Last year we started publishing our Future of KYC Compliance Series which featured interviews with over 20 KYC and AML professionals and thought leaders to learn more about the trends that will shape the future of KYC compliance.
You likely don’t have time to read each and every interview so we’ve gone through and pulled together some of our favorite answers to the various interview questions. Here’s what we learned:
What’s the future of KYC compliance?
Joe Ciccolo, Founder of BitAML
The future of KYC compliance is much more digitised, less manual, and more customer-friendly. RegTech companies continue to challenge the status quo of KYC technology solutions, rising to meet the demands of fintech, crypto, and online/mobile banking applications. While technology will continue to automate and increase efficiencies, KYC will never be without a human component. Advances in KYC technologies have instead freed up compliance professionals to focus on more intricate and crucial details that cannot be done without a human touch. Reallocation of compliance personnel and the integration of new KYC technologies may be easier said than done, especially among larger or more legacy financial institutions. Regardless of subsector and technology prowess, financial institutions must stay on top of innovative KYC technologies and methodologies in order to keep pace with the ingenuity and creativity of illicit actors, while meeting the customer experience demands of an increasingly digital native customer base.
Michael Ronickher, Partner at Constantine Cannon LLP
Tighter regulation. Growing international awareness of the US as one of the top remaining secrecy jurisdictions was part of what led to the AMLA and its heightened requirements.
Our relatively lax system will continue to be tightened as domestic policies are brought in line with the best international standards.
All this will happen as fintech makes for an increasingly difficult job for the compliance professional, who needs to master the ins and outs of new technologies, as well as cryptocurrencies, that make concealing customer identities and transaction sources easier than ever. RegTech can help, but it adds further complexity.
Miriam Goldman Epstein, Operations Manager, SQOPE S.A
We expect the market demand to grow in size and in the level of reporting expected. Reputational issues will be an expected feature of any good KYC report, as will enhanced coverage of an individual’s source of wealth.
To this end, we expect that what is today considered deep due diligence will, in the future, be the standard level of reporting as financial professionals will adjust to the need for more in-depth coverage of all risks associated with a given individual or entity.
In summary, we expect that the future of KYC compliance will be increased accountability vis-à-vis whom we enter into business.
Joel Lange, Managing Director, Risk & Compliance Division at Acuris Global
There have been many utilitarian and community based initiatives over the last decade around KYC. Many have fallen flat, but some have succeeded.
Where there is a willingness to share baseline services and create a global minimum for baseline KYC there has to be cost savings for communities.
But that relies on communities realising these basic standards and commonalities. They are worth persevering for, not just to bring down cost but also to work together to fight financial crime.
Jehan Jeyaretnam, Head of Compliance Services, Acuity Knowledge Partners
We expect increased and standardised regulation to enable the creation of utility-type services for KYC ratings based on standardised and accepted risk-assessment methodologies.
A comparable industry model would be the credit rating firms that issue ratings on debt issuers.
We also believe emerging themes such as the shift to cryptocurrencies and ESG will impact those KYC processes currently limited to detecting traditional forms of financial crime.
Oonagh van den Berg, Founder and Managing Director of Virtual Risk Solutions
Automation and a move towards AI and Machine learning is necessary to be able to process the large amounts of data to identify typologies within complex networks as they happen - not reactively. However in the interim we will see changes in the necessary skill sets required to develop innovative approaches to combating financial crime.
We also need to see much more being done on ESG policy being interwoven into sanction and KYC policy to ensure we are complying with our ESG commitments across the banks activities and proactively helping in early detection of potential illicit activities. This is going to really be at the forefront in 2021.
Going forward, the understanding of Crypto and risks in different coin types is going to be essential for proving yourself as a KYC compliance officer.
Allison Spagnolo, Managing Director at Guidepost Solutions
The next step in KYC compliance will be the adaptation of traditional KYC compliance concepts and regulations to emerging technologies like cryptocurrency.
KYC compliance must be a fundamental component of these technologies, but the traditional methods (like paper applications) are not workable in these new environments.
Ultimately, regulators may need to establish new guidelines that address the specific complexities and unique nature of these technologies. Until that time, though, cryptocurrency creators will have to thoughtfully incorporate KYC compliance measures that respond to current KYC regulatory schemes.
Braden Perry, Partner, Kennyhertz Perry, LLC
While managing risk is imperative, over-managing risk can also hinder business practices. So it’s imperative that BSA/AML staff are capable of striking the balance of managing risk and procedures while ensuring the business is functioning correctly and securely. This is where I see what CEOs want in compliance leadership. If the forest becomes too dense to see the trees and the tone at the top (i.e. the CCO/Head of Risk) allows the company to become reactive, meaning that they do not anticipate issues but wait for issues to arise and then act or “react.” This leads to short-sightedness, looking at the near-term, and not focused on long-term goals. This is opposed to the “proactive” approach and forward-looking, not only in anticipating issues that might arise but in having clear directions and goals.
