The Evolution of CDD: It’s Time for Change
September 4th, 2023
CDD Onboarding: Modernize to Mitigate Risk and Increase Customer Satisfaction
Attempts to counter money laundering activities have been going on for decades with initial regulations established over half a century ago. However, as criminal activity continues to evolve, new measures need to be put in place. One of the focal areas for financial institutions (FIs) is Know Your Customer (KYC) and Customer Due Diligence (CDD). This process of collecting critical data elements on a customer needed to confirm the identity of a customer and assess their potential risk of money laundering activities has deep financial impact: Many industry surveys indicate CDD processes and tools consume over 40% of the total Anti-Money Laundering (AML) budget.
Initially, many CDD solutions were only collecting the critical required data about a customer. The problem was the data did not differentiate the customer base enough to properly establish peer grouping or segmentation. Many FIs were left with two very broad segments, individual and entity.
The one-size-fits-all (or two-sizes-fit-all) tactic rapidly failed, leading to exploration of new approaches. This led the way to the other extreme, one complex form comprised of deeply rooted conditional statements. These were the early attempts to take a risk-based approach. However, these new approaches had drawbacks: To meet criteria, the FI potentially gathered unnecessary and repeated information from the customer, impacting customer satisfaction. And the forms were very complex and hard to maintain and document. This made model validations difficult and examinations more complicated. Periodic reviews tended to be a critical component of updating information, which meant data could be quite stale depending on when the last review was held, which could have been several years prior.
Today, you’ll find many of these forms still exist; probably in the same format as when they were implemented since modifications to the forms are not straightforward. However, many organizations have now introduced technology to ensure only the essential questions are asked of the customer, reducing repetitive questions and ones about known customer information. Dynamic onboarding forms, which are provided to the customer to complete, come with many benefits over the older, more rigid onboarding forms. Benefits are:
- Risk assessments became more granular for a more accurate assessment of risk
- The more granular data led to better segmentation, which facilitated better transaction monitoring
- Forms provided the ability to not only narrow in on the high-risk customers on which to perform Enhanced Due Diligence (EDD), they offered the ability to narrow in on inherently low-risk customers on which Simplified Due Diligence (SDD) could be completed, saving valuable time
- The more detailed risk assessments and customers being segmented more accurately led to being able to further elongate the duration between periodic reviews—especially for inherently low-risk customers
In the last couple of years, significant changes have emerged in the AML landscape, one of them being “data evolution”. In the past, there have been a few key data providers, very much focused on sanctions, politically exposed persons (PEPs), and adverse media. Many new providers have come forward and expanded the availability of customer enrichment data. FIs now have access to other information like corporate structures and boards of directors, cryptocurrency data on providers and controlling parties, cannabis-related businesses, human trafficking affiliated businesses, associated parties of risk, social media presence, historical residency information, dark web searches, and the list continues. This opens a new door and a new way of thinking. FIs can not only leverage this data to build more robust profiles and expose hidden risks, but at the same time, elevate customer experiences.
Data Validation, Not Just Collection
This availability and access to data further reduces the requirement for long, complex customer onboarding forms. Onboarding forms (physical or digital) are not irrelevant, but much of the complexity can be removed. With the new wealth of data, FIs need only collect the critical data elements about a customer and then can leverage third-party data to supplement the risk profile. The process moves from data collection to data validation; collect the data, supplement it, and have the customer validate the information for accuracy. This advanced method of completing a risk profile comes with many benefits:
- The maintenance of complex forms is ultimately removed. Simple forms can be introduced, and the rest of the profile is supplemented with external data
- Less effort is put on the customer, reducing friction. Validating data is easier, quicker, and potentially more accurate than creating it
- Onboarding times are faster, allowing the customer to begin transacting in a shorter time period. Profiles are more robust. Risk-related information can be delivered that you typically would not ask customers, or they would not be forthcoming to provide
- Risk assessments are more consistent. Compliance analysts are no longer trolling various sources of data. The FI can determine the trusted sources, and the data they are interested in, and the solution will simply return the results providing an apples-to-apples comparison of their customers
- The need for periodic reviews goes away. The data is continually updated as changes occur. There may be instances where financial institutions may choose to perform a period review; however, the effort involved is greatly reduced. Again, this turns into a validation process. The CDD solution provides the necessary data for the review, and the compliance analyst must simply review the information and ensure they are comfortable continuing with the relationship
- Ultimately a much more accurate risk assessment is created, enabling FIs to monitor their clients more accurately
Verification During Onboarding
Verification is an essential step in any KYC process, especially at the onboarding stage where there is no, or limited, history on the customer seeking to access financial services from your organization. This stage is required to confirm the identity of the customer, using approved identity documentation, usually government-issued, such as a passport or driving license. First, organizations need to verify that the documents supplied are legitimate—this alone can be a challenge. After, the documents must be checked to ensure they are consistent with the details supplied by the customer and legitimately belong to the customer. Finally, the informational documents provided by the customer need to be verified by independent sources. These steps have historically been manual processes that can take significant time; however, advances in technology, such as data intelligence tools automate this process with highly accurate results.
Data Intelligence Tools
Data intelligence tools can automate data gathering and processing, both enriching customer profiles with additional information and connecting data so documents and information can be validated and verified. This does not come without challenges. The data coming back to the financial institution must be tied to the appropriate customer to ensure the customer is not reflecting “false risk”. To do this effectively, a strong entity resolution solution must be in place. Many FIs have gone down the path of implementing a corporate-wide entity resolution solution, but with mixed results. Different functions within the organization hold different views of a customer. For example, finance in many cases is looking at a rolled-up version of a customer to understand a relationship’s value to the business. The sales function may be taking a more regional approach. However, getting down to the level of a customer that compliance needs to risk rate can be a challenge, as it is quite granular. This whole process was typically done to address internal issues, such as duplicate records and siloed information from disconnected systems. With the introduction of external data, the need becomes an even bigger reality and a greater challenge.
Entity Resolution Crucial for KYC/CDD
Entity Resolution is now a core component of many KYC/CDD requirements and is an important tool for effective CDD. Entity resolution needs to be fully integrated between internal and external data sources, aggregating data and resolving it against the right customer. These solutions, which include data aggregation, will help in managing the sources of data the FI wants to use to enrich the customer profile. They also manage the de-duplication within those sources and directly tie the information back to the right customer. Taking it one step further, they continue to monitor for change, which is automatically linked and incorporated into the customer profiles. The profiles are re-risk rated and inform the relevant team in the FI if there has been any change to the customer risk as a result of the new information.
One word of caution, though: there is a lot of data available, so you need to maximize the use of technology, especially data intelligence tools, to ensure you’re not creating needless “noise” by collecting unnecessary data. Look at the risks to your organization that you’re most concerned about, and target sources for data that can help. It’s the expectation of examiners that if the data is brought into a customer profile, it has been reviewed. Do not overburden your analysts with data that doesn’t necessarily apply.
KYC/CDD programs have made some significant strides forward in the last few years. If your organization is continuing “business as usual” with the same program that was put in years ago, consider it time for a refresh. KYC/ CDD needs a strong onboarding and ongoing KYC program with the right technology that seamlessly integrates information gathering from the customer, automated validation and verification of the customer and their documents, enrichment of the customer profile with third-party data, and de-duplication and consolidation of customer records for accurate and effective risk assessment.
Leveraging new technologies in combination with the right data sources will not only make your program more efficient, but it will also be more effective by increasing customer satisfaction, reducing customer friction, and mitigating unnecessary risk exposure. Now is the time to make the change.
To read more about the different KYC/CDD solutions NICE Actimize has to offer click here.