The State and Future of KYC
“Know your customer” processes in finance used to be a pen and paper thing, with a lot (and we mean a lot) of photocopies of driver’s licences. New technologies are now available to replace manual labor with fully digitized workflows. But current discussions around KYC focusing on the balance of compliance requirements and user experience only scratch the surface.
There’s a lot more to be said about the future of KYC and planning for success starts now.
01. What is KYC
KYC is a mandatory verification process for banks, lenders, insurance providers, and other financial and monetary companies of all sizes.
By law, they are obligated to identify customers, gather background information on them and assess their risk factors.
KYC is the data-driven process allowing companies to ensure that their customers:
- are who they claim to be
- meet the requirements to use regulated financial services
- don’t engage in criminal activities using their products
The goal is to prevent fraud, tax evasion, terrorism financing, and other financial crimes. With a proper understanding of customers and their financial dealings, service providers can reject applicants with questionable or shady profiles. From there, they can more easily monitor their clients’ activities and manage risk.
As they say: knowledge (about your customers) is power.
02. Why it matters for bankers, lenders, insurers (and probably you, too)
The compliance regulations governing KYC are complex and layered. Generally speaking, KYC or know your customer is rooted in Anti-Money Laundering (AML) standards and legislation — which exist both at global and national levels.
In 1989, countries around the world made a concerted effort to fight financial crime by committing to follow the recommendations of the Financial Action Task Force. But KYC doesn’t have a single, one size fits all definition. Different geographies have different versions of AML legislation, and other laws might also factor in, too. The bottom line: if you want to do business in a territory, you have to play by its rules.
Failing to meet the requirements has led to hefty fines.
In the current compliance environment, regulated institutions have to build their own KYC program. They will craft internal policies based on their interpretation of the applicable regulations and understanding of the risks they are facing. These policies dictate the instances where KYC is required and the kind of information they need to perform verifications.
Standard KYC procedures generally start when a business onboards a new client, or when a current client acquires a regulated product. They fall along these lines:
- Customer identification program (CIP) — the customer is who they say they are.
Financial businesses have to collect reliable information to verify their customers’ identity — you know, making sure they’re real people. The customer provides an ID and proof of address and other documents as required. The business must then countercheck that information using documents, non-documentary methods, or a combination of both. A positive match indicates that the customer is who they say they are.
- Customer due diligence (CDD) — risk risk risk.
Financial providers must be especially careful about who they take in as clients. As a result, they conduct detailed risk assessments with extensive background checks. Here, they have more leeway in how they go about fulfilling their due diligence responsibilities. They might require customers to provide information about their occupation, the purpose of their account and source of their funds, all the way to financial statements, banking references, and other documents. As a result of their analysis, they assign a risk rating to each client and monitor their activities accordingly.
- Ongoing monitoring — data data data.
Financial institutions must monitor their clients’ transaction patterns, especially those with high-security status, and report suspicious activities.
Widespread KYC compliance not only protects individual clients from the impacts of fraud. It protects the integrity of the financial system by reducing the odds of businesses being used for criminal activities.
03. A framework to think about KYC
So what does all of this mean at the product level?
We have a theory.
An effective KYC compliance program is mandatory to fulfill anti-money laundering obligations, which means that failing to meet the requirements can lead to hefty fines or even criminal prosecution. But there is more depth to it than a simple exercise in compliance. It actually performs three core functions within any financial business: compliance, of course, but also user experience and operations.
Understanding how KYC works and impacts your business all three levels allows you to optimize opportunities to fight fraud, customer attrition and business risks.
Compliance
KYC requirements raised to the forefront of financial crime prevention in the 1990s. While they helped organize the fight against money-laundering, they also lacked nuance. Meeting regulatory expectations back then meant having the right controls in place, and was mostly about ticking all the right boxes.
The baseline for KYC has since evolved. Regulators and businesses have now embraced the risk-based approach. RBA is the current compliance environment that we outlined in the previous section, in which business-specific risks are identified and managed.
Financial institutions must assess their vulnerability to fraud based on the type of products they offer as well as their political and economic context. They develop their own policies and deploy controls that match the actual risk they’re facing.
The extent of due diligence and monitoring for a particular customer is tied to their risk rating.