Eyal Barsky, CEO of OCR Solutions
Artificial intelligence will be the key to more accurate risk insights and enable complete automation. The size of this market grows daily and even hourly. Analysts will have various tools for KYC investigations at the tip of their fingers and issues that arise will be brought to their attention in a matter of microseconds. New uses of AI will focus on reducing false positives, allowing institutions to speed up onboarding processes. AI will distill large volumes of information eliminating content irrelevant to financial crimes and introduce flexibility and adaptability. This will result in large enterprises, like banks, gaining a complete competitive advantage. This makes it critically important for financial institutions to find providers with the experience of understanding the regulatory environment.
Brad Elbein, Partner & Government, Regulatory and Compliance Practice Co-Chair, Culhane Meadows
In the law enforcement and national security world, demands for information seem to grow exponentially. No “new standard” of what information is enough, ever remains “enough.” As we see from the recent hack by state actors, serious new threats are evolving to take advantage of the troves of data held by government and businesses that are seen as the lifeblood of our information-based economy. Additional law enforcement and national security KYC compliance requirements are easy to foresee in this context. Whatever one thinks of the danger of a “national security state,” it’s not hard to see that the world is a dangerous place these days; nor is it hard to see that our defenses are insufficient.
In the commercial/consumer arena, the expansion will likely be equally energetic. More and more, consumers’ and businesses’ interactions will be experienced as mere parts of the whole world of their activities. For example, I made a warranty claim today on a particular consumer product. There is no doubt in my mind that if the vendor were a sophisticated entity in a high-value market, they would run a “verification” or “validation” scan at my first contact. That information would place my request in the gestalt picture of every possible factor that might be relevant to their response. They would know who I am and what I do, my income level, my credit score, my history of warranty and insurance claims, my purchasing habits, maybe my health status, and on and on. That information could well inform their decision about whether they would honor my warranty repair: they’ll know that I’m a compliance lawyer and litigator with a national firm in Atlanta who has a background in consumer law. That might suggest a different business decision to them than if I were someone less likely to be trouble.
Sandra Ciaraite, AML Analyst, Danske Bank
In the long term, new generation banking will definitely change the KYC processes employing new technologies like blockchain or similar for facilitation of KYC compliance requirements. The potential of RegTech is also awaiting to be unlocked and will benefit compliance departments in reducing labour costs. Contactless identity verification and account opening will be a new norm and financial institutions are getting ready for it. Probably the last dinosaur to go extinct will be documentation certification as we understand it now, given it is still a valid requirement in quite a few European jurisdictions and UK.
As per KYC compliance regulatory development, The 6th AML directive is at the doorstep and will tackle the quality of the technology financial institutions apply where having sound KYC compliance procedures will not be enough. The directive extends the list of activities to be recognised as money laundering, including cyber-crimes, meaning financial institutions soon will be asked to develop and strengthen cyber-crime prevention units, as well as personal data management which goes hand in hand with cyber security. Lastly, it is a rather clear trend within recent regulations that full transparency of the beneficial ownership is on top of the agenda and will demand new solutions.
Chris Siddons, Senior Director of Financial Crime Compliance at LexisNexis Risk Solutions
The future of KYC compliance comes not from recontextualising how KYC checks fit into the overarching legal and ethical obligations that firms have to their stakeholders.
KYC intersects with a number of broader trends concerning the role that companies should play and the factors they must consider when shaping their business strategy and operations, including Environmental Social and Governance (ESG) factors, safe and legitimate supply chains and third-party risk, as well as Environmental Health and Safety (EHS) obligations firms have to their employees.
Emerging technologies, already present at an initial state, will further mature into complete forms. Identity recognition methods are coming into surface through different available solutions. Technology extending towards innovative solutions, including face recognition, fingerprinting recognition, and eye scanning is supporting KYC solutions to react by stretching towards the same direction. The process will continue to carry forward the existing principles through new elements. KYC compliance will evolve with the pace of the applied technology by balancing solutions with resources. The expected mutual trend to occur is the joined development of technology and KYC compliance, arising through the combined through common points. The combination of innovative technology and applied compliance will make each process better. In this regard, the future of KYC compliance looks more advanced in technology, more efficient in resource utilisation, and more effective in application.
Sukh Vairea, Compliance Manager
The future of KYC compliance is one of hope. But changes need to be driven top-down and bottom-up. At the regulatory level, governments need to pass law quicker and increase investment in fighting crime. Law intelligence units, corporate registries, regulators, and banks need to work with each other and not against each other.
