Technology
KYC & Changing Risk — The Critical Role of KYC in Onboarding and Modern Compliance
Published : 1 month ago, on
By Adam McLaughlin, Global Head of Financial Crime Strategy & Marketing, AML, NICE Actimize
Traditional, manual Know Your Customer (KYC) practices often struggle to keep up with the fast-paced nature of banking and the complexities of onboarding, especially when it comes to corporate entities. KYC is essential not only to help manage risk and ensure compliance, but also for ensuring customers are offered the right products and services. KYC processes and technology needs to ensure a smooth, positive customer experience, particularly during the onboarding phase.
The challenges are especially pronounced in corporate onboarding, part of the “Know Your Business” (KYB) process. KYB is complex, as businesses are owned and controlled by individuals, often multiple individuals. Companies can span various jurisdictions, including secrecy jurisdictions, and changes to ownership structures, controllers, or operating locations can be made quickly and with relative ease. To top it off, corporate entities can change their activity, the value, and volume of activity, or even expand and enter new markets without informing the financial institution, even if these changes heighten the business risk.
Financial institutions must move towards a perpetual KYC (pKYC) model. This ongoing approach ensures the customer is continually monitored for changes in customer information or activity that will materially change the customer risk, allowing firms to proactively manage compliance risk effectively, with speed and precision. Not only this but pKYC can also ensure the customer is continually offered the right products and services, maintaining customer satisfaction whilst ensuring maximum revenue potential for the financial institution.
The Transition from Traditional KYC to pKYC
Typically, KYC relies on periodic verification at set intervals—often annually for high-risk customers or every three or five years for lower-risk customers. Many organizations categorize clients as low, medium, or high risk, determining how frequently their information needs revalidation.
Given the rich data available today, this traditional KYC approach needs to be revised. There are a number of data points which need to be assessed, including third-party services like adverse media monitoring and internal data like transaction logs, customer communications and how the customer is interacting with the financial institution. Doing this manually on a periodic basis is time consuming and introduces avoidable risk.
With periodic reviews there is a risk something significant changes between the initial account setup and the scheduled review, potentially years later. What if a material event, like a significant change in corporate ownership, alters a client’s risk profile? If this change goes unnoticed until the following review, the firm could unknowingly expose itself to new threats or not be offering the customer the post appropriate financial offerings. This example highlights traditional KYC limitations, which depend on static, time-based reviews rather than real-time data monitoring.
Operationally, traditional KYC often involves extensive contact with customers to confirm accuracy of information on file or to provide evidence of changes. This is often time intensive, manual effort which can be costly.
These processes are also burdensome from the customer’s perspective. Customers may be contacted multiple times to re-verify their information, sometimes by different departments within the same financial institution. Often, these departments might request duplicate information for other purposes. This repetitive contact is inconvenient and can lead to frustration, potentially damaging relationships or resulting in client attrition.
As the banking sector digitalizes and technologies like artificial intelligence (AI) continue to advance, firms can transition away from this traditional KYC approach. In its place, compliance teams are increasingly adopting pKYC practices that leverage automation and AI algorithms to analyze vast swathes of data and continuously monitor for changes in a client’s status or risk profile. This approach enables more efficient and real-time customer information management, fostering better and more robust compliance.
Distinguishing KYC from KYB in Client Onboarding
During onboarding, there are two categories of clients: retail (i.e., a person) and corporations. Each category requires different types of checks, as per regulatory requirements.
For individuals, financial institutions must complete KYC and collect and verify basic information on standard documents such as a national ID. Proof of address, occupation, and income is also often required. The FI will then verify the customer’s identity and screen the client’s names against various watchlists, finally determining their risk profile based on findings and analysis.
For corporate clients, financial institutions must complete KYB and determine a business’s corporate structure, true nature, purpose, jurisdictions of operation, and often expected activity. These checks can be more complex because they require a thorough understanding of the company’s corporate makeup, including parent companies and subsidiaries. They also require determining the ultimate beneficial owner (UBO), controllers, and geographical risks.
In contrast to retail clients, verifying a corporate client can involve a broader range of documents or considerations. These include financial statements, incorporation or registration documents, annual reports, or tax records, depending on the business’s risk profile, and regulatory obligations.
One significant difference between corporate and retail clients is the frequency of events that could alter their risk profile.
Due to the dynamic nature of business, corporate clients are usually subject to more regular and sometimes dramatic changes. For example, while a name or address change prompts a KYC update, it is infrequent for an average person. In contrast, corporations may face shifts in operations, changes in ownership, or expansions in geographical reach as part of everyday business, requiring more consistent KYB updates.
pKYC is particularly useful here. It strengthens the KYC and KYB process by continuously updating client information from internal and external sources and reducing reliance on periodic reviews. This approach is more practical and effective, as it facilitates real-time monitoring and allows firms to quickly detect and address potential risks like money laundering or fraud as they happen.
How pKYC transforms KYB
Implementing an ongoing monitoring approach to KYB processes has significant benefits. Leveraging public and private databases, such as corporate records, adverse media, global sanction lists, or transaction details, pKYC actively monitors for discrepancies like changes in the UBO, adverse media, additions of any parties on watchlists or unusual/ unexpected transactional activity.
Once detected, it automatically alerts compliance teams and where appropriate operations teams for appropriate reassessment of the customer and necessary action to be taken. This proactive, automated approach allows for timely decision-making capabilities that address the intricacies and rapid pace of change common to corporate customers
Not only can automated monitoring and collection of customer information be applied during ongoing monitoring, but it can also be applied during customer onboarding. Because of its inherent complexity, onboarding corporate clients can be more manual and expensive than retail clients.
One report estimates that the time to complete KYB ranges between 18.5 hours and 62 hours, depending on the corporate structure. This is also reflected in the costs, where KYB costs approximately $311, compared to just $12 for a retail client. These high costs present a massive opportunity for more efficient and innovative solutions.
The Strategic Role of pKYC in Modern Compliance
Automation can significantly reduce manual labor and human error. This, in turn, reduces operating expenses. For first-line defense teams like KYC, it alleviates heavy workloads and repetitive tasks, significantly contributing to employee retention. Automating data collection and risk assessment frees compliance teams to concentrate on higher-risk or more complex cases that require urgent attention. This strategic shift enhances efficiency and the overall effectiveness of risk management.
Clients benefit from a smoother, frictionless experience, as they are only contacted when necessary. Enhanced communication also avoids redundant information requests, fosters client trust, and improves operational efficiency.
Overall, pKYC streamlines the efforts of KYC operations and compliance teams, steering them towards risk-based analysis and identifies revenue opportunities earlier, rather than unnecessary manual file reviews.
Traditional KYC needs to be updated to meet the demands of modern anti-financial crime compliance programs. By adopting a pKYC approach, financial institutions improve their customer and risk management, particularly in the complex areas of KYB. This proactive strategy is crucial for firms wanting to maintain compliance and efficiently manage the complexities of corporate customers and their associated risks.
-
Top Stories3 days ago
Cricket-Rain washes out England v Australia final T20 with series drawn
-
Technology3 days ago
Nvidia’s stock market dominance fuels big swings in the S&P 500
-
Trading3 days ago
US dollar drops to near 9-month low versus yen amid talk of larger Fed rate cut
-
Top Stories3 days ago
Shanghai braces for direct hit from Typhoon Bebinca