Hugo Chamberlain, profile picture
Uploaded byHugo Chamberlain
317 views

smartKYC&EYReportFeb2016wb

This document provides an overview of key client due diligence (CDD) challenges facing wealth managers and how new technologies are helping address these issues. It finds that wealth managers are increasing CDD spending, with the majority focusing on hiring more staff or investing in technology. CDD tasks like politically exposed person screening and verifying source of wealth are cited as major pain points. There is significant variation in how frequently firms rescreen clients. New tools are delivering automation, collaboration and auditability to help slash onboarding times and improve processes. The report is based on a survey of over 100 wealth professionals and in-depth interviews with 20 compliance experts. It examines CDD resource needs, pain points, rescreening practices and how technologies are

Embed presentation

Download to read offline
TOWARDS TRUE KYC: TECHNOLOGICAL INNOVATIONS IN CLIENT DUE DILIGENCE
©2015EYGMLimited.AllRightsReserved.ED0617 Can retirement still be an opportunity to improve financial health? EY’s global financial services team can help improve your distribution, revenue streams and retirement outcomes. ey.com/financial #BetterQuestions
FOREWORD 5 EXECUTIVE SUMMARY 7 EDITORIAL PANEL 9 SECTION 1 QUANTIFYING THE KYC RESOURCING CHALLENGE 12 SECTION 2 MAJOR KYC PAIN POINTS AND THE RISKS THEY REPRESENT 18 SECTION 3 HOW NEW TECHNOLOGIES AID BEST PRACTICE 28 CONCLUSION 34 CONTENTS
Published by: CLEARVIEW FINANCIAL MEDIA Heathman’s House 19 Heathman’s Road London, SW6 4TJ United Kingdom In association with: smartKYC No. 1 Cornhill London, EC3V 3ND United Kingdom In association with: ERNST & YOUNG LLP 25 Churchill Place London, E14 5EY United Kingdom Author: Wendy Spires, Head of Research, ClearView Financial Media Research: Anna Hallissey, Researcher and Data Analyst, ClearView Financial Media Graphic Designer: Jackie Bosman, ClearView Financial Media © 2016 ClearView Financial Media Ltd, publishers of WealthBriefing. All rights reserved. No part of this publication may be reproduced in any form or by any means, electronic, photocopy, information retrieval system, or otherwise, without written permission from the publishers.
5FOREWORD WealthBriefing Research began investigating global trends in client onboarding back in 2014, breaking new ground by exam- ining in depth the challenges and opportunities this crucial first stage of wealth management relationships represents. Having delivered a broad barometer of operational best prac- tice and technological innovation in onboarding; we next looked at the role of digital signatures in ramping up efficiency and enhancing the client (and advisor) experience during what can very often be an onerous and frustrating process. We now continue the onboarding theme with a deep-dive on what is undoubtedly its most important strand: AML/Know Your Customer and sanctions screening. Client due diligence is a key focus for management teams and is where many of the key challenges facing the wealth man- agement industry intersect. Chief among these is of course the pace of regulatory change and the concomitant issues this cre- ates across compliance resourcing – both human and techno- logical - operational efficiency and risk management. The EU Member States now have until June 2017 to write the Fourth Anti-Money Laundering Directive into national law. Meanwhile, in the US definitive guidance is awaited on Fin- CEN’s Proposed Rulemaking to amend the Bank Secrecy Act to hinder the use of anonymous companies for money laundering purposes. Add in the new requirements imposed by the Com- mon Reporting Standard on tax information exchange (now live) and MiFID II (only slightly delayed to January 2018) and it is fair to say that wealth managers face a heady mix of new rules concerning CDD, in addition to the general compliance onslaught the industry has seen in the past decade or so. The ever-heavier regulatory burden is making finding, funding and retaining top compliance talent increasingly difficult at just the time when their skills are most needed. As this report will discuss, many firms are carrying out extensive remedial work as they ready themselves to meet tighter regulatory requirements and those with the requisite skills and experience to meet all the multi-faceted demands of top compliance roles are a scarce resource. Indeed, as one expert later describes, the ability to effectively balance risk mitigation and business development calls for a “remarkable individual”- particularly when we con- sider the granular knowledge of investment products, technol- ogy, law, other cultures and so on they need too. The ensuing war for talent and very strong salary growth in compliance roles means that for many institutions it has become “prohibitive to hire”, as another contributor said. In their quest to optimise the time compliance officers spend on CDD – while still maintaining the very highest standards of risk management – wealth managers are increasingly turning to technology, as with other areas of the compliance challenge. In client screening, and in onboarding processes generally, new tools are now really delivering the automation, enhanced abil- ity to collaborate and auditability institutions need – and many are said to be achieving very impressive benefits as a result. At a time when margins remain under pressure and massive fines related to CDD failings are a regularity, the appeal of si- multaneously slashing turnaround times in client onboarding and achieving higher-quality processes is encouraging invest- ment in specialist tools and complete overhauls – despite, or because of, the legacy issues most firms face. We are delighted to have been able to gather insights from 20 senior wealth management executives, compliance and tech- nology experts, lawyers and consultants for this report. We are most grateful for their input, along with that of the wealth man- agement professionals across the UK, EU, Switzerland, Hong Kong, Singapore and US who took part in the survey. We welcome feedback on this or any other research, and would be pleased to discuss any ideas for development read- ers might have. Wendy Spires Head of Research WealthBriefing wendy.spires@wealthbriefing.com FOREWORD
The smartest way to know your customer Getting a full and dynamic picture of potential and existing clients - both individuals and business entities - is becoming increasingly challenging for financial institutions. But now a solution is at hand: smartKYC has applied innovative technologies to redefine KYC searches. The system increases rigour and speed in the identification of AML and sanction red flags, and in the constant monitoring of client related risks and opportunities. By automatically finding relevant information across multiple sources and languages and by intelligently eliminating false positives, smartKYC increases the precision, efficiency and auditability of your KYC and AML efforts. A multilingual semantic engine for KYC/AML screening and due diligence
7EXECUTIVE SUMMARY EXECUTIVE SUMMARY According to the global survey on which this report is based, almost two-thirds (63%) of wealth managers will increase their Cli- ent Due Diligence spend in the next year, with a third maintaining current levels and just 4% predicting a fall. Of those increasing their budgets in the year ahead, just over a tenth (11%) will focus on outsourcing. The majority, however, were evenly split (44% each) between those focused predominantly on recruiting more staff and those investing in technology. Wealth managers estimate that screening high-risk clients current- ly requires an average of 5.4 man hours of work, with medium-risk prospects taking 2.5 hours and even low-risk ones 1.6 hours. The very much higher standard deviation seen for high-risk clients (3.75) versus low-risk (1.08) should be noted, however. The vast ma- jority of firms of all sizes are able to screen a low-risk prospect in around two hours, yet a fifth of firms are taking double the peer group average time to screen a high-risk client. Clearly, variation in technology investment is having a significant effect on operational efficiency today. The panellists were unsurprised that nearly eight in ten institutions (78%) ask their relationship managers to initially screen prospective clients, rather than have compliance wholly responsible, or outsource to a business administration provider as some respondents specified. To highlight another significant, but possibly easily overlooked, element of wealth managers’ workload, almost eight in ten (79%) wealth managers carry out full DD screens on prospective employ- ees and 77% check prospective partner companies to head off risks like fraud and reputational damage. It was found that almost a third (32%) of firms use some form of outsourcing in CDD currently – a figure set to rise in line with the fact that 11% of wealth managers increasing their screening bud- gets in this area over the coming year will focus their spend mainly on outsourcing. The CDD process holds many frustrations for wealth managers, with PEP/watch list screening and proving source of wealth/funds tied at the top in the rankings of institutions’ biggest pain points with 29% of the votes each. The many challenges coming under the auspices of each of these top two (arguably interlinked) pain points merits their clear lead. However, given that respondents were asked to identify the most frustrating part of the CDD process, other pain points are also clearly weighing heavily on the industry. Issues around data cap- ture and document collation (17%), and detriment caused to the client experience/relationship (11%) - particularly because of data security concerns - are high on the agenda. Adapting to regulatory change and jurisdictional differences is the biggest cause of frustration for almost a tenth (9%) of firms, while 6% of respondents ranked issues around trusts and Ultimate Beneficial Owners highest. The frustrations surrounding the latter may be expected to rise in particular as regulations forcing greater transparency in this area, like the EU’s Fourth Anti-Money Launder- ing Directive (MLD IV), come into force. The survey revealed significant divergence in institutions’ risk-rat- ings for various key countries. While Iran, Sudan and (to a slightly lesser extent) Russia are universally seen as high-risk, others like China and Mexico appear to split wealth managers between medium- and high-risk ratings. Wealth managers also appear to vary widely on how often they fully rescreen their clients. For example, it is worrying that in to- day’s fast-moving environment approaching a fifth of firms appear to be fully rescreening their high-risk clients only once a year; at the other end of the spectrum, a similar proportion are doing this daily. CDD policies and procedures clearly differ very much across the industry according to each institution’s ethos, markets and cur- rent/target client base, with internal controls also having to evolve rapidly in line with regulatory and geopolitical shifts. Importantly, rescreening frequency is said to typically bifurcate along watch list/media lines, with the former done more regu- larly due to the laboriousness of carrying out thorough media checks manually. Only a tenth of wealth managers say search- ing for adverse media on prospective clients is their biggest priority, despite the manifest advantages that real time moni- toring confers across many areas of CDD. The various chal- lenges firms are evidently experiencing in documenting source of wealth/source of funds have made tracing monies the top priority for 50% of firms, while screening via watch lists was in second place with 30% of wealth managers focusing on this. The highly variable levels of automation in client onboarding pro- cesses WealthBriefing research has revealed across the industry is clearly a key factor in how feasible best practices like full overnight rescreens for all clients are. Today’s rapidly-moving regulatory and geopolitical environment presents particular risks to the 16% of wealth managers that are only fully rescreening their high-risk cli- ents annually (a further 19% of institutions are limiting themselves to rescreening high-risk clients biannually). Almost half (49%) of respondents would be in favour of their in- stitution fully rescreening all clients daily, adding to the 13% for whom this is already a reality. Overnight rescreening of all clients may soon become a reality for at least some wealth management professionals, as 43% of firms are said to be increasing the frequency with which clients are re-screened in the near term. METHODOLOGY: 106 senior wealth management professionals in the UK, EU, Swit- zerland, Hong Kong, Singapore and US were surveyed for this report in November and December 2015. In-depth interviews were carried out with 20 senior wealth man- agement executives, compliance and technology experts, lawyers and consultants.
