Do regulations make a difference to the customer experience?
Do regulations make a difference to the customer experience? Seems like an obvious answer. The question is, how specifically do they make a difference?
Let’s examine what customer experience means in the context of Anti-Money Laundering (AML)/Counter Terrorism Financing (CTF) regulations.
Regulated sectors, including financial institutions like banks, are required by law to conduct customer due diligence (CDD) to ascertain if they represent a legal or financial risk to the bank, and by extension to the global financial system. Banks establish onboarding processes that are regularly reviewed by internal and external auditors, including oversight from government regulators to ensure they meet regulatory requirements, based on the jurisdictions they operate in. Failure to meet the established processes can result in censure and fines, with often costly corrective action required to remediate. What is not considered, and considered secondary, is the customer experience of the onboarding process. As the regulator is the ultimate customer for the bank, not the traditional customer we typically think of.
Customer experience is overlooked
This is especially true when banks are under pressure from regulators who identify deficiencies in their processes. The bank’s focus shifts from serving customers to complying with the regulator’s demands:
- all compliance resources are refocused on reviewing past customer accounts, known as Know Your Customer (KYC) remediation
- improvements are made to previous gaps identified in the onboarding process that caused these regulatory deficiencies.
Little focus is given to the actual customer onboarding experience. Once the deficiencies have been corrected to the regulator’s satisfaction, focus can shift back to the actual customer experience. Often, new onboarding processes would have been developed during the remediation process, with little emphasis on the customer experience, which would be difficult to change once signed off by regulatory oversight. Management priorities typically then shift elsewhere in the bank, addressing the next important issue in their portfolio. Making any future improvements to the customer experience difficult to address.
Different jurisdictional requirements often also impact customer experience. For AML/CTF regulations, the Financial Action Task Force (FATF) issues guidelines and best practices related to addressing new money laundering typologies for member countries. These member countries will review in relation to their individual local requirements before enacting regulations specific to their needs.
Inconsistency in data privacy rules
Jurisdictions may have different privacy laws already on the books and need to consider these laws before enacting AML/CTF regulations. One such example is the guidance FATF is currently reviewing on identifying beneficial owners of companies. Recent scandals from the Panama and Pandora Papers revealed by the International Consortium of Investigative Journalists (ICIJ) have identified many powerful government officials as holders of offshore companies, whose ownership status were hidden within these shell companies. FATF member countries have been looking to develop beneficial ownership registries to identify company owners to reduce potential money laundering through these shell companies.
However, the level of transparency in terms of making this data public varies significantly, with the UK being most public through Companies House, to secretive offshore jurisdictions in the Caribbean typically reluctant to share any registration information without a court order.
In the US, the AML Act of 2020 is mandating that the Financial Crimes Enforcement Network (FinCEN) create a national beneficial ownership register. However, sharing of this register is restricted to law enforcement and member banks that can only share ownership data based on the customer’s consent. One can imagine that the customer due diligence onboarding process in the US would be different from the UK or a Caribbean country. A US bank could only collect ownership data with the express consent of the customer, while a UK bank can simply access Companies House to complete the onboarding process. In the Netherlands, privacy advocates Privacy First are taking legal action, claiming that collating and sharing ultimate beneficial owners (UBOs) on Dutch legal entities is a privacy violation, disproportionate and infringes European privacy law.
The above discussion highlights the complexity of meeting customer expectations in terms of a seamless onboarding experience given the uncertainty related to data privacy laws. Customers with cross border corporations that engage in international trade can find the onboarding process complex and confusing, even within the same global bank. Global financial institutions need to accommodate local jurisdictional requirements, creating additional complexity in terms of the customer experience.
The quality of data varies
Another aspect to consider is the quality of data sources used during customer onboarding. This can include the level of accuracy, timeliness and coverage gaps in both internal customer data as well as external reference data, used as part of the due diligence process. We have established that due diligence is a regulatory requirement and is therefore compulsory, irrespective of the jurisdiction in which the customer has been onboarded. If an onboarding process has been developed in a jurisdiction where the data source quality is high, the customer experience cannot be expected to be the same for a low data quality jurisdiction.
In the UK, customer data can be collected based on reliable government issued documentation, including passport information and utility bills. In a lesser developed jurisdiction, documentation could be out of date, lost or deliberately forged. If regulatory onboarding requirements are similar for both jurisdictions, one can imagine the complexity and dissatisfaction of the customer when additional validation checks on their documents need to be performed. Plus, if external data sources need to be used, their accuracy in lesser developed jurisdictions may also be questioned and in some cases the account opening may be denied purely because of poor data quality. With recent enforcement actions by US regulatory agencies against jurisdictions accused of money laundering, US based banks are understandably wary of setting up correspondent banking relationships with banks in these jurisdictions. The concern is that these foreign correspondent banks may have known money launderers or sanctioned entities as customers, with the potential for ‘dirty’ money entering the US financial system in attempts to ‘clean’ the money. While foreign correspondent banks follow similar onboarding processes to their US based counterparts, poor data quality raises concerns leading to closure of their correspondent accounts. In recent years, we have seen a rise in these cancellations.
To conclude, there are opportunities to balance regulatory requirements against customer experience. In addition to the challenges and negative impact, it is important to recognize the important role regulations play in protecting the global financial system from criminal activity. One can argue the reduction in a positive customer experience may be a small price to pay for this protection. Debate continues in the industry and will do so for a while to come.
To find out how KYC automation supports customer experience initiatives and accelerates return on investment from customer lifecycle management projects, download our whitepaper.