Bureaucratic, cumbersome and lengthy KYC processes are causing headaches for both banks and corporates. The only way to alleviate this pain is by collaborating to share information in a standardised format. Marie-Charlotte Henseval, Head of KYC Compliance Services at SWIFT explains.
‘Who are you?’ is a question that takes up a significant amount of banks’ and corporate treasurers’ time.
Not knowing who you are dealing with could see you unknowingly aid a whole host of nefarious activities, including money laundering and terrorist financing.
This is why governments and regulators across the world have introduced legislation mandating financial firms to put robust know your customer (KYC) checks in place.
However, says Marie-Charlotte Henseval, Head of KYC Compliance Services at SWIFT, the impact of this regulation goes far beyond financial institutions. “Banks share the obligation with all of the firms with whom they do business – and this is where the complexity lies.”
Regulation
The regulatory landscape is evolving fast, making navigating KYC requirements increasingly difficult.
The EU first introduced KYC related regulation in 1990, with the Anti-Money Laundering Directive. Similar legislation was introduced in the US in 2001 as part of the Patriot Act.
They both aim to prevent money laundering and terrorist financing by ensuring obliged entities apply customer due diligence requirements – KYC checks – when entering into a business relationship.
Following the financial crash in 2008, regulators ramped up the requirements on banks to maintain increasing amounts of up to date KYC information on all of their clients, through legislation such as the 5th Anti-Money Laundering Directive and MiFID II.
“These ensure that KYC checks including onboarding, due diligence, and sanctions screening must be revisited frequently to ensure customers’ data is up to date, complete and correct throughout the lifecycle of that relationship,” notes Henseval.
The information required is predominantly related to client identification (eg certificate of incorporation), the ownership and management structure (eg memorandum and articles of association) and tax (eg FATCA form).
“Having this data helps protect organisations from fraud and losses resulting from illegal transactions and non-compliance that can lead to significant fines and serious reputational damage.”
The KYC headache
In the pre-digital age of financial services, KYC was a very slow process, comments Henseval. A government would put out their lists of sanctioned entities and compliance teams would manually check new customers to make sure their records were clear.
Despite technological advances, the process remains repetitive, lengthy, and cumbersome. Research shows that banks take an average of 24 days to complete the customer onboarding process.
The source of this problem lies in the data. It is held in different places and is often incomplete or out of date, which adds to the workload of banks and corporates.
Banks have to search many different sources including trade registers, stock exchanges, and bilateral exchange platforms for this information and, in many cases, are forced to repeatedly follow up with their corporate customers.
Corporates, on the other hand, have to repeatedly provide banks with several documents in multiple formats and undergo repetitive bilateral exchanges with each of their banking partners.
“It’s a particular challenge for major corporations which use a range of banks in different jurisdictions around the world, with whom they need to, often individually, exchange information to enable KYC checks”, notes Henseval.
In fact, the absence of uniformity, differing jurisdictional requirements and the lack of standardised data across the corporate KYC space causes major headaches for both banks and corporates.
The key to effective KYC is information sharing. “Currently, in many cases, this is unstructured and unstandardised, meaning multiple different versions of the same documents have to be repeatedly submitted,” says Henseval.
“By simply sharing information in a standardised format, corporates and banks can save vast amounts of time and resource.”
There are a number of existing tools which aim to solve this problem. For example, SWIFT’s KYC Registry aggregates KYC information in a standardised format, providing banks with a centralised database with everything they need.
The registry, set up in late 2014, is currently used by more than 5,500 financial institutions, representing more than 80% of the traffic that flows over SWIFT’s network. The standard defined for correspondent banking covers up to 90% of the information global banks typically require for due diligence, making it one of the most comprehensive KYC tools on the market.
“It is opening to corporates later this year, giving them the opportunity to upload their information to the registry so that their banks can access the information required in a standardised format,” reports Henseval. “No more chasing hundreds of corporate customers.”
It aims to achieve the same level of standardisation as it has already done with financial institutions, which will eradicate most of the lengthy bilateral exchanges that exist today.
For something like this to work, the whole industry needs to get behind it. Corporates need to upload their information and banks need to sign up to these databases to ensure they have the correct, up-to-date information.
But, says Henseval, “by sharing standardised information and working collaboratively, corporates and banks can save each other huge amounts of time and resources, which can be invested in activities that are more profitable for their respective businesses”.