Broad capabilities available to serve clients from strategy to technology, regulatory specialists and tax Wealth & Asset Management Contact details Gillian Lofts UK Wealth & Asset Management Leader Direct: +44 20 7951 5131 Email: glofts@uk.ey.com Keith MacDonald Advisory Leader, Wealth & Asset Management Direct: +44 20 7951 4114 Email: kmacdonald@uk.ey.com Linda Henry Tax Leader, Wealth & Asset Management Direct: +44 20 7951 8618 Email: lhenry@uk.ey.com Sue Dawe Assurance Leader, Wealth & Asset Management Direct: +44 131 777 2180 Email: sdawe@uk.ey.com Richard Gray Transaction Advisory Services Leader, Wealth & Asset Management Direct: +44 20 7951 2857 Email: rgray@uk.ey.com Roopalee Dave Senior Manager, Wealth Management Niche Direct: +44 20 7951 9897 Email: rdave@uk.ey.com Regulation and Risk EY offers comprehensive Risk and Regulatory Advisory services, with a dedicated FS Risk team who understand the requirements of the UK regulators. Our recent Wealth projects in this area include: • MiFID II and regulatory impact assessments • S166 and Conduct Risk assessments • Suitability framework design and implementation Technology EY has delivered a large number of technology- enablement projects across the UK wealth management industry. Our recent Wealth projects in this area include: • Target Operating Model design and implementation • Process optimisation and re-design • Platform / outsourcing selection and implementation Tax EY’s tax team provides unique insight into key tax considerations for wealth management firms and their clients. Our recent Wealth projects in this area include: • Personal Tax Centre services • Employment and business tax advisory • FATCA and CRS readiness and assurance reviews • Optimisation and tax cost reduction Transaction Strategy and Implementation EY has broad experience delivering transaction support. Our recent Wealth projects in this area include: • Deal advisory and due diligence services • Business level strategy design and implementation • Global Programme Management and PMO • Post-merger integration support Strategy and Transformation EY’s Customer Advisory team offers strategic solutions to assist wealth management firms in responding to changing client trends. Our recent Wealth projects in this area include: • New market entry • Target client and segment analysis • Customer reporting diagnostic • Advice framework design & implementation • Digital strategy development ©2015Ernst&YoungLLP.AllRightsReserved.40504.indd(UK)11/15.CSGDesign.
9RESEARCH ORIGINATORS RESEARCH ORIGINATORS Roopalee leads the business development initiatives for EY’s wealth management team. She has over 15 years of experience across industry and consulting; she has worked with a range of private banks, wealth managers and retail banks in the UK and India. Roopalee has supported wealth managers by providing insights and leading projects on proposition development, strategy implementation, operational design and regulatory change. ROOPALEE DAVE Senior Manager, Wealth and Asset Management, EY Alessandro is one of Finantix’s founders and as strategy director he focuses on the company’s growth and overall direction. He is responsible for communications with major clients, business partners and analysts worldwide. Since 1992, Alessandro has represented Finantix in various capacities related to product development and global account management and been responsible for large-scale implementations of wealth management platforms. Before establishing Finantix, Alessandro was a consultant specialising in the areas of process management and CRM. ALESSANDRO TONCHIA Co-Founder, Finantix, a partner firm of smartKYC Tom is a senior manager in the EY Wealth & Asset Management practice with over nine years of experience in financial services. This includes significant time spent in wealth management and investment banking operations before joining EY in 2015. Thomas’ areas of expertise include Target Operating Model considerations, regulatory change, client onboarding and custody services. THOMAS MORLEY Senior Manager, Wealth and Asset Management, EY Wendy has been a wealth management journalist and a research writer for eight years, covering a variety of international markets and sub-sectors over that time. She has written an array of in-depth reports on issues affecting private banks and wealth managers, including technology and operations trends, enhancing the client experience, branding and marketing strategy, and risk-profiling methodologies. As well as speaking at conferences in both the UK and abroad, Wendy also regularly consults on strategic and communications issues related to the wealth and asset management market, specialising in technology. WENDY SPIRES Head of Research - WealthBriefing; Report Author
10 Towards True KYC: Technological Innovations in Client Due Diligence EDITORIAL PANEL Christian joined Barclays in September 2011 and is head of the private bank in London, where he is responsible for the key client business in the UK. Before joining Barclays, Christian worked at JP Morgan, where he was head of European equity sales and then co-head of sales in 2010 post the merger with Cazenove. Before this he worked at Merrill Lynch and Morgan Stanley. CHRISTIAN BERCHEM Head of Private Bank - London Barclays Dominic has been a compliance manager at the London-based wealth management firm London Capital for over four years. Prior to London Capital, Dominic was a compliance manager of a high net worth client advisory firm, and holds various investment and advisory qualifications. DOMINIC CRABB Compliance Manager London Capital Chrisol is responsible for managing and developing international AML solutions, including WorldCompliance data solutions for third-party risk screening, as well as for international identification verification solutions. His areas of regulatory compliance expertise include AML-KYC, real- time transaction filtering, negative media monitoring and anti-bribery and corruption compliance. Chrisol has over 12 years’ experience in developing com- pliance data solutions, primarily for the financial services sector. He has worked with clients in over 30 countries and is a regular speaker at industry events. CHRISOL CORREIA Director, International Head of AML Compliance LexisNexis Risk Solutions Chris has edited numerous financial publications over the years, primarily in compliance. He ran Compliance Monitor, Fraud Intelligence and Money Laundering Bulletin between 1997 and 1999 and then covered for the editors of all Complinet’s online publications as the one expert who had experience of every sector. In 2001 Chris set up Complinet Money Laundering and ran it until its dissolution in 2009, chairing many compliance conferences, including one for Chatham House, along the way. He is now the editor of Compliance Matters and Offshore Red, and the compliance editor of WealthBriefing. CHRIS HAMBLIN Editor Compliance Matters
11EDITORIAL PANEL Xavier is head of Salamanca Group Trust and Fiduciary, and as such is a principal driver of the trust and fiduciary vision and strategy, supported by a multi-jurisdictional management team. Xavier gained over 20 years of experience in various management positions at ABN AMRO Bank and Trust in Luxembourg, Geneva and Jersey prior to joining Investec Trust in 2005 as managing director of the Geneva office and as CEO of the Investec Trust Group in 2009. Xavier served as the inaugural vice- president of the Swiss Association of Trust Companies and is currently a member of its committee. XAVIER ISAAC Managing Director, Salamanca Group Trust John Whick read Economics and Geography at University College London before working as an economic analyst, both in the parliamentary and corporate world. While completing an MSc at the University of London, John taught economics and finance to degree and MBA students. Prior to joining Henderson Rowe, John worked for two years as a principal trader on the European bond markets. He set up the Investor Visa offering at Henderson Rowe in 2010 and continues to develop services for the firm’s international client base. JOHN WHICK Senior Investment Manager Henderson Rowe Mike Toole is group chief operating officer of Artorius Wealth, a multi-family office and wealth manager established in 2014 that is now growing quickly in the UK and Switzerland. Previously, Mike was a partner at accountancy firm Baker Tilly, where he was group operations director for the financial management and investment businesses. Mike has 12 years’ experience in financial services and banking, including with KPMG, Santander and UK mutual societies. He was also involved in founding a Saudi family office and managing a substantial private equity portfolio. MIKE TOOLE Chief Operating Officer, Artorius Wealth WealthBriefing would also like to offer special thanks to the following contributors for their invaluable insights: • Don Andrews - Partner and Co-lead in compliance and risk management, Venable LLP • Ben Harris - Manager, Compliance, Morgan McKinley • Jonathan Kirby - Managing Director – Switzerland, JTC • Emma Radmore - Managing Associate - Financial Services and Funds, Dentons • Mark Spiers - Principal, Head of Banking, Investments and Lending, Bovill • Rob Taylor - Head of Department for Investment Management, Financial Conduct Authority • DE (Ed) Wilson Jr - Partner specialising in Washington- related business and regulatory matters, Venable LLP ADDITIONAL CONTRIBUTORS
12 Towards True KYC: Technological Innovations in Client Due Diligence According to the survey which forms the ba- sis of this report, almost two-thirds of wealth managers will increase their CDD spend in the next year, with a third maintaining current levels and just 4% predicting a fall. Of those increasing their budgets, a tenth will focus on outsourcing (as will be seen, just under a third of institutions partially outsource their KYC function). The majority, however, were evenly split between those focused predominantly on recruiting more staff and those investing in technology. According to the panel, the importance ac- corded to technology investment is a natu- ral consequence of the industry’s shortage of compliance expertise; it also reflects - as with so many other elements of operations - how regulatory and cost pressures are opening minds to new ways of working. With no respite from regulatory upheaval in sight, WealthBriefing research has found that 76% of wealth managers believe technology plays a crucial part in fulfilling compliance obligations. Moreover, 94% believe technol- ogy could play an even greater role1 . As the data on processing times and frequency on p25 show, CDD is evidently one such area. “We are focused on ensuring that we have the right resource and expertise in all regions to support enhanced KYC reviews and supplementing this as necessary, both from an employee and - more so this year - from a technology perspective,” said Chris- tian Berchem. In fact, a number of C-level executives have told WealthBriefing that although they have been hitherto primar- ily focused on hiring to support enhanced KYC procedures, 2016/17 will be about addressing technology enhancements to enhance productivity. This matches Alessandro Tonchia’s experi- ence, who said that firms may have been largely focused on bolstering compliance head count in recent years, but the tide is now beginning to turn due to the urgent need for cost savings and simple market forces. “Every time a major breach is detected, in- stitutions’ first instinct has been to hire - be- cause they feel that more people shows more goodwill, more quickly to the regulator,” he said (the UK regulator has followed the US in asking how much firms are spending on compliance). Compliance officers’ stock rises ever higher as a result, triggering a battle for talent which has seen average remunera- tion for director-level compliance profes- sionals hit £107,617* (US$154,924) among London’s wealth managers, according to recruiter Morgan McKinley2 . Ben Harris, compliance manager at Mor- gan McKinley, confirmed that compliance recruitment in wealth management has been “extremely busy” in the past year and is set to continue to be so over 2016, with most institutions having to hire large proj- ect teams of CDD specialists to remediate client files and onboard new business. “Wealth managers have had their fair share of AML issues over the last 12 months and the regulator has demanded they get their house in order. This has led to increased hiring, which has driven up salaries and made the wealth management talent pool very shallow,” he said. “Day rates for AML staff within a private bank are on average £500 ($726) per day in the UK and candi- dates moving on a permanent basis can expect a 20% pay increase on average.” Interestingly, Harris also highlighted grow- ing demand for specialist advisors on regu- latory developments as another symptom of firms’ struggle to stay ahead of a raft of new rules. “Most wealth managers will now have a dedicated professional covering this, whereas in the past it would have been a generalist covering numerous tasks,” said Harris. “Salaries will start in this space at £80,000 ($116,000), depending on expe- rience, and go upwards from there. This is again a very candidate-short pool.” Even when implementations are pushed back, this often still affords scant breathing space for those behind in their preparations 63% 33% 4% Increase Remain the same Decrease FIGURE 1: Will your institution’s CDD spend change in the next year? Every time a major breach is detected, institutions’ first instinct has been to hire - because they feel that more people shows more goodwill, more quickly to the regulator. SECTION 1 QUANTIFYING THE KYC RESOURCING CHALLENGE 44% 44% 11% Headcount Technology Outsourcing FIGURE 2: Where CDD spend will increase, where will this mainly focus?
