Continuous Compliance: The Inevitable Shift to Perpetual KYC

Ben Marsh, Global Head of Client Lifecycle Management

Illicit financial flows through the global system have exceeded $3 trillion. Given such alarming amounts, how can compliance teams keep pace using only traditional, mainly manual tools and processes?

At the forefront of detection, Know Your Customer (KYC) plays a critical role in onboarding, serving as an entryway for legitimate clients and a deterrent against nefarious actors. However, traditional KYC methods are riddled with inefficiencies that negatively impact the business, customer experience and leave significant gaps in combating financial crime.

But not for long. Technological advances are transforming traditional KYC practices. Advanced data management allows orchestration and automated data enrichment from external sources and reuses existing customer and connected party data across the business to minimize processing efforts. AI, intelligent rules and workflows can ensure appropriate policies are used for end-to-end process automation. These approaches deliver greater efficiency, better customer experience, faster time to revenue and enhanced compliance. With machine learning and AI in ongoing monitoring teams are proactively informed of material and non-material events making pKYC possible.   

As technology advances, regulators increasingly adopt a proactive technology-led stance, recognizing the effectiveness and efficiency of AI-powered capabilities like pKYC in combating financial crime.

A risk-based approach with pKYC offers adaptability and efficiency

Since the early 2000s, all financial institutions must adopt a risk-based approach to align with the Financial Action Task Force’s (FATF) guidelines. The FATF, the global money laundering and terrorist financing watchdog, defines this approach as identifying, assessing, and understanding exposure to money laundering and terrorist financing risks and taking “the appropriate mitigation measures in accordance with the level of risk.”1

In effect, this means that firms must truly know their customers and the risks they pose throughout the customer lifecycle.

So, how does pKYC help facilitate a risk-based approach? 

Let’s look at the traditional KYC process. When a client is first onboarded, they are typically assigned a risk category of low, medium, or high, which warrants, for example, a review in either one-year, three-year, or five-year cycles. While clearly defined, this method could expose a financial institution to unwanted risk between scheduled reviews.

pKYC takes a more proactive approach. It prompts a review when substantial changes occur instead of waiting for a predetermined time frame. This dynamic method of risk management leverages intelligent rules and policies plus AI and machine learning to analyze enormous volumes of automatically sourced internal and external data. When a relevant change is detected, compliance analysts are automatically alerted to investigate further.

The automated and real-time nature of pKYC allows operations and compliance teams to concentrate efforts and resources on higher-risk occurrences rather than adhering to time-bound reviews. This method aligns with a risk-based approach, helping firms maintain vigilance while adapting to risks in real time. 

pKYC and regulatory alignment for better compliance

Rooted in a risk-based approach, adopting pKYC helps financial institutions stay aligned with emerging regulatory frameworks and expectations.

pKYC helps firms adhere to regulations

Implementing pKYC from the point of onboarding brings financial institutions in line with regulatory requirements. For example, in the US, the Financial Crimes Enforcement Network (FinCEN) states that financial institutions should maintain and update their clients’ information on a risk basis under its Customer Due Diligence rules.2 Similarly, the EU’s 4th Money Laundering Directive requires ongoing monitoring of customer relationships. pKYC directly helps firms comply with these regulations.3

Regulatory attitude shifts toward innovation

Regulators are also shifting towards dynamic and technologically forward compliance. Many countries have developed strong governance frameworks and targeted initiatives. Singapore, for example, has recently committed SG $1 billion towards implementing the National AI Strategy 2.0, emphasizing its strategic investment in advancing AI technology.4

The Financial Conduct Authority (FCA) has also elaborated its approach to fostering responsible technology use in the UK.5

Similarly, the EU’s AI Act aims to promote the safe usage of advanced technology while promoting a trustworthy environment for AI technologies to develop.6

Anticipating pKYC as a regulatory norm  

As technology capabilities grow, national regulators may eventually advocate the adoption of technology-led processes like pKYC, which are increasingly viewed as essential for efficiency and effectiveness.

