Foreword from Startupbootcamp FinTech:
For FinTech startups to build effective product solutions, understanding the banks’ compliance regulations including KYC requirements is a necessity. Startupbootcamp FinTech Singapore is taking on this challenge and inviting developers, designers and finance professionals to its first FinTechathon to hack compliance solutions. This is the second of three blog posts from our collaborating partner, PwC, that provides insights on financial crimes.
About the author:
Vincent Loy is a Partner, and the Financial Crime and Cyber Leader of PwC Singapore, he specialises in complex and emerging business risks, regulatory and technology issues.
In recent years, Governments worldwide have grown increasingly stringent on their regulatory efforts, followed by reinforcements, in clamping down money laundering. Financial institutions which were found to have lax compliance controls in the area of anti-money laundering (AML) weren’t spared, and have been fined up to billions of dollars. In view that the regulations serve as a check-and-balance measure to ensure financial institutions are well-armed to counter such crimes; failure of compliance thus suggests a weak line of defence.
To safeguard our financial systems, regulatory pressures surrounding compliance with AML is set to further increase. Meanwhile, financial institutions will need to measure up in addressing rising regulatory demands, starting with meeting the “Know Your Customer” (KYC) compliance requirements to combat money laundering.
Know Your Customer (KYC) – What is it?
KYC is a bank regulation which enforces financial institutions and regulated companies to perform all that they need to identify, document and validate the authenticity of the customer prior to any engagement. Comprehensive KYC policies serve as a risk mitigator and surveillance control to safeguard financial institutions, their systems and platforms, from being taken advantage of by money launderers.
What is required of financial institutions to meet KYC requirements?
While the regulatory requirements and expectations for KYC vary by jurisdictions, here are some general guidelines that apply across the board:
Perform and complete customer due diligence before entering into a business engagement (this includes obtaining and screening personal/organisations’ details, eg. unique identification numbers, business details, and more).
The precursor to this is having a robust customer identification programme to validate the authenticity/accuracy of clients’ information, and to identify discrepancies.
Run sanity checks – clients’ information need to be cross-checked against the watch lists indicated by regulators, which contain details of unscrupulous individuals and organisations that are restricted from conducting business transactions.
In the event where the customer is a politically exposed person (PEP), additional due diligence is required.
After the due diligence process is completed, ongoing tracking and monitoring of customers’ transactions is required to constantly keep a lookout for suspicious activities.
Once the business relationship has been established with a client, periodic risk-based monitoring of the client is recommended to ensure that his/her details are always current.
What are the key challenges financial institutions face when it comes to making KYC work?
The regulations governing KYC requires the synchronisation of numerous processes as well as roles and responsibilities, which on the whole, can be a complex and extensive undertaking. Among the common challenges financial institutions encounter in their efforts to establish/maintain an effective KYC programme include:
Risk in misinterpreting regulators’ guidelines – may lead to compliance gaps.
Lack of communication between business units/departments – may lead to inconsistent and unconsolidated data, thus resulting in weak/unreliable customer intel.
Manual processes in the due diligence life cycle are vulnerable to human errors – may have a far reaching effect if left unnoticed; this include assigning the wrong risk rating to clients, as judgement is subjected to the analysts’/decision makers’ individual interpretation of the matter.
Leveraging on technology to improve the effectiveness of KYC
The accuracy of the clients’ profile and data is highly crucial towards achieving the objective of KYC. This is where technology comes in – to enhance data precision and also to improve the turnaround time needed. Among the popular digital solutions that financial institutions use are:
Real time screening technology – to assist in the cross-checking of clients’ details against regulators’ watch lists.
Data analytics – to provide an analysis and a consolidated view of the data across various business functions.
Workflow management systems (WMS) – to automate manual processes.
In addition to meeting regulators’ compliance demands, there’s also a growing need for financial institutions to leverage on new FinTech solutions to further optimise their KYC programmes and better differentiate themselves from the competition; especially in the areas of expediting clients’ onboarding process, minimising cost and the duplication of effort, and most importantly, bolstering security and safeguarding their reputation as well as the integrity of their systems from being involved in money laundering activities/financial crimes.
From the 9th – 11th October, PwC will be supporting the first FinTechathon hosted by Startupbootcamp FinTech to hack “Compliance” solutions in 48hrs at the Singapore Exchange. We challenge developers, businessmen and designers to explore beating banking’s billion dollar problem. This is the second of a 3 part industry highlights series to help participants better understand the challenges faced by the financial services sector. For more information on the FinTechathon challenge, visit here.