This article is part of Kyckr’s new Future of KYC Compliance series, which interviews leading industry professionals and thought leaders to learn more about the trends that will shape the future of KYC compliance.
The following is an interview we recently had with Phillip Hamilton, Senior Compliance Investigative Analyst, Compliance Department, Sutton Bank.
What's the current state of KYC compliance?
KYC compliance faces many challenges, especially in the age of COVID and the transition to digital payment platforms. Most business models look to the automation of KYC functions or outsource these requirements to remain competitive and control costs. This approach can be contradictory to the original intent if the systems (or Vendors providing the KYC function) are not structured in a way that protects the company's reputational, operational, and financial risk exposure.
How has KYC compliance evolved over the past five years?
In some aspects, KYC has evolved in leaps and bounds; in others, compliance still lags behind the curve when it comes to Know Your Customer best practices. Some companies leverage frontline employees' knowledge and expertise and empower them to apply what they've learned so that the industry can shape procedures and policies to maximise that talent. On the other side of the coin, you have agencies applying outdated practices that favour revenue generation over risk mitigation. These decisions impact the evolution of KYC as a whole. Beneficial Ownership has become an integral part of the conversation. However, there is still room to expand on the definition when it comes to business structures (legal entities) like Non-Operating Asset Holding Companies (NOAH's), Limited Liability Companies, Partnerships (LLCs& LLPs) and Business Trusts with complex ownerships. These business types can mask the natural person who owns or substantially benefits from the business structure's financial operations. Once the risks affiliated with banking these types of entities are addressed, KYC compliance's evolution will mirror the financial industry's technological advancements that pose significant challenges to its implication.
How has KYC compliance changed amid COVID?
COVID identified many opportunities for growth in KYC programs. It caused many companies, agencies, and institutions to reevaluate the avenues for onboarding new business. It also pointed out gaps in household practices commonly used by local, state, and federal government agencies. The COVID crisis disbursed with the thought process of doing the legal minimum to book new business. For example, some companies only collect two out of three or three out of four requirements identified in the CIP (Customer Identification Program) referenced by the FFIEC Manual to show that the business collected enough information to reasonably demonstrate that it knows the customer's true identity. Unfortunately, COVID has proven otherwise. The escalation in cyber-attacks utilising BECS (Bank Email Compromises), Synthetic IDs, and Identity Theft will force a reset in the approach of KYC and CIP processes. COVID-19 will be the catalyst that propels Know Your Customer compliance to the forefront of risk models for all businesses concerned about protecting the gains they have achieved as they scramble to keep pace with the latest fraud schemes the criminal element employs daily.
What are the top trends shaping the future of KYC compliance?
The top trends shaping the future of KYC compliance are digital currencies like bitcoin, the decline of face-to-face customer contact (doing business electronically, i.e. via email), and the fraud exposure that comes with the expediency by which companies conduct business. KYC must become more than just a function necessary to meet regulatory requirements. KYC compliance will quickly become the first line of defence in keeping bad actors away from the business's doorstep.
What's the future of KYC compliance?
The future of KYC Compliance will be governed by the technologies offered by FinTechs and the payment platforms that partner with financial institutions to provide banking services introduced to the marketplace. Regulatory agencies will have to update the guidance provided to financial institutions on what risks are acceptable when processing third-party transactions on behalf of these companies and platforms. The future of compliance will see the enhanced due diligence of customers before onboarding and more collaborations between banks, FinTechs and Payment Processors as traditional banking transitions to introducing AI and crypto-currencies.