13SECTION 1 – QUANTIFYING THE KYC RESOURCING CHALLENGE due to the wide-reaching ramifications of new rules. In February 2016 the European Commission pushed the MiFID II deadline back a year to January 2018, citing the “ex- ceptional” challenges firms and regulators face to prepare, and clarifications to the new rules are still to be issued. Against this back- drop, those with experience of rapidly get- ting an institution up to speed with new rules (and remediation) will be highly sought after. The challenge of hiring compliance ex- perts with the right skill set is only going to get harder in the years ahead, in part due to the fact that, in the words of Don Andrews, “the future of compliance is in technology”. As he pointed out, the whole compliance function needs to have a good understanding of technology as it is impos- sible to carry out activities like suspicious activity monitoring robustly otherwise, but at the highest levels the trend seems to be towards compliance chiefs being asked to sign off on the soundness of their systems (see p29). CCOs must have multi-disciplin- ary knowledge base to match the broader and weightier responsibilities they are being asked to bear. “Thinking of what the CCO of ten years’ time needs to look like, they are going to require a very strong sense of technol- ogy and of complex investments like de- rivatives and structured products,” said Andrews. “They are also going to have to be incredibly astute with respect to inter- preting laws and requirements, and deal- ing with multiple regulators globally in cross-border scenarios.” “Being able to manage all this - and the different ways institutions are structured, from a legal or governance standpoint - that’s the profile of quite a remarkable individual,” he concluded. It seems then that wealth managers are very much at the mercy of labour market forces in compliance. While the 20-30% pay increases seen in mature jurisdictions are startling enough, in fast-growing and talent-constrained jurisdictions like Hong Kong, jumps of 40% or even more are not uncommon. “It is now becoming prohibitive to hire,” Tonchia concluded. “The sheer ex- pense of finding and paying for compliance skills means that people are more open to doing more with technology by necessity.” A TENTH OF HEADCOUNT; A TENTH OF TURNOVER? To underscore the mag­nitude of the over- all compliance costs being imposed, in 2015 the global financial services sector was predict­ed by Celent to spend $50bn on risk management and associated regu- latory compliance, with each Tier 1 bank spending $0.5bn. Compliance costs have long been dent- ing profitability across the board, with AML accounting figuring highly: some UK in- stitutions are estimated to be spending £660m ($950m) each a year here3 . Howev- er, as the panel noted, smaller institutions will generally bear a greater quantum of this burden due to their larger peers’ abil- ity to leverage economies of scale in both technology and staffing, and to share niche expertise. “The smaller you are, the greater the pro- portion spent on compliance. Down at the bottom you may be spending 10% of turnover; if you’re medium it could be 5%, and at the top it might be 2-3%,” said Chris Hamblin. “Institutions must also have legal expertise, in particular in esoteric areas such as letters of credit. Big banks will have a handful of experts, so you can deal with emergencies faster and need fewer people to cover the same ground.” Of course, CDD requirements are just one part of institutions’ increased need for compliance expertise, as adjustments in regulations such as UCITS V and AIFMD have spelt the implementation of new con- trols, policies and procedures. Heightened client screening needs are no doubt a big driver of the startlingly large compliance drives of recent years, however. Several global banking groups are known to have hired several thousand compliance staff in 2015 as new regulations came into view. Yet the experts argued these numbers should not obscure the challenge of secur- ing the senior expertise required, and the costs of hiring specialised veterans. “One of the biggest industry challenges is cor- recting the inaccurate assumptions - or ba- sic data gaps - on previous regulatory re- quirements, and as such there is increased spend on experienced staff for remedia- tion purposes,” said Thomas Morley. Thinking of what the CCO of ten years’ time needs to look like, they are going to require a very strong sense of technology and of complex investments like derivatives and structured products. For Anti-Money Laundering purposes, “Know Your Customer” is synonymous with “Customer Due Diligence”, a phrase invented by the Basel Committee in the early noughties. The UK tends to use KYC and CDD interchangeably, while the EU prefers CDD, as does the Paris-based (although strongly US- influenced and German-backed) Financial Action Task Force. Variations including “client screening”, “global screening”, and “background screening/checking” are also commonly in use. The KYC/CDD process breaks down as follows: First is client identification or client verification at the account- opening stage, where institutions are carrying out background checks and gathering supporting documents (note that in UK regulatory language the individual is called an “applicant for business” rather than a client). Sometimes this involves an element of reliance, in that the cli- ent may be new to the jurisdiction/institution in question but has previously been served by a reputable institution within an “equivalent” jurisdiction. Central to the verification stage is documenting source of funds and source of wealth, with both phrases used ubiquitously. For the former, an institution investigates where the funds it will be handling come from (there may be other funds elsewhere); for the latter it examines why the person is wealthy and where the wealth comes from. KYC/CDD also entails ongoing monitoring, which includes trans- action monitoring, but also more in-depth checks to ensure that nothing of concern has emerged in reference to a client – such as adverse media or new connections to PEPs. CLARIFYING KEY TERMINOLOGY
14 Towards True KYC: Technological Innovations in Client Due Diligence Nor is it just a case of fewer people hav- ing the necessary understanding the more esoteric a policy area or market is; it is also how that understanding is applied. Those who can balance business development and the thornier compliance issues are a very scarce resource, it was said. IRREGULAR NEW BUSINESS FLOWS Compliance is said to account for about a tenth of headcount typically, with salaries rising faster than those of revenue-generat- ing employees in some growth markets. So, although under-resourcing is dangerous, over-resourcing in compliance is something to be avoided perhaps as much. Compliance officers may be carrying out the full gamut of regulatory duties in ad- dition to CDD and arguably today there is scant chance of them being under-em- ployed for very long – particularly at small- er institutions, where the survey found that 88% of sub-£500m ($345m) AuM firms have maximum of five compliance personnel. Yet CDD is an area where it can be particu- larly difficult to get staffing levels right due to irregular new business inflows, the panel observed. “KYC resourcing issues relate to the need for the right experience level covering our global footprint,” said Berchem. “Good practice would include sharing resources where possible and careful business plan- ning to accommodate anticipated peaks and troughs - as you would do with call volumes or any other work of similar nature which is resource intensive or variable in volume.” Accurate planning may be difficult, how- ever, and Mark Spiers confirmed that this is frequently a focus of Bovill’s consultancy work. “We see lots of firms struggling with the number of people to put at the end of the process because it sometimes goes in peaks and troughs: you have busy seasons and then you don’t,” he said. A degree of over-staffing may be prefer- able to heightened regulatory risks and op- portunity costs, but as the panellists noted, it is far easier to gain than shed headcount and over-staffing can easily become very expensive - particularly when a niche seg- ment is involved. In addition to headline recruitment and salary/bonus costs, over- resourced firms will also likely have to con- tend with the costs of seating personnel in expensive wealth management hubs (start- ing at around $2,000 per month for each individual). Some firms are grappling with whether CDD resourcing should best sit within the opera- tions or compliance function as they care- fully examine and optimise their processes. However, compliance cost pressures appear to be catalysing far more dramatic opera- tional overhauls too. The experts observed that wealth managers are increasingly at- tempting to centralise their operational and compliance resourcing for CDD in lower- cost countries such as Poland. Predictably, however, firms are not as open to the pos- sibility of sharing compliance teams and fa- cilities with their peers, it was said. “Given all these pressures, it’s no surprise that wealth managers want technology providers to help them hire fewer people and then enable the ones they do hire to be more productive,” said Tonchia. As he explained: with the first aim, technology helps address the fact that wealth manag- ers are chasing new business across several markets highly disparate in terms of lan- guage, culture, media reliability, bureau- cratic quality and regulation. There is therefore often a need for what were called “the very special specialists” to cover each market, with future volumes still unpredictable. The number and deploy- ment of these in-demand, well-remunerat- ed compliance officers therefore has to be aggressively optimised. “Technology makes it possible for insti- tutions to hire fewer people for each na- tionality of client. Better use of technology might even mean you don’t necessarily need the Chinese or Russian specialist,” said Tonchia, noting that often volumes of a particular nationality can be too small to justify additional headcount. As Tonchia explained, technology which analyses documents for red flags in a variety of the tougher source languages, particu- larly those using non-Roman alphabets, can be a huge boon in cost and efficiency terms. “It causes real issues when you’re hitting websites only to find they are written in Rus- sian and you can’t even make a start,” Mike Toole confirmed. “You can start to get re- ally frustrated then without an efficient and reliable translation solution.” Cutting down translation costs is desirable in itself, particularly when multiple languag- es might be relevant. However, just as im- portantly, native language analysis also en- ables compliance officers to independently carry out preliminary screening to identify absolute non-starters at the earliest oppor- tunity. This not only minimises wasted time nurturing a relationship, but also allows firms to make better informed outsourcing decisions, the panel noted (see p16). As Figure 3 shows, wealth managers es- timate that screening high-risk clients currently requires an average of 5.4 man hours of work, with medium-risk prospects KYC resourcing issues relate to the need for the right experience level covering our global footprint. Good practice would include sharing resources where possible and careful business planning to accom- modate anticipated peaks and troughs - as you would do with call volumes or any other work of similar nature which is resource intensive or variable in volume. MEAN (HOURS) FIGURE 3: How many man hours of work would you say it takes to screen low-, medium- and high-risk clients at your institution? STANDARD DEVIATION 1.6 2.5 5.4 1.08 1.57 3.75 Low-risk Medium-risk High-risk clients
