Utilities: Reaching the tipping point?
By Sylvie Clerbout, Global Head of Compliance, SGSS
“It seems that there is still a long way to go toward bringing the full efficiency one would expect in using such facilities. There is also the question of whether the use of KYC utilities will extend beyond correspondent banks, particularly with the way banks deal with fund and asset management companies. There are big KYC challenges in these areas, and the development of utilities will be of significant benefit to banks because it will bring standardisation and consistency of approach and reduced costs.”
Financial Crime Compliance utilities have continued to achieve increasing support, not just as a concept, but as a practice. As the conversation evolves in terms of which compliance processes to outsource, in order to reduce cost, what are the key considerations when making decisions as a business, and how does one maintain control of critical compliance and risk functions?
- In relation to Know Your Customer (KYC) obligations of banks, shared utilities can add value. Banks are under increasing scrutiny from regulators to comply with anti-money laundering (AML) and counter-terrorist financing (CTF) rules. But there are also new obligations related to tax, particularly the US Foreign Account Tax Compliance Act (FATCA). Banks are required to report on US nationals with accounts in foreign countries. All of the new regulations are putting the onus on banks to collect documents relating to customers. Often, these are documents that have not been previously required so the workload in this respect has increased dramatically.
- Financial crime obligations are not only a burden for banks, but also for customers. Banks have to ask their customers to provide particular documents. This will happen multiple times to an organisation as each of its banking partners will request the same documents. This situation generates frustration among customers and financial institutions. A utility approach to documentation will decrease the effort made on both sides. An additional benefit of a financial crime compliance utility is the consistency of approach it brings. This is of particular benefit in Europe, where despite directives related to financial crime, there may remain different local implementations of these directives and therefore in the approaches to the collection of documents.
- A utility approach enables the industry to build consistent approaches and contributes to the reduction of risk. If common data is shared between local banks and international banks, the chances that regulators will adopt the same approach towards the banks are higher .
- At SIBOS last year, delegates were asked whether they used utilities for financial crime compliance. A huge majority – nearly 100% - said they were already doing so or thinking about doing so. This means there is really no question about whether we have reached a tipping point – the industry is already there. However, we have to be clear that today the use of utilities for KYC is mostly restricted to correspondent banks exchanging documentation between themselves through those utilities. The challenges for banks go beyond the banking industry; we have issues with beneficiaries in terms of asset management funds, for example. Retail customers are also an issue. I don’t see any trend yet emerging to go beyond banks and large corporates for KYC utilities. When we look to identify retail customers and asset management clients it becomes much trickier and the use of utilities here is very limited, especially where data protection regulations are strong
- While financial regulators acknowledge the existence and use of utilities, they still say that by law, financial institutions retain the full responsibility for KYC. Banks’ decisions to onboard customers must be based on their own risk appetite. At some point in the future, regulators may decide to bring KYC utilities under their remit and impose appropriate rules on governance and risk management processes. It has already been the case for other type of utilities in the financial industry.
- Local regulators can put added constraints on the use of utilities, for example related to the validity of documents. If documents are shared on a utility, how often do they have to be verified and updated? If a bank wants to onboard a customer, the regulator may require documents that are less than three months old – this may not be available on the utility. Moreover, if another bank enters into a relationship with the same bank, what does that do to the validity of the documents in the utility? There is also a difference in approach among regulators regarding the certification of documents; some jurisdictions require certification, others do not. This makes it difficult for international banking groups, as do different laws about the importation of data from one country to another.
- Most banks have built their own processes and technology around KYC. Utilities are seen by many as a way to rationalise and streamline KYC and reduce costs. However, the use of a utility will require the integration in the existing processes of the user. This will require a certain amount of attention and a project-led mindset.