With the cost of know-your-customer compliance increasing, sharing client information to a standard everyone trusts makes absolute sense. Katja Zschieschang, Deutsche Bank’s resident KYC expert, looks at the benefits of a collaborative approach to data collection to help reduce the costs of compliance.

kyc

An accelerated development of global standards for the sharing of customer information is providing a welcome addition for what has long been a burden for correspondent banks. In February 2018, the Wolfsberg Group of 13 banks announced that it had revised its Due Diligence Questionnaire (DDQ), a de facto standard for correspondent know your customer (KYC) due diligence information.

Global regulators, including the Financial Action Task Force, the Financial Stability Board Committee on Payments and Market Infrastructures (CPMI) and the Basel Committee on Banking Supervision, have already given this a nod in a joint press release on March 8 endorsing the updated DDQ.

The revision has been welcomed for the simple reason that full customer knowledge – in the form of detailed checks to a specified level of granularity – has stretched even the most established financial services providers. It has been particularly difficult for correspondent banks to achieve, and causes headaches for their customers, too.

Evolving KYC challenges

At its core, KYC means banks must take the necessary steps, both in terms of compliance frameworks and related processes, to understand the risks inherent in the payment flows of not only their own clients, but also their clients’ clients. This is a significant challenge made more difficult by the vast data collection requirements that it inevitably demands. Failure to do so not only increases the risk of fraud, cybersecurity attacks and other operational hazards, but it also lays the bank open to steep fines, as regulators raise the bar in protecting consumers, increasing transparency and tackling financial crime.

According to Swift, there are 1.3 million bilateral correspondent relationships across the banking industry. As Swift notes, this creates a huge administrative burden for banks each time a relationship is added, or information needs updating.

A ramp-up in due diligence obligations over the past decade impacted data collection workloads, demanding correspondent banks take the necessary steps to understand the risks inherent in the payment flows of their clients’ clients. Furthermore, this all must be done in the context of multiple sanctions regimes and fraud prevention requirements. Thus, third-party tools and capabilities have emerged, offering the means to exchange and verify KYC data cost-effectively and monitor transaction flows through data analytics to ensure continued compliance.

Shared assessments

Knowing your customer makes sense from a commercial as well as a risk management perspective. But proving full compliance with KYC legislation across multiple jurisdictions can thwart commercial imperatives. For many correspondent banks, the natural consequence of heightened KYC obligations – and the associated costs – has been strategic de-risking. It is inevitable that banks will evaluate the commercial value of a relationship against the cost of maintaining it, leading to some withdrawing from selected relationships and markets.

Manually conducted KYC checks, which are subject to different processes and requirements across product lines, client groups and markets, are costly and can prohibit profitable service delivery. Banks have improved their processes and coordination to manage higher data volumes. Many banks, including Deutsche Bank, initially took on more human resources to capture the required data and evaluate in line with increasing regulations.

But now it is important to improve on how information is collected and reviewed. Rather than several different departments sourcing the same or similar data, banks should share core information internally, then request more specialist, product-specific details if necessary.

Can utilities help?

For correspondent banks that must ‘look through’ partner banks to understand their exposure to underlying clients, the cost/benefit analysis of relationships has come under intense scrutiny. In a 2016 report by the CPMI, correspondent banks cited rising compliance costs as the 'most common cause' of reduced profitability. Many were also uncertain on how to achieve KYC compliance, in particular flagging the required depth of knowledge on clients’ clients. The report also noted this uncertainty increases the difficulty of measuring risks and might be leading to the abandonment of some relationships.

Receiving information from banks in different formats can very quickly become problematic in an environment comprised of multiple correspondent relationships and a vast flow of information. It can be a significant operational challenge if banks all ask slightly different questions of their counterparty banks, or if they answer those questions using slightly different definitions.

The CPMI report backed several collaborative initiatives aimed at more effective information sharing, notably greater use of utilities serving as shared central repositories of KYC due diligence data, with the aim of reducing the time and cost spent sourcing and preparing information bilaterally.

Manually conducted KYC checks are costly and can prohibit profitable service delivery.

Katja Zschieschang

With a utility, such as Swift’s KYC Registry, the questions and terminology can be standardised, so that all participants develop a common understanding. Such utilities also bring benefits for Deutsche Bank’s financial institution clients. Those that make their data available via the KYC Registry benefit from a smoother and streamlined review as part of the regular KYC process the bank has to undertake.

Information standardisation

To ensure standardisation of the KYC data shared between correspondent banks using its KYC Registry, Swift has established a working group of global transaction banks, including Deutsche Bank. This means that any bank requesting KYC data from the utility on a correspondent is guaranteed to receive a ‘baseline’ of Swift-verified information across five categories:

  • Identification of entity;
  • Beneficial ownership structure and key controllers;
  • Products and services;
  • Anti-money laundering policies and compliance structures; and
  • Tax information.

A further step towards standardisation was made in October 2017 when the Swift KYC Registry was aligned with the recently revised Wolfsberg’s DDQ. This means users can complete the questionnaire directly via data contained in the utility.

This collaborative approach has yielded significant benefits: the working group has identified the need for timestamps on documents, for example. The next priority is to explore the use of application programming interfaces (APIs) to pull data from the KYC Registry directly into the bank’s internal systems, although this may be a longer term project.

The Swift working group is keen to see as many correspondent banks as possible using the KYC Registry, but there has been some resistance from smaller banks on account of the upfront costs. However, it is hoped that ongoing efforts to explain the security and standardisation benefits of sharing data via a dedicated utility – rather than bilaterally over e-mail – will overcome these reservations.

So far, the KYC Registry is the only utility to have aligned its data ‘baseline’ with the updated DDQ and it remains to be seen which other utilities will take a role in supporting this industry standard.

A silver bullet?

As utilities continue to drive adoption among correspondent banks and forge interoperability among those banks through new technologies, their support – from both the public and private sectors – continues to grow, as evidenced by the Wolfsberg Group.

In addition to this, more interoperability through APIs and the exploration of distributed ledger technology will likely foster greater support for utilities in future. While these advancements do not necessarily present a silver bullet for KYC, they are nevertheless a valuable set of weapons in the fight against financial crime.

PLEASE ENTER YOUR DETAILS TO WATCH THIS VIDEO

All fields are mandatory

The Banker is a service from the Financial Times. The Financial Times Ltd takes your privacy seriously.

Choose how you want us to contact you.

Invites and Offers from The Banker

Receive exclusive personalised event invitations, carefully curated offers and promotions from The Banker



For more information about how we use your data, please refer to our privacy and cookie policies.

Terms and conditions

Join our community

The Banker on Twitter