15SECTION 1 – QUANTIFYING THE KYC RESOURCING CHALLENGE taking 2.5 hours and even low-risk ones taking 1.6 hours. The very much higher standard deviation seen for high-risk cli- ents (3.75) versus low-risk (1.08) should be noted, however. The vast majority of firms of all sizes are able to screen a low-risk prospect in around two hours, yet a fifth of firms are taking double the peer group average time to screen a high-risk client. As discussed opposite, in reality a large part of the new wealth institutions are now chasing derives from markets for which giv- ing clients a clean bill of health is inherently tougher. Investments today are focused on maxi- mising automation and applying new tech- nologies drawing on big data topographic algorithms and semantic search to sift and sort thousands of online documents – and institutions are said to be achieving very impressive efficiency gains in CDD as a re- sult. Tonchia has seen efficiencies as great as 90% achieved in the bulk rescreening of low-risk clients following new technology adoption. Automation is clearly integral to maximis- ing productivity as 80% of most institu- tions’ clients will present no issues, the panel noted. Furthermore, achieving these efficiencies is foundational to the compli- ance function fulfilling its tricky dual remit of mitigating risk and facilitating business growth. Relieving compliance analysts of much of the burden of identifying red flags so they can focus on assessing them will ensure that senior expertise is deployed where it will have most impact – whether that turns out to be in protecting the busi- ness from regulatory and reputational risks or ensuring that all business which can be compliantly taken on, is. ALL HANDS ON DECK The panel also highlighted the better use of junior analysts and researchers’ time as a priority, as part of a more efficient use of in- ternal resourcing to better cope with peaks of new business. As discussed, for both sup- ply and cost reasons, top-level KYC roles are hard to fill and recruiters serving the wealth management sector have told Wealth- Briefing it is increasingly difficult for wealth managers to source candidates who are appropriately qualified for roles involving onboarding new business specifically. Although tough decisions must be made at senior levels, there is scope for junior com- pliance officers to be more productive and take a more collaborative approach with their superiors, it was suggested. “We can allow all internal staff to do more, includ- ing the junior ones, because our system interleaves data sources and the informa- tion is presented in the right format to aid decision-making and enforce compliance policies,” said Tonchia. As discussed on p29, smoothing the process of junior ana- lysts calling on senior expertise is key here. BROADER SCREENING The panellists were unsurprised that nearly eight in ten institutions ask their relation- ship managers to initially screen clients, rather than have compliance wholly re- sponsible, or outsource to a business ad- ministration provider as some respondents specified. While prospective clients may not get run through any databases in the earliest stages (although they may if tech- nology investment has made this efficient), the experts observed that best practice will see RMs trained in the risk matrix their firm is applying and so well aware of what they should be focusing on when assessing which relationships to pursue. Not only are RMs the first line of defence in risk management and the guardians of their organisation’s reputation; their time must also be focused where it will be most productive. Unless potential compliance issues are detected as early as possible, much work across business functions may be wasted. The authorities certainly want client screen- ing to commence at the earliest opportuni- ty. Clarifying the UK regulator’s position for this report, Rob Taylor, head of investment management, said: “The FCA expects all private client firms operating in the UK and advising clients to work to the highest standards of KYC due diligence possible. Best practices include KYC being done on prospective clients before they are even visited and rigid control over clients coming from high-risk jurisdictions.” Given the inefficiencies (and possible inac- curacies) implied by firms carrying out light- touch initial screening and then compre- hensive screening, it makes sense for firms to carry out the latter in the first instance where labour-saving tools permit this. There is also an important distinction to be made between a relationship being entered and a client account becoming fully funded and active – and therefore a revenue gener- ator. Completing CDD at an early stage sig- nificantly reduces barriers to progress here. As Chris Hamblin observed of the UK’s Mon- ey Laundering Regulations 2007, rule 9(2) re- quires the identity of the customer (and any beneficial owners) to be verified before the establishment of a business relationship. However, 9(3) contains a carve-out that this can be done during the establishment of a business relationship, if this is necessary not to interrupt the normal conduct of business and if there is little risk of money laundering or terrorist financing, provided that verifica- tion occurs as soon as practicable after con- tactisfirstestablished.Thebusinessrelation- ship can commence but actual transactions are not permitted before verification has occurred, as per Regulation 9(5)(b). An important but perhaps easily overlooked element of the screening workload stems fromthemajorityofwealthmanagerscarrying out enhanced due diligence on parties other than prospective clients: almost 79% carry out full screens on prospective employees 78% 22% Yes No FIGURE 4: Do RMs at your institution carry out initial screening on prospective clients? FIGURE 5: Which parties other than prospective clients does your institution currently carry out full due diligence checks on? 79% 77% Prospective employees Prospective partner companies
16 Towards True KYC: Technological Innovations in Client Due Diligence and 77% check prospective partner com- panies to head off risks like fraud and reputational damage. The experts confirmed that employee DD is essential in a private client context and that here proprietary databases do extremely valuable “double duty”. “For employees we reserve the right to run them through World- Check and Experian to find out if there are any problems with them and if they have any financial issues, because that’s obviously a risk to the firm,” said Dominic Crabb. “We certainly do credit checks on prospec- tive employees, because at the end of the day we’re giving them access to HNWIs’ details,” added Toole. “We do that right down to the cleaners in the office.” While not all firms are hiring in great vol- umes, some are and so the ability to screen recruits and candidates easily is vital. Simi- larly, many firms are entering multiple third- parties arrangements as operating and business models evolve and, as the survey showed, robust due diligence on these is also a priority. As Crabb explained, firms can be comfortable working with a regu- lated entity like a custodian bank in a repu- table jurisdiction, however, with other or- ganisations more attention has to be paid to questions like what the world is saying about them and who is on the board. Screening new recruits and third-parties may be a relatively small addition to the DD workload, but they are an appreciable burden that makes them yet another driver towards the better use of technology. In the experience of the panellists, at most firms these checks are currently carried out manually. The efficiency-savings and risk management improvements automa- tion could bring are clear. As with clients, it may be only the thousandth document that uncovers a potential partner firm has dis- tasteful business connections or activities, making the value of semantic search tools that can “read” multitudinous documents and databases in minutes clear. Further evidence of regulators’ leanings on employee DD may be seen again in the UK, where the FCA and Prudential Regulation Authority are set to subject all top employ- ees at institutions - though not yet CF30s - to a “regulatory reference” (CF30 is the “cus- tomer” function - giving advice, managing investments, dealing etc.). This means that all prospective employers would demand various references before employing indi- viduals – and these are to include any con- clusions that a conduct rule was breached and details of the outcomes of any disciplin- ary action, going back five years. CF30s are not earmarked for this process, but the Se- nior Managers and Certification regime was first intended only for banks and will now apply to all financial firms, Hamblin warned. Under the SMCR, from March 2016 regu- lators can fine or sanction senior bankers for misconduct that occurs in their areas of responsibility, including CDD procedures. Research by LexisNexis Risk Solutions4 has strongly indicated that increasing levels of personal liability may exacerbate the short- age of senior AML compliance officers in the UK: half of such professionals predict the SMCR will make their jobs more or a lot more stressful. More strikingly still, 54% say if they had the opportunity they would choose another career path in light of the increased personal liabilities. Importantly, 13% of ex- ecutives believe a lack of personnel in their risk function is the biggest single emerging financial crime risk they face in the next 12 months – a figure which also underscores just how time-pressed some employees must be. OUTSOURCING: A PRECIOUS RESOURCE THAT MUST BE USED WELL It was found that almost a third of firms use some form of outsourcing in CDD currently and a tenth plan to focus increased spend on this in the coming year, underscoring the important role third-party providers play in the resourcing puzzle. The reasons for wealth managers’ growing need for their services are of course inextricably linked to their expanding number of markets and the fact that each segment and jurisdiction presents its own unique challenges. Here, as with so many other elements of compliance, a whole ecosystem of out- sourcing providers has flourished under the harsher regulatory glare of recent years. LANGUAGE BARRIERS The need for linguistic skills is one of the main reasons for outsourcing in CDD since, as Tonchia observed: “If you’re searching for Chinese clients and you cannot read Simplified or Traditional Chinese, you’re missing things by definition.” But while the need for translation services cannot be eradicated, it can be significantly reduced. “We catch red flags by scanning the Chi- nese, Russian or Arabic text in the original and then provide automatic translation so you only call in an external translator when you really need to,” he continued. Many institutions have an urgent need of such capabilities, in his view: due to chang- ing wealth creation trends there are teams sitting in Hong Kong and Singapore on- boarding clients mainly from China and Indonesia, but with little or no internal compliance capabilities in their languages. To illustrate another productivity benefit from native language analysis, Tonchia de- scribed how - with traditional keyword searches - an actor could trigger a red flag because they starred in a film about terror- ism, but with semantic technology this entry can be automatically dismissed. UNKNOWN TERRITORY As discussed on p18, PEP screening is chief among the difficulties facing wealth man- agers, particularly the fact that quite deep knowledge of the relevant political land- scape is necessary to make an informed More strikingly still, 54% say if they had the opportunity they would choose another career path in light of the increased personal liabilities. Unsurprisingly, 13% of executives believe a lack of personnel in their risk function is the biggest risk they face in the next 12 months. 68% 32% No Yes, in part Yes, wholly FIGURE 6: Does your institution outsource its KYC function?
