Beyond Compliance: How AML/KYC Is Redefining Investor Confidence

Disclaimer: Please be advised that this recorded webinar has been edited from its original format, which may have included a product demo and other engagement features. To set up a live demo, please complete the form above on our website. If you currently are not on our website and are watching this on our YouTube channel, there's a link to the website in the description of this video. Thank you.

Christy: Hello, everyone, and welcome to today's webinar, "Beyond Compliance: How AML/KYC Is Redefining Investor Confidence." My name is Christy DeMaio Ziegler, and I will be your moderator.

Joining us today is Chalene Francis, Danielle Galczyk, and Laetitia Vika. Chalene is the Senior Executive Director and Head of Fund Services for North America at CSC. With over 20 years of experience in private equity, fund administration, and compliance operations, she has held leadership roles at FD Fund Administration, BNY Mellon, and Citco Fund Services, overseeing investor services, onboarding, and due diligence for diverse investment products. Chalene speaks on fund administration best practices and operational excellence.

Danielle is the Associate Director of AML/KYC at CSC Funds Capital Markets. Bringing nearly 10 years of expertise in regulatory compliance, she leads initiatives to ensure investor accounts' adherence to global standards and has held key roles at Ultimus, LeverPoint, and SEI Investments. Danielle is CAMS-certified and speaks on emergent AML trends, regulatory best practices, and financial crime prevention.

Laetitia leads CSC's Investor Services team, providing tailored support in fund onboarding, AML/KYC compliance, and investor life cycle management. With over a decade of experience in Luxembourg's financial sector and roles at firms like Amundi, she brings deep expertise in regulatory frameworks and risk management. She speaks on investor operations, compliance strategies, and enhances clients' experience.

And with that, I will hand the presentation over to Danielle.

Danielle: Thank you, Christy. So today, we're going to really get into the bread and butter of what we do here at CSC. Christy was so gracious to go through all the introductions for us. And then we're going to dive into the Global Research Report that was conducted in early 2025. We'll talk about the AML/KYC services that CSC can provide, and then we'll end today with a bit of question and answers.

So getting into it, CSC commissioned a global research, where we surveyed 400 participants, and 200 of them were general partners, and 200 of them were limited partners. And it was multi-jurisdictional. So we looked at North America, Europe and the UK, and Asia-Pacific. And the goal of this research survey was to understand how firms are meeting the challenge of AML and KYC compliance, and where their gaps were, if they had any.

And a lot of really important and eye-opening information came out of that survey. It showed that while AML/KYC compliance is really a non-negotiable for these participants, and that leading firms are going beyond the basics. They're implementing scalable systems and streamlining onboarding. And by doing so, they're leveraging outsourcing to transform that regulatory pressure into a competitive edge.

So first, we're going to look at the limited partners' perspective on AML/KYC. And I think two of the most important statistics that came out of this were that LPs were significantly more likely to engage with a fund manager who had a formal compliance program in place. And almost more important, they sometimes would reconsider or even decline participation due to compliance concerns. You know, 97% of limited partners feel that AML/KYC is going to be or already is a central element of due diligence and should be included and thought about when investing.

And also, one of the most glaring concerns that LPs had was around inconsistent jurisdictional practices. And this is something that we see often and something where CSC thrives in because we have expertise in a lot of jurisdictions, and we can ensure that general partners and limited partners are adhering to the jurisdictional regulations that apply to them, and they're not subject to regulations that do not.

And then on the flip side, we're going to be looking at the general partners' perspective and how they felt as it came to AML/KYC. And 63% of general partners felt that AML/KYC issues led to lost or delayed investors. And of that 63%, 61% of it related to documentation gaps or errors, and 24% would then relate to onboarding delays.

And it's not surprising to me that these two statistics came out of this, because if you have documentation gaps and errors in your reviews, that is inevitably going to lead to onboarding delays. The more knowledge and expertise you have in AML/KYC, when you're looking at partnering with a firm, the more streamlined and seamless your onboarding is going to be. And at the end of the day, firms with strong AML/KYC compliance programs that utilize advanced technologies, they attract investors, and those that don't, they fall behind. And really, what this says to us is compliance wins capital.

