How technology can ease bank AML and KYC compliance work
17 Nov 17
Financial institutions’ AML and KYC efforts are a growing treasury burden, writes Lesley Meall – but specialist software and services may lighten the load
If you cast your mind back into the not so dim and distant past, you may be able to recall a time or a place when banks performed ‘basic’ KYC checks during the on-boarding for new clients and accounts, and ongoing monitoring was either light touch or non-existent.
Today, things are different.
Banks face increasingly stringent national and global initiatives, laws and regulations around anti-money laundering (AML), combatting the financing of terrorism and monitoring financial sanctions.
If they fail to comply, they face a growing risk of reputational damage and regulatory enforcements, which may range from massive fines to the withdrawal of their banking licence.
This makes banks understandably cautious around KYC. However, their strengthening of the associated frameworks and processes seems to be making KYC compliance more complex, more onerous and more expensive for their clients, too.
“The whole area around KYC is becoming a real and significant burden for some corporates,” says Sarah Boyce, assistant policy and technical director at the ACT.
Even small UK-based brewer Adnams Southwold with no overseas operations (beyond exports) has felt the impact.
“We use one bank, and when the KYC regulations took effect, it seemed very onerous to satisfy it about our ownership and – in particular – to ask large individual shareholders to send [the bank] personal details,” says Stephen Pugh, FD at Adnams Southwold.
Banks often require legal and personal (original and notarised) documents with names, addresses and dates of birth; passports; documentation on European Market Infrastructure Regulation status, tax status – and more.
Needs must, however. Identify theft is a growing concern.
Some treasurers are also concerned about the repetitive, never-ending nature of KYC compliance. However, after ‘going through the mill’ once, Adnams has not experienced any subsequent issues or additional demands.
“This may just be because we have not changed banks and have had no major changes in our shareholder base – or it may be that the bank’s next letter is in the post,” says Pugh.
Corporates with complex structures, overseas branches and subsidiaries, multiple banking relationships, and accounts in and across multiple jurisdictions are, understandably, feeling the most pain.
“We notice that KYC processes with banks are becoming more onerous. They are increasingly complex, difficult and time-consuming,” says Christof Nelischer, global group treasurer at Willis Towers Watson, an advisory, broking and solutions company.
Just opening a bank account can prove anything but straightforward.
Robert Scriven, group treasurer and planning manager at Cairn Energy plc, an upstream oil and gas exploration and production company, describes account opening as “very slow and painful”, taking weeks in the UK and months overseas.
In a global Thomson Reuters’ survey in 2016, 27% of corporates reported waits of more than three months and 9% reported waits of four months or longer.
There should be industry acceptance of standard repositories
Corporates also reported being contacted an average of eight times during each on-boarding process. “Banks often use low-grade resources, hence the service is poor,” says Scriven.
Among survey respondents, 89% of corporates described their experiences as ‘not good’, and 13% changed banks as a result. Lack of common standards at financial institutions also consumes time.
There are variations in how banks interpret KYC across organisations, regions, departments and products.
For each bank account, a corporate may need to supply similar KYC information, but to varying levels of detail, according to the individual procedures of the financial institution with which they are doing business and in which region.
There are also variations in interpretation and enforcement across regulators.
All of this leaves treasurers to collect and collate data, carry out repetitive activities and worrying about the security of the sensitive information they are sending to banks – and what they are going to do with it.
As Boyce observes: “Not only is it time-consuming, it may also impact on investment decisions as it becomes ‘just too difficult’ to do things.”
So, what can treasurers do to make their bank KYC-compliance efforts less onerous?
Many use spreadsheets to collect and store KYC-related information and documentation locally and/or centrally, and keep this up to date – to reflect relevant changes affecting corporate ownership, directors, account signatories and so on – and make information requests from banks easier to deal with.
Nelischer is unconvinced: “Using spreadsheets to collect the information and then asking half a dozen people to sign them off every quarter does not work.”
Both he and Scriven see benefits in electronic bank account management (eBAM). Citi introduced paperless processing for account opening and maintenance for its treasury and trade solutions, and its eBAM platform, for North America in 2015.
Some aspects of the problem can be alleviated by using the secure, web-based portals of repositories, such as kyc.com. This service enables corporates to securely store the required documents and permit relevant banks to view them, rather than repeatedly going through the process of sending variations on the same documents or information multiple times to multiple parties.
In 2016, when Michael Sack was head of treasury and financing at Sivantos Group, a manufacturer of hearing aids, he opted for kyc.com, in part, because the repository also offers due diligence and other services.
He saw these services ease internal approvals and relay trust to Sivantos’s financial partners, while alerts about outdated documents meant Sivantos did not need to resource this manual task alone.
At present, there are numerous repositories/managed services/utilities devoted to meeting bank, interbank (and incidental corporate) needs to manage KYC compliance and client-reference data.
They include: SWIFT’s KYC Registry, Thomson Reuters Org ID and Equiniti KYC Solutions. They are growing in number and becoming more widely accessible – but proliferation does not necessarily help treasurers.
Taken in their entirety, these services are progressively increasing the amount of digital KYC data and documentation. As each individual service increases its member and subscriber numbers, it becomes easier for them to access and exchange KYC data between themselves.
But this still creates islands of disparate and (often) incompatible data that cannot easily be shared across services and providers.
“Clearly, there is massive duplication,” says Scriven, who wants to see standardisation around KYC within and across financial institutions and the wider banking industry. “There should be industry acceptance of standard repositories where we can authorise standard documents,” he says.
Then treasurers could more easily manage their KYC-related admin and control access to the associated information.
In a perfect world, treasurers would be able to capture KYC data once and upload it to a single utility, that will flag KYC-related risks and send update reminders, no matter how many accounts they have (or wish to open) with various financial institutions.
But this would need global regulatory agreement on KYC requirements and a global standard for bank-to-corporate KYC.
Meanwhile, corporate treasurers struggle on.
About the author
Lesley Meall is a freelance journalist specialising in technology and finance.