Skip to main content

KYC Compliance: A complex and nuanced challenge for energy trading & supply organisations

Know-Your-Counterparty (KYC) activities have long been a key control in the financial crime Risk Management Framework (RMF) for many organisations and enables them to understand who their counterparties are and assess their associated financial crime risks.

However, understanding and applying the requirements under financial crime legislation and regulation can be complex, particularly for energy trading & supply organisations, where only certain aspects of their operations fall within the scope of these regulatory requirements.

Optimising regulatory compliance continues to be a challenge when taking into account that many organisations in this sector have relatively small in-house compliance teams, which are grappling with a wide range of financial crime, compliance and operational challenges. This is often coupled with a range of technology and data issues, as well as the challenges of KYC being perceived as a "barrier to business" among some commercial trading teams.

Ultimately, obtaining accurate and complete KYC information is proving to be challenging across the industry, despite its criticality to mitigating against financial crime risks. So, what is hindering organisations in achieving their ambitions for more effective KYC processes? In this blog we explore some of the challenges that trading & supply organisations face with respect to KYC and look at some of the considerations to help overcome these.

1. Inconsistent and developing regulatory application

In the UK, the scope of UK Money Laundering Regulations 2017 (MLR) has traditionally focussed on organisations undertaking regulated financial services. As such, the scope of these regulations primarily apply to the financial or ’paper’ trading activities that energy trading & supply organisations undertake. Crucially though, as many organisations in this sector have global operations, they will also be subject to various MLRs in different jurisdictions and in turn, potentially differing standards with respect to KYC. In addition, the applicability of relevant Money Laundering Regulations within organisations often varies depending on whether the business activities fall under the scope of activities captured by the regulations. All of this can lead to challenges when attempting to implement consistent KYC standards across a business globally. While not all activities in energy trading & supply organisations are subject to KYC obligations, there are still major benefits to undertaking KYC in order to understand the broader financial crime risks (including bribery and corruption, sanctions and fraud) associated not only with counterparties but also those stemming from complex supply chains and ancillary or third-party services.

In addition to the complex application of the regulations, the requirements are often viewed by many in energy trading & supply organisations as being an obstacle to commercial ambitions, and in some jurisdictions as an invasion of privacy. Historically we have seen a reluctance from some counterparties to provide information and respond to KYC requests, typically as a consequence of the perceived limited regulatory obligation to do so and/or local data privacy laws impacting their ability to provide certain information. While substantial data can be obtained through public sources, some mandatory attributes, for example the identification and verification of ownership, are dependent on entities providing that insight. When a counterparty is disinclined to respond, this can ultimately lead to a loss of commercial opportunity for the onboarding organisation where they are unable to meet their KYC requirements.

2. Inefficient and manual KYC processes with inability to scale

The natural cycle of Ongoing Due Diligence (ODD) means that many energy trading & supply organisations are continually seeking to address the KYC gaps in their existing counterparty records, while in parallel trying to uplift onboarding practices and standards to align with regulatory expectations. Adapting the KYC process for both onboarding and remediation to ever-evolving regulatory requirements can require substantial resources and planning, which are not always readily available. Even within the same organisation we see different standards of KYC being applied across targeted remedial projects and Business-As-Usual (BAU) processes. To guarantee issues are dealt with appropriately, it is prudent to keep remediation projects and BAU activities separate; however, ensuring a consistent approach with clear requirements is essential for standardised results.

3. Deficient data and outdated systems

While not unique to the energy trading & supply sector, cumbersome technology and disparate systems, coupled with poor data quality, perpetuates issues in both onboarding and ODD including:

  • No definitive system of record often results in there being no single or amalgamated view of the total counterparty base, from which core business systems (e.g. trading and finance) systems link to;
  • Lack of robust data governance canlead to duplicate records, inconsistent naming conventions, and missing essential counterparty information across and within systems;
  • Manual, time intensive and burdensome KYC data gathering processes and ‘offline’ workflow (e.g. tracking in spreadsheets) increasing costs and the risk of human error; and
  • Limited, meaningful management information (MI) impacts the ability of the business to effectively monitor the financial crime risks associated with their counterparties in line with their risk appetite and ultimately mitigate risks where the risk appetite is exceeded.

By addressing the root causes of these issues, as challenging as they may be, organisations will not only be able to meet their due diligence requirements but also create a more efficient process that enables them to more effectively identify and manage their financial crime risks.

The following optimisation points aim to achieve a process whereby information gathered is as accurate as possible, the requirements set out in KYC regulation and financial crime legislation are met and minimise business disruption:

  • Utilising KYC solutions to automate the process can help in creating a single records system for each counterparty that enables more robust governance of KYC process, reduces inefficiencies and manual data entry errors and enables more timely identification of key financial crime risks across the counterparty population.
  • Implementing effective KYC data governance and, where necessary, remediating issues with data quality and completeness ensures that information held on counterparties is reliable and that risks associated with counterparties are quickly identified and mitigated.
  • Ensuring that a common KYC standard is applied across business units and operational environments protects against inconsistent application of the MLRs and potential KYC irregularities between project and BAU activities.
  • Creating and maintaining up-to-date standards, policies and procedures to underpin a seamless KYC end-to-end process, as well as providing much needed clarity in the practical application of the requirements around financial crime compliance including sanctions, bribery and corruption and fraud.
  • Ensuring employees truly understand the financial crime risks the business is exposed to and the associated regulatory and compliance requirements, leading to the effective application of a risk-based approach and proactive mitigation of identified risk exposure.

Addressing challenges with an organisations KYC process can be complex and time consuming, and while many organisations in other sectors (e.g. Financial Services) have already enhanced their KYC capability, many organisations in the energy trading & supply sector are still going through this change.

At Deloitte we have supported a number of clients with a range of KYC activities including, KYC remediation services, KYC managed services and screening alert management and investigations. Our support has helped clients not only improve the KYC they have on their counterparties and meet regulatory requirements but also free up resources for BAU and other critical risk management activities and provide more robust governance and management of financial crime risks across their counterparty portfolio.

If you would like to discuss this area in detail, please reach out to a member of our team: Katie Jackson, Rawad Halawi or Aisling Kermath.

Meet the authors

Rawad Halawi

Partner, Financial Advisory

Rawad is a Partner with Deloitte UK Financial Crime practice specialised in leading financial crime change and transformation programmes and solutions in the regulated sector, with particular focus on capital markets, commodities and energy trading. Specialism in Financial Crime (FC), Anti-Money Laundering (AML), Counter-Terrorist Financing (CTF) and Sanctions. Experience across Governance, Policy, Process, Operating Model Design/Delivery, Change Management, Digital Transformation and Automation. Strong combination of change management and technical experience across Financial Crime disciplines. Excellent track record in leading and delivering major complex Financial Crime Change Programmes Solid international network in Financial Crime Strong track record of operating independently and being successful and credible at senior management level Proven ability to lead large teams and a role model for talent Strong track record in risk management and ensuring high quality of delivery

Katie Jackson


Katie is the Partner in charge of Deloitte’s UK Forensic practice. With over 23 years’ experience working in the Financial Services industry and more recently in the energy and commodities trading sector, Katie has significant experience in Financial Crime, regulatory investigations, and transformation programmes. Katie sits on the firm’s FS Women in Leadership Council and is passionate about supporting diversity and inclusion at work and was a previous winner of the UK Timewise Power Part-Time list in 2014.