Laetitia: Regulatory landscape. And it shows some of the top regulators and authorities that set the tone globally and internationally. I want to hand over to Chay to let us know and maybe walk us through the regulatory landscape and the global regulatory complexity that GPs and LPs may face in coming days.

Chalene: Thank you, Laetitia. So if we go back to, yes, to the previous slide, when we look at AML/KYC from a global perspective, there are a lot of different complexities with looking at the various global standards because as you can see, that depending on a jurisdiction, a region, there may be a different model, or should I say mandate that governs the appropriate AML/KYC activities that financial systems should take to safeguard their financial framework.

And so, if you look at the FATF 40, FATF 40 recommendations, referred to as the FATF 40, it provides a comprehensive framework of measures that aids countries to safeguard their financial systems from illicit transactions. It is regarded as the global standard in combating money laundering and the financing of terrorism and proliferation. And it's divided into seven distinct areas, which includes AML/CFT policies and coordination, money laundering and confiscation, terroristic financing, preventative measures, transparency and beneficial ownership of legal persons and arrangements, and, of course, powers and responsibilities of competent authorities and other institutions, and then international cooperation.

Most jurisdictions that has some sort of mandate regarding laws, related to the subject matter, relies on FATF to kind of set that tone, and it is which we will try to align to, and you see this across the globe. Laetitia will speak more specifically to the EU and UK measures that we have in place. And CSC has set ourselves up to be the leading expert in this area. We have competencies and expertise in each area, including Asia-Pacific and the Middle East, and understanding that those authorities in those particular regions have since updated and tightened their regulatory rules and requirements to ensure that we are being more sophisticated as the landscape changes when threats have changed. And particularly in the Middle East, they have done measures in the last year and two to really align their global standards for combating AML and CFT activities to align better with the FATF 40.

Now speaking specifically to the Bank Secrecy Act, in the United States in particular, the primary regulation for combating illicit financial transaction is the Currency and Foreign Transaction Reporting Act of 1970. Its amendments and the other statutes related to this particular subject matter are commonly referred to as the Bank Secrecy Act, and that is what we know as BSA.

And the BSA authorizes the United States Treasury Department to impose reporting and other requirements of financial institution and to help business better detect and prevent money laundering. Previously exempted, unless they met a very narrow designation, alternative investment managers were not subject to BSA. And really, it was truly that it was voluntarily recommended or implied that fund managers would lean into providing and safeguarding the financial transactions that pass through their entities.

However, in 2025, FinCEN did adopt a rule change to apply certain portions of the BSA Act to investment managers that would have gone into place on January 2026. FinCEN have since, however, delayed the implementation of this rule change for fund managers to comply with the BSA Act, and I should say particularly alternative investment fund managers to comply with the BSA Act until 2026. But that reprieve does not at all mean that alternative investment managers should take their foot off the gas, particularly because one of the things that FinCEN has implied is that, as a part of the 2028 rule change, they are going to expand BSA to have alternative investment managers comply with all aspects of the Bank Secrecy Act requirements, which includes implementing AML programs, filing SAR reports, conducting customer due diligence, and having a risk-based approach to identifying and verifying accounts and transactions that pass through their financial institutions.

So it's really important that as we dig into this landscape, we dig into this framework, that our readiness is at the forefront of our alternative investment managers' understanding, as is for our LPs because that then will kind of change the landscape for them as to how they apply and incorporate what now will be mandated in 2028, where they're not voluntarily doing it today.

And with that said, I'll turn it over to Laetitia to speak specifically to the regulations within the EU and UK jurisdictions.

Laetitia: Thank you, Chay. That was very good. Thank you. For Europe, Europe is leading the charge on regulatory change. With the 6AML Anti-Money Laundering Directive expanding the scope of financial crime and the new Anti-Money Laundering Authority expected by 2026-2027, firms need to prepare for much stricter oversight. Add to that, of course, as mentioned by Chay, the FATF Recommendations, the local guidance for the Middle East and for Asia-Pacific, the complexity of cross-border operations, it is a challenging landscape. But here's the reality, less than half of our GPs globally say they are fully prepared for these changes, and even though most plan to invest in technology and outsourcing to close the gap.