17SECTION 1 – QUANTIFYING THE KYC RESOURCING CHALLENGE decision on whether to onboard. The need to use external intelligence provid- ers for support across an expanding global business is probably equal to language re- quirements in driving the fact that 32% of participants use outsourcing in CDD. For Crabb, the vastness and somewhat arcane nature of some key markets – like Russia and China – also makes the “manual overlay” outsourcing providers offer one of their key selling points. Such firms can often bring an immense, very well-con- nected network to bear (including perhaps journalists and people in office) to supple- ment public information that might not be readily available in certain jurisdictions. “If a prospect comes from an obscure town in Eastern Russia or city in China, they can really dig into it through people with on- the-ground knowledge,” he said. “It might be that there’s no risk in terms of bribery and corruption, but he is involved in po- litical decision-making, he is on certain committees or close relatives are linked to activities we are uncomfortable with.” As John Whick pointed out, the relative immaturity of some markets in terms of professional services providers is particu- larly a factor for arrivals on investor visa programmes, as compliance groundwork may not have been well laid in advance. “Specialists are useful if we get what you might call a ‘naked client’, who hasn’t got an accountant, lawyer or immigration team attached,” he said. “It is worth it for difficult cases when you’re looking at two inches of files to get through.” A further point to emerge here is that time is often of the essence when screening clients entering a country on an investor visa – lest their plans be jeopardised. The fact that external intelligence providers can typically produce an entry-level report within 48 hours and the most in-depth with- in a few weeks could be the key to winning new business. CARE REQUIRED Third-party reports can be extremely use- ful, and may constitute an efficient way to fulfil sporadic coverage needs, but their cost means they must be deployed careful- ly, the panellists said. Wealth managers pay £2-3,000 ($2,880-4,320) per in-depth report and may of course never onboard the pro- spective client. Some institutions ask that prospective clients bear these costs and it is arguably a useful exercise for some individuals to carry out. As Hamblin highlighted, firms will never- theless be grateful for the number and va- riety of authoritative sources of information they can draw on today: in the past, private investigators were sometimes the only re- course for firms that wanted to scrutinise clients from developing nations. For wealth managers grappling with a subtle case, it can be incredibly useful to receive a report produced by a specialist that gives clear conclusions in the form of a tiered traffic light system or numerical risk scores based a range of key metrics. Yet, as the panellists pointed out, institu- tions can never outsource responsibility for CDD decisions and so a green light from a third-party can only go so far. In the words of Jonathan Kirby: “Third-party help is very useful, but it’s not going to get you out of trouble with regulators.” The fact that several outsourcing organisa- tions have spun out of law firms is testament to the quality of leading CDD specialists. Yet, as the panellists said, amid a prolif- eration of providers internationally and an explosion of new wealth creation centres, institutions may have valid concerns. They may lack confidence over whether external CDD will be signed off at a senior level, or carried out in enough depth to really add value and mitigate risk. “There’s nothing worse than paying thousands for an ambig- uous report which just tells you what you already knew,” said Toole. “There needs to be a more balanced scoring system that gives a risk weighting indicating whether you should be worried or not.” A degree of circumspection over third-par- ty reports being carried out in good faith also seems warranted, particularly when cli- ents are often asked to pay for these them- selves. “Many are very reputable, but there are some that are hungry for business and so might write something favourable or minimise negative media,” one executive observed. Interestingly, this type of risk is said to be spurring firms with the technical capabilities to take the step of carrying out full DD on report providers, as well as all the other possible subjects. Due to these factors, Tonchia increasingly sees banks preferring to prepare special CDD reports internally today and using a mixture of technologies to help them achieve this efficiently. “With new solutions you can collate the information that goes on that report much faster and often with the same reliability you get with a human operator, just because a technology can be more thorough in ‘reading’ thousands or even millions of documents to identify the key information automatically,” he said. “The technology doesn’t solve everything, but by helping you leverage your internal researchers and compliance officers, and giving them all the elements to come to a conclusion quickly, it might make those external services less relevant, or relevant only in extreme cases.” A further incentive here is of course one of wealth managers’ prime considerations: data privacy (see p33). “Outsourcing is not only expensive for banks, it is also in itself a challenge to secrecy because you’re let- ting client names go to your provider,” said Tonchia. “They will sign a Non-Disclosure Agreement, but clearly the more people who know about this relationship, the more it might leak.” The technology doesn’t solve everything, but by helping you leverage your internal researchers and compliance officers, and giving them all the elements to come to a conclusion quickly, it might make those external services less relevant, or relevant only in extreme cases.
18 Towards True KYC: Technological Innovations in Client Due Diligence SECTION 2 MAJOR KYC PAIN POINTS AND THE RISKS THEY REPRESENT As Figure 7 shows, the KYC process holds many frustrations, with PEP/watch list screening and proving source of wealth/ funds tied at the top, and data capture and document collation next behind. The many challenges coming under the auspices of each of these top two (arguably inter- linked) pain points merits their clear lead. However, given that respondents were asked to identify the most frustrating part of the process, other pain points are also clearly weighing heavily on firms. 1. PROBLEMS WITH PEP/WATCH LIST SCREENING False positives and their cost The fact that PEP and sanction list screen- ing is causing most frustration was no sur- prise to the panel due to there being so many overlapping challenges for firms to contend with, some being more techno- logical/procedural in nature and others philosophical. Both, however, impact ef- ficiency. The most obvious problem is that of “false positives”, since institutions are typically screening on the basis of a name, country and perhaps year of birth and this can gen- erate thousands of similar hits. Here, cultural naming customs are a fac- tor. The ubiquitousness of some names can make screening clients from certain markets difficult. The Hispanic convention of conferring two family names can also be problematic; being known by a paternal, maternal or hyphenated surnames all be- ing possible. Complicating matters even further are the Anglophone names those from non-Western cultures often adopt Amid these issues, firms have to keep initial searches broad to catch hits across all name permutations, the panel said. Correspond- ingly, while they may feel tools like World- Check are over-sensitive, there is also a rec- ognition that this is necessarily so. As one executive remarked, no information provid- er will want to assume liability for deciding whether a hit relates to a client or not. While having to dismiss a large number of false positives from initial results is a tire- some task, it is an unavoidable one due to the desirability of “fuzzy matching”. “Efficiency can be improved by inserting prospects’ middle names when searching, for example, but the risk of this is that this may seriously limit the information which is pulled back,” said Thomas Morley. Furthermore, fuzzy matching may also even have to extend to dates of birth as these may have been recorded/reported incorrectly. “You want to see some of those mistakes, so a perfect match on the client’s birthday or even age might be counterpro- ductive,” one executive said. Fuzzy matching may be wise, but the costs associated with dealing with false positives can run into the tens of millions every year, Chrisol Correia, international head of AML compliance at LexisNex- is Risk Solutions, pointed out. His firm estimates that in the US, individuals working within a Level 1 alert remedia- tion function typically earn $50-70,000 and that 75-85 of every 100 AML operations analysts are fully dedicated to confirming and closing false positives. “In dollars, this translates to over $5m each year per every 100 AML operations analysts,” Correia said. “Large financial institutions typically have teams of over 1,000 AML operations analysts, thus the expendi- ture devoted to confirm and close false positives is well over $50m a year for these organisations.” According to Correia, the primary causes of false positives are gaps in institutions’ own client records or in the data they exchange with others through their electronic wire transfer networks. Plugging these gaps through more intensive questioning alone raises client experience concerns that may mean more investment in technology and data is key in solving these issues. Of course, the leading proprietary data sources are highly configurable (a toler- ance of around 80% in matches seems to be best practice). To help firms deal with false positives even more proactively, Alessandro Tonchia highlighted two tech- niques users of tools like smartKYC can deploy. The first is intelligently scoring and disambiguating information to screen out hits with non-matching characteris- tics; the second is intelligently subjecting different types of information to semantic analysis. FIGURE 7: Which element of the client screening process causes the most frustration at your institution? 29% 29% 17% PEP/watch list screening 11% 9% 6% Source of wealth/source of funds Capturing data and collating documents Negative impact on the client experience/relationship Adapting to regulatory change and jurisdictional differences Trusts and Ultimate Beneficial Owner issues Efficiency can be improved by insert- ing prospects’ middle names when search- ing, for example, but the risk of this is that this may seriously limit the information which is pulled back.
