Are you ready for an inspection?

It's important for us to prepare our customers for inspections from the Danish Business Authority. We continuously gain knowledge about the process through those of our customers who have been through inspections and share their experiences with us.

If you want to know what to expect and have a greater awareness of what you should prepare for, then please keep reading. Our client Nordkyst Revision, who has undergone several inspections, shares their unique experience with us.

What insight does the Danish Business Authority provide about inspections?  

In essence, expect a visit to be a dialogue between your company and the Danish Business Authority, which involves guidance on the rules of the Anti-Money Laundering Act. It is also a check of the company's ability to comply with the rules and obligations of the Anti-Money Laundering Act.

It is important to note that no inspection visit is the same – your knowledge and insight into compliance and how to adhere with the Anti-Money Laundering Act, is crucial for how the dialogue is shaped. However, the process can generally be divided into the following steps:

1: First, the Danish Business Authority seeks insight into the information related to your company to tailor guidance based on organisational structures and activities.   
 
2. Next, the Danish Business Authority examines your knowledge of the Anti-Money Laundering Act and reviews, among other things, your risk assessment, written policies, etc. This is also done with the purpose of understanding what type of guidance is needed.

3. Finally, the KYC procedure is reviewed. The Danish Business Authority conducts random samples of a number of customer relationships to assess whether your company complies with the requirements of the Anti-Money Laundering Act. This is done to see if the KYC procedures you have performed have been sufficient.

Nordkyst Revision up for inspection – again!  

The inspection notice in 2023 reaches Nordkyst Revision just five years after their last inspection where they, according to Partner & Approved Auditor Jens Jørgen Damberg: 'took a bit of a beating'. Jens Jørgen elaborates: "So we thought: we should get this sorted out! And that's why we found your system; to gain a bit more control over it and make it more systematic."

Nordkyst Revision is a medium-sized auditing firm serving 700-800 customers, both small and medium-sized companies, with annual reports, accounting counselling, and ongoing bookkeeping. In relation to the latest notice, Nordkyst Revision chose to contact Creditro to explore the possibilities of implementing the software. This was both with the aim of developing a systematic approach to KYC and anti-money laundering compliance, and to better equip the company for potential future inspections.

Before the inspection  

There are two processes that are important to consider before an inspection. About a month before the inspection, Nordkyst Revision was asked to submit a report on their anti-money laundering efforts. This included internal procedures and policies, as well as a complete list of the customer portfolio. Complying with KYC procedures takes some serious time, as it requires dialogue with all customers to ensure they provide their legal information and comply on their end. This only emphasised Nordkyst Revision's need for a systematic software solution to mee the requirements.

From the extensive list of customers, the Danish Business Authority had selected 14 customer cases for a review of the KYC procedure, which, according to the company's statement, were random samples and a risk-based selection with more specific reviews of individual customer relationships.

Regarding their own experience of the anti-money laundering efforts, Nordkyst Revision has shared the following experiences, which are worth passing on:

• An internal self-assessment/report of the company is required.
• How will we handle money laundering? What procedures have we implemented to comply with the law? What types of employees do we have?
• An overall assessment of our customers. What types of customers do we have?
• What types of companies are in our portfolio? 

During the inspection - deep-diving into a case

As mentioned, all inspections are different, but it's worth looking at previous inspection cases to see if there's anything specific to prepare for. From the inspection at Nordkyst Revision, the following questions can be highlighted, which went into detail about a customer:

• Can you give an oral description of how the customer became your customer?
• Where did you meet the customer?
• Have you met the customer physically?
• What does the customer do?
• When did you and the customer start your business relationship?
• Is there a letter of agreement between you? When was it signed?
• Does the date of the agreement letter represent the start of the formal cooperation? 

In relation to the inspection, Jens Jørgen said: "I had a customer that I simply didn't know who was - based on the company's name. I simply had to investigate and find out who it was, and only then could I remember it afterwards."

