To pKYC or not to pKYC
By Encompass
A group of senior stakeholders from financial institutions, technology and data providers recently met at the inaugural meeting of the Encompass perpetual KYC (pKYC) Advisory Board, to discuss the journey financial institutions (FIs) need to take and potential issues to consider, when implementing pKYC.
Key takeaways
FIs need to consider their willingness to adopt a new pKYC platform and take decisions in line with their current traditional approach to addressing KYC requirements. While pKYC is known to have a positive impact on improving KYC operations, the challenge is centred around cultural willingness to implement a potentially complex solution. Cultural buy-in is key, as KYC is a regulatory requirement that can significantly impact an FI’s revenue stream and market reputation. It is also important to recognize regulators still need to be educated on the processes and merits underlying a pKYC approach. Summarized as the ‘buyer challenge’.
Embracing pKYC technology
While technology that supports a pKYC approach is available, a willingness to adopt new technology and procedures is vital.
Institutional IT buyers often mistrust Software as a Service (SaaS) solutions that are typically external to the FIs network and require APIs to integrate to. Particularly, for FIs that have legacy mainframe solutions, built before SaaS solutions recently became popular. These in-house built solutions often have complex code and can be difficult to change, update or even replace. It is not unusual for long established FIs to continue to employ Common Business Oriented Language (COBOL) programmers to maintain financial platforms.
The scepticism of SaaS, coupled with maintaining regulatory compliance solutions, means an even higher bar has been established for reviewing pKYC solutions as replacements for traditional KYC platforms. If there is a willingness to experiment with SaaS based solutions, IT remains likely to ‘play it safe’ when selecting new compliance solutions, potentially leading to sub-optimal outcomes due to the reluctance to adopt new compliance approaches.
Moving to a data driven solution
FIs need to consider how to move towards a new pKYC platform and what is required to successfully implement a data driven solution. Data, both internal customer data as well external reference data, needs to be of sufficient quality to ensure pKYC processes are effective.
While the axiom ‘garbage in, garbage out’ is true of any business process, quality data becomes especially critical in pKYC operations, given the real time nature of the compliance process and the potential of an increased number of false positives generated as a result. Internal customer data needs to be reviewed first to ensure as much relevant, accurate and timely data can be extracted from back-end databases. Only then should FIs ingest external reference data to support decision making.
A new approach to periodic reviews
As FIs consider the move to new pKYC platforms, it is important to recognize the approach should not be a ‘rip and replace’, but rather a parallel deployment that co-exists alongside the traditional periodic KYC approach.
As discussed earlier, traditional KYC onboarding solutions are ‘tried and true’ and the foundation for meeting regulatory obligations. New pKYC approaches can provide direction and assistance as to which customer accounts or business lines to automate, as part of the traditional KYC onboarding process. For example, customers from high-risk jurisdictions tend to require greater due diligence and are potential candidates for a pKYC approach. However, not all customers within this jurisdiction may require ongoing screening. Initial identification of customer changes gathered from quality internal customer data can provide guidance as to which specific customers require traditional periodic review, rather than the ongoing perpetual KYC process. This quality internal customer data can also guide operations teams in identifying customer data attributes to include in the review process.
Reviewing customer data
The current approach to KYC remediation often feels more like a ‘tick the box’ exercise when reviewing records that do not need reviewing, as there have been no changes to customer data within the assigned periodic review time period.
Current periodic KYC approaches can also result in a complete customer data refresh based on the periodic schedule, regardless of whether a customer’s record has changed within that period. This approach can damage the customer relationship when asked to provide the same documents from the onboarding process to fit the FIs periodic review frequency, without considering the impact to the customer.
Enablers and barriers
As identified earlier, willingness to incorporate new technology and procedures can be an obstacle to pKYC. Higher standards associated with implementing regulatory solutions, mean a potential failed implementation will be viewed negatively, without the opportunity for a ‘re-do’. Being risk averse, FIs avoid approaches that are potentially not optimal, at the risk of negative feedback from regulators from a failed implementation. FIs can consider:
· pilots for lines of business or jurisdictions that are not a key revenue driver or high profile for the FI
· running a parallel project alongside a traditional KYC operation and compare results after a selected period.
These minimize risk while providing results to inform decisions regarding adopting a pKYC approach.
In summary, delivering the future of KYC begins with the needs of the firm.