Global Voices: KYC Programmes – Aren’t They All Done and Dusted?
Recent conversations with firms have left me in a curious state of mind, I had thought all financial services firms had wrapped their Know Your Customer (KYC) programs and put them to bed?…. It turns out I was wrong!
As the regulatory demands for KYC within the Anti-Money Laundering (AML) laws continue to grow, financial institutions are struggling to keep up, leaving themselves open to possible fines, sanctions, and reputational damage!
In May 2018 the EU Council approved the 5th Anti-Money Laundering Directive, which has now been published, and is expected to be transposed into UK legislation in early 2020. Changes to data collection, data processing as well as risk assessment and mitigation will be included in this update.
As a result of this, firms will need to re-assess the information available within KYC records, ensuring there are no gaps in data. A formalised processes to obtain, record and update beneficial ownership information should also be developed if there is not already one in place! In addition, firms will be required to review and prepare to adopt revised lists of the EU’s high risk third countries into their KYC processes.
Despite having electronic KYC documents, some processes are still being managed in a manual fashion, in conjunction with Microsoft Word and Excel spreadsheets. This approach leaves organisations open to major fines, and with $90 million being the average global fine issued, and Europe recording their highest regional fine of $900 million last year against a Dutch bank, it’s understandable that customers all want advice on how to automate more of their KYC processes!
We all know that implementing solutions can be costly, however the potential threat of facing fines or criminal prosecution as regulators continue to raise the standard for corporate integrity, in addition to clients increasingly expecting demonstrated moral behaviour from their banks, there is usually more than enough motivation to implement. However, if you’re facing pushback and need help to provide an ROI justification, ready for the next steering committee, here’s some information for you to include:
- Reputational damage and personal accountability – organisations are starting to care more about personal accountability and reputational damage than they are fines. Fines do hurt – but sending senior level directors to prison, and brand reputation is career and organisation ending.
- Accuracy – mistakes in spreadsheets and manual processes are difficult to identify, slow down the process and increase cost
- Adaptability and Scalability – regulations are always changing, and will continue to do so. KYC processes need to be adaptable, without having to engage with the solution vendor at every turn. Also, new client volumes can change dependant on promotions, therefore, the ability to identify potential process bottle necks is crucial
- MI and Reporting – every steering committee or board meeting demands easy to understand metrics. However, systems must also provide operational dashboards that are configurable to meet the requirements of compliance, risk and individual process owners
- Cost Effective – Compliance teams don’t want to be seen as highly paid clerical admin staff. They are intelligent and valuable resources, and by automating KYC processes, it enables them to focus on other compliance functions, allowing them to become proactive rather than reactive to other regulatory requirements
- Reduction in time – everyone benefits (client and the firm) if the time taken to on-board a new client is reduced and similarly with ongoing reviews of existing clients
Other risk & compliance resources that might be useful:
Infographic: GRC Hurdles & High Jumps in Building a Culture of Compliance