AML/KYC are no longer just compliance obligations. They've become strategic levers for investor confidence. And of course, as part of our research shown earlier by Christy and Danny, it shows LPs increasingly prioritizing managers with strong AML/KYC programs, and allocations are often declined when compliance gaps appear.

So Europe new framework, including the AMLA, which is the Anti-Money Laundering Authority, and the Single EU AML Rulebook, means zero tolerance for weak compliance. This just isn't about meeting minimum standards. It's about building trust.

That is where CSC also comes in. We combine deep regulatory expertise with certified technology with real-time screening, automated workflow process, and secure portals. Our approach delivers speed, scalability, and full compliance, turning regulatory pressure into a competitive advantage for our clients. In short, CSC doesn't just help to meet your obligations or to meet the regulatory obligations, we also help clients build trust and grow with confidence.

So, again, here we have discussed earlier the global regulatory complexity, which I have just commented earlier on to kind of summarize and to add to what Chay has mentioned. But we can see the results here, that 39% of our GPs are very concerned about the regulations across multiple jurisdictions. And that's why it is important that companies like CSC, ourselves, demonstrate readiness and expertise when it comes to supporting our clients and the LPs and the GPs.

Chalene: Correct. And just to lean into that a little further, one of the additional complexities that usually lends itself to this landscape is being able to stay in the forefront of regulatory changes. One of the reasons why clients partner with CSC is that our leading experts, our teams focus on being leading drivers in the market with regards to rule changes, and helping not only our general partners, but also their limited partners in understanding what those changes are, how to prepare for them, and how to meet the challenge in this environment where technology is moving so quickly, rules are changing so vastly, and the controls are being tightened. And not to limit and interrupt the cash flows, and the ability for general partners to raise capital, and the ability for the limited partners to share their information with us to ensure that their funds are safeguarded, CSC helps bridge that gap.

And a lot of times when we see some of these poll questions with 39% of general partners are very concerned, a lot of that is driven by that ability to have that overhead to stay ahead of these changes and being able to not only understand these changes, but adapt their processes, their systems, and their people to be able to incorporate and respond to said changes. And in understanding that, those complexities is then compounded based on where you do business. It's not simply about where you are domiciled as a general partner, but it's where your capital is deployed to, where your LP audience is derived from. Understanding that all of those different frameworks and all of those different impacts are coming into the readiness umbrella.

It's not about being ready about where you are. It's about being ready about where you would like to go, how you would like to expand and grow your organization, and how you would like to further take advantage of capital to do what it is that general partners do, and that is to generate great returns. And LPs want to see that ROI. Well, in getting that ROI, they want to make sure that those dollars are safeguarded. And CSC really helps to bridge that gap because what we do is alleviate the pressure of being able to understand this global framework and the regulations behind it, but also to help you lean into it with confidence to know that you have a trusted partner that's already ahead of the curve in this area.

Didn't know if any of my other presenters wanted to comment any further before we move along.

Danielle: No, Chalene, I think you said it perfectly.

Laetitia: No. Thank you, Chay. That was perfect.

Chalene: Okay great, guys. So we'll jump right ahead to the global momentum that is driving AML/KYC action. And when we look at these poll results, we see that our general partners' view on readiness on regulatory changes, it's that those changes, will it improve the process, despite the deadline specifically around the BSA, the deadline extension. And we do find that most of the general partners that did respond to the poll thought, hey, this is going to improve our ability to safeguard assets and funds. Less than half are fully prepared, which is what I expected to see.

And then we have 39% that say that they are fully prepared to move forward. And usually when we see those responders, most times often than not, they're already partnering with a third-party vendor that provides this area of compliance, oversight, and readiness for them, or they have internal programs and processes to help them to navigate the space.

One of the things that we do notice from these BSA changes is that what the United States is attempting to do is also aligned with our jurisdictional partners. We see that there are already really firm and stringent regulations in the UK, in the EU. We have CIMA, who has really stepped up their regulatory mandates and guidelines.

