5 things in 2022 that changed how we do KYC in banking
1. The invasion of Ukraine
The war in Ukraine, which began in February of 2022, brought economic sanctions into the spotlight and tested reflexes as governments globally scrambled to respond. Sanctions against Russia and its associates came in almost overnight and, from the EU alone, surpassed 1200 individuals and 120 entities by the end of 2022.
For a country of Russia’s size to become the subject of such sweeping, rapidly introduced sanctions as it did within days of invading Ukraine is unprecedented. Governments, enforcement, and banks had to adapt to a new regulatory landscape that continued to shift and expand.
This put immense pressure on financial crime risk and compliance teams everywhere to safeguard banks amid a slew of complications for operations and compliance processes. Far from a box-ticking exercise, KYC and risk management were the key to withstanding regulatory scrutiny and safeguarding banks’ reputations from association with oligarchy.
In early March of 2022, the Financial Action Task Force (FATF) noted that “all jurisdictions should be vigilant to the possibility of emerging risks from circumvention of measures taken in order to protect the international financial system from the ML/TF/PF risks resulting from Russia’s aggression against Ukraine.”
Media and enforcement bodies’ anxiety around crypto also cropped up with a renewed fervour following the invasion, as it was feared crypto could enable sanctioned oligarchs to move their assets and wealth outside of the traditional financial system and regulatory frameworks. Between February and April, representatives from the US, the UK, and the EU released stern warnings to confirm cryptoassets fall under existing sanctions rules.
By the year’s end, the EU had sanctioned “all crypto-asset wallets, accounts, or custody services,” no matter the value, the US issued numerous sanctions and bans against crypto and ‘mixers’, and the UK made it a criminal offence for exchanges to not report sanctions breaches.
Oligarchs don’t make it easy for banks, obfuscating their identities and assets in elaborate shell company networks that manual, paper-based processes struggle to unravel – particularly where cryptoassets are involved.
2. The end of the EU’s public beneficial ownership register
On the 22nd of November 2022, the European Union (EU) Court of Justice declared invalid the provisions of the EU Anti-Money Laundering Directive (AMLD) mandating that access to beneficial ownership registers be guaranteed to the public. This comes after FATF identified the strengthening of transparency of beneficial ownership information as “a priority for the FATF and the international community” and the move has additionally been met with criticism by champions of corporate transparency such as Transparency International.
Article 30 of the EU’s 4AMLD required that all member states establish central registers of corporate ownership information, and to ensure that the register was accessible to:
-
“Competent authorities and FIUs, without any restriction"
-
“Obliged entities, within the framework of customer due diligence in accordance with Chapter II"
-
“Any person or organisation that can demonstrate a legitimate interest.”
5AMLD then came along in 2018, and broadened the scope of access to allow any member of the public, even those without the ability to demonstrate a legitimate interest, to access information about beneficial ownership.
In 2022, the Court held that public access to the identity and personal data of beneficial owners would infringe upon the rights to Respect for private and family life and protection of personal data laid out by Articles 7 and 8 of the Charter of Fundamental Rights of the European Union.
While amends to legislation will take months yet, countries such as Austria, Luxembourg, and the Netherlands are among those who have already removed public access to their registers following the ruling.
Given that a number of other states including Hungary, Italy, Norway and Spain, are yet to set up beneficial ownership registers – it appears that the jobs of compliance officers and law enforcement entities are not about to get much less cost and resource intensive than ever before with this additional level of complication.
The United States is another country whose Beneficial Ownership Register (created by the Corporate Transparency Act (CTA)), though central, has never been publicly accessible like the EU’s register. On the 29th of September 2022, FinCEN issued the final rule of the CTA around beneficial ownership information reporting, which will come into effect on the 1st of January 2024. It will likely have major KYC and compliance implications for reporting entities.
3. Rising costs and shifting attitudes towards KYC in 2022
The data from Fenergo’s global KYC survey* of C-suite executives at leading banks painted a positive picture of attitudes and prioritisation when it comes to compliance and risk management.
With 45% of respondents ranking financial crime risk among their top three investment priorities it seems that in 2022, banks are increasingly realising the value of robust financial crime controls as crucial to the success of the business.
There’s also a promising trend of recognition that manual KYC processes are detrimental to financial crime risk management, as nine in 10 agreed that manual KYC impacts better decision making around risk.
In Fenergo’s webinar on KYC and digital transformation in finance, Nicola Poole (Global Head of New Client Onboarding at Citi Bank) explained that “automation is a recent investment” and pointed to the impact of COVID-19 as particularly crucial to this mindset switch within the decision-making ranks of financial institutions. Although recent this investment is not a hollow promise, as our data shows that in 2022, for every dollar of KYC budget spent on expanding headcount two were invested in technology for automation.
