This article is part of Kyckr’s Future of KYC Compliance series, which interviews leading industry professionals and thought leaders to learn more about the trends that will shape the future of KYC compliance.
The following is an interview we recently had with Jehan Jeyaretnam, Head of Compliance Services, Acuity Knowledge Partners.
What is the current state of KYC compliance?
KYC compliance regulations implemented in the past decade have improved the breadth and depth of KYC review in both new client onboarding and periodic reviews. While the KYC compliance function overall remains a labor-intensive process, there has been a concerted push to gain efficiencies through new tech platforms and tools. Key technological advancements in individual (retail) KYC review such as biometrics, liveness detection and physical ID authentication are examples of technology adoption to increase efficiency. That said, challenges remain around information quality and asymmetry and timeliness of updates in areas such as UBO identification and updating changes in information on individuals and entities.
How has KYC compliance evolved over the past five years?
In the past, KYC compliance functions and tasks were viewed as cost centers set within the compliance division and not as business-critical processes. The increase in the number of global regulations such as AML 3-6, together with the heavy penalties imposed across a wide range of industries, underscores the value of having robust KYC compliance programs to protect and increase shareholder value. The ownership of KYC compliance is, therefore, now divided between all three lines of defense in most successful organisations. The emergence of quants-driven risk-assessment frameworks, technology platforms, data aggregators and KYC-as-a-service has altered the operating models for KYC compliance.
Regulators suggest better data solutions:
New regulations such as the FinCEN CDD Rule and the 5th Anti-Money Laundering Directive (5AMLD) mandate the identification and verification of beneficial ownership as a top priority on the regulatory agenda. The emergence of better data sources would make ownership more transparent and eventually minimise the need to obtain documents from customers and detect anomalies where ownership may have been disclosed incorrectly.
Crypto exchanges and wallets:
Cryptocurrencies have, in the past three to four years, redefined the way transactions are conducted by offering fast and cheap transactions. As cryptocurrencies increase their wallet share, the chances of them being used to launder money would also increase exponentially. The 5AMLD regulation and FinCEN’s Final Rule have, therefore, made it clear that virtual currencies and exchanges have to strictly abide by AML legislations. For example, exchanges and wallets must register with their respective regional regulators and demonstrate that they have appropriate KYC and AML compliance programmes in place.
All this would lead to stringent compliance KYC practices and systems that are not only in line with regulatory expectations, but also help preserve the integrity of data.
How has KYC compliance changed in the midst of COVID?
The pandemic has resulted in most businesses going online, and compliance is no exception. KYC reviews that were more paper-based and performed in-premise have to be conducted in virtual environments, using the cloud and secured servers. Financial institutions, customers and regulators were forced to accept the new normal of conducting KYC due diligence on virtual platforms, with resources dispersed geographically. We, therefore, see the pandemic as a driver of increased digitalisation in the KYC domain through necessity. We expect this trend and urgency to continue even in the post-pandemic world. Organisations also need to ensure they conduct more thorough validation, tests, model enhancements and security checks to adapt to the new normal of virtual work without compromising the integrity of their KYC programs.
What are the top trends shaping the future of KYC compliance?
I believe the following are some of them:
- Perpetual KYC: Organisations will look to invest in solutions that provide real-time surveillance.
- Use of data analysts: KYC compliance operations will see a spike in the use of data analysts, who could slice and dice customer data to find hidden patterns, leading to a greater control on overall compliance.
- Segmented KYC: The depth of KYC review required for a large bank vs a new-age gaming company will very likely be different. KYC service providers who cater to the needs of specific sectors would, therefore, increase significantly.
- Agile planning: Organisations should ensure that the systems and procedures they implement today are able to adapt to the regulations of tomorrow, or the regulations of other jurisdictions in which they want to grow their business.
What is the future of KYC compliance?
I believe it will include using new-age technologies such as artificial intelligence and machine learning to replace labor-intensive processes, and using human analysis and judgment for more structured risk assessment. We also expect increased and standardised regulation to enable the creation of utility-type services for KYC ratings based on standardised and accepted risk-assessment methodologies. A comparable industry model would be the credit rating firms that issue ratings on debt issuers. We also believe emerging themes such as the shift to cryptocurrencies and ESG will impact those KYC processes currently limited to detecting traditional forms of financial crime.