And to be competitive in that market where we have now global limited partners that are coming into our financial systems, they want to make sure that there's a sense of consistency across the board for general partners. And so that is why you see that there is a welcome of these expanded rule changes and really firming up the BSA in the alternative market, because, again, it makes us competitive. It makes us not fall behind the curve, but to stay alongside the curve, and that's very important for limited partners as they deploy their capital. Wealth is building globally, and everyone wants to not only increase that wealth, they want to safeguard that wealth.

As we jump forward, technology adoption, and really what this equals is automation equals faster onboarding. It ensures real-time monitoring, but also it streamlines the process. It builds in efficiency. And when we're looking at our general GP trends, we have 41% that are relying on in-house proprietary systems, which at times can become very costly, because, as we stated previously, that regulations change. When regulations change, your system has to be agile enough to adapt to those changes.

We see that 54% use third-party platforms, and that is because third-party vendors who are invested in the space, as CSC is, we make it our point to ensure that our technologies are not only best in class, but they're agile enough to adapt, and they adapt globally. We don't have siloed processes. We have fully integrated technologies that work across the globe, across every jurisdiction in which we do business and in which our clients do business, to be able to adapt and implement these changes as they come.

Where you see that other 5%, where it's Other, usually that means that there is some sort of manual process that they're using. And of course, with anything that is manual, it introduces greater risk. It is not necessarily as efficient in capturing and identifying, in real time, actual sanctions and/or transactions that are suspicious or should be halted. And therefore, it creates a bigger exposure when you're either not investing in self-proprietary systems or utilizing a vendor.

And on the other side of the aisle, LPs are looking for that secure automation. They're looking for secure portals. This information that's funneling through us is information that is sensitive. It is information that is private. And in this world of heightened visibility about safeguarding private information to ensure that it does not fall into the hands of bad actors, ensuring that you have a portal that is best in class with securing and safeguarding those sensitive data points that are being shared with us is a primary concern of our LPs.

One of the things that we are looking for, or should I say LPs look for and they ask is, "How do I get my information to you?" And if you're saying something to them like, "Drop it in the mail or email it to me," that's a no starter. They are going to be very skittish, and they're not going to want to share that information. And it introduces the lack of sophistication of a manager when they cannot deliver secure portals.

They're looking to make sure that their information is scalable. It can be reused. I don't have to give you my information a thousand times. If I gave it to you once, your system is robust enough, regardless of where I am doing my business, that it should be able to capture that I am who I say I am. I am one of one.

And our systems are both. We have the ability to ring-fence that. So we have clients who say, "Hey, I do want you to verify me every single time, regardless of where I'm coming in with my capital dollars." Our system is robust enough to be able to ring-fence and provide that. Others are saying, "Hey, when I give it to you, if your systems are safe, then utilize that system so it limits the amount of back-and-forth and me having to regenerate and send my private information to you again and again."

And most importantly, is your technology audited? Do you have a SOC 1 Type 2 designation or an ISO 27001 designation and certification? Because that means that not only is the integrity of your technology secured, it also means that you have the confidence of knowing that your partner and/or your internal systems are being audited by another vendor who is versed in the spectrum to be able to say, "This is sound technology."

Again, it leads to automation. It leads to securing information, more safeguarding, but it also leads to confidence and trust in that, and it speeds up the process. The worst thing that you want to do, when you're trying to raise capital and you're trying to invest capital, is to slow down the operation of that capital. And CSC helps you move through the process without interrupting the process.

So as we jump forward into why GPs rely on outsourcing AML/KYC, 91% of general partners were . . . So sorry, 90% of general partners responded to our poll on the reliance of outsourcing. Thirty-six percent say they fully rely on a third-party vendor. Fifty-five percent say they partially rely on a third-party vendor.

Top reasons for outsourcing, again, faster onboarding. You have scalable operations. You're meeting LP demands. You have really swift adoption to changes. You have effective measures that are on a daily basis for ongoing screening, that you are verifying information as things change. It's not a one-and-done. Once dollars come in, it doesn't mean that those dollars can't then later be compromised. And our systems have the ability to ensure that as those dollars are moving through our financial markets and systems globally, that if at any point in time those dollars become compromised in any way, our system is agile enough to capture that and to be able to give and inform our general partners with information to help them to respond swiftly and appropriately as things change. We recertify accounts appropriately.

