Moving to a Continuous KYC Process
In the previous blog, we looked at the key components needed for a Digital KYC process.
In this latest blog, we explore the move to a perpetual KYC model and how digital transformation can create a true risk-based, managed-by-exception compliance model.
Know Your Customer (KYC) is not a one-and-done process. It extends far beyond the initial client onboarding and compliance process, reaching into the lifecycle events that customers go through as part of their long-term relationship with their financial services provider. Client Lifecycle Management involves ensuring customers are compliant through all stages and events in their lifecycle with their financial institution.
Regular Reviews vs Perpetual KYC
In a traditional KYC model, this would take the form of regular reviews and event-driven reviews. In most financial institutions, the vast majority of customers tend to be low to medium risk, with a smaller percentage being higher risk and requiring more human handling. Event-driven reviews are based on changes in customer profile that warrant a fresh compliance process. If the changes are substantially material, it may actually change the level of risk associated with the customer profile.
However, traditional KYC carries a lot of operational risk and huge inefficiencies. As part of the implementation process into a universal bank a few years ago, we found that they had 7,000 low-risk customers 2,500 to 3,000 medium risk customers and 1,200 – 1,500 high-risk customers. The KYC review process for the medium risk customers alone took between 67,000 to 81,000 hours to complete. In fact, it took on average 27 hours to complete the KYC review process for one medium-risk client. As a data and document intensive process, financial institutions have traditionally manually conducted KYC reviews, hindered by siloed systems and data repositories, making client outreach a necessity in every instance.
What does the move to a continuous KYC model look like?
When digitalizing the KYC process, financial institutions should also look at the KYC review process. Ideally, the KYC review process would move away from the traditional 1, 3 and 5-year review model to a continuous review process.
The KYC client review process is a valuable validation process that enables the financial institution to reconfirm the client’s existence and active relationship and ensure the customer profile is updated and remains in compliance with AML, KYC and other regulatory rules.
STP & Managed by Exception
In a Digital KYC context, the vast majority of low and medium-risk customers can be straight through processed (STP), with the ability to manage by exception those customers who don’t fulfil the full requirements of digital STP. This in itself alleviates a lot of the operational overhead required to perform KYC reviews and allows FIs to refocus their human resources on higher risk or higher value-added customer activities.
Centralized Data & Digital Data Capture
Every KYC review process involves the analysis of existing information on customers and may prompt the collection of updated or new information to complete the process. To review existing information, it’s important that financial institutions are integrated tightly to internal data repositories to allow the sharing of this information across business lines and jurisdictions (data laws permitting). Customers want their financial services provider to re-use their information and would prefer not to have to resubmit the same information time and again. A centralized data management system that can seamlessly locate and re-use information reduces a lot of friction from the current KYC process.
In the event that the customer needs to provide information, financial institutions should aim to digitalize this as much as possible. This is a quick win.
Financial firms should offer customers the ability to log into a secure portal to upload or update information on their KYC profile in real-time and at a time convenient to them. This gives them far more ownership over their profile and encourages them to update information on a more regular basis (i.e. moving away from the restrictive cadence of reviews).
Regulatory Rules Engine
Most firms solve compliance by hiring more personnel, often relying on outsourced personnel in third party agencies, throwing headcount and cost at the problem. Technology can solve this problem in a simpler and cheaper manner, compared to how much we have seen financial institutions currently spend on compliance. By offering a more frictionless approach to KYC reviews, financial institutions can remove all the unnecessary, time-consuming and inconvenient tasks and customer asks, and ensure a happier, more satisfied customer experience in the process.
Streamlining the KYC review process to a risk-based approach and reducing the amount of manual intervention for low to medium risk customers can increase overall operational efficiency, by allowing financial firms to reallocate personnel to high value add tasks and reducing the risk of human error.