For financial services organizations, the data challenge around know your customer (KYC) programs is beginning to become significant. New best practice is “dynamic” KYC — knowing where a particular client stands against increasing regulatory complexity, an evolving global environment, and as a result of their own material changes — at any given moment.
Most organizations fall far short of this new benchmark — KYC data is updated periodically, when there is a refresh program going on, or because of a trigger that the organization becomes aware of. Dynamic KYC, for many, may seem like a Holy Grail.
That’s because, as I discuss in a new video, the challenge around managing KYC data is enormous. Financial services organizations need to have a process that complies with multiple types of KYC regulations, including anti-money laundering, bribery and corruption, and tax rules like Fatca.
To make matters worse, they need to comply with all these different types of rules across all of the jurisdictions that they operate in — and in some jurisdictions there will be more than one regulator to take into consideration.
Watch the video
As if this weren’t enough, the rules are constantly changing. For example, around the globe countries are now updating their anti-money laundering rules to bring them up to the standard set by the Financial Action Task Force’s (FATF) new guidance issued in 2012. The FATF 2012 guidelines create a whole new framework of KYC obligation for financial services organizations – and it’s one that will revolutionize how they go about managing this new mass of KYC data.
Today’s financial services organizations now need to — as a first step — be sure they have all the correct client on-boarding data at the start, as required by regulators. They must understand that data in the context of the potential client’s wider operating environment, and then take a decision as to whether they can do business with that client, or not.
Before that was the end — now it is only the beginning, which our new infographic illustrates. Organizations then need to keep on top of material changes, because their clients may forget to tell them about those changes. Organizations must then understand this client information against a backdrop of evolving contextual data – news, social media, regulatory filings and sanctions. They need to be able to do this continually – without ceasing – over the course of the entire client life-cycle to be compliant.
The real kicker is this — managing this data is just the beginning. Both when clients are first being on-boarded, and then over this longer, continuously monitored lifecycle, organizations need to manage risk effectively. They need to be able to take the data and transform it into risk intelligence, so that they are able to trigger the risk management actions that are needed to manage organizational risk and enhance their client relationships in ways that make sense.
So the future is clear — organizations need to find a solution to how they manage this dynamic KYC data challenge in a way that will drive value. Some organizations may make the choice to build this infrastructure internally. Others will view this as something they should outsource. Either choice will be driven by the need to ensure that — in real time — costs are controlled, risks are managed, and ultimately, that business gets done better.