Identity monitoring is a dynamic process that identifies changes in client identity information. Neil Jeans, Head of Policy & Standards, KYC as a Service at Thomson Reuters, explains the growing significance this has on business and introduces a special whitepaper.
The current scenario for many banks is that they undertake periodic refreshes of client information at intervals of perhaps 3 or 5 years, but changes can and do occur more frequently than this. Whilst not all changes are material in nature, dynamic identity monitoring can throw up red flags and highlight potential problems before they develop.
At the time of on-boarding a new client, a bank or financial institution (FI) will request all the necessary identity documentation required by law. Over time, however, this information degenerates and records become less and less accurate. The current monitoring of client accounts is largely transactional in nature, supplemented by costly and time-consuming refresh and remediation exercises at regular intervals. This creates a poor client experience, as banks request mountains of information every few years. On top of this, in the period between each refresh, client information is becoming stale and potentially leaving banks and FIs non-compliant. Over the last nine months Thomson Reuters has detected and recorded changes in identity information for a sample of 5,000 plus client records and based on this evidence, it is likely that within 18 months to 2 years most records, if not accurately monitored, will hold out of date or inaccurate data
There has always been a regulatory requirement to maintain accurate client records and conduct ongoing due diligence, but organizations can expect increased pressure over the next 18 months or so as the 2012 FATF Recommendations continue to filter into regulations around the globe.
In Europe, the 4th EU Anti-Money Laundering (AML) Directive has consequences for all organizations within the EU and the regulated sector will be required to place greater emphasis on identifying and mitigating risk on an ongoing basis. In the United States, the Financial Crimes Enforcement Network (FinCEN)’s proposed rules document also implies that more stringent ongoing client due diligence will be required and other countries around the globe are also moving to amend legislation in line with the FATF Recommendations.
Dynamic identity monitoring delivers several important benefits as these examples illustrate:
- A significant change to a customer’s circumstances could leave a bank exposed to compliance risk. If this information is in the public domain, but the bank may not yet be aware of the development because it is waiting for the next periodic refresh, this could attract regulatory scrutiny and leave the bank vulnerable to potentially severe reputational risk.
- When identity theft occurs, fraudsters will alter certain information in order to allow them access to the victim’s accounts. This sort of change will immediately be flagged if a dynamic identity monitoring procedure is in place. Whilst a change of this nature may be perfectly legitimate, it can also be an early warning sign.
- Banks and FIs that have credit relationships with clients benefit if they are made aware of changes to the client’s circumstances, because a material change could alter the credit risk posed by the client.
Technology to the fore
Keeping information fresh involves the collection of vast amounts of documentation and to date banks have relied on hard copies, which present an array of challenges – not least secure delivery and storage. The ship is turning though, as technological advances enhance our ability to mine vast amounts of online data and access the existing digital footprints of both individuals and legal entities. Innovative KYC service providers now have the ability to build a complete online record of a client using publically available information and can automatically monitor client data against a vast set of databases on a daily basis. All identity changes are then flagged for manual review in order to determine those that are material in nature.
Dynamic identity monitoring such as this removes the need for costly periodic refreshes by keeping client information up-to-date at all times. Constantly identifying and flagging changes as they happen reduces costs, improves the end-client experience and keeps banks compliant. This is surely to the benefit of all stakeholders – the bank, the client and the regulator.