Access to data, improvements in standardisation and transparency will improve intelligence sharing. Beneficial ownership and politically exposed person registries will hopefully be in a better state and accessible to all.
The future will see businesses perform better KYC and onboard customers faster than ever before. Automated straight-through-processing with short minimal reviews for low risk customers will become more integrated in compliance workflows. The time taken to review subjects will gradually drop. Compliance teams will be able to focus resources and effort to the areas of highest risk requiring enhanced due diligence.
The future will see the battle continuing against criminals. A never-ending cat and mouse game. There will be losers but some winners too. Everything depends on how you tackle the issue, the importance of KYC to your business, and how well equipped you are to fend off the threats.
Phillip Hamilton, Senior Compliance Investigative Analyst, Compliance Department, Sutton Bank
The future of KYC compliance will be governed by the technologies offered by FinTechs and the payment platforms that partner with financial institutions to provide banking services introduced to the marketplace.
Regulatory agencies will have to update the guidance provided to financial institutions on what risks are acceptable when processing third-party transactions on behalf of these companies and platforms. The future of compliance will see the enhanced due diligence of customers before onboarding and more collaborations between banks, FinTechs', and Payment Processors as traditional banking transitions to introducing AI and crypto-currencies.
Raj Tripathi, Senior AML/KYC Compliance Professional, Asia
The Future of KYC lies in digitisation, increased usages of Artificial Intelligence (AI) and machine learning, which is already on the rise. It is becoming critically important for organisations to be able to detect new unseen patterns that reveal illicit activity and understand where their risk is coming from. KYC practices are required by businesses across the globe to perform customer due diligence. It is not an uphill task as it may seem, provided we embed the right mind-set with increased usages of technology. It is an investment of a few thousand dollars to demit the loss of millions.
Business owners should prepare for a future where they are constantly relearning, adapting and innovating in order to thrive. The trends highlighted represent a huge opportunity for those ready to embrace change and adaptability is the answer in this fast-paced, ever-evolving world.
Yana Afanasieva, Founder of Competitive Compliance
Compliance should shift from an information provider to become a function responsible for implementation. Information is everywhere and you can get it for free. More information does not empower anyone, more likely than not it creates overwhelm.
Most founders and FinTech business leaders are curious people, they have access to LinkedIn and Twitter and they (more or less) know what the legal requirements are. If compliance’s only value and only role is to provide the requirements or review things and find deficiencies and not be a part of any implementations or solutions, you could give this job to a fairly junior person.
When I talk to my founders and CEO clients about “Travel Rule” – they already know what it is and what FATF concluded, and what Christine Lagarde said and what FinCen proposed and what Circle and Coinbase have published… They don’t need more education from me. They expect me to tell them something they don’t yet know – what are the options, pros and cons of various implementation strategies for their business and their clients.
Andreea Rainer, Founder Attorney at Law of Andreea Rainer Law Office
We find ourselves in one of those rare hypotheses in which we may declare that the future is predictable to some degree: digitisation is the defining feature thereof. Amongst the previous burdens in the field were the volume of physical documentation, storage space, costs and time required to handle the heavy mandatory paperwork for the purpose to comply with relevant KYC regulations. From my perspective as a tech-savvy attorney at law, KYC processes will continue to be carried out mainly in the online environment. Note should be taken that whilst clients expect smooth onboarding and monitoring requirements, lawyers are looking for operational cost-reducing and efficient KYC compliance tools to address the new realities.
Alejandro Leáñez Rieber, International Legal Counsel
KYC compliance systems will keep growing since regulations and enforcement proceedings by governments will keep getting more complex with new regulations that will need a constant update by companies and financial institutions.
More sophisticated systems of screening and data capture will emerge, software will adapt to the regulatory complexity and will reduce the time and cost of KYC compliance. However, the human element will still be there to make the final decisions by gathering all the facts.
Financial institutions will be sharing more data with regulators to comply with applicable regulations. The risks associated with AML, Sanctions and other risks created by applicable regulations will increase the complexity and reach of the KYC compliance systems.
KYC challenges will keep emerging in the future, due to new regulations and the complexity of the markets. The main way to tackle these upcoming trends is with a strong team always trained in new technologies and regulatory trends.
Nenad Jovicic, AML/FT Expert at Erste Banka Srbija
The future of KYC compliance is reflected in further development of IT solutions that would enhance the ability of the financial institution in the KYC area, by improving data quality, onboarding processes, monitoring processes, automating activities that spend a lot of time of the employee. On the other hand, in the future, financial institutions would need to spend less resources on a big number of employees, but on a skilled staff that would effectively use the digital data that is available.
Financial institutions need to be more agile and to be able to quickly adapt to the new environment in order to stay relevant and competitive, especially regarding the KYC compliance risks, since these changes have an effect on every employee and if not the consequences are great and dire.