply for business loans or open a business bank account, allowing criminals to use the financial system for business operations and money laundering
• Handle business taxes, like sales taxes, use taxes, and employee income taxes
• Obtain discount rates or recognition via programs or listings only available for businesses, minimizing costs and maximizing criminal proceeds
• To limit the UBOs’, controllers’ and directors’ financial liability and loss should the company become illiquid or face litigation 

What corporate registries are available?

A majority of countries around the world maintain a centralized corporate registry with companies registered within their jurisdiction. The map below highlights which countries around the world commit to maintaining a central registry and whether it is open to the public. One well known example of a corporate registry is the U.K. Companies House.

Source: Open Ownership

The value of using corporate registry data

FIs can derive vital information from corporate registries to help them onboard customers, manage customer relationships and fight financial crime and money laundering. This can lead to a better understanding of UBOs and the risk present across the customer lifecycle:

1. Client onboarding

During onboarding, FIs must verify each customer’s identity. Corporate registries are a valuable source of information to check customer-provided data. FIs cannot reliably make risk-based decisions on offering services to a new customer without verifying customer information.

2. Continuous ongoing monitoring

Financial institutions must review their customer risk ratings throughout the working relationship, not just during onboarding. This means tracking changes in the company status, directors or controllers, domicile, corporate structure and other relevant categories. Corporate registries are key information sources for understanding a client’s changing risk profile.

Corporate registries can also be used to better understand the risk of the corporate counterparties an institution’s customers are doing business with, often referred to as Know Your Customer’s Customer or KYCC. Financial institutions can automatically cultivate profiles for transaction counterparties using entity resolution and third-party data to build profiles. By enriching with corporate registry data, institutions can understand the corporate structure and underlying UBOs, controllers, and directors of parties their customers are doing business with. They can use this information to further screen related parties for sanctions, assess network risk and risk propagation, and factor in risky relationships to the customer risk rating process. This allows them to more proactively and continuously manage risk.

3. Suspicious activity investigations

To properly investigate suspicious activity, FIs must have access to accurate and complete corporate information that can be traced back to its source. Corporate registries can enrich customer provided information, when necessary.

The challenges with using corporate registry data

Unfortunately, the level and quality of corporate registry data vary considerably from country to country. Many corporate registries act passively, only adding or updating company information when asked to by the business itself. Financial institutions wanting to use corporate registries in their financial crime and compliance program need to take data quality into account to ensure reliable decisions are made.

Most national corporate registries do not offer free and complete access. Typically, they provide basic information for free, such as the name and location of a company, and charge for further details. Other countries only give information to people inside the jurisdiction or specific bureaus; i.e., you need to be inside the country or within law enforcement to access the complete corporate registry. This can present challenges to financial institutions wanting to validate customer-provided data or enrich their programs with greater intelligence.

While there should be an international drive for high-quality, free, and comprehensive corporate registries, FIs looking for the information they need have another option: private corporate registries.

These are maintained by private, third-party companies charging subscription fees for access. They are particularly common for jurisdictions where the information exists, i.e., corporations are mandated to register their data, but it is split across multiple databases, or access is artificially restricted, such as needing to be in the country.

Do you have to use corporate registry data?

The regulatory landscape is not standardized. FIs can go a long way towards complete compliance by following the recommendations laid out by FATF. Under the CDD measures detailed in recommendations 10 and 22, FIs must verify the identity of their customers when:

• Establishing business relations
• Carrying out occasional transactions above USD/EUR 15 000
• Suspicion of money laundering or terrorist financing is present
• The FI has doubts about the accuracy of previously obtained identification information

FATF recommends countries require FIs to take reasonable measures to verify UBOs. FIs should understand the ownership and control structure of their customers. This includes the people with controlling ownership interest, or if there is doubt, the people controlling the owners by other means.

While none of this means FIs must use corporate registry data in their KYC and AML programs, they offer valuable information when determining corporate structures and UBOs. To the extent that corporate registry information is available, it can help FIs implement their CDD requirements, but organizations should not rely exclusively on information obtained from corporate registries.

Utilizing a primary trusted data source – The global corporate registry       

When trusted, corporate registries offer a critical source of information for AML programs. Unfortunately, not all registry data has the same value, and accessing national databases is a time-consuming and error-prone task. FIs must validate and consolidate data to compare against complicated global corporate structures.

NICE Actimize’s global registry database simplifies operations and improves ongoing monitoring by delivering a single authoritative source of corporate registry information directly to your compliance  program. It helps with KYC, AML and fraud checks, among other use cases. Our customers get the data intelligence they need to understand their client’s corporate structures, making it easier and faster to identityany risks they pose. We offer global coverage from 141 jurisdictions, 86 countries, and over 200 million companies.

Learn more about how you can incorporate corporate registries into your KYC or AML program, check out our site: Automate KYC & AML Compliance using Primary Source Data.