An accountants guide to selecting a Client Due Diligence platform

Published

Man with book on desk

1. Questions to ask yourself about your practice's AML maturity

Knowing where you are today is a great first step in identifying what you need from a vendor. After all, you need something to fill the gaps or give you time to focus on areas where technology is less helpful.

To help you understand your practice’s AML maturity, we've created this checklist of questions to consider. Many of these questions won't have simple 'yes or no' answers, but that's okay. Taking the time to answer them will reveal any gaps you have. You might want to use a traffic light system to score yourself.

Regulatory compliance

  • Are we up-to-date with the latest AML regulations and guidance?

  • How quickly can we adapt to regulatory changes?

  • Do we have a process for staying informed about regulatory updates?

Risk assessments

  • Do we have a comprehensive firm-wide risk assessment in place?

  • Are our client and matter risk assessments thorough and regularly updated?

  • Do we tailor our due diligence based on identified risks in each case?

Training and awareness

  • Is our AML training program comprehensive and up-to-date?

  • Do all relevant staff receive regular AML training?

  • Can our employees confidently identify red flags and risk indicators?

  • Do we maintain a record of AML training?

Customer Due Diligence (CDD)

  • Are our CDD procedures robust and consistently applied?

  • Do we go beyond basic identity verification in high-risk cases?

  • How effectively do we establish and verify source of funds and wealth?

Ongoing monitoring

  • Do we have systems in place for continuous monitoring of client relationships?

  • How often do we review and update client information?

  • Can we quickly identify and respond to changes in client risk profiles?

Documentation and record-keeping

  • Can we easily explain and justify our AML decisions if audited?

  • Are our AML processes and decisions well-documented?

  • How long do we retain AML-related records, and is this compliant with regulations?

Independent audits

  • When was our last independent AML audit conducted?

  • How did we address the findings from our last audit?

  • Do we have a schedule for regular independent reviews?

Technology and tools

  • Are we leveraging appropriate technology for AML compliance?

  • How effective are our systems in detecting suspicious activities?

To help you perform a self-assessment of your firm's AML maturity, we've put together this template for you to download and work through.

2. Thirdfort’s view on what a client due diligence platform for accountants should be

There are many solutions to help you stay compliant with anti-money laundering regulations, protect you and your clients from fraud, and improve the new client onboarding journey.

At Thirdfort, we’re building a client due diligence platform. It includes tools to help you identify, verify, and screen individuals and corporate entities, carry out source of funds verification, and review and assess the results of your anti-money laundering checks.

Below, we’ll outline what we believe is important in a solution for you and why.

Pass/completion rates need to be high, while the time it takes to receive results should be low

It seems obvious, but it’s worth stating: using technology should save you time. Introducing technology to aid your client due diligence can save time, but not if the completion rates of checks are low. Low completion rates will leave you running the same check multiple times or waiting days or even weeks for usable results.

You need a smooth experience for your staff and clients

It's important that when you implement a vendor's technology, your staff can use it easily and feel comfortable with it. This will make it much easier to get the technology adopted across your entire practice.

As your anti-money laundering checks are part of your client onboarding, it's vital they leave a good first impression of your organisation. That's why at Thirdfort we invest heavily in our app to make it seamless for your clients to complete their checks.

Support to onboard, train staff, and provide ongoing help for you and your clients

The need for a smooth experience extends beyond the product itself to the support and help available to you for more complex cases or for clients who need a helping hand to complete a check. At Thirdfort we offer this through our UK-based support team, who are ready to help you and your clients. Our Trustpilot reviews testify to the quality of our app and support team.

We also have a team ready to assist with the implementation of Thirdfort and provide training for your staff on how to use the product.

Clients are not all the same, so you need something flexible

Every client is different, so you need flexibility to perform the necessary checks on each type of client.

That’s why we have built Thirdfort to:

  • Carry out checks on individuals and corporate entities.

  • Work in nearly every jurisdiction globally.

  • Carry out checks on individual and corporate clients, wherever they are based.

  • Give you different types of checks so that you have a solution for the unique needs of your client.

Detailed but easy-to-interpret reports

Client due diligence should be a reasonable but rigorous process that includes using multiple data sources, identity verification, and risk assessment. In our view, that doesn’t mean it has to be extremely complicated.

We do this by bringing together data from top providers, so our clients don't need to use multiple sources. We make results easy to review and add intelligence to help you assess risk faster.

3. The types of solutions you’re likely to see on the market and the pros and cons of different approaches

The good news for firms is that there's a wide variety of solutions on the market. Whatever your firm’s unique requirements, you will be able to find something that fits. The bad news is that this abundance of options can make selecting a vendor a challenge. With so many choices available, how do you know what’s right for you?

Broadly speaking, you can categorise approaches into a few buckets. Each has its advantages and disadvantages. Below, we have outlined a few that we typically see.

