Evolution of simple Know Your Customer (KYC) processes to global Crime Due Diligence standards
By Dr. Andrea Galli
Phd. Nat. sci ETHZ
Head of Intelligence Automation, Scalaris AG
A global KYC deployment strategy enhanced to the standard of global Crime Due Diligence processes allows companies to assess the risk of doing business with possible customers. At the same time, an early detection of potential risks is guaranteed in a consistent, reproducible and auditable way.
Today’s global financial services industry is exposed to an unprecedented variety of risks, including money laundering, corruption, organized crime, terrorists and fraudsters. International regulations and guidelines, designed to prevent criminals entering the global economic system and disguising their activities, now impose rigorous standards on Anti Money Laundering (AML), identity verification and advanced Know Your Customer (KYC) processes.
These measures protect the industry and the wider community, but they also expose financial organizations to a further set of risks — the risks of non-compliance, regulatory failure and reputational damage. Particularly AML is an area where «ignorance» is not a defense anymore, but an infringement.
Historically, organizations have used multiple technology and data providers together with in-house solutions to bundle all the strands of their AML and KYC operations, and to remain ahead of the regulators. This approach is at best ad hoc and at worst chaotic. Multiple systems and methodologies result in duplicated effort and serve to reinforce divisional structures that do not share or cross-reference vital customer information. The inherent inconsistencies of this approach increase the risks to the organization by creating operational, financial and regulatory exposure, which in turn might entail severe reputational damages.
In addition, this approach provides not only little ability to assess the result sets of effected investigations and customer screenings, but is also costly, inefficient and resource-intensive. It obliges compliance staff to spend days, weeks or even months sifting through irrelevant information and innumerable false positives. In addition, the level of retrospective and repeated screening required for most institutions — often involving customer lists running into many millions — causes lots of unnecessary operational costs. A cost-effective global de- ployment of a unified and reliable KYC system can open up formidable perspectives. How- ever, the main point to address in this context is a systematic and connected approach that draws on regulatory knowledge beyond that of generic providers.
Systematically optimized prevention
Simultaneously operated KYC tools can highlight a potential risk at local level, but unfortunately do not go deeper than providing a selective overview of this risk and do not provide a standardized
risk mitigation across multinational organizations.
A global KYC deployment strategy, on the contrary, makes Crime Due Diligence processes more comprehensive, up-to-date, and provides clarity by avoiding the confusion caused by information that results from false positive matches against similarly named entities or false negatives due to delay in the update of fundamental information. As a result, companies and organizations are able to assess the risk of doing business with a possible customer without incorrectly flagging or blocking him and, at the same time, detect potential risks early in a consistent, reproducible and auditable way.
| Demands related to the deployment of a global KYC system | Advantages of standardized KYC processes |
| Initial or continuous screening of clients, recipients and transactions against World-Check (and/or Dow Jones Watchlist), further sanctions lists, Thomson Dialog news feeds, Westlaw criminal/law records as well as other intelligence sources. | Deployment of the best possible commercial available information sources without negotiating complex and expensive copyrights contracts, as these are included in the deployment package and administrated centrally. Additional investigation requests can also be standardized. The access to costly information is minimized. |
| Superior name match system supporting phonetic-, cultural-, geographical-, language-, spelling- and synonyms variants. | Avoidance of too many false positive and/or false negative hits on customer names and transactions minimizes investigation effort. Options to work with different alphabets enable an unproblematic deployment in Asia, Meddle-East, Russia, … |
| Scalability for distributed systems supporting from few thousand records to millions of records. | Screening of any possible customer, beneficiarly and/or transaction lists in compliance with actual und future regulatory requirements. |
| Flexible operation of the system - from a simple laptop to big server farms. | Central deployment and operation in the most remote branch office in the world, satisfying local regulatory rules |
| Automatic updates of data and software. | Standardized processes and data management lowering maintenance and deployment costs. |
| Automatic updates of data and software. | Guaranteed customer secrecy, avoiding that customer names are queried directly to the systems of foreign media providers. |