While KYC and onboarding verification have traditionally been a manual process, embracing automation and modern technology is the way ahead.
With the Covid-19-induced lockdown, RegTech startups and financial institutions around the world are working on implementing new standards for KYC procedures.
As companies clamoured for tech-based KYC solutions, entrepreneurs seized upon the opportunity to bridge the gap in the industry that would help businesses live up to their compliance requirements as well as provide an enhanced customer experience.
Tellingly, companies were able to increase their revenue on the back of the escalating demand for digital solutions. For instance, investment into the sector grew from $1.1bn being collected by the sector in 2015 to $8.5bn being injected into the industry in 2019, according to FinTech Global’s research.
Furthermore, while RegTech startups in all subsectors such as communication management, reporting, and transaction monitoring continue to mushroom, the one to have the most innovation was KYC and onboarding. As of today, nearly a third of all RegTech companies operate in the onboarding verification or risk management subsectors. The data-heavy nature and the risk of big fines associated with AML and KYC processes as well as the growing pressure to assess customers digitally were the key driving factors for the proliferation of onboarding solution providers in recent years, according to the Global RegTech Buyer’s Guide for 2021.
While RegTech companies make their money out of the complexities of the industry, the question is, with the evolution of customer expectations adding new pressure on organisations to deliver seamless, fully digital and mobile experiences along with the unprecedented situation determined by the coronavirus pandemic, will the pace of digital transformation in KYC compliance accelerate further?
That was one of the topics that were up for a discussion on a panel hosted at the Global RegTech Summit.
The panel was moderated by Nikolaj Klein, partner at Howart Compliance and included experienced hitters like Ted Datta, director of compliance solutions at Bureau van Dijk, a Moody’s Analytics company; Sanchit Langar, head of due diligence, financial crime prevention at Santander Consumer Bank, Nordics and Patricia Fernández-Trapiella, chief operations officer Europe at Lleida.net.
The panel kicked off by identifying the macrotrends in KYC and onboarding verification the panellists believed were affecting the RegTech industry the most at the moment.
Highlighting the shift towards digital – which was catalysed by the pandemic – Klein said, “At last year’s Global RegTech Summit, the world had just experienced a few months of the whole Covid-19 situation. And I can most certainly say that the panellists at that time had no clue how to proceed. But fortunately, the world has not stopped moving and we’re still doing business and we still need KYC and onboarding.”
When asked about the changing customer expectations, Fernández-Trapiella said, “People now want to have the same experience they have with Amazon or Netflix with banking and insurance companies. But, that is difficult because regulation is not the same. Financial institutions need to balance between customer experience with the legal security required. Moreover, we need to provide this security to the end-user and the legal evidence should there be a need. This is what we need to change.”
Alongside ensuring security measures, it’s essential to manage the endless amount of data. Langar said, “At the onboarding stage, what could be improved is really keeping the customer data refreshed. That’s something all banks currently are looking into and that is where we see a scope of transformation with some new solutions being leveraged to keep our customer data up to date for our AML surveillance systems.”
Building on the potential solution for an online KYC process, Langar said, “In the Nordics, we do see solutions like digital bank ID being used for verification when customers are opening their account. And even for contract signing, digital bank IDs on mobile phones are being used.”
Langar continued that the reason digital IDs worked in the Nordic region is that they are issued only by big banks. He said, “The authentication is already being checked at some level, physically as well, when the bank account was opened. That also works in tandem with trying to digitise but also keeping control of our customers’ identities.”
However, digital IDs is not easy as it sounds. Datta added, “There has been an increase in globalisation, cross border business, formation of companies, lots of it for legitimate tax reasons, and an increasing amount for nefarious criteria to really make those companies quite difficult to penetrate for tax evasion purposes, perhaps or for even more illicit activity. When you talk about digitisation for KYC, you can look at the [Ultimate Beneficial Owner] UBO register programme as a case study and test case of why it’s very difficult.”
To add on, alongside the harmonisation of legal standards, definitions around concepts like beneficial ownership are still evolving, Datta continued. He said, “These are some of those common pain points that people find, the technology exists, data quality is improving but a lot of it is around the resourcing and the governance to get those common frameworks in place.”
KYC – more than just a compliance headache
With multiple regulations coming into force in quick succession, compliance professionals have found themselves in need of a more flexible approach that would adapt to the new requirements as they are introduced. For instance, the Fifth and Sixth Anti-Money Laundering Directive (AMLD 5 & 6) aimed at counteracting the penetration of money laundering by introducing more thorough checks and better cooperation between countries was brought into force last year.
Datta said, “AMLD is designed to…make it easier to monitor a case under money laundering by looking at activities such as environmental crime, cybercrime and bringing common jurisprudence standards across Europe and also accountability. While criminal activity is always ahead, AMLD6 is a pulling up of standardisation.”