Type of approachAdvantagesDisadvantages
Manual processes- No need to update processes- Causes delays - Process lacks standardisation - Poor experience for clients
Basic screening tools- Cheap - Fast results- Low pass rates - Lack of support - Workflows are not specific to your industry - No workflow for identifying and verifying corporate clients
Practice/proposal management with ID & AML bolted on- Integrated into your existing tech stack- The vendor is not a specialist in AML and this lack of expertise is often noticeable in the product - Most do not invest in improving the part of the product that deals with AML - Your client’s journey can feel disjointed

Ultimately, the type of solution you choose should fit your practice's needs and requirements. Before starting your search, take the time to consider which approach best suits your needs and contact vendors that align with that approach.

4. Questions to ask during the sales process

During your conversations with vendors, there are several areas you should explore to gain confidence in making the right selection. Here are some questions that might help frame your discussions or guide your selection criteria.

Product

  • Do you have a list of the data sources that your product uses?

  • What databases are used as standard to verify existence of an identity?

  • How often is data refreshed or renewed for PEP & Sanctions database?

  • How will we be notified of completed checks?

  • How long does a typical report take to return?

  • What checks can you do on corporate entities?

  • How are the verification checks initiated and how are our clients notified that they need to complete this?

  • Can you check non-UK residents? If so, how far can these checks go?

  • Do you have any ongoing monitoring capabilities?

  • Which authentication factors do you have in place for users?

  • Do you support different levels of access for different users?

  • Do you have availability SLAs?

  • Are you certified under the Digital Identity and Attributes Trust Framework?

  • What is on your product roadmap?

Support

  • What kind of support do you offer your clients/their clients?

  • What’s your SLA?

  • Where is your support team based?

  • What do you have in place to allow users to self-serve answers to support queries?

  • What training can you provide to my team to enable them to use the system?

  • What ongoing support and account management will we receive?

Security and data protection

  • Are you registered with the ICO?

  • Which information security certifications do you hold?

  • How do you ensure GDPR compliance?

  • Where do you store our data?

  • Will you transfer data to third parties?

  • What data protection training do you provide to your staff around handling personal data?

  • How long will you retain data for?

  • How do you ensure your security program is adequate?

  • Do you have agreements with suppliers that require them to maintain appropriate security measures?

  • How do you securely erase data?

Pricing

  • How long are your contracts?

  • If we use the product more than originally anticipated are we penalised?

  • Does your contract automatically renew?

5. How to judge the return on investment from a client due diligence platform

Of course, while simplifying compliance with anti-money laundering regulations, you also need to select a financially justifiable solution, with a measurable return on investment. This can be helpful if you are considering multiple vendors.

Compliance doesn't need to be seen as a cost. When done effectively, it can add significant value to a business by setting your client experience apart from other firms, getting clients onboarded faster, and allowing your teams to spend more time on other activities.

At Thirdfort, our team can work with you to help calculate the return on investment for your business and help you make the case that our solution is the best for the other stakeholders in the business. But how might you go about doing this yourself?

You can download a copy of our free template and follow the guide below to calculate your return on investment.

To consider the return on investment, first think about how many new clients you need to complete client due diligence on each month. It won't be the same every month, but you can take an average. You may want to separate individual clients from corporate entities, as the time required to complete due diligence is likely to vary significantly.

You will then need to estimate how many hours it typically takes to complete your due diligence on each client. This should include the time you or your team actively spend on this, as well as the time spent chasing clients for information. One way to estimate this is to consider how much time an individual on your team spends on this in an average week, then multiply that by the number of team members working on client due diligence. You may also want to separate individuals and corporate entities to get a clearer picture of the time spent on each client.

You will also want to account for the number of hours spent each month on escalations and reviews by your money laundering reporting officer (MLRO).

Next, assign an hourly cost for the team handling both the initial due diligence and any escalations and reviews.

Once you have an hourly cost, multiply it by the number of hours each individual spends on client due diligence. If you already have vendor costs associated with client due diligence, add the monthly costs of these vendors. This gives you your total monthly spend on client due diligence using your current processes.

You will then need to estimate how much of this time will be saved by implementing a new solution. At Thirdfort, we typically see time savings in the range of 50-80%.

Take this percentage and multiply it against your monthly spend on client due diligence (if you have added in vendor costs, remove these first).

This will give you a new total monthly spend on client due diligence. The difference between your old monthly spend and the new one is the savings you will make by implementing the new solution.

With a few simple calculations, you can build a solid business case for implementing a new solution. As a reminder, the team at Thirdfort will be happy to help you with this process.

Subscribe to our newsletter

Subscribe to our monthly newsletter for recaps and recordings of our webinars, invitations for upcoming events and curated industry news. We’ll also send our guide to Digital ID Verification as a welcome gift.

Our Privacy Policy sets out how the personal data collected from you will be processed by us.