The KYC utility revisited – is a problem shared indeed a problem halved?

KYC or better Customer Due Diligence and the related work of Transaction Monitoring are often considered cumbersome and painful. Not to mention that financial institutions can be fined heavily for not getting it right.

The idea of a KYC utility - shared amongst FIs - keeps popping up, recently in The Netherlands and the Nordics (https://www.riskscreen.com/kyc360/news/dutch-banks-team-up-to-fight-dirty-money/) and not that long ago in Singapore (we wrote earlier about that here https://www.i-kyc.com/the-failure-of-the-kyc-utility-project-in-singapore-a-practical-view/).

Despite the failures and the initiatives that don’t get any further than the drawing table, many FIs and regulators still think it’s worth a try. Let’s have a look at the possible reasons and success factors.

A KYC utility makes sense

FIs in the same jurisdiction need to adhere to the same regulations and even though internal controls, systems, risk appetite and policies might differ, likely a lot of the work is similar if not the same. That might mean a duplication of work so cost savings are possible.

Quality

Money launderers don’t do all transactions with one bank; what looks perfectly acceptable to one FI might not be so acceptable if the transaction behaviour is viewed across all the banks that the client is using. By nature, the knowledge on a client will improve if banks can see all the clients’ activities across organisational boundaries.

Speed

Everyone who has dealt with onboarding of clients will have heard the comment “Why do I need to provide that documentation? Bank ABC doesn’t require that either.” Aligning onboarding requirements and shared CDD will increase the speed of onboarding and increase customer satisfaction.

There are plenty examples of off-shored centres, external companies and internal service centres that have proven that processes and policies across jurisdictions can be serviced in and by one and the same team. There are no inherent reasons that make a KYC utility impossible to realise.

It can be done, we’ve seen it working, we’ve managed these service centres. It all comes down to the (political) will to make the KYC utility a success, the ability to overcome differences in the participating FIs and the power to execute in the utility itself.

find the original article and find other stories here

Why you need an LMS

With all regulations, controls, inspections and audits, it is no longer enough to provide training; it is also required to demonstrate that all (relevant) staff have done all required training modules.

If you sit with all of 20 staff in one building, your compliance officer can provide the training and have every participant sign an attendance log. But more often than not, considerably more employees in more than one office location need to be trained.

An LMS combined with relevant e-learning modules can then cater for the training needs and demonstrate who has done which training, on which date and with what result. An ideal tool for many FIs (and other organizations) to provide information to their regulators and increasingly to business partners like correspondent banks, customers and suppliers.

A LM System is just the platform to host e-learning modules and have staff do the training modules required.

It becomes a Learning Management Solution if there’s proper content provided and if there are processes and procedures around the system to ensure all training requirements are met.

The administration of the whole learning cycle can be done in-house or can be provided as a service so it becomes a Learning Management Service.

The thing is: you need to take training seriously. An LMS can help you do that good, cheap and fast. We have helped many customers to get their learning under control and as a result supported them to demonstrate to regulators, business partnersn and correspondent banks their control over the knowledge and awareness in AML/CFT.

But aside from this pressing regulatory need, an LMS will allow you to manage your entire professional learning and development program for your staff, making it an important component of your overall strategic HR programme.

If you want to know how or need help, don’t hesitate to contact us.

The compliance function at an inflection point - Views on the McKinsey benchmark

In McKinsey’s 2018 compliance benchmarking survey https://www.mckinsey.com/business-functions/risk/our-insights/the-compliance-function-at-an-inflection-point. 5 conclusions are drawn from the analysis among 24 leading banks:

• Compliance spending growth is slowing
• Size and effectiveness of the compliance function are not yet in balance
• Compliance maturity is not high
• Automation and analytics remain a challenge
• Spending more on technology does not guarantee maturity

No surprises in these findings, but let me make 1 observation and talk about 2 of the recommendations.

First the observation. If people talk about the cost of compliance, the focus is often on the compliance function; the 2^nd line of defence. I assume that McKinsey is no different. However, the cost of compliance involves all staff that are performing work on compliance processes, whether that is explaining policies to clients, clarifying monitoring alerts or obtaining documentation required from clients for the sake of the customer due diligence process. Plus of course the dedicated AML operations teams. The number of FTEs in the 1^st LoD is easily 10 or even 20 times as high as the number of FTEs working on Financial Economic Crime in the 2^nd LoD. Achieving operational compliance needs a focus on the 1^st LoD.

Secondly a few notes on 2 of the recommendations in the article

-             Strengthening risk ownership in the first line

This recommendation is a no-brainer; client contact and operational tasks are executed in the 1^st LoD. The compliance function instructs, advises and checks but the actual work is done in the 1^st line, if something goes wrong from a compliance point of view it is usually there. The fact that ownership in the 1^st LoD is still not where it should be, is troubling. Despite all the fines, publicity, tone-at-the-top workshops and more it’s disappointing that bankers apparently still don’t get the message.

-          Streamlining compliance processes in the first line

Streamlining is perhaps an oversimplification; to achieve an operationally compliant financial institution you need compliance with all policies, proper and prompt customer services and efficient execution of operational process. Every day, with every transaction, with every client interaction, in every corner of the bank. This is best achieved under single headed ownership; meaning that there is 1 person in the 1^st LoD ultimately responsible for the adherence to FEC policies.

There’s still a lot of work to be done for FIs globally; in the first line of defence.