Realizing Dynamic KYC in Banking

A strong know your customer (KYC) framework is the backbone of effective financial crimes compliance program in banks and other financial institutions (FIs). From the point a prospect approaches to be onboarded as a customer through the onboarding and during the customer’s life cycle, KYC plays a significant role in the effectiveness of other compliance functions like sanctions screening, payment filtering, transaction monitoring for AML, fraud control and so on. Customer due diligence (CDD) is pivotal to managing financial crime risks, so it’s not surprising, then, that this is a pressing issue currently, when we are witnessing a rapid surge in scale, complexity and sophistication of such crimes.

Customer reviews have traditionally been conducted periodically by FIs, but now the industry is acknowledging the need to shift to more dynamic CDD reviews on a continuous basis. Here, I explore the challenges with the traditional method, why there is a need to reimagine KYC in current times, the benefits dynamic KYC can promise and how AI-powered solutions can form the building blocks of a dynamic KYC platform.

Periodic KYC Reviews: The Risk of Outdated Customer Information

Pursuant to the risk-based approach (RBA) in AML compliance adopted in 2012, FIs have been classifying their customers into high-, medium- and low-risk buckets based on due diligence conducted on them during the initial onboarding as well as periodic reviews. The risk classification of the customer further decides the frequency of periodic review. As a general rule, most FIs review high-risk customers after one year, medium-risk after three years and low-risk after five years.

In today’s dynamic world, a lot changes can happen in one, three and five years, which are understandably long periods of time. Customers can undergo significant shifts during this time, from using new transaction channels to signing up for new products and services and changing income levels, organization structures, transaction patterns, countries of operation and so on. FIs not having updated this information in their records can leave them exposed to the risk of outdated information, inaccurate customer and risk profiles, erroneous anticipated behavior profiles and unknown networks and linkages. This can result in FIs applying incorrect customer segmentation and scenarios for transaction monitoring and unusual behavior detection of their customers.

A Need for Dynamic Customer Reviews: Strengthening Risk-Based Compliance

KYC is all about knowing your customer and ensuring that their behavior aligns with what they had declared and agreed as part of their relationship with the FI. And while it is the responsibility of the customer to report to the FI about any changes, it does not always happen that seamlessly. Periodic reviews and refreshes are a means to reset customer information and their anticipated activity with the FI.

However, a periodic review after one, three or five years leaves an FI exposed to significant risks in the interim. The financial services industry has therefore been mulling on more frequent, dynamic reviews on an ongoing basis to keep the customer information current and relevant. The liability, therefore, falls on the FI to use information sourced from their internal data – like changes in transaction behavior – and external and third-party data sources – like adverse media – to initiate customer information refresh and remediations.

It’s no wonder then, that the support for continuous, dynamic KYC has been growing stronger in the industry. And while this concept is still evolving, voices in the industry believe that dynamic KYC can remedy some of the current challenges and deliver some added benefits. The arguments in favor are as follows:

• Spreading out the CDD review effort – Incremental, real-time updates (contrasted with full-blown reviews at the end of a long period) ideally amounts to less effort during each increment. This does not put a massive burden on analysts for each review at the end of one, three or five years and can prevent regulatory SLA breaches.
• Managing risks continuously for the expanding universe of KYX – KYC now encompasses several parties, and not just the customer. FIs are now obliged to conduct due diligence and risk monitoring for several third parties, or “X’s,” like vendors, employees, contractor, suppliers, fintech partners and others. A dynamic KYC, or rather KYX, can ensure that data and risks related to all such parties are current and continuously managed.
• Reducing false alerts – Immediate identification and review of changes to customer risk and profile, which in turn impact expected customer transaction behavior, can reduce false alerts generated during transaction monitoring and sanctions filtering.
• Enhancing AML investigation with accurate, current, enriched customer data – Alert investigation is a tedious activity, as it entails data collation from multiple systems manually. Very often, information is incomplete, missing or outdated, which impacts investigation time and quality. Dynamic KYC attempts to maintain accurate, current and complete customer information, augmented by external sources like KYC and UBO registries, reference data providers, adverse media screening and so on. This can enrich the investigation quality and reduce TAT.

Implementing AI-Based Dynamic CDD: A Transformation Journey

Legacy banks and FIs that have been in operation for a very long time, some of them for as long as 150 to 200 years, are saddled with several inherent challenges in their KYC-CDD landscape – from multiple systems to fragmented data; multiple profiles of a single customer across systems and lines of business; disparate local processes as opposed to unified global CDD processes; manual, effort-intensive and inconsistent workflows – all of which contribute to a tedious periodic customer review process. A KYC-CDD platform modernization, driven by data and powered by AI, can transform the entire process while also enhancing its efficiency and effectiveness. Some such digital solutions toward achieving automated dynamic CDD are as follows:

• Digital ID&V solutions – Online and mobile apps allow KYC data and documents capture; dynamic, biometrics-based identity verification; data extraction using OCR; and forensic scan of documents for authenticity which are in turn verified from source databases. The automated, straight-through workflow management enables real-time KYC data update and remediation.
• AI-based adverse media screening – Moving away from manual screening of customers for negative news and adverse media, AI-based contextual search and auto disposition solutions are enabling FIs to cast a much wider net in terms of news and media coverage and to zero in on a small number of potential true matches.
• Visualizing complex corporate structures – FIs can leverage intelligent automation for UBO discovery and corporate ownership structure visualization. By using AI-based tools, which integrate with third-party data sources including company registries and chambers of commerce, and combining them with FIs’ primary internal data, such complex structures and ownerships can be unearthed within a few seconds!
• Entity resolution and network analysis using graph analytics is helping FIs to deduplicate multiple profiles of the same customer, identify proximity of customers to criminal networks (if any) and calculate a holistic network risk score in real time.
• Automated event triggers for material changes – Algorithms for continuous monitoring of material changes that impact customer risk and expected behavior profiles can generate triggers when deviations or profile changes are identified. An enhanced due diligence can then be conducted to rectify such KYC data immediately, rather than waiting for the next review cycle.
• Automated data aggregation and analytics – Automation of internal and external data consolidation on customers and their activities can reduce manual effort in data collation. This can help improve the efficiency and effectiveness of CDD processing and improve analytics for near-real-time insights.

Periodic CDD review may soon be on its way out, as dynamic, continuous KYC is poised to become a key defense in FIs’ fight against financial crime. Regulators are also swiftly responding to changing needs, and we might also witness regulatory mandates on dynamic KYC soon. We can clearly see the direction, so it may be prudent for FIs to start assessing the maturity of their own KYC-CDD programs and carefully consider strategies for transitioning to dynamic KYC in the next few years. AI-powered solutions can be the cornerstone for building such new platforms – a stronger defense against financial crimes has arrived!