Brand new regulation, same old KYC - or is it?
Know Your Customer (KYC) obligations represent a significant cost to banks, both financially and in terms of resources required.
A recent survey, carried out by Thomson Reuters of around 800 institutions, suggested that on average it costs $60 million (£46.5 M) per year to fully meet all KYC requirements.
Onboarding of new clients can be a lengthy process due to the volume of data that needs to be collected and verified. This can strain client relationships: the survey revealed that 89% of corporate customers had a negative KYC experience, with 13% of customers having changed their institution due to the Onboarding process.
Figure 1. This diagram shows the average time to onboard a client in days
Due to the pressure involved to onboard a client rapidly, sub-par information may be collected. This disregard of KYC regulation can carry heavy penalties from financial regulators.
A prominent example which demonstrates the magnitude of these penalties is the £72 million fine given to Barclays Bank in 2015 for neglecting to perform the necessary customer due diligence (CDD) on several of its clients. (Source; FCA website)
With banks under pressure and already strained due to current KYC/CDD obligations, are they prepared for the introduction of new regulation? Specifically, the upcoming enhancements to FinCEN.
The new regulation will undoubtedly require significant financial investment, both in terms of staff training/development and potential technology adjustments.
Financial Crimes Enforcement Network (FinCEN) is a bureau of the U.S. Department of the Treasury, established in 1990 to protect financial systems from misuse. In 1994 FinCEN assumed more responsibility as it facilitated the Bank Secrecy Act of 1970 – USA’s most comprehensive anti-money laundering (AML) legislation.
The major new change being introduced by FinCEN in their final notice, published in May 2016, focusses on Beneficial Ownership. From 11th May 2018, when these rules fully come into effect, Financial Institutions must be aware of the beneficial owners of all entities that they have, or are planning to have, a relationship with.
The implications of these changes could be substantial, with relationships already tense, banks face the ultimate risk of losing clients.
Up until now if an account was considered low risk and it was regulated, the requirements for onboarding were minimal. In fact, most of the documentation could be obtained from a regulator’s website requiring relatively little time. These pending changes should increase the onboarding due to more in-depth information being required. This could cause tension, particularly as clients are currently unaccustomed to that level of detail.
A Lexis Nexis White Paper which outlines the changes being put forward by FinCEN states that there may need to be changes implemented to current data systems to allow all the additional information collected to be uploaded and stored. This will have a considerable impact on banks, with the high volume of data systems already in use, the cost to update them all will be an undesired strain on resources.
The paper also discusses the importance of staff training. Longer onboarding times and increased KYC requirements will likely result in greater pressure on client relationships, and so staff will be crucial in the communication of this regulatory change.
The impact of these changes has become clear, so much so that FinCEN has doubled the implementation time from twelve months to two years, allowing banks and financial institutions to make the necessary amendments to ensure they are fully compliant.
Although these rules initially pertain to the onboarding of new clients, there are also genuine fears that it could also affect the KYC refresh process. Failings in this process can expose banks and financial institutions to financial, reputational, and regulatory risk.
Financial risk would arise from the bank having to restrict the account from trading if the KYC requirements aren’t met. Repeated client outreach to gather additional information is likely to be considered unprofessional, exposing banks to reputational risk. And, of course, there is significant regulatory risk with non-compliance, resulting in substantial and, at times, high profile fines.
FinCEN was one of many regulation changes released in 2016. The Financial Action Task Force (FATF) and The Monetary Authority of Singapore (MAS) reviewed their policies whilst changes were made to the 4th EU Anti – Money Laundering (AML) Directive. All of which will further impact KYC/CDD.
Due to the increased requirements placed on banks because of overarching regulation, it is easy to understand why so many are exploring the option of outsourcing to trusted and highly skilled vendors.
With all these changes, perhaps the real question is can financial institutions keep up?
Teresa joined FinTrU through our second Financial Services Academy in 2015 after graduating from Queens University Belfast with a MSc in Chemistry. Teresa has continued to expand her knowledge of the financial services industry having obtained the CISI Investment Operations Certificate.
Since joining FinTrU, Teresa has worked as a Know Your Customer (KYC) analyst for a Tier I investment bank.
As part of this team, Teresa conducts investigations based on global standards, policies, tools, and procedures to ensure compliance with internal and external regulatory requirements. She conducts independent research to gather and record data from internal systems, commercial databases, and the Internet.
She uses background knowledge and experience to conduct complex data analysis, liaising with clients, account executives, senior team members and compliance to make sure all documentation for new accounts meet the KYC requirements.