A customer-led financial crime risk scoring approach incorporating AML, KYC, fraud, threat and other information can help firms gain efficiency.

Today, transaction events/alerts are treated separately (as part of transaction monitoring) from changes in customer circumstances (part of Know Your Customer—KYC) and other potential financial crime indicators such as fraud. We believe that, in the future, it would be more effective for financial services firms to use a customer-led financial crime risk scoring approach incorporating Anti-money Laundering (AML), KYC, fraud, threat and other customer-related information.

Segregation of activities not only creates duplication within firms but also ineffective risk management, as we are only viewing a portion of the information available to us. In the financial crime compliance space, human behavior is linked to identity. Therefore, segregating functions that look at behavior separately from identity is both counterintuitive and, when considering resource requirements, counterproductive.

It is also generally acknowledged that achieving the holy grail of holistic financial crime risk management is no mean feat and not something that can be performed in a day. To meet this challenge several building blocks are required—a common data model, an architecture roadmap that accommodates multiple technologies, a risk scoring analytics suite including extensive feedback loops, intelligent threat routing and prioritization, explainable models and model validation, clarity on the remaining human roles and human-machine interaction, and intelligence-led investigation.

These technological advancements can be done in a phased manner and, in fact, several organizations are already making a step change towards this as the business case from a technology perspective stacks up on its own.

However, functionally how can organizations do this in parallel? One way to do this is to start where natural synergies exist within the financial crime space. A couple of areas that jump out are:

  1. Transactional review of accounts within KYC and AML
  2. Adverse Media and Watchlist Name Screening

The rest of this piece elaborates on the former, illustrating the benefits of “KYC optimization” for financial institutions.

Transactional review of accounts within KYC and AML

Traditionally, transaction monitoring (TM) or transaction reviews (in the case of KYC) are done to assess whether customers are behaving as we would expect them to behave, based on our knowledge of that customer.

The lens applied in the TM world is primarily for money laundering, terrorist financing and other financial crime activities. By contrast, during a KYC review the account activity review should identify the extent to which the actual account activity is consistent with expected account activity and all the key information in the customer profile. While at the outset these may seem distinct, organizations often conflate objectives and end up duplicating efforts and not delivering the desired outcomes.

To understand the impact of the above it is necessary to take a closer look:

What do TM and KYC functions do with regards to activities on accounts?

TM today has become the industry accepted practice of preventing money laundering by reviewing and analyzing anomalous financial transfers or commercial transactions to expose the origins of money obtained through illicit means.

The account or transactional analysis in KYC is a complementary activity to the banks’ TM systems.  The account or transactional analysis performed as part of KYC usually consists of a holistic review of the customer’s product or services and recent transactions against those. This is typically done manually as a step within Customer Due Diligence (CDD) reviews.

However, both account or transactional analysis done as part of KYC and systematic TM have several similarities:

1. TM and KYC account reviews look at historic transactions across a customer’s products often going back a quarter or even a year to assess if the activity is in line with expectations.

2. Both look at similar aspects to assess unusual behavior:

a. Credit/debit turnover versus known income/revenue

b. High levels of cash activity

c. Spikes in activity

d. Overall activity in line with expected income/revenue

e. Cross border activity (especially if not in line with what is known about customer)

f. Intermingling of funds

3. Both analyses or investigations require a summary that outlines explainable or unexplainable activity and escalations if necessary.

The only differences are that they have slightly different objectives and the KYC account review is typically more manual than TM.

What is the impact of this to banks?

The industry set out to create two sets of complementary activities with different objectives. However, both feed off the same source of data and involve looking at very similar indicators. This often results in a situation where there is significant overlap in activity.

We ask the KYC analysts to review the same transactions that are already being monitored by TM systems 24/7. The objectives of these reviews are often conflated, resulting in AML related queries being raised by a manual KYC review versus a true analysis against expected nature and purpose of account.

Cumulatively we have a 1 million-customer bank expending about 70-80 FTE worth of effort on trying to satisfy two slightly different requirements, using the same data sources and employing similar types of analysis.

To understand the impact of this duplication for a small bank with, say, 1 million customers, 10 percent of whom undergo a KYC review in a year (which is not uncommon) and assuming this transactional review (and corresponding evidencing) takes 60 minutes (which is optimistic), it is an ask that requires 60-70 full-time equivalents (FTEs).

The significant resource impact to institutions also obscures the fact that customers are already being monitored as part of other anti-financial crime processes, like TM. In TM alone, even if we assume this overlap is only 10 percent of the alerted population, a small firm could have another 6 to 7 FTEs looking at the same information. This results in duplicated effort across anti-financial crime verticals, compounding resource requirements without proportional increases in risk coverage and mitigation.

Assuming the bank’s cross functional escalations process is working correctly, the bank would have sent these cases across, creating further challenges.

Cumulatively we have a 1 million-customer bank expending about 70-80 FTE worth of effort on trying to satisfy two slightly different requirements, using the same data sources and employing similar types of analysis.

What can banks do?

Banks could use this overlap as an opportunity to make a step change in the right direction.

For example, banks using traditional rules-based TM could create specific rules or scenarios to cater to analysis transactions against expected nature and purpose of account. The transaction types that feed into the scenarios would be the same as those in the other rule sets.

For banks that are slightly more advanced and maturing towards behavioral monitoring, this should be one aspect of their existing models.

Once developed, the TM teams can be trained to examine these alerts or cases and escalate to KYC when required. This could replace the need to have an account review each time KYC is conducted; if developed well, there are considerable efficiency and effectiveness gains to be made. It would also be a meaningful step towards the strategic goal of holistic financial crime compliance.

Submit a Comment

Your email address will not be published. Required fields are marked *