Transforming due diligence: Taking a digital first approach to KYC remediation
How current are your customer records? More precisely, is the information required for Know Your Customer (KYC) compliance sufficiently up-to-date in terms of accuracy, regulatory requirements and risk mitigation? Many organizations have KYC remediation policies, or perform batch operations, to help ensure that their customer information properly reflects the current status.
The cost and complexity of operating an effective compliance program, by any measure, is enormous. According to a LexisNexis study, the projected global cost of financial crime compliance is over $180 billion and is growing at 12 percent annually. Besides operational costs, there are other costs to consider such as potential fines and reputational damage. There’s also the risk to customer abandonment and the associated loss in revenue, if the compliance processes are overly complicated or slow.
How can organizations operate KYC remediation programs that 1) help improve the compliance stance, 2) better prevent financial crime and 3) not unduly impact the customer?
A holistic data approach
Based on the wisdom and practicality of taking a risk-based approach, not every record needs the same level of scrutiny. What are the amount and value of account activities, what are the types of transactions and parties involved, and in what countries do the transactions originate or end? Combining this knowledge with the organizational risk appetite will help determine the appropriate level of due diligence. Segmenting the customer records into various buckets will prioritize the necessary investigations.
It’s vital to understand the quality of existing data as well as determine the desired outcome. Often, organizations discover substantial differences in the type, age and appropriateness of various data sets, and the question becomes how to deal with it all. Different standards and processes across divisions and operating groups can complicate the matter even further.
One positive consequence of doing a KYC remediation is that it provides a great opportunity to strategize and operationalize a more consistent, holistic data approach. While it does take effort, the results are often cleaner data regimes, more accurate and responsive inquiries and analysis, and better synchronization and coordination across the organization. Effective data management is a core contributor to improving productivity, lowering risk and increasing profitability.
Adding in new data
The opportunities to leverage various data sets to better analyze customer information improve as the amount of available and accessible data continues to expand.
While previously a KYC check might have involved looking at an ID document and taking notes, now numerous disparate date sources can be quickly accessed to find hundreds of data points. Basic personally identifiable information (PII) can be called from multiple data sources to determine if they corroborate. ID document information can be scanned and matched against official records. Email addresses can be cross-referenced to their historical use to determine how long the address has been in use and if it matches the profile. IP addresses and other internet metadata can help pinpoint where the signal is coming from and check that against expectations. Mobile phone data provides a whole other layer of data, including number, usage patterns and geolocation, all of which can help determine the validity of customer information. By judiciously using new data opportunities along with existing records, the opportunity to spot potential problematic accounts improves.
New data technology and processes not only improves the ability to collect information, but also the ability to analyze and interpret it. Artificial intelligence, machine learning and big data analytics are enabling new insights that no one compliance officer, or team of officers, can match. This is not to say the tools themselves are the answer; rather, the tools provide compliance the power to run more checks, covering more factors and at quicker speed to allow compliance professionals to better apply their knowledge and expertise.
Efficient processes for a seamless experience
While back-end processes are critical to any successful KYC remediation program, the user experience also needs careful thought. After all, depending on the account, it might mean going back to a long-term customer and asking for more information.
Fortunately, in many cases, information updates can be automated, or at least be non-intrusive and part of a seemingly normal customer experience. Typically, a significant change to an account is an opportune time (if not specifically required) to request further identifying details. Perhaps a change in contact information or password, a threshold reached, or a change in the types of transactions can set a trigger for more customer due diligence. Customers are understanding when it comes to security and they appreciate efforts to protect their finances, provided they understand the context and if the process is not overly slow or onerous.
Automated, self-service options that can be done quickly over a mobile device or website can offer the speed and convenience that consumers expect, while still delivering on the fundamental compliance and fraud and risk mitigation requirements.
KYC remediation should not be a significant obstacle for customers, or for an organization. With a strategic plan, careful operationalization and ongoing optimization, KYC remediation can lead to positive outcomes such as adaptable systems, re-engaged customers and ongoing growth.