KYC – balancing between regulatory compliance, customer experience and cost efficiency
What is KYC and why does it matter? Know Your Customer (KYC) refers to a set of due diligence activities which Financial Institutions (FIs) and other regulated entities need to perform to obtain information about their customers before they can engage in business with them.
While legal requirements around KYC can vary by jurisdiction, at a high level, FIs are required to identify and verify customers identity, their ownership structures, source of wealth or funds and the intended purpose of the business relationship. KYC activities are an important safeguard aimed to prevent FIs from being used by criminals to perpetrate money laundering activities, and an integral part of the Anti-Money Laundering (AML) regime.
KYC activities are an important safeguard aimed to prevent FIs from being used by criminals to perpetrate money laundering activities.
Why is it important to get KYC right?
With an estimated 2-5% of global GDP being laundered each year, the stakes are very high. A recent survey by Thomson Reuters which covers 2,373 respondents estimated that over a course of 12 months, the average turnover loss due to money laundering was $0.75 billion. The estimated turnover losses due to fraud, and bribery and corruption were $0.5 billion and $0.81 respectively2.
Within this context, regulators around the globe have been actively imposing large fines for failures related to KYC and AML processes and controls. A ten-year (2008-2018) analysis compiled by client life-cycle management software provider Fenergo, highlighted $26 billion in regulatory fines, imposed against FIs for AML, KYC and sanctions-related violations (see chart below).
Recent examples of the fines include: HSBC Holdings fined $1.92 billion in 2012 by U.S. authorities for AML failures related to Mexican drug cartels,BNP Paribas fined $8.9bn in 2015 for sanctions violations related to transactions with Iran, Cuba and Sudan, and ING fined a total of $0.9bn in 2018 for serious anti-money laundering controls failings.
What are the current trends and typical challenges?
As of July 2018, the 5th European Anti-Money Laundering Directive (5th AMLD) has come into force with a January 2020 timeline for Member State implementation.
With the aim of meeting increasing regulatory requirements, FIs have invested heavily in increasing their KYC/AML headcounts, improving controls and developing systems to address the most immediate needs.
Based on another survey conducted by Thomson Reuters, the average annual KYC related spend of large FIs (with turnover over $10 billion) has gone up from $142 million in 2016 to $150 million in 2017.7
FIs have invested heavily in increasing KYC/ AML headcounts, improving controls and developing systems to address the most immediate needs.
Typical challenges that FIs face in the KYC/AML space include:
- Differences in local regulatory requirements: FIs with a global presence must comply with local regulatory requirements which vary across jurisdictions;
- Data quality: FIs often have to invest significant effort into filling in missing, outdated or incorrect data about their existing customers;
- Absence of fully integrated systems: The data required to perform a KYC review of existing customers often needs to be manually drawn from multiple systems before it can support the review process;
- Lengthy end-to-end KYC review times: Completion times for customer on-boarding or periodic reviews are often measured in weeks;
- Manual processing: KYC reviews often rely on manual or paper-based processing which is time consuming and leads to increases the quantity of QA failures;
- Multiple client touch points: the typical on-boarding and KYC refresh processes involves several customer touch points to source documents or clarification. Where such requests are not carefully coordinated (e.g. between regions and business lines) this can result in overlap and duplication. Inevitably, this leads to decreased client satisfaction.
What can organisations do to overcome these challenges?
Fortunately, there are several solutions which, if pursued in parallel, can help FIs address the challenges posed by KYC. These include:
- Active regulatory horizon scanning: Proactive monitoring and tracking of regulatory developments in jurisdictions where the FIs operate is crucial to their continuous ability to meet compliance obligations. Active horizon tracking helps organisations optimise their plans to achieve full operational readiness to meet new requirements;
- Data rationalisation and analytics: Given that customer data is often fragmented and stored in a number of platforms, operationalising it requires a high degree of manual processing (warehousing, cleansing and reconciliations). A more effective approach is to create a single repository for unstructured data (i.e. a data lake) where data can reside in its native format. If required, sophisticated data mining tools can then be used to extract, reconcile and structure the data. This approach can relieve the burden of manual data processing;
- Process automation: Another way to drive consistency and improve efficiency through the KYC lifecycle is to automate the process. A typical KYC review workflow lends itself well to process automation with potential efficiency increases across review initiation, data sourcing, risk assessment and profile maintenance;
- Client self-service portals: The creation of portals allowing the client to directly upload information has a potential to reduce the cost of client outreach and subsequent follows up. It carries the benefit of engaging the client in the process while at the same time mitigating the risk of overburdening the client with duplicate requests.
FIs are under tremendous pressure to ensure effective KYC and AML frameworks are in place to protect their customers and markets against financial crime. Meanwhile, managing regulatory requirements while ensuring operational efficiency and high customer satisfaction rate can be a complex balancing act. Nevertheless, there are solutions available, these solutions lie in proactively tracking regulatory requirements and a shifting towards a technology-enabled KYC framework.
How can we help?
MI-GSO | PCUBED has extensive experience working within the regulatory compliance area including KYC and AML. Our tailored services include provision of expert operational capability, consulting and technology solutions – we can help your organisation achieve scale and flexibility by providing expert teams exactly when and where you need it.
This article was written by Marcin P. Wojtukiewicz and James Martin-Young.
For further information on this article and MI-GSO | PCUBED