And also the cost. The cost is a really great driver for managers because, again, when you have proprietary systems, that is a lot of dollars and people and technology you need to invest in that particular space, where utilizing an actual third-party vendor offers instrumental savings. You don't necessarily have to have proprietary applications. You may just need to have applications that help you verify and test the applications of your third-party vendor, because, again, the reliance is on the managers themselves. However, as the administrator, there is confidence that you can take in our activities, but then you should have some independent way of verifying that your third-party vendor is doing the work that they said that they are going to do.

So the cost around maintaining technology in the space is really around verifying the third-party vendor you have chosen to partner with versus the cost of upkeep, maintenance, and continued education to be at the lead and forefront of the AML/KYC global landscape.

Laetitia: So at CSC, we do not just tick compliance boxes. We deliver comprehensive AML/KYC services designed to make compliance seamless, scalable, and transparent. So here's what it looks like. So we have the investor onboarding. We have continuous monitoring. We have governance at the core, and we also have technology.

As part of the investor onboarding, you would have documents analysis. So when we collect documents of our LPs or investors, and as Danny said earlier, sometimes errors and gaps can be the reasons why we lose trust of GPs. But at CSC, we have experts who are dedicated to perform the documentation analysis, to perform the verification, and also perform the screening and the risk assessment of your investors.

So with the screening, for example, where we use World-Check for sanctions, for PEPs, adverse media, and enforcements. Just earlier today, we were discussing at EY on what the AML Authority will bring in. So sanctions is moving into, again, an AML-specific topic, where we will be looking at sanctions very closely. PEPs are being redefined again, in Europe, where we are looking at previously permanent PEPs were defined differently, tomorrow, even those from small areas with up to 50,000 population will be considered as permanent function. And our system, the one that we have already built in, allows us to be able to go as far as preparing us, again, for all the changes that are coming in globally and specifically in Europe.

On to just quickly the next slide, where we also want to say why CSC, we have also governance at core, where we apply the three lines of defense model. We have an operational team. We work with our compliance, which is the second line of defense. But we also work with our internal control teams to ensure that we have the ISAE Type II, for example, where our procedures and processes are checked on the yearly basis to kind of make sure that we are following our procedures and are in line with the regulatory requirements. And that is a control that we have across the line at CSC.

We have, of course, a policies and risk-based approach, jurisdiction-specific. We've mentioned global, where Chay went through all the U.S. regulations. So we have that capacity and level of expertise to be able to provide that. We also provide a tailored approach when it comes to investor risk rating. We do not just say your investor comes in and we'll apply EDD, which is enhanced due diligence.

We provide a proper tailored approach when it comes to how we have our investors. And as mentioned, for due diligence and onboarding of investors, we have established clear steps as to how to onboard these investors. We perform identification and verification… again, within Europe, under the AMLA will be redefined, and it is important to be ready. And we believe at CSC, we are ready for that. Enhanced due diligence, and again, for high-risk jurisdictions, for high-net-worth individuals, the AMLA is, again, redefining those. So we will see, as I mentioned earlier, a more stringent approach when it comes to Europe and the regulations in Europe. And CSC, again as a partner, is ready and prepared for that.

When it comes to ongoing monitoring, we mentioned the screening and the tool that we use on a regular basis. Transaction monitoring, it's flagging anything suspicious and in real time. And I think this builds confidence.

We work closely with our GPs and the fund managers to kind of bring to their attention all of these results that we are able to find and assess and escalate in real time. We have, again, an escalation process that is very procedural, how can I say, very reactive. Red flags are identified very quickly thanks to our technology. And we have built clear escalation processes with our second line of defense operational teams and our GPs, so our clients.

Also internally, of course, we do build a culture of compliance. I'm happy we're having this conversation because and again, at CSC, we're trying to very much demonstrate readiness for all the changes within the regulatory environment. Our goal is very simple — to protect our clients' reputation, to build investor confidence while removing complexity from compliance. So with CSC, our clients will get efficiency, transparency, peace of mind, because compliance should not slow down. It should enable clients to succeed.

So thank you very much. I'll be moving to our next slides. It talks about all the technology, with Chay before, and the solutions have been discussed.