Perpetual (always fresh) Know Your Customer (PKYC) is the ongoing process by which financial organizations continuously aggregate and update customer information with the aim to use it for risk management.
Is PKYC possible? The simple answer is yes. While it remains an aspiration for many established financial organizations, let alone newcomers to the regulated sector, some have accomplished it. Even those who have had success with PKYC, however, could do more to enhance and streamline the process.
Where Traditional KYC Falls Short
Know Your Customer (KYC) is known to most as an arduous, manual process that has added many days to opening banks accounts, and much administration, delay and irritating tick-box paperwork to many other processes such as registering with an estate agent or buying a car.
The manual process is widely responsible for backlogged periodic review processes, which often get stuck in the loop of client outreach with low response rates and poor customer experience.
Traditional KYC is based on asking clients and customers a lot of information, which is then verified by copies of their documents, to be passed to back-office specialist teams. These undervalued teams often have a hard time applying the somewhat general regulatory and policy requirements to the real-life cases. They often get little support in terms of training and cooperation from Business Units whose ultimate responsibility it is to know the client.
What Can Be Automated
Perpetual Know Your Customer begins at the stage of new client onboarding and continues throughout the growth of the relationship to include new products, multiple accounts, new locations and connected entities. It is also useful when there is a reduction in the relationship with a client, all the way to closure of that relationship and all related accounts and services.
While some institutions have successfully transitioned to this type of continuous KYC process, it can seem like a distant dream to those who are still doing it all manually. However, PKYC and Data Driven Client Life Cycle Management (CLM) can go even further than demonstrated by existing examples.
Many KYC processes can be automated, from client prospecting to providing cheap and instant insight into a client in order to help relationship managers focus their limited time on more profitable clients, and to connect internal siloes of risk disciplines.
For example, automation can link a newly submitted online client account opening form to internal and external data aggregation simultaneously, finding relevant information to pre-populate the required fields and then offering it to a KYC analyst with options to accept or reject the data gathered, and an initial calculation of Client Risk Assessment, allowing the analyst to act as required based on it.
Another area where automation is useful is to create triggers for the review of a client file when events occur such as the filing of a new Suspicious Activity Report, or a receipts of a Criminal Court Order, a regulatory request for information, or a recent internal investigation. This is all the more important when we see the FinCen Files leak.
Client exits are another problematic area. Ascertaining whether a decision to exit a client, in full or in part, has been executed can be difficult due to disconnected trading and accounting systems within most firms. Automating data feeds between these systems is also an attractive option, among many others.
The Benefits of Automation Outweigh Its Costs
Automation is not cheap, but it is worth pursuing for firms that have a significant volume of client information to process. The benefits of automating the KYC process are not just financial savings on personnel. Some key advantages include consistency of results, maintaining an audit trail, capacity to demonstrate how and why a given outcome was reached, as well as when and by whom.
For automation to work well, even at the data aggregation level, good data management is essential. With it, KYC MI (management information), producing instant insight into numbers and risks and types of clients, can be as easy as a touch of a button.
Moreover, given today’s focus on client experience, automation can improve client experience by quickly collating much of the information that is available online without troubling the client.
Improved Risk Management Decisions
Automating KYC means that the time used to gather, copy and store information is reduced, and can be used instead for risk assessment and decision making, as well as putting those risk decisions into action. The outcomes of these risk decisions can also be recorded digitally, becoming part of the process to ensure desired outcomes are achieved.
Setting the Right Parameters
Successful PKYC is not just about software and automation. One of the most important elements is establishing clear KYC standards and Client Risk Assessment guidelines. These days it is possible to automate policy and standards updates too, which has a valuable side-effect – pre-implementation impact assessment of a new rule.
Making Good Use of External Data Sources
External KYC information ranges from company registries to verification and information used to ascertain whether a client’s activity is legitimate or not, such as screening for sanctions, warnings, legal issues, as well as adverse media.
Triangulating data helps understand the true risk of a given client. For example, location services may provide a photo of a shopfront displaying Money Service Business activity, despite the client reporting their business as a hair salon. Likewise, Google Maps may show no factory at an address where a client claimed that manufacturing was taking place. This information may be accessed through free services and internet searches, but is much better organized and easier to digest using premium service providers. Access to this information saves time and money, for example, giving a sales rep extra time for selling rather than travelling to sites to verify client information, especially under COVID-19 restrictions.
Both free and premium sources can be accessed directly from the data provider or via a data aggregating product. From observation of success rates, creating internal data aggregation tends to be less reliable and less economical over longer periods of time than using existing aggregators, because of implementation speed and benefits from other firms’ years of specialization.
Data providers can collate and/or translate information and media in different languages and jurisdictions. They may include very narrow data such as just entities that are sanctioned by virtue of the 50% rule but are not per-se listed, or the full spectrum of adverse media, document verifications, electoral registers and so on.
The trend of cross-selling data and partnerships between aggregators, data providers and consultancies means that multiple sources may be available from a single provider.
Using Internal Data Effectively
Internal data also plays a key role.
Automation can be used to collate existing information within an institution’s records for various purposes, for example to identify the same client, to find fraudsters, or to help an existing client by not having to provide the same information multiple times. This might include credit risk information, fraud monitoring or transactional monitoring. If this information is available internally, automated access can reduce the time and hassle of duplicated requests to the client.
Of course, limitations of confidentiality and data protection requirements can be highly onerous to first understand and then apply, but even though it is not a simple process, automating what is available to which part of the firm can be exceedingly helpful when seeking to provide good customer experience.
When these issues with internal data are addressed, financial entities are better equipped to deal with regulators’ questions, for example a risk decision made in one department which was unaware of risk-relevant information held by another department in the same bank.
Adopting a Phased Approach
Automation can be a costly process even when long term gain is assured, so careful planning and a phased approach is often advised. Accessing all information sources may require internal negotiations, but that does not have to stop the process. A good option is to pick the low hanging fruit first. If we start by automating the easily “automatable” steps, we can often demonstrate the value of the process to all stakeholders.
What Can’t Be Automated
Not every step in the KYC process can be automated, and more nuanced decisions need to be made by trained and experienced personnel. However, by reducing the laborious tasks of searching for and collating information, by replacing manual input and copying and pasting with automatic pre-population, or by automating review triggers and document expiry among other elements, analysts are freed to carry out their real job of making those nuanced analytical judgements and decisions. This in turn leads to better identification of risk for a financial entity, as well as better staff retention.
The Future Is Already Here
At the moment only a few financial institutions have achieved a good level of Perpetual KYC. In doing so, they have improved relationships with clients, maximized their risk management, made MI effortless, and provided better transparency for regulators, while reducing menial administrative work for their staff.
Perpetual KYC is not a dream but an achievable goal. Forward thinking institutions will tackle the issue by engaging new and innovative automation solutions. For some, a phased approach may work best, producing measurable results quickly in order to demonstrate to all stakeholders that this is the way forward.
If you’d like to learn more about how Evalueserve can help you build PKYC within your existing set-up, click HERE to send us your query.