Skip to main content

Middle East in Focus: 4 Regional Challenges for KYC/CDD

Published Date

A primary element of the customer due diligence process is identifying the customer. KYC (Know Your Customer) guidelines are in place to ensure financial institutions can identify beneficial ownership and that they are not being used, intentionally or otherwise, for criminal activity such as money laundering. Furthermore organizations such as the Financial Action Task Force (FATF) strive to align regulatory regimes to an international standard for Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) programs.

However, compliance with these standards are more difficult in the MENA region due to specific cultural differences. In fact, the standard KYC data collection elements such as name, address and date of birth, do not always fit the mould of standard Western data collection forms.

There are four key differences between the Middle East and their Western counterparts that makes KYC or CDD (Customer Due Diligence) processes a little trickier.

1. Naming Conventions

Identifying a customer’s name sounds like an easy step. In the West, naming conventions typically include a first, middle and last name (or two given names and a family name). In the Middle East, however, there is a full chain of names which signifies a person’s family lineage. Naming conventions can differ significantly between Arab countries.

A traditional Arabic name can consist of at least five parts:

  • Ism: a given name;
  • Kunya: an honorific name indicating mother/father of;
  • Nasab: son/daughter of (either bin or bint);
  • Laqab: an epithet, usually descriptive or religious; and
  • Nisba: a surname

An example of a name consisting of these parts would be: Jawhara bint Saad bin Abdul Muhsin Al Sudair.

2. Transliteration Challenges

In addition to the different naming structure, there is also a large amount of discrepancy in terms of spelling. For example, the most popular name, Muhammad, can have dozens of different spellings depending on location, i.e. Mahmoud, Mehmood, Mohammed, Mohammad, Mohamad, Muhammed, Mehmet, or Mehmed. These slight spelling differences can make it more difficult to identify an ultimate beneficial owner (UBO) or politically exposed person (PEP), or even cross-reference a high-risk individual against a sanctions list.

3. Dates of Birth

It is not unusual in the Middle East for many individuals to be listed as having a birth date of January 1st. This is due to a high level of home births, lack of registration, and a low level of passport requests. As such, birth dates are often listed as January 1st by default.

Given the complications surrounding two fundamentally important elements of KYC identification, it becomes incredibly important to collect detailed information about the customer and their family so that they can be properly identified.

4. Address Verification

Finally, the collection of a customer’s address details can also result in complications during the KYC and CDD processes. Many countries in the MENA region use P.O. boxes for addresses, particularly in areas that do not use building or street names. Personal mail, as well as utility bills, are often posted to P.O. boxes instead of an individual’s home address. Many financial institutions do not accept these documents, as they require proof of one’s physical address. As a result, compliance officers often have to conduct home visits and personal interviews with a potential client to verify the client’s information. This is onerous and time-consuming.

Compliance Amidst Challenges

Customer Due Diligence is no easy task in the Middle East. What should be simple data collection and verification often becomes difficult due to regional cultural differences. If a financial institution is not vigilant in conducting interviews and verifying customer information, it is very easy to not collect high quality data.

The use of technology, such as name-matching software, is becoming more and more common to solve these challenges. By taking the guess work out of compliance, financial institutions can re-focus their efforts on creating an improved customer experience.

In our next blog, we will discuss how financial institutions can use technology to prevent de-risking.