Securing support for pKYC
The pKYC Advisory Board was assembled to generate meaningful insight to help buyers, regulators, and innovators on their respective perpetual KYC (pKYC) journeys.
Its founding members include senior KYC stakeholders from leading global banks, and technology, solution and data providers, providing a holistic view of the challenges and opportunities around pKYC today.
In this second session of the Board, the group discussed the intricacies involved in the pKYC journey, offering insights and guidance relating to overcoming the data, regulatory, and cultural barriers outlined in the previous whitepaper.
The importance of buy-in
Stakeholder engagement and wide cultural support was unanimously agreed as essential during a transformation project of any scale; helping people throughout an organization to adopt a change-oriented mindset related to KYC operations can be the difference between achieving success and meeting with resistance.
Beginning the shift towards KYC and corporate due diligence (CDD) being viewed as a “pillar of risk”, whereby it acts as a ‘data pump’ for key information on risk for other parts of the organization, could prove fruitful in terms of garnering support from a broad range of stakeholders.
The group also concurred on the need to have the right leadership in place throughout the journey towards pKYC, as executive-level support is crucial at every step of the process. Additionally, many in the group felt that financial institutions (FIs) could find value in establishing a group of experts that are given the space to understand and evaluate any roadblocks, with the goal of smoothing the road in order to find an appropriate and practical path forwards.
Building on existing foundations
Data management is the foundation upon which firms must build to make the journey towards pKYC a success. It was agreed that, in the case of most banks, 80 percent of what needs to be done to deliver pKYC from a data perspective is already happening, from sourcing through to validation, analytics and storage. Since FIs are already putting the necessary elements in place, such as ingesting third-party KYC data, then the natural next step is automation.
However, while true that most firms are collecting the right data, the group acknowledged that it does not necessarily follow that they are able to use this data effectively in a pKYC setting; for example, there may be different interpretations of what types of data are needed to facilitate pKYC, which could itself be spread across multiple systems.
It was suggested that an effective next step could be for firms to consider aggregating all this information into a single system (e.g. a CLM platform) so as to combine required inputs. Equally, since the inputs themselves are not always perfect, it’s just as important to ensure validation through wrapping sources together via a validation tool to identify any errors.
Another aspect related to data management is the popular approach to creating a data lake that serves as a central data source for multiple uses cases, including pKYC. The group recognized other approaches to collecting data including the use of ‘data virtualization’ as an alternative to the creation of data lakes, which typically are large scale projects across the company. Data virtualization here means a lower technical hurdle in a pKYC transformation project.
The road towards pKYC should not be underestimated as a short or a straightforward one. Engaging the multiple vendors needed to make pKYC a reality can be an immense undertaking, and the changes needed to pull every strand together would have organizational ramifications that shouldn’t be minimized.
Internal data management remains one of the most challenging aspects of pKYC transformation, and so spending time getting the basics right will help firms to reap the rewards of automation in the long term.
The challenge of bringing regulators along on the pKYC journey was also discussed, and consensus was reached on the view that regulatory clarity should not be confused with taking an overly prescriptive approach, since unduly restrictive or burdensome regulation can hinder the development of innovative markets.
Rather, focus should not be too intent on what is not currently being done well – the group felt that a more positive positioning as an exercise in adding controls would be more beneficial. For example, artificial intelligence (AI) can be used to great effect in transaction monitoring, but firms still require an underlying set of red flags to support the AI system.
Firms must also appreciate that regulators want to maintain a safety blanket of human involvement where possible. Much like with other technology implementation projects, a period of parallel running could prove helpful until the regulator better trusts and understands a new, automated approach. Firms should therefore retain the ability to ‘push a button’ to trigger reviews as and if needed, providing a back-up to newer event-driven processes. Maintaining a periodic review regime while improving the steps around it will likely be a far easier regulatory conversation.
Find out more about the journey towards pKYC.