Adopt a pragmatic approach to make the best use of your limited resources and mitigate the greatest risks to an acceptable level.
- What actual financial crimes risks is your business facing?
- How are open banking regulations in your geography affecting major risks factors related to your business?
- Does your current control toolbox allow you to deploy measures proportionate to those risks?
User experience
KYC is an integral part of your customer onboarding process. Asking customers to manually enter information and provide documents has a special way of complicating things. Those are the kind of actions that add friction to their experience.
Optimal onboarding journeys offer more than one path to success, and allow users to switch seamlessly, if and when they want to. Yet in practice, financial providers are often the ones disrupting the process, whether by asking their applicant to leave their experience to gather more documents or wait for an in-person meeting.
Financial businesses also struggle to offer alternatives when the most common method of identity verification — in-person verification — fails to work or can’t be applied. This leaves applicants with no choice but to drop the onboarding process.
Focus on making your KYC process, and your whole onboarding experience for that matter, customer-centric. To get there, the first step is to empathize with your clients. Understanding your process from the perspective of your applicants will help you to not only identify their main friction points but also the way they experience them. When creating or updating your processes, follow this principle of customer-centricity: don’t just design for your clients, build with them. Listening to your customers and using short iterations allows you to match their expectations without slowing down your project.
- What steps are required to become one of your customers?
- Are there any moments where your onboarding process is disrupted, whether because your client must wait for a meeting or leave your digital experience in order to perform a task?
- Is the information you get from your KYC process, or your onboarding process as a whole, helping you personalize your customer’s experience?
Operations
The rules of regulatory compliance and the rules of business are not as contradictory as they may seem at first. A sound KYC program actually protects your company from potential risks to business operations.
For one, financial providers with inadequate verification processes are subject to greater risks of fraud, with monetary and reputational implications. Efficient KYC processes are a competitive advantage as financial firms are expected to deliver consumer trust on top of great user experiences. Establishing a reputation as a trustworthy company has also become a requirement for entering partnership agreements with other financial companies.
What’s more, the cost of running a KYC program is trending up for both front- and back-office operations. Complicated and ever-changing regulations mean that your KYC policies and processes have to be kept up-to-date. Outdated data collection methods force businesses to rely on inefficient manual labor to sort through KYC applications. Improving the cost-effectiveness of KYC processes has become a key challenge in recent years.
Use automation and third-party providers to optimize your processes and make smarter decisions. Manual ID verification can be used with most customers with a high success rate, but it is labor-intensive as it usually requires in-person meetings. Verification checks through credit bureaus allow for more flexibility, but tend to have lower match rates.
New identity verification technologies can be used in addition to your current KYC methods. Dual verification — through a credit bureau and bank-sourced data, for instance — ensures high match rates and strengthens your verification.
- Do you have a backup process if you can’t match the information provided by your customers with authoritative sources?
- How can new or alternative types of data be used to strengthen your verification checks?
- Which parts of your KYC process can be automated using new identity verification technologies?
Putting the framework to work
The answers you will get will help you address clear problems in your KYC compliance program, and bring positive impacts that go beyond ensuring regulatory compliance.
Many aspects of KYC regulations were crafted way before today’s technological advancements, especially when it comes to data access, storing and processing.
When building or updating your KYC process, you should design for flexibility and adaptability in mind. Requirements often evolve, as they are subject to advancement in technology, compliance regulations, business risks assessments, user experience expectations.
04. The state of KYC
There is no single standard for KYC in an industry ranging from personal financial management startups to centuries-old financial institutions. There is, however, a common theme: as a data-driven process, KYC can be vastly improved by new technologies.
In the banking and financial sector, checks are often conducted through a mix of analog and digital channels. Financial firms with a long history of AML compliance are likely to have in-person, paper-based processes supported by digital touchpoints. They’ve made sizable investments and their processes are proven to work — at least when it comes to meeting their KYC policies goals.But disconnections, in the form of channel switching and having to share the same information repeatedly, cripples the customers’ experience.
On top of this, having to keep up with ever-changing KYC regulations pose a real challenge to every financial provider.
