Cayman Islands Embraces e-KYC and Remote Digital Due Diligence for Enhanced Customer Onboarding and Compliance

In a significant development aimed at bolstering Cayman’s aspirations to become a global technology hub, the Cayman Islands Monetary Authority (CIMA) has affirmed that regulated entities can employ e-KYC (electronic know-your-customer) and remote digital due diligence processes for customer onboarding and ongoing compliance monitoring.

This decision, outlined in CIMA’s latest anti-money laundering (AML) guidance, extends upon an earlier advisory from 2020 regarding the use of virtual identification. Crucially, it aligns the Cayman Islands with the Financial Action Task Force (FATF) guidelines on digital identification, further enhancing its reputation as a jurisdiction that prioritizes a business-friendly regulatory approach.

Regulated entities looking to adopt e-KYC or remote onboarding methods are expected to take a risk-based approach and implement the following:

1. Update policies and procedures to incorporate the new e-KYC and remote onboarding technologies. These updates should also cover contingencies for when the technology is unavailable or fails.
2. Conduct a formal risk assessment of the new technology, ensuring it meets the accuracy and reliability standards necessary for the jurisdiction, product, customer, and relevant risk factors.
3. Update customer risk assessments, considering tiered customer due diligence where applicable, based on the firm’s assessment of the customer.
4. Establish record retention systems capable of providing CIMA with the necessary identity information and verification evidence from the new technology.
5. Implement appropriate anti-fraud and cybersecurity measures to support e-KYC and digital ID systems, including authentication systems for customer due diligence (CDD).
6. Establish procedures for regular, independent reviews of the new systems and their effectiveness.

Furthermore, when regulated entities decide to utilize e-KYC or remote onboarding, they should:

1. Apply and document a risk-based approach when establishing new business relationships, especially when customers are not physically present.
2. Implement controls during the e-KYC process to verify the identity and authenticity of presented ID documents.
3. When applicable, engage eligible introducers or certifiers to confirm customer identity.
4. For higher-risk scenarios, conduct additional verification measures to ensure the accuracy of e-KYC methods.

The revised guidance explicitly mentions video conferencing as a means to identify natural persons during onboarding and to confirm their identity when dealing with corporate entities or legal arrangements. However, as video conferencing does not constitute a “face-to-face” meeting, additional checks are required.

In cases where official documents cannot be verified through video conferencing or electronic means, alternative measures must be sought for document verification.

CIMA accepts the use of selfie photographs as long as they are in color, clearly show the person’s face along with the identity document in the same photograph for verification, and provide a clear, scanned color copy or photograph of the identity document itself.