However, to continue following a due diligence framework, regulators need to outline the directives more clearly, according to Langar. He said, “There is a need for a little more clarity and clearer guidance from the regulators in terms of what is the expectation as there are a lot of regulations around what is to be done. But a lot is left to interpretation.”
Another challenge facing financial institutions to assess high-risk customers is the lack of reliable information on UBO register, Langar said. “That process remains quite manual and we get that information only when we do our manual searches on the company structures and figure out who the owners are,” he added.
Is technology the silver bullet?
Along with regulations, it’s important to look at how technology can be capitalised to make the onboarding process simpler. For instance, to meet the transparency requirements of MiFID II, most organisations were required to replace legacy technology solutions with more powerful end-to-end alternatives able to deal with the complexities of the new regime as dealing with a large amount of diversified data becomes an almost impossible feat if approached with a traditional strategy.
Langar added that using AI and automation might prove to be the panacea to make KYC more customer-centric whilst also complying with regulations. “The endpoint of technology should be to drive more automation and simplicity in the processes. Because otherwise, we end up creating a lot of manual logs and false positives that require people to assess these elements. That’s where we have a constant battle going on across the banking industry,” he said.
Building on the lack of guidance for FinTechs, Datta said, “If you look at the US with OFAC, the sanctions are slightly stringent but they need to be much more prescriptive in their guidance around deployment of screening and technology.”
The International Financial Action Task Force (FATF) has been ramping up its efforts to include clear indications regarding digital and remote onboarding best practices. The UK’s FCA also has been looking deeper into surveillance solutions. However, Datta said, the colossal amount of data requires greater scrutiny of information into technology.
Datta continued, “Regulators need to become more educated in technology solutions engaging with the private and public sector and start to have more insight when it comes to audit around what tools are being used and not just what you’re using but how are you deploying that solution.”
AI and machine learning will be one of the key tools in the fight, Datta said. While people are still rightly concerned about the biases and implications of it but “deployed in the right way, they would be hugely powerful for our customers,” he said.
Alongside AI, Datta highlighted the potential of blockchain in KYC and that in its early stages, it seemed like “it was going to change the world.” He said, “Everyone would just be on the blockchain. You do your KYC once and it will be time-stamped and everyone would be able to see it in real-time. It looked like this was going to be a huge technology, it appears to have run into typical kind of interoperability. But, that will be the thing the whole world is watching to see what happens in the next 12 months.”
However, Fernández-Trapiella believes there should be a fair balance between human and machine. She said financial institutions must make the digital experience similar to what it would be in a physical branch to ensure customer satisfaction.
Fernández-Trapiella continued, “Signing contracts digitally should be no different from doing so in person. For a seamless experience, it’s essential to combine both assisted and digital processes. In the case of more complex processes, end-users expect human support. While people might sign digital contracts or send e-KYC applications, they should also have humans assist them in their journey via call centres.”
KYC during and after the Covid-19 crisis
While technology seems to be the answer, the sector has been lagging behind in digitalisation. However, the constant changes in regulations coupled with the steep penalties and reputational damage caused by non-compliance and the additional hurdles to paper-based procedures determined by the Covid-19 emergency, make the traditional manual approach to KYC and customer onboarding financially unviable.
As Datta said, “What will happen is the continuation of the trend to be more remote and increasingly reliant on technology and data. And in the other corner, a supervisory authority and regulator – who is more in tune with what technology and data actually is important – providing guidance on what good [practice] looks like alongside protecting the market from misuse. That would be the trend – greater awareness and heightened scrutiny.”
Furthermore, with regulators being more stringent, KYC teams should thoroughly investigate which tech solutions are best suited to address the challenges caused by the pandemic. According to Langar, going forward, digitisation in KYC will increase with banks moving towards a perpetual KYC which keeps the customer data refreshed and up to date. He added, “We will have more rigid AML regulations to comply with besides being mindful of the regulation on the data side like GDPR. And after the world recovers from Covid-19, digitisation will take us to the next level. Anything that can be digitised, will be digitised.”
Future of KYC processes
Tellingly, as daunting as the implementation journey may seem, technology and automation solutions have the potential to rapidly scale KYC teams’ efforts while future-proofing the overall business against potential emergencies.
As Datta put it, “The whole industry has reached a massive tipping point where there’s too much data. We need the ability to filter some of the technologies that can resolve this phonetic matching entity resolution where you can point things quicker with machines. It is an emergency that really must be addressed.”
A combination of machine learning, optical character recognition and automation will be key in revolutionising customer onboarding.
Fernández-Trapiella said, “Last year, we were hearing about what companies needed to do to adapt to the ‘new normal,’ but now companies need to adapt to the ‘never normal’ which means changing regulation and changing customer expectation.
“We need to be adapting continuously and move to flexible solutions – those that can be implemented without a massive setup cost – so that companies adapt easily to each change in the environment.”
Copyright © 2018 RegTech Analyst