In today’s world of financial crime compliance, there is a concerted effort from regulators to push the limits at least in the minds of many know your customer (KYC) and anti-money laundering (AML) practitioners on KYC requirements. More and more, there have been expectations to use the abundance of data available regarding customers. However, simply adding data requirements does not guarantee the achievement of the end goal: a robust AML compliance regime and for financial institutions, one that meets regulatory requirements and does not stand in the way of business growth.
To achieve the end goal, there must be a paradigm shift in the way KYC is conducted. Specifically, AML professionals must consider not only the collection and collation of individual data elements, but also the missing data elements that can be identified only when looking at the human decision-making processes around each data element and the relationships among the data elements.
Before discussing what constitutes the right data for KYC success, KYC success must be defined in both today’s terms and tomorrow’s.
What is today’s definition of “KYC success”?
To date, “KYC success” seems to be measured by the quantity of data collected. In some instances, there may be a focus on the collation and presentation of that data. It has also been defined by the speed and efficiency with which the data is collected and collated. It is as if the old-fashioned “weight test” is being applied to KYC the more data one has, the better the compliance. And therein lies the issue; there has been a focus on compliance and the cost of compliance and not on making the right decisions on the right customers in a way that will enhance revenue for businesses.
What is tomorrow’s definition of “KYC success”?
Tomorrow’s definition of KYC success needs to focus on four key program elements: it must be holistic, dynamic, relational and include a clear understanding of risk and how all of these elements interact (see Figure 1). KYC success will lead to a better understanding of prospective and current customers. That must include bringing together, holistically, the data collected and doing so in a dynamic, real-time way. It means understanding the relationships across applications and processes that exist between data elements in currently disparate systems and processes. It means understanding the risks presented by the customer and how those risks change over the life cycle of the customer.
Now some will say that it is already being done but the focus has mainly been on the collection of complete, accurate and timely data used in decision making, not on making the decision. Specifically, there has not been a focus on the data elements that describe the relationships between the data currently being collected and how those data elements and data relationships drive a determination of customer risk.
The answer to tomorrow’s KYC success is not more data but rather data that can be understood and informative. It is data that is holistic, dynamic and relational, brought together in a way that can identify those customers whom you want to onboard and/or with whom you want to expand your relationship.
How to move from today to tomorrow
In today’s world of AML silos, start by examining, determining and understanding, in the context of human decision making, how all the data elements in the three main AML areas sanctions screening, transaction monitoring and KYC fit together to portray the customer (see Figure 2).
Begin by looking at the data elements collected individually within the defined silos. Then look at data characteristics or elements that define the relationship between and among data elements, not only within the silos but then, critically, between and among those silos, to create a holistic view. Clearly, there is a need for good, if not high, quality data as part of this exercise, but the relational aspects must be defined in the context of human decision making.
A basic example of this would be in the context of anticipated normal activity and the relationship of that activity to customers that are similarly situated and to the transactions of both the customer in question and similarly situated customers. Today, data is collected typically by interviewing the customer or prospective customer and asking them what they expect to do. This is dutifully logged in a KYC file and a box is checked stating that this information was acquired. It is left to the KYC analyst who may or may not be a subject-matter expert and likely is not one for the customer, industry and transaction types to decide whether the anticipated normal activity is indeed normal.
In this scenario, there is no mechanism to collect and assess other data elements to corroborate or otherwise support the information provided by the customer. Reliance is placed on the KYC analyst or the case investigator to seek out and assess the activity in this context.
Yet there is a plethora of data that is likely already available within the KYC file. For example, for larger customers, annual, quarterly or other reports have likely been obtained to “substantiate” the company. What data can be gleaned from such reports that would either substantiate or perhaps predict anticipated normal activity? The challenge is in reading, identifying, extracting and analyzing these additional data elements to form a deeper, more comprehensive picture of the customer’s activity.
The shift to tomorrow is a paradigm shift in the thinking around KYC data
Not only does KYC need to change from a data collection and operational perspective, but new questions must be asked regarding KYC data. Those new questions need to be focused beyond regulatory requirements to the value of KYC data. That value can be a predictive focus, such as a credit or a marketing perspective.
For example, if looking at KYC from a perspective such as lending (i.e., credit), begin looking across the customer to assess them as solid and trustworthy, someone with whom business can be conducted. Look at the customer from the perspective of what they have done as an indicator of what they may do. Also, look at KYC from a marketing perspective, i.e., ask questions about what the customer likes or what they will likely do since what they are doing now may also be an indicator of future actions. This perspective should become integrated into the KYC anti-financial crime thinking because what the customer may do maybe outside the norm and worthy of investigation and potential reporting.
The new AML officer
To achieve this paradigm shift there must be new thinking on the part of the AML officer. That new thinking encompasses all data that is available today, but more importantly, all data regarding the relationships among current data elements. It must also encompass an understanding of the decision-making processes in place today and going forward as well as what and how data describe that decision-making process. Only then can the right data be presented to a KYC analyst to use in the decision-making process or perhaps more importantly, to be used by artificial intelligence to present a likely decision for confirmation by the KYC analyst.
The “new” AML officer must also think beyond simply meeting the regulatory requirements of the day. Obtaining and using the right KYC data does cost money. The new AML officer must think in the context of the business and how the right KYC data is a business enhancement and not just another requirement.
With the right thinking on the part of the new AML officer, AML professionals can finally achieve that utopian world depicted in the statement “I’m from compliance, and I’m here to help!”