This technology-forward trend is supported by the increasing availability of application programming interface (API) connections to regulatory registries facilitated by authorities such as the FCA7. While these APIs are aimed at broader regulatory compliance, they can facilitate real-time access to regulatory databases, allowing financial institutions to integrate data streams seamlessly into their systems.

As financial institutions continue to adopt advanced AI methods and ingest real-time data from multiple sources, it’s likely that regulators will strengthen oversight and introduce more stringent data governance requirements. Looking ahead, these technological advancements could further enable real-time access to regulatory data, potentially streamlining client onboarding and ongoing KYC processes still further.

Addressing the challenges of corporate onboarding with pKYC

pKYC significantly improves the onboarding process for financial institutions, particularly when handling complex corporate clients. Here’s how pKYC helps address common challenges:

Untangling intricate corporate structures

Corporate entities often have complex, multi-layered ownership structures across jurisdictions. This complexity complicates the identification and monitoring of beneficial ownership. pKYC addresses these issues by continuously tracking significant changes such as in ownership or geographical scope, promptly alerting compliance teams. By doing this, firms can maintain accurate and up-to-date information.

Keeping up with frequent changes

Companies routinely make significant changes as part of their day-to-day operations. Mergers, leadership shifts, geographical and business activity scope can all drastically change the risk profile. pKYC uses real-time data to flag such changes and adjust risk profiles accordingly.

Promoting cost and operational efficiency

Onboarding corporate clients is resource-intensive, usually involving extensive documentation and verification. It can be costly and time-consuming. pKYC facilitates operational efficiency by automating these processes and streamlining data collection, significantly reducing manual labor and cutting down costs.

Minimizing human error

pKYC reduces manual processes and decreases the potential for human error — especially beneficial when managing large volumes of data for corporate clients. This enhanced data accuracy improves compliance and supports better decision-making across the organization.

Improving the client experience

Clients often face the frustration of being contacted multiple times for the same information. This redundancy can be disruptive, whether by different departments within the same financial institution or across different institutions. pKYC enhances this process by continuously analyzing data and monitoring changes, minimizing repetitive information requests and unnecessary contact. Overall, this improves satisfaction and helps build long-term trust.

Forward-Thinking Compliance with pKYC

As technology advances, pKYC becomes integral to financial institutions’ anti-financial crime programs. Adopting pKYC aligns firms with current regulatory frameworks and positions them to strategically and proactively address existing challenges, particularly in corporate onboarding. Continuous KYC, driven by AI and automation, advanced data management and intelligent rules and policy management is directly in line with a risk-based approach, which demands dynamic, efficient practices, and is set to become a key component of future regulatory standards.

For more information on NICE Actimize’s pKYC solution, click here.

 

[1] https://www.fatf-gafi.org/en/publications/Fatfrecommendations/Risk-based-approach-banking-sector.html

[2]https://www.fincen.gov/resources/statutes-and-regulations/cdd-final-rule

[3] https://www.niceactimize.com/blog/ercm-whats-perpetual-kyc-and-how-can-i-implement-pkyc-successfully/

[4] https://www.straitstimes.com/business/s-pore-s-1b-ai-boost-will-help-sustain-competitive-edge-in-digital-era-say-business-leaders

[5] https://www.fca.org.uk/publication/corporate/ai-update.pdf

[6] https://digital-strategy.ec.europa.eu/en/policies/regulatory-framework-ai

[7] https://www.fca.org.uk/publication/documents/register-extract-handbook.pdf

 

Widening the Net: SEC Fines Six Credit Rating Agencies

October 4th, 2024
Paul Cottee, Director, Regulatory Compliance, NICE Actimize

Digital Communications Storage is Finally Moving to the Next Level

June 21st, 2024
Audrey Costabile, Senior Analyst, Market Structure and Technology, Coalition Greenwich

Highlights from the May 2024 Compliance Executive Roundtable

June 20th, 2024
Paul Cottee, Director, Regulatory Compliance, NICE Actimize & Eric Young, Senior Managing Director, Guidepost Solutions
Speak to an Expert