Customer friction is increasing
Customers open accounts and sign up to new products as a means to reach their goals — buy a house, send or receive payments, put money away for retirement, and so much more. Yet to get there, they must jump through an ever-increasing amount of hoops. Here, the experience of corporate clients serves as a baseline for how exhausting this process can feel.
Customers open accounts and sign up to new products as a means to reach their goals.
Onboarding new corporate clients now take banks weeks on average, and that number keeps on rising according to Thomson Reuters. That waiting period is expensive for both financial firms and their clients. A survey by Thomson Reuters shows that 89% of companies did not have a good KYC experience, and 13% had changed banks as a result. In addition to the time spent gathering their information and documents, ongoing monitoring ads its own layer of friction. Customers don’t appreciate having their transactions blocked or being requested to provide more documents, and end up finding the process unnecessarily invasive and time-consuming.
Compliance costs are increasing
Regulatory compliance is becoming more and more of a challenge, both in terms of complexity and costs. Staying up to date with global and local anti-money laundering legislation can be a burden, and only intensifies as businesses cross borders to expand their activities.
In the current state of practices, customer due diligence and ongoing monitoring weight heavily on business operations. To keep up with the workload, financial institutions have been hiring a staggering number of risk professionals, driving up the cost of KYC procedures. Globally, financial firms average costs to meet their obligations are $60 million, with major financial institutions spending up to $500 million annually.
KYC as it should be
It’s now somewhat of a truism that customers expect from their financial providers the same high-quality digital experiences they get from Amazon or Uber. A positive experience is indeed an important differentiator in an increasingly competitive landscape. Data suggest that the onboarding experience is a key factor that makes or breaks the client relationship.
As a result, conversations around KYC usually get lost in the details about balancing UX and compliance. But given the current state of technology, that’s an either/or trap: improving one doesn’t come at the cost of the other anymore.
Conversations around KYC usually get lost
in the details about balancing UX and compliance.
For innovative companies working to reach the sweet spot of compliance, UX and operations, smart and agile KYC technologies have moved from ‘nice to have’ to ‘must have’. Digitizing your process gives you the ability to integrate identity verification seamlessly to your onboarding experience. Providing multiple options allows your customers to engage in the manner they prefer.
Leveraging multiple data sources leads to higher match rates and data quality, allowing you to fulfill your due diligence obligations more efficiently.
The challenge now lies in choosing the right technology and putting it to work.
05. The future of KYC
Embracing the digital transformation of the KYC process allows financial businesses to reduce operational costs, be more responsive to customers’ needs and strengthen their processes. The future of KYC is in stark contrast with today’s labor-intensive and time consuming processes.
With minimal input from customers, innovative financial businesses will leverage multiple sources to validate the data provided by the customers and generate faster, more accurate decisions. Adoption of financial data connectivity is currently on the rise across the globe. The benefits are widespread, with immediate and future improvements to compliance operations, risk management, customer experience, and even marketing.
- Simplify compliance. Financial data connectivity allows you to instantly collect personal and income information in a format that conveniently fits with your compliance procedures.
- Automate your processes. The data from your customers’ accounts can be verified by a program to automate routine tasks, such as high-level risk assessment, leading to quick approval of low-risk clients. Cases requiring manual review can then be automatically assigned to the right professionals, based on the outcome of the analysis.
- Build to scale. Financial data connectivity provides a very wide reach, as most customers have an online banking account from which you can gather data. This means you can expand your business to new geographies without entirely rebuilding your processes.
- Pave the way for your customers. Pulling banking data early in your onboarding process allows you to pre-fill forms that your customers only have to verify. This makes the procedural parts smooth and forgettable and lets your customers focus their attention on the benefits of your product.
It’s time to really know your customers
Offering amazing digital experiences is about empathizing with your customers to understand their needs and frustrations. Killing friction in your onboarding process is just a start. The information you gather can — and should — be used to provide personalized, practical solutions helping your clients move from aspiration to action.
A digital KYC process leveraging financial data allows you to start your client relationship on the right foot. With the same connection powering your KYC process, your customers can authorize you to collect their transaction history. Once properly cleaned and categorized, transactional data can feed your models. What you get are deep insights allowing you to understand their needs, anticipate their next steps and personalize their experience throughout their journey.