19SECTION 2 - MAJOR KYC PAIN POINTS AND THE RISKS THEY REPRESENT “We’ve found it very effective to interleave structured data like name, passport num- ber and date of birth, with unstructured information from the press and social me- dia,” he said. “So, if you are screening a person who 25 years old, you can dismiss articles about somebody who studied at Harvard in the ‘60s because you can infer there is no logical match between the two.” Evolving standards; an expanding PEP population False positives are clearly a big issue, but again one largely solvable by correctly configured technology. A far broader, and arguably thornier, challenge around Polit- ically-Exposed Persons is defining param- eters in an area where the interpretation and interplay of regulatory requirements is fraught with ambiguity. Even the defini- tion of what constitutes a PEP is problem- atic, and while the EU’s Fourth Anti-Money Laundering Directive (MLD IV) seeks to remedy this, the general consensus seems to be that it has only partially succeeded. MLD IV expands the definition to include domestic prominent public function hold- ers and requires institutions to screen their clients for domestic PEPs. Furthermore, as EY has warned, application of the Directive is tending towards firms being forced to treat all PEPs, either domestic or foreign, as high-risk. As a result, many firms will have to significantly increase the amount of searches they carry out to identify PEPs and then apply enhanced CDD measures to a far greater proportion of clients. Along with having far more PEPs to manage and monitor, there may also be a need for significant back-book remediation. While Simplified Due Diligence can cur- rently be applied to certain categories of client, MLD IV drastically reduces the cir- cumstances in which SDD applies. Instead, SDD will have to be justified on a case-by- case basis on the basis of a holistic risk assessment. EU states will have to take a view on the money laundering and terrorist financing risks their jurisdiction represents as part of this process. The industry now awaits further technical guidance from the European Supervisory Authorities on de- termining whether Simplified or Enhanced DD applies. Globalisation For institutions operating globally, pick- ing a path through the various applicable regulatory standards can be trouble- some, the panel said. Global standardisa- tion with minimal local deviations is what most firms will be seeking in operational efficiency terms, and to deliver a consistent experience to clients operating interna- tionally while leveraging information held elsewhere in the group. Here, some firms are already taking a “super-equivalence” approach of applying tough US or UK standards across the board, but here the experts urged common sense. (Several sur- vey respondents specifically identified go- ing beyond local requirements as a source of client annoyance.) Emma Radmore argued that although firms should try to apply the highest global standards, they also need to strike a sen- sible balance. “Due diligence on a Cana- dian client will be adequate for Canadian purposes, but may not be completely so for UK purposes. If this client is not going to have anything to do with the UK, can you say that on a global level you’re still compliant so long as it complies with local policies?” she said. “As long as you’ve got a procedure that correctly identifies which laws you have to comply with and a procedure that clearly identifies when you may be able to depart from those - and it doesn’t become an accepted norm - then I think it can work. A policy that doesn’t recognise that is probably doomed to failure.” Dialling thresholds up…and down As discussed, wealth managers are diver- sifying away from mature markets like the UK and US where it is easier to gather in- formation, to target newer markets like China, the Commonwealth of Independent States, Middle East, Russia, Latin America and Africa. Dramatic geopolitical shifts in growth markets mean policies, procedures and systems can rapidly fall behind, over-sensi- tivity to Iran perhaps being a case in point going forward. However, the real challenge represented by clients linked to these countries is simply that they are places where documenting source of wealth/ funds is harder and PEP issues are com- moner. “One of the particularities of these re- gions is that wealth is often created with a nexus with a PEP, or there is an element of PEP in the file, so we have to be very well-equipped internally to deal with these issues” said Xavier Isaac. As such, com- mentators have observed that firms really face a binary choice between ramping up technology investment or limiting the markets they target business in. As was pointed out, while someone con- nected to a PEP from a financial or business perspective might not necessarily go on a PEP list, best practice dictates that they still face similar DD. “Family members have to be treated as PEPs, as when you’re looking at the risk of corruption it’s often the case that people don’t put assets in their own name,” one executive said. Here again, media searches come to the fore. “Official lists are precise on actual PEPs, but we help where they perhaps aren’t so effective – in finding PEPs among friends, family and business partners,” said Ton- chia. “We can find out dynamically from business gazettes, company databases, blogs and social media if someone is a close associate.” Even more pertinently, media checks counter the risks inherent in many databases having a six-monthly up- date cycle. “You need to be ‘reading’ infor- mation in real time on the web of today to get a fresher sense of the client and catch things before a database may register they’ve happened,” he continued. On the flip side, institutions also need to be able to dial down systems’ sensi- tivity in line with their own risk policies (and a common sense overlay). As Jona- than Kirby highlighted, the Channel Is- lands’ position is that once someone is a PEP they always are, even 20 years after leaving office. Yet clearly at these dis- tances of time, or where an individual was only a minor official, there is arguably limited potential for financial foul play. “Your father might be listed as a PEP if he was in politics 30 years ago, but the chanc- es you are both corrupt are low. Our sys- tem would read biographical information semantically, see that he hasn’t been in office for 30 years, and downgrade the red flag,” said Tonchia. “Banks have dif- ferent policies to judge how relevant and time-critical certain roles are. We can do post-processing of what is found on World-Check and determine that actually someone is a junior PEP or not one at all according to policy.” One of the particularities of these regions is that wealth is often created with a nexus with a PEP, or there is an element of PEP in the file, so we have to be very well-equipped internally to deal with these issues.
20 Towards True KYC: Technological Innovations in Client Due Diligence As Correia concluded, the risk-based ap- proach may have its complexities but it re- mains the best way of focusing on those cli- ents with the most potential to damage the institution and not turning down business unnecessarily. “There are millions of PEPs in the world and hundreds more elected each day,” he said. “Normally there is nothing wrong and in fact they are often desirable clients.” In a rapidly-changing world, institutions must ensure they can stand up to future scrutiny of their onboarding decisions and attempt to anticipate what might be termed “unknown unknowns”. “Four years from now there may have been a revolution and you may have the authorities ques- tioning why you onboarded this PEP with negative news,” one compliance expert observed. “You have to be able to answer well.” The wealthy have ever been the target of spite, yet the wise would never dismiss ad- verse media out of hand, the panel warned. As Mike Toole remarked: “You need to ap- ply a common sense overlay to the assess- ment process, thinking forward, conscious that context and goalposts change; some people aren’t on the watch lists and should be.” (Several executives said they have indeed seen anomalies, in fact.) As the panellists argued, better use of technology is vital in this sense because institutions cannot be omniscient (and nor, arguably, are they expected to be). Rea- sonable justification is the key. “Trying to stay on top of the changes in governments and how they affect an institution’s client base is almost impossible,” Correia said. “The best way to protect yourself is to have a good decision-making process, but also a well-documented process.” The prevalence of PEP risks among UHNW and international clients means they are traditionally those taking longest to onboard, since the process of clearing them has to be far more discursive, the panel observed. “It’s questions like: Is source of funds/wealth clear? Is there anything that I can’t explain? Why are they a PEP, and why might that influence be used to their benefit in ways that would cause issues,” said Kirby. “You can’t really have a checklist with PEPs, you have to find the answers to those ques- tions and then delve further.” While institutions no doubt crave certi- tude, the crux of the matter is that there are seldom simple answers, the panel point- ed out. “Dealing with PEPs is nebulous and not just a case of looking at a list,” said Chris Hamblin. “The operative word is reputation: that’s what the FATF and the regulation says is the guiding principle.” As will be discussed in Section 3, increased media searches are a vital piece of the CDD/marketing puzzle. Some blog posts may well be specious overall, but they might still reveal that an individual or com- pany operates under another name. Simi- larly, information-heavy Wikipedia is useful for disambiguating information, but can be incredibly onerous to pick through. Using multiple media sources has to inform rath- er than cloud decisions, the experts said. Amid such complexity, Roopalee Dave said top-level advice from EY is to liaise with industry associations, peers and consultancies on leading practice and industry standards, and to anticipate where regulation is heading by studying the rationale of enforcement ac- tions. (A detailed roadmap is set out by EY in its Global Information Security Survey 2015, Creating trust in the digital world). “Reviewing internal risk controls in tandem with the current cli- ent base and future business strategy is then vital in highlighting the main risk areas and where PEP controls may need tighten- ing,” she said. Importantly, enterprise and business unit-level AML risk assess- ments will need examination in light of national risk assessments and the ESA Opinion in the case of MLD IV, Dave continued; then firms will need to carry out ongoing policy reviews in line with changing external factors like changes to sanctions lists. EY is also urging firms to carry out root cause analyses of their management information on internal gaps or areas of non- compliance to identify where process, monitoring and control checks or training interventions are needed. Ultimately, the experts argued that institutions have to empow- er themselves to cope with the finely balanced decisions they are having to make as they respond to both internal and exter- nal shifts. “You have to be able to calibrate your systems to bal- ance risk and efficiency, and adapt as the landscape changes,” said Tonchia. The very significant changes discussed overleaf emphasise this need. EY’S LEADING PRACTICE ADVICE Trying to stay on top of the changes in governments and how they affect an institution’s client base is almost impossible. The best way to protect yourself is to have a good decision-making process, but also a well-documented process.
