KYC utilities: how to plan for success and reach objectives
Successful compliance and risk management programmes within financial institutions depend on effective Know Your Customer (KYC) processes, yet most have found these processes to be onerous, both in terms of time and cost.
This is further complicated by an ever-changing and progressively stringent regulatory landscape. As a result, consortiums of banks, governments and vendors have explored the possibility of reducing costs and improving customer service through the establishment of industry-wide KYC processors or Utilities, with the aim of standardizing KYC processes.
This approach was highlighted in 2018, when leading banks DNB Bank, Danske Bank, Nordea Bank AB, Svenska Handelsbanken and Skandinaviska Enskilda Banken joined together to announce their intention to develop “an efficient, common, secure and cost-effective Nordic KYC infrastructure” called Nordic KYC Utility.
If designed and executed properly, the potential benefits of a shared infrastructure are clear – not least when it comes to raising KYC compliance standards across the financial industry as a whole. However, there are challenges, as demonstrated by the Monetary Authority of Singapore shelving its plans for a centralized Utility due to spiralling costs.
Here, we examine the objectives of a Utility and the key factors to be considered to ensure success.
Objectives of a shared KYC utility
First and foremost, a Utility should provide benefits to all of its stakeholders – from the participating banks and their customers to regulatory authorities.
For banks, the Utility should streamline KYC and customer onboarding, reduce costs and enhance KYC standards and auditability. Meanwhile, their end customers should benefit from a smoother customer onboarding journey and reduced friction.
From the perspective of the regulators, the primary objective of a successful Utility should be to raise confidence – among themselves and society as a whole – that banks are working to the highest KYC standards to more effectively combat financial crime, money laundering and terrorist financing.
Considerations for success
The failure of the Singapore KYC Utility has highlighted areas of caution to be considered in other jurisdictions. In a report published by the Association of Banks in Singapore (ABS) after the project halted, it was revealed that “the overall margins at a systemic level did not allow for a viable business case in a projected term, and the proposed solution was going to cost more than the savings that banks would get out of it.”
So, what can be learnt from this?
It is important to recognise that, despite all the participants operating under the same legislative and compliance regulations, their interpretations and, importantly, risk appetite will vary greatly. It is therefore crucial to establish a deep level of understanding of the needs of each participant in terms of existing KYC processes, risk methodologies, data and technology requirements.
The reality is one size never fits all. Participating institutions may vary significantly in their need to access various specific sources or adapt certain processes by jurisdiction or customer type based on their established compliance policies. This places extra demand on the Utility operator to select and deploy highly configurable best-of-breed technology, data and processes in the early stages.
The report highlights the importance of the core design, stating that “significant priority was given to design choices which represented a highly ambitious ideal” and that “more agility in governing the interaction between design and cost could have helped”. This emphasizes the need for flexibility and adaptability, since initial requirements often evolve and so an agile approach and design thinking are essential to ensure the Utility truly delivers value based on the actual needs of the participating parties.
Ultimately, it was the cost of integrating an inflexible solution into a bank’s established compliance processes that proved to be the Singapore Utility’s primary downfall. The ABS report noted that the banks are “all at various stages of sophistication and evolution in terms of client data systems and KYC workflow systems”, and acknowledged that integration costs would account for over a third of the project costs. Therefore, ensuring there is flexibility in the design and technology used to build a Utility is critical in managing costs and ensuring participants realise maximum value today and into the future.
A Utility simply won’t work if its infrastructure is not future proof from advancements in regulation, technology or user experience expectations. For instance, here at encompass, we launched global biometric identity verification (IDV), and this is the type of feature that Utility participants may well want to use in the future, so the infrastructure has to got to be able to adapt for this.
Are utilities the way forward?
Given the amount of time and money financial firms currently spend on KYC and customer onboarding, it isn’t surprising that the Utility concept is gaining such traction. While there are certainly questions that remain to be answered – such as whether one Utility can realistically meet all the requirements of multiple, diverse institutions – the arguments in favour are certainly persuasive.
Industry pundits have debated the likely success of a regional KYC Utility and time will tell whether the proposed Nordic KYC Utility will achieve its desired outcomes. However, it is an encouraging move by the main Nordic banks to up the ante in the fight against financial crime, and rebuild their standing in the eyes of both regulators and customers. With a high level of engagement among key stakeholders, there shouldn’t be any reason why the project does not succeed, should it stay true to its primary objectives and understand that design thinking based on inherent flexibility is absolutely critical.