So, do you really know your customer? Jens Jørgen nicely highlights that it can be difficult to remember your customers in detail. If a company doesn't have its documentation in order, it doesn't know its customers by default and thus does not comply with KYC procedures. Experiences from various inspections have all shown that there's a good rule of thumb when it comes to demonstrating knowledge of your customers to the inspectors: If it's not documented, it didn't happen.

The advantages of one system  

When Nordkyst Revision creates new customers in their systems, they simultaneously use Creditro's software to control the KYC processes. It also provides better insight into their own customer relationships and gives an overview of the ongoing documentation needed to comply with legal requirements.

In the system, ID is obtained from the specified customer, and a questionnaire about ownership is sent out. The questions are about matters such as real owners and politically exposed persons (PEP). When ID and responses are obtained and documented, the next step is to conduct a PEP assessment on all obtained IDs associated with the customer. According to Nordkyst Revision, the date of PEP and accompanying documentation is something the inspection focuses on – specifically, that the timeline for the customer relationship and ongoing documentation is correct. The inspection will, for example, delve into the specific date of when the PEP assessment was made or when it was cross-checked with other data.

By having all information gathered in one overview, Nordkyst Revision could easily and efficiently present the documentation that was asked about during the inspection, like PEP documentation directly associated with each ID in the system.

Self-assessment of the customer relationship  

As soon as ID is obtained and the customer's responses have been received, it's possible to conduct a self-assessment of the customer relationship, including an assessment of inherent risks. The self-assessment of the customer is a central element in the documentation that the inspection focuses on. Part of the risk assessment depends on the information provided by the customer via the questionnaire, as well as the analysis of the information to assess whether the customer has a high, normal, or low risk profile. For Nordkyst Revision, as an auditing firm, this could involve whether the customer's activity involves the exchange of large cash amounts or whether there is sizeable international trading.

Having a comprehensive self-assessment is important, but it can be difficult to place the customer in the risk assessment, as the self-assessment of the customer is also based on the accuracy of the information provided. As Jens Jørgen puts it: "There is a correlation between their answers and our own risk. In addition to the technical aspects of KYC that Creditro provides, we also see it as our role to guide our customers along the way because there are sometimes places where the customer, despite the system's setup, may experience challenges with the risk assessment – so, you just have to be aware of what the customer has written. If you then choose to adjust the assessment – you'll just have to stand by that."

Keywords for the company's use of Creditro: structure and systematics  

One of the things that Nordkyst Revision confirms highlights about using Creditro is the ability to easily maintain structure and deliver precise information for the required documentation. The onboarding of the customer is systematic and streamlined, customer by customer, which means that 90% of the time spent on each customer, is being spent within Creditro.

How has Creditro's service specifically contributed positively to the inspection process, and what advantages has Nordkyst Revision experienced with it?

• Increased systematics. Systematic processes and everything in one place. 
• Documentation. Access to the documentation required for the inspection. (Note: Be aware that the data you pull is not always what the inspection is interested in. So be proactive and ensure you have broad documentation.)   
• More peace of mind. Avoid 'beatings' and approach your inspection knowing that you have a system by your side, that guides you and continuously updates your customer relationships.

Have you been given an inspection notice? 

We are happy to arrange a meeting with you and to guide you on how to best prepare, and talk about the benefits that Creditro's software provides for complying with KYC and documentation requirements.

At Creditro, we would like to thank Nordkyst Revision for sharing their specific insights and experiences from their inspection, as well as providing valuable feedback on how we can make our platform even better. At the same time, we hope that this article will be able to help you, our current customers, and other companies, if you are ever under inspection.

"We couldn't manage it without Creditro. So, if you don't have a system, it's really an uphill battle, I must say," Jens Jørgen states.

Note: Nordkyst Revision has not yet received a final response to their inspection. They did however, pass with flying colours in terms of operational KYC.