21SECTION 2 - MAJOR KYC PAIN POINTS AND THE RISKS THEY REPRESENT Sanctions: shifting sands As Figure 8 illustrates, some wealth manag- ers are more comfortable with the more chal- lenging markets than others, yet Iran, Sudan and Russia are universally seen as high risk. The two headline recent changes in this space have been in opposite directions: moves to ease international sanctions against Iran (and unfreeze some $100bn of funds), and the imposition of sanctions against Russian corporations by the UK government and others. Iranian sanctions have been a massive compliance issue for wealth managers, with the US issuing a record-breaking sin- gle-institution fine of $8.9bn for breaches in 2014. Now, firms are eyeing opportu- nities, yet the country will still have to be approached with caution, experts warn. Iran might be subject to “snap-back” re- imposition of sanctions in the case of re- cidivism on its arms programme and new secondary sanctions have already been tabled. (2015 guidance from the US Office of Foreign Assets Control said contracts with Iranians should be dissoluble if Amer- ica or Europe reinstates sanctions, and in fact, most US persons will still be prevent- ed from transacting in Iran). The easing of sanctions cannot, therefore, be treated as a permanent matter and systems need to be able to flex significantly to cope. Beware beneficial ownership “Ever-changing sanctions have increased both the importance and complexity of this process,” said Correia. “As regulatory compliance pressures have increased, KYC screening has evolved to become more in- depth and more efficient.” As he observed, firms need a single process for AML, sanc- tions, bribery and tax compliance that allows them to collate the maximum client data un- obtrusively. Given the nuances of rule chang- es, he explained that leveraging multiple data sources to get a comprehensive view of a prospect’s risk profile and the potential benefits - or risks - of a relationship is crucial. One area where firms will need significant ca- pabilities is in uncovering the ultimate ben- eficial owners of Iranian entities, commenta- tors have warned. The agreement to ease sanctions does not include entities owned or controlled by the Iranian Revolutionary Guards Corps, the third wealthiest business organisation in Iran and which controls up to a third of its economy. Matters are further complicated by the fact that many business- es operate as “bonyads” – tax-advantaged, quasi-governmental bodies with little trans- parency over beneficial ownership. Broader media searches may be invaluable here. With business and politics intertwined, Iran ranked 130th in Transparency International’s 2015 Corruption Perceptions Index (with Russia at 119 and Sudan 165), thus expos- ing direct investors to risks from the Bribery Act 2010 in the UK, and the Foreign Cor- rupt Practices Act 1977 in the US. The grave reputational risks of being associated with terrorist financing need hardly be stated. 2. STANDING UP TO SCRUTINY ON SOURCE OF WEALTH/FUNDS Given the manifold complexities of PEP screening previously discussed, it may be somewhat surprising that proving source of wealth (how the client obtained the money) and source of funds (details of where the money has been) are held to be equally problematic – yet perhaps not when the practicalities of dealing with the bureaucratic and cultural differences of newer markets are fully considered. Furthermore, issues around PEP screening and source of wealth are often inextricably linked. Amid all the practical challenges CDD pos- es, it must not be forgotten that the interna- tional drive to prevent money laundering, bribery and corruption is at root about eth- ics. That institutions are not always dealing in absolutes creates very thorny dilemmas and a concomitant need for them to be able to robustly defend their onboarding decisions with evidence of well-considered policies and their enactment. As the panel highlighted, the benighted pasts of some countries is a key consideration as a cli- ent’s original source of wealth may evolve dramatically over time to become the cur- rent source of funds. Nor, it must be said, have attitudes towards the prevention of financial crime remained static. As was pointed out, some of the methods used to get control over a business in the 1990s may not have been technically ille- gal, but would nevertheless be unaccept- able today. If the owner then decides to sell the company to a well-known Western cor- poration, the funds received by the bank from the sale may be legitimate, but the reputation risk from the owner’s behaviour in establishing the company remains. This leaves firms with serious soul-searching to do in terms of where they draw the line and how far they should and go back in deter- mining the legitimacy of wealth today. Further complicating matters is the fact that UHNW PEPs are likely to have attracted some adverse news whether justified or not. “If a bank onboards a client that has UK FIGURE 8: Rate the following countries as either low-, medium- or high-risk, according to your firm's policies: 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% Low-risk Medium-risk High-risk clients US UAE CHINA SAUDI ARABIABRAZIL MEXICO RUSSIA SUDAN IRAN
22 Towards True KYC: Technological Innovations in Client Due Diligence some negative news it risks being second- guessed at some time in the future,” one senior executive said. To be able to with- stand this kind of scrutiny, wealth managers cannot afford to take anything less than a thoroughgoing approach to adverse media searches. This need to scour documents going back decades, possibly in several languages and permutations of the client’s name, is one of the main drivers of invest- ment in technological screening solutions today. With even the best intentions, man- ual often means minimalist by necessity, the panel observed. Almost a fifth (19%) of survey respondents believe there is too much information avail- able online today for firms to ever be able to fully screen a client. This abundance is leading to dangerous random sampling rather than the exhaustive processing of sources, it seems. Here, Tonchia said that he sees even very reputable banks having operatives carry out Google searches only for them to read the first 10-50 documents before giving up; by the same token he believes that business information services are often underused as they can generate too many results to handle. “Reading the first 10 documents is good but it might be number 100 or even 999 that you need. Technology gives us better risk coverage because we can ‘read’ all of those,” he said. “It takes our system 5-10 minutes to process 10,000 documents, depending on your hardware, and that’s hard to beat with the human eye. And, yes, we have ‘automatically’ found cases in which an apparently ‘clean’ individual was involved with a company that had very explicit links to crime in this way.” As well as sifting huge volumes of data, modern systems also provide the kind of comprehensive audit trail firms need to be forearmed against the second-guessing just described. “We keep track of each micro-decision, such as an article being discarded because it’s from an unreliable source or because it’s a false positive,” said Tonchia. “Every click and every decision behind that click is auditable and some- thing you can show to the regulator years later. It offers a full ‘movie’ of all the deci- sions that ultimately led to the client being onboarded or rejected.” Following the money trail While screening PEPs may call for a par- ticularly extensive “movie”, the panel observed that since it is not enough for firms just to prove that funds were legiti- mately obtained and currently sit in a le- gitimate repository, documenting even less complex clients can also be tricky. “If the source of wealth is a person selling their business 15 years ago then it’s simple enough to obtain a solicitor’s letter saying they sold it for that amount, but we really need to see where the money has been,” said Dominic Crabb. “Just because it got paid into an account in 2000 doesn’t mean we know that it’s stayed there until 2016.” Establishing a money trail can of course become vastly more challenging with cer- tain client groups. For John Whick, proving source of wealth and source of funds are “without question the cause of most frus- tration”, with the latter perhaps the more problematic of the two. “We have to have a very good understanding of an individual’s wealth background then tie that directly into the money coming across,” he said. “With a client who sold a coal mine in Chi- na decades ago you may be dealing with handwritten statements that have to be put into source of wealth documents; then we’d have to evidence that that mine was sold and where the money then went. Fol- lowing that money pound for pound until it lands in their account is tricky.” Since the complexity of financial affairs rises in line with wealth, clarifying source of funds can pose a particular problem in the UHNW segment. “It’s easy to docu- ment money having been in shares and cash,” Hamblin said. “But if you have a cli- ent with half a billion that could be tied up in two Cayman Islands’ SPVs or Delaware companies, then you may struggle even to confirm who owns them.” 3. DATA AND DOCUMENT COLLECTION AND COLLATION Amid uncertainties around what the fi- nal requirements of new regulations will be – and what further inevitable rule changes will bring in the future – there is a strong argument for firms to store the maximum possible amount of data right across the client lifecycle as part of at- tempts to future-proof their compliance processes: 63% of wealth managers see the pace and impact of regulatory change increasing over the next three years5 . “The data under-pinning onboarding is a key challenge likely to be further compli- cated by upcoming regulations like MiFID II and the Common Reporting Standard placing further demands on client data and reporting requirements from wealth man- agers,” said Morley. “Firms have to ensure that all the relevant fields are captured and can be provided to the regulators.” Yet even given the business gains to be had from the better use of client data, and the risks surrounding any inadequacies, institutions’ capabilities for gathering and storing it seem to be diverging significantly in quality at present: 39% of wealth manag- ers rate their firm’s client data gathering ef- forts as poor to average and almost a tenth are gathering only the “bare minimum” despite the fact that data management en- hancements are a priority for 83% of firms6 . As Section 3 will discuss in more depth, data security remains a paramount concern and the more institutions are asking clients and prospects for, the greater the onus on them to protect it. The fifth of respondents identifying data and documentation issues as their biggest CDD frustration were evenly split between those who pointed to the technical difficulties of gathering and storing the requisite data, and those focused on the lengthy to-and-fro and repeat requests often required to obtain the correct documentation and the negative effect this has on the client experience. Reading the first 10 documents is good but it might be number 100 or even 999 that you need. Technology gives us better risk coverage because we can ‘read’ all of those. 39% of wealth managers rate their firm’s client data gathering efforts as poor to average and almost a tenth are gathering only the “bare minimum” despite the fact that data management enhancements are a priority for 83% of firms.
