Client Lifecycle KYC Management: Taking a Holistic Approach
Managing your client’s data is more than a regulatory box-ticking exercise. An effective Know Your Customer (KYC) and Customer Due Diligence (CDD) compliance operation can deliver increased productivity and improved accurate risk-scoring, whilst reducing operational costs and a substantially improved customer experience. In this article, we explore the importance of implementing an efficient Client Lifecycle KYC Management process.
Client Lifecycle KYC Management is an end-to-end process that enables an organisation to digitally transform how they manage their Know Your Customer operation – from initial onboarding, identity verification and enhanced due diligence, through to ongoing monitoring and remediation.
The process is a crucial element of a regulated business’ operation, but many organisations are still facing challenges. At NorthRow, we have worked with multiple client organisations to help deliver effective ‘Client Lifecycle KYC Management’ using the techniques described below:
The first step on the onboarding journey is your initial interaction with your customers. This is the time to collect and verify all the information that you need to start a commercial relationship, whilst ensuring you meet AML and KYC compliance balanced with delivering positive customer experience. Ensuring you have appropriate processes and software in place is crucial. Simple, but powerful and effective, solutions and processes will ensure that your compliance teams are better able to manage both current and future situations. These processes should provide the various regulators with the information and audit trails that are required, as well as providing a friction-free experience for your customers to build a long term relationship.
Due to the recent limitations on face-to-face interaction, many firms have migrated all their client onboarding to remote solutions. Those that haven’t will no doubt be struggling to deliver the level of service that their clients demand, as well as finding it difficult to manage any resource-hungry manual or legacy systems with reduced headcount or remote working.
The purpose of verification is to establish that this is a valid identity and that the owner of that identity is the person that you are engaging with. This can be done in a variety of ways, but we would recommend:
- The capture of ID document and rigorous verification
- Liveness detection (is the person really there)
- Biometric Facial Matching (does the person present match the ID document)
- Address verification
By combining the above, the data can be cross-verified across multiple data sources, reducing time compared to a manual process and, provided that high-quality verification services are used for liveness, ID document verification and facial matching, with as good or in some cases better reliability than a manual process.
Single Point Solution for Client Lifecycle KYC Management
For many companies, regulated KYC verification is often performed by a number of disparate teams, at different points within the customer journey. For example, the sales team may be involved in completing initial onboarding to open a client’s account, a separate payment team may need to verify KYC, prior to any transaction and the compliance team may need to verify and approve changes to standing data. If firms have not integrated these separate KYC transactions into a single system, they are missing out on the opportunity to improve the operational efficiency of their compliance processes.
As you can imagine, it can be extremely frustrating for a client to be asked for the same information multiple times: “I’ve answered this already, why can’t your departments share this information with each other, instead of each asking me the same questions separately?”
As an example, at NorthRow we have recently worked with a client and reduced their business onboarding time from 2 weeks to 1 day by securely sharing Know Your Customer information between different teams.
Ongoing client monitoring
Some organisations, who have KYC processes deployed for the initial onboarding, find their solution only triggers a refresh of the information held on record about a client when a scheduled review is due, by which time fraudulent activity may have already taken place.
It is no longer sufficient to re-check businesses or clients every 6 months or a year, or even three years, and hope that nothing significant has changed in the interim. In the current free-flowing and fast-moving environment business and personal circumstances are constantly changing, along with credit ratings, new beneficial ownerships and other meaningful matters, such as PEPs and Sanctions. We would recommend constantly monitoring client risk status with an ongoing monitoring system that flags just the changes that you need to know about immediately enabling you to react and remain compliant.
Proactive monitoring such as this can save money, by quickly identifying a customer business getting into financial trouble, and avoid fines and reputational damage by quickly identifying and responding to new sanctions or changes in beneficial ownership.
With ever-changing regulatory requirements, most established businesses will have a back book of customers onboarded under a more relaxed regime, or whose personal details have changed in the intervening years. Even with an automated monitoring system, this can be difficult to manage, but with a manual/legacy system, it can cause huge headaches. We don’t under-estimate the challenges of remediation, but an automated system that can quickly identify where the gaps are is critical to any effective solution and help to manage the costs of remediation.
To avoid future remediation employing a robust monitoring system, such as the single-API solution provided by NorthRow, can provide much-needed peace-of-mind that your business is operating with enhanced due diligence measures so that you are able to make informed and confident decisions on who you do business with.
Enhanced Customer Due Diligence
Enhanced Due Diligence (“EDD”) is required for higher-risk customers, companies are required to collect and verify additional information so they have a deeper understanding of the customer before doing business, mitigating their associated risks. Firms must conduct EDD when their customer is on the European Union’s list of high-risk third countries, or the transaction is sufficiently high enough. It is important that the entire process of EDD must be well documented in detail so that regulators are able to have immediate access to the data.
To comply with the Fifth Directive Money Laundering Directive (5th MLD) the scope has been extended for when firms need to conduct EDD. For example, when onboarding a corporate entity, organisations must secure access to reliable, accurate and complete Ultimate Beneficial Owner data as well as have the capability to unravel even the most complex corporate structures, to better understand the source of wealth. If firms rely on manual and labour-intensive processes to determine beneficial ownership information and source of wealth check, it will likely take much longer than needed.
The key is to automate what can be automated and to highlight issues so that your compliance team can research in more detail and be more effective. For example, if your team sees 1000 possible sanction matches a day, and they are all false positives, the chance of them missing the one genuine ‘hit’ is reduced. If they are spending all their time checking that the details on an identity document match the supplied name and date of birth, they are not focussing on spotting the one fake identity document. However, even with machine learning, a computer can only go so far – some things just need a human. The best systems combine the latest digital technology with experienced humans.
So employing a robust monitoring system, such as the single-API solution provided by NorthRow, can provide much-needed peace-of-mind that your business is operating with enhanced due diligence measures so that you are able to make informed and confident decisions on who you do business with.
At NorthRow we understand the importance of managing your KYC onboarding programme in a holistic way. This means end-to-end and ongoing monitoring and reporting against PEPs and Sanctions, adverse media and other AML issues such as Beneficial Owners or Directors, as well as the upfront issues of onboarding in a digital and enhanced verification marketplace. The world has changed tremendously since the onslaught of COVID-19 and not all in a bad way. Technological developments have been available for some time, but too many companies have been sluggish in adopting them, often because of perceived cost implications, or because of the issues many companies face with legacy systems.
But the ‘New World Order’ determines that companies have to move forward and embrace the new digital technologies, to keep pace with nimble competitors, as well as the rapidly developing demands of consumers for ‘friction-free’ onboarding and servicing. The regulators are having to play ‘catch-up’ too, which leaves a muddied playing field. But those who delay will pay for it with reduced business and a squeeze on profits which, for some, maybe terminal.
NorthRow is at the forefront of this digital onboarding, monitoring and remediation revolution, so familiarise yourself with what we can provide and then contact us for a chat about your company’s needs.