This trend shows the clear business case for technology in action and is a promising step in the right direction for banks that for years have faced increasing staff costs and tight compliance budgets. Thomson Reuters’ 2022 report on the cost of compliance highlighted “a frustration among respondents” with the widening duties, competing priorities, and resourcing pressures faced by compliance practitioners.
But it’s not just numbers that have seen automation emerge as the saving grace of KYC processes. Improvements to the accuracy and quality of KYC reviews are also a side-effect of automating manual tasks in a high-volume environment.
Some of the key issues for banks are backlogs and talent shortages as, for 35% of respondents to our KYC survey, KYC review backlogs were cited as the number one challenge, followed by the war on talent which was the top issue for 30% in 2022.
*For Fenergo’s global research report investigating the costs of manual KYC, Fenergo studied more than 1,000 C-level executives across corporate and institutional banks.
4. The financial crisis showed the importance of KYC for cost saving in banking
During 2022, central banks the world over have been hiking interest rates in response to skyrocketing inflation rates, with the general prediction being that we may be headed for a global recession in 2023.
This crisis has wide-ranging, deep impacts on the financial services sector, and their ability to carry out business – and compliance – as usual. In times of economic hardship and uncertainty, the strain on the banking ecosystem and on consumers makes us all more vulnerable to certain types of criminal activity and opportunism.
The economic slowdown is most pronounced in the euro area, as the region most directly impacted by the energy crisis caused by the war in Ukraine in 2022. The International Monetary Fund (IMF) predicts that global inflation will peak in 2023 at 9.5%, causing the next year to feel like a recession for many and reducing economic growth.
The financial sector is historically one of the most impacted by changing interest rates and banks can usually expect to see their profit margins increase along with inflation increases. However, in times of economic volatility, banks and other organisations may shy away from non-essential spending and slow down hiring processes in an effort to watch costs.
The economic upheaval of 2022 meant that banks had and have less resource at hand to invest in headcount or in compliance tools like RegTech, which could leave them more vulnerable to financial crime. However, in their bi-annual Pulse on Fintech report, KPMG found that global investment in RegTech showed strong resilience in H1 of 2022 despite a downturn in investment for most other kinds of fintech.
The resilience of the RegTech industry and continued investment in digitalisation of may reflect a conscious effort by banks to curb spending on outdated, inefficient compliance processes, as the volatile geopolitical landscape of 2022 has increased cost pressures while complicating processes such as sanctions screening, KYC, and risk assessments.
5. COP27 shifted reporting priorities and new ESG regulations were announced
The pressure on capital markets to adopt sustainability goals and values is mounting. COP26, hosted in October and November of 2021, announced the creation of the International Sustainability Standards Board (ISSB) which is tasked with developing standards for capital markets around sustainability disclosures. On March 31st 2022, the newly-formed board published first drafts of its proposed Sustainability Disclosure Standards, which are set to be finalised in Q1 of 2023.
With rapidly evolving ESG requirements, regulated entities such as financial institutions are recognising the need for ESG solutions to overcome the challenges of data gathering and reporting, which is where KYC comes into the picture.
From a logistical point of view, there is a significant overlap between data collection and processing for KYC and ESG, so organizations should already much of the information they need from their existing compliance efforts. However, only 25% of attendees Fenergo polled at a recent webinar (KYC Compliance for financial institutions) said they had addressed their organization’s data challenge.
With more and more jurisdictions looking to make ESG disclosure requirements mandatory, this could significantly increase pressures on organizations that are yet to implement operating models for ESG compliance processes. A recent Fenergo survey of executives at leading FIs found that a mere six percent had implemented operating models for ESG compliance processes, with a staggering 38% admitting they have not.
On how companies should prepare for the incoming standards, the International Financial reporting Standards (IFRS) foundation advised that:
“Companies should continue using the voluntary frameworks and guidance as appropriate. Because the ISSB’s standards will build on existing frameworks and guidance, efforts put into reporting on sustainability matters now is expected to help companies implement the ISSB’s standards in the future.”
COP27, held in Egypt between the 6th-18th of November 2022, also proved to be a defining moment for ESG and compliance. Some of the key topics discussed such as food security and the future of energy were brought into sharper international focus following the conflict ravaging Ukraine and disrupting the global economy.
Conclusion:
The events of 2022 brought new complications but also progress in ongoing challenges banks have faced in automating their KYC process flows.