23SECTION 2 - MAJOR KYC PAIN POINTS AND THE RISKS THEY REPRESENT Both are interlinked and together contribute a large part of the potential relationship and client experience detriment that concerns firms. Also in both, we might see the old spectres of disparate legacy systems and underdeveloped digital channels looming large – issues that are proving particularly pernicious in the onboarding phase of wealth management relationships, not only in oper- ational efficiency terms, but also in detriment to the client (and advisor) experience. According to WealthBriefing research, 70% of wealth managers are using a paper/digi- tal hybrid approach for onboarding, with only 6% having gone entirely digital to use tools such as online document vaults, digi- tal signatures and dynamic forms7 . Many firms are trapped in the delays and dupli- cation caused by hardcopy, posted docu- mentation; on the front-line, many RMs are working through massive forms with clients where it is easy to miss requirements, rath- er than being guided to fill in only the es- sentials on the basis of the information and regulations at hand. 4. DETRIMENT TO THE RELATIONSHIP/CLIENT EXPERIENCE Crabb confirmed that asking for more in- formation is a big source of frustration for the front-office because investigations have to ricochet off in new directions as additional facts emerge. “At quite a late stage you might see there’s a trust that also has a beneficial owner, or that there’s an- other shareholder who has a greater than 25% shareholding in that company, so you then need more information about that,” he said. Eliciting forgotten (or indeed veiled) information from clients can obviate administrative steps and prevent wasted time. It is reportedly not unusual for PEPs to forget that they are, but fortunately new technologies can quickly uncover the truth and prevent missteps here. It must also be remembered that while cli- ents might initially be very keen to prog- ress a relationship, their enthusiasm may wane as the number of onboarding steps required rises. Predictably, the timeliness of receiving responses from clients to doc- ument requests emerged as a source of significant frustration in the survey. While the need to ask for more informa- tion may not be eradicated, the length and onerousness of the documentation process may be significantly reduced through bet- ter structured and focused conversations geared towards asking for everything neces- sary just once. As discussed on p33, having the means to carry out thorough yet efficient research on prospective clients at the earli- est possible stage is key to this. Intelligently (yet sensitively) leveraging public information may also help smooth the more awkward el- ements of the process and relieve some of the burden on both clients and relationship managers, the panel said. As was highlight- ed, firms should also always look to come to a reliable decision on whether to onboard the client or not as quickly as possible to save embarrassment for all. Record-keeping requirements are a more prosaic, but no less important element of the documentation challenge – and one where the perils of paper-based systems stand out. MLD IV requires that CDD infor- mation must be retained for five years and thereafter deleted (unless otherwise stated by national law) with a maximum total reten- tion period of ten years. Identifying when data is reaching the five-year threshold will be difficult with paper-based records. Fur- thermore, firms might find that they have large amounts of historical data to review and destroy if necessary. As discussed on p13, many firms are having to do significant remediation work in certain CDD areas. Sensitive subjects Quite apart from the onerousness of tracing the journey of a client’s wealth is the need for RMs to address sensitive subjects in order to do so. While there may be no way of cir- cumventing the need to ask for documenta- tion of a death or divorce, for example, it is crucial that this is not mishandled, the panel observed. As such, implementing processes and tools to ensure this is as much of a “once and done” task as is possible is essential. The need to avoid repeat requests for in­ formation and documents is also key to minimising the potential to cause offence since, a one executive highlighted, “clarify- ing source of wealth is often difficult when cultural aspects come into play”. “Source of wealth requirements have in- creased dramatically in the last five years meaning that generally the customer expe- rience delivered in this area has room for improvement, as clients do not understand the rationale for additional documenta- tion,” said Dave. “Clients can also tend to be reluctant to share too much information on their overall wealth with their wealth manager as they are multi-banked.” Arguably, it may be overstating the case to say that sophisticated, internationally-mo- bile HNWIs from newer markets are naïve as to the requirements that need to be met in well-regulated jurisdictions. As Hamblin said: “People may resent it, but they know it is necessary.” That said, clients hailing from far less tightly-regulated jurisdictions may well be surprised by the extent of evi- dencing required if firms are adhering to the highest standards for best practice/ef- ficiency reasons. As one survey respondent observed: “Customer apathy can be a real problem as we have a global policy over and above regulation in all jurisdictions”.Standardis- ing internationally by adopting policies that are “super-equivalent” with the tough- est regimes may represent best practice, but heightens firms’ need to minimise an- noyance (and therefore differentiate them- selves from the competition) through hav- ing a well-structured, streamlined process. Here again the application of new tools can prove very useful, in perhaps unexpected ways, the experts pointed out. Validation via social media Most firms are still grappling with the appli- cability of social media for marketing and client servicing purposes, yet they should At quite a late stage you might see there’s a trust that also has a beneficial owner, or that there’s another shareholder who has a greater than 25% shareholding in that company, so you then need more informa- tion about that. Obviously we can’t expect social media to be the image of truth, but we can use it as a source of hints and confirmations. While not impossible, buying that authenti- cation from the online community is expen- sive and you can’t do it overnight.
24 Towards True KYC: Technological Innovations in Client Due Diligence Automatic Exchange of Information will see jurisdictions obtain financial information from local institutions and automatically exchange it with other countries on an annual basis. Implementation of the Common Reporting Standard (the Stan- dard for Automatic Exchange of Financial Account Information), which contains the reporting and due diligence rules of AEoI, began on 1 January 2016, requiring institutions to gather rel- evant KYC information and report to tax authorities across 58 early-adopter countries (the first exchange is set to take place in September 2017). A further 97 countries have also signalled their intention to adopt the OECD-developed legislation, which is closely modelled on US FATCA and superseded the UK’s CDOT Tax Reporting and Ex- change of Information legislation (itself known as UK FATCA). To give an indication of how seriously tax offences are being taken in the UK, prosecutions have increased 300% since 2010. The EU’s Fourth Anti-Money Laundering Directive came into force on 26 June 2015 with a two-year deadline for the legislation be written into national laws. MLD IV will oblige most EU countries to force their financial institutions to take a risk-based approach to the due diligence process for the first time. (The UK has been taking the risk-based approach since 2007). MiFID II will come into force in January 2018, the deadline having been pushed back one year. It will impose new granular reporting requirements on wealth managers, including concerning client data. As Roopalee Dave pointed out, increasing regulatory require- ments are often adding unexpected complexity due to addi- tional checks and documentation requirements. Even osten- sibly simpler elements can cause real headaches and costs. “FATCA requirements dictate that a National Insurance num- ber, or equivalent, is required at point of onboarding,” she said. “Yet several prominent countries like Saudi Arabia do not have those, meaning judgement calls are required.” REGULATORY HOT-SPOTS UK banks have reached tipping point in the fight against fi- nancial crime, with 61% believing there is enough or too much regulation, but inadequate enforcement, according to a study of 200 senior AML compliance professionals by LexisNexis Risk Solutions and the British Bankers’ Association8 . Some UK institutions are now spending as much as £660m ($950m) a year on AML compliance, yet still lack confidence they can effectively combat risks in a fast-changing crime landscape. Nearly a third think that MLD IV will have no effect on or could even increase levels of money laundering across Europe. Over 2016, 44% of banking and financial services professionals believe evolving criminal methodologies will be the biggest sin- gle emerging financial crime risk to their business. Correspond- ingly, over 2016/17 preventing cybercrime will be the single big- gest area of investment for 37% of respondents (followed by fraud at 23% and AML at 20%). Fighting financial crime in the context of online/mobile banking and digital currencies are seen to be the most significant chal- lenges banks are set to face in the future. The very serious AML complications arising from the latter are clear. UK INSTITUTIONS AT AML TIPPING POINT FATCA requirements dictate that a National Insurance number, or equivalent, is required at point of onboarding. Yet several prom­inent countries like Saudi Arabia do not have those, meaning judgement calls are required. also see its potential to facilitate CDD and minimise what might seem to be intrusive questioning, argued Tonchia. To illustrate, he described a scenario whereby a Chinese PEP claims their source of wealth is a profitable, operational busi- ness, but since the company is Chinese the usual information bureaus are unable to supply all the documents/information related to its financials