Bolstering know your customer processes as regulation tightens

Nick Payne

Nick Payne, banking services, customer advisory, SAS UK & Ireland, discusses how new technologies allow financial services companies to develop rigorous KYC processes without compromising customer experience.

The sanctions imposed on Russia following the invasion of Ukraine reminded us how quickly the geopolitical landscape can change – and why it’s critical that financial services institutions know who their customers are at every stage of the life cycle.

More than half of the fines issued by the FCA in 2022 so far relate to financial crime, and the regulator has also raised concerns about some of the challenger banks’ controls. The issues it highlighted include failing to adequately check customers’ income, and having no financial crime risk assessment in place for customers.

Banks can also swing too far the other way and freeze people out of their accounts, seemingly for no reason – and errors like these are costly. The Financial Ombudsman awarded compensation in almost 1,000 cases where bank accounts were closed between January and September last year, but the potential loss of business and damage to the bank’s brand and reputation is even more expensive.

All this highlights the challenge banks today face as the regulation around KYC becomes tighter, and financial crime gets more complex. They may be dealing with a network of entities, operating in multiple territories, with people on sanctions lists buried deep within an organisation. While banks have access to sanctions lists, they often struggle to link them to all their transactions and internal systems because data is siloed in different environments.

There’s more external data to make sense of too. LinkedIn, for instance, can supplement Companies House data as a rich source of information on job moves and changes, and mergers and acquisitions. What’s difficult is achieving a company-wide level of KYC detail, without the process becoming too arduous and costly.

While banks are automating more of their compliance processes, many elements remain manual, and the lack of continuous real-time monitoring creates risk.

So, while they have data from multiple sources, they can’t interpret and rescore customers quickly enough to flag up any issues. When they receive an alert from a third party, it goes onto a list to be manually checked – and it could be another three or even six months before the next KYC review. For all that time, they could be working with customers on PEP or sanction lists, or some who are committing money laundering offences.

This is why artificial intelligence (AI), machine learning (ML) and advanced analytics are so important in improving the efficiency and accuracy of KYC and other compliance processes. Our own research shows that well over half (53 per cent) of traditional banks see these technologies as a way to gain a competitive advantage – because they allow them to both tackle financial crime and deliver better customer experiences.

The technologies help banks to connect events, behaviours and attributes, so they don’t miss any potential red flags, while reducing the number of false positives so honest customers aren’t adversely impacted. For example, at SAS, we’re able to check every transaction and alert, and dig down to every director of every company.

Tackling financial crime has become both more complex and more urgent, which might explain why high numbers of banks are willing to work with credible third parties to bolster their processes. Our findings show that 84 per cent of banks either fully or partially outsource AML, and half outsource risk governance.

Using  AI and ML-powered solutions, their technology partner can quickly scan external factors like new sanctions lists for triggers. These tools streamline onboarding processes – so when you think there might be 30, 40 or 50 processes linked to a mortgage or loan application, you can speed up and validate every one of these to satisfy customers and the regulator. All this can be achieved without employing armies of developers at high cost.

Banks don’t have to hand over their sensitive information to do this either. Bigger institutions may prefer to provide their technology partner with a trigger file to run checks on customers they believe are engaging in criminal activity to start an investigation, while maintaining full control over the majority of their data. However, smaller banks, with fewer resources, tend to be more willing to share data with trusted third parties who uphold the highest security standards. Both approaches are valid, and a good vendor should be able to accommodate different requirements.

The benefits of rigorous KYC processes extend across the organisation, from compliance to sales. A holistic view of customers as individuals, not just segments, enables banks to target products and services to the right people, helping to drive up revenue and reduce bad debts – and ultimately protect society from criminals.

spot_img

Explore more