By Nish Kotecha, Chairman and co-founder Finboot
It is ironic that Wise, one of UK’s fastest growing fintech’s was recently fined by Abu Dhabi over anti-money laundering failures. US$360k is a drop in the ocean for a company whose mission is to create a world for “Money without borders – instant, convenient, transparent and eventually free. Powering money for people and businesses: to pay, to get paid, to spend, in any currency, wherever you are, whatever you’re doing.”
Interestingly, it was the “whatever you’re doing” bit that lacked transparency and proved to be the alarm bell that ultimately resulted in Wise being fined for not conducting further due diligence on existing customers whose transactions were considered to be high risk and surprisingly, failure to include nationality as part of the risk assessment… not very Wise! (sorry, couldn’t help myself!).
Wise has more than 13 million customers, connects 70+ countries and has transacted over £76 billion, earning them a gross profit of £372mln (source: Wise full year results presentation FY22, published June 22). For a company whose business model is about moving money between jurisdictions, it’s surprising that Anti-Money Laundering (AML) and Know Your Customer (KYC) checks remain a core risk and maybe a factor behind the shares standing at a fraction of the IPO price (July, 2021).
AML checks are dynamic as they need to record the life of the customer relationship with the Financial Institution (FI). They need to be robust, reliable, consistent and transparent to ensure that changes in customer behaviour or patterns can be identified and work around risks minimised.
Typically, this is where traditional FI’s struggle. Legacy systems are ill-equipped to track the customer journey from onboarding through transaction history and then updating their risk profile on a dynamic basis.
Risk assessment tools tend to be bespoke across FIs but each share a common set of data requirements. Further, in the digital world every transaction leaves a mark, the question is how to record these and then analyse them. This process needs to be balanced against simplifying and enriching the customer experience.
Consider how frustrating it becomes when you need to complete a new KYC application for each FI that you work with. Inconveniencing your customer leads to high dropout rates. Fortunately, a technology solution exists… Blockchain.
Blockchain is the technology behind a distributed network of computers that can be used to store data securely but which, uniquely, has a single memory – a single source of truth. That means data cannot be freely copied and edited to create an alternative version of the truth, which is why Blockchain technologists refer to it as the “trust platform”.
Each customer could be assigned a ‘Digital Twin’ on a blockchain which can be used to store, immutably the core information which is a common requirement across FIs. The digital twin becomes the customer’s ‘KYC passport’. The passport can start with a scan of the actual passport, along with address proof which can be updated every three months. The passport is a shared record between the FI and the customer where the customer has full administration rights while the FI may only have viewing rights along with the ability to add say a risk score from their internal assessments. The digital passport can then be accessed by FIs if the customer gives permission.
The digital passport could be provided to other financial institutions for KYC verification. Imagine, applying for a mortgage (if there are any still available!) by simply allowing the provider or broker to access your digital passport, and come back with a quote. Customers could add any specific data, via the passport to continue to build their data in a single controlled twin.
This approach has the advantage of decentralising the database between the owner of personal data who can update as and when required and the user (FIs) who need that data to be accurate, up-to-date and real-time to apply their risk measurement. Separating the process and combining the result will revolutionise AML-KYC accuracy and reliance. The costs of failure are high. Regulatory fines are only tangible, the impact on your brand can be terminal.
The digital passport need not only be restricted to financial data. Medical data such as vaccine records and other healthcare information could be uploaded by the customer and made available to relevant organisations such as your GP or consultant once permission is granted. Imagine using the digital passport to register for a new GP, the endless forms can become a thing of the past.
As each organisation stores blockchain records of its customers, which are updated in real time and controlled by the customer, these networks could be connected together using platforms such as Finboot’s Marco, which enables permissioned data sharing easily, safely and securely.
“With competition increasing across nearly all sectors of financial services, delivering a seamless user experience should be one of the highest priorities for any institution. The use of technology, and blockchain in particular, has the potential to streamline operational processes, enhance regulatory governance, and add value for clients in a number of different ways; firms that fail to adapt to the opportunities that this presents, face being left behind.” said Gareth Lewis, Chief Executive, Delio which is a UK-based fintech that helps financial institutions to connect their clients with private investment opportunities quickly, transparently and compliantly.
Reimagining around the customer journey and the constant need for data to be updated and available, we could provide a world where banking and financial products and services could be unlocked by providing immediate access to one’s digital passport. Access could be time restricted and to specific areas only, ensuring that the customer is always in control of their own data and who they allow to view it.
The technology exists today and for those fintech’s whose USP is a technology core, it would seem the wise choice on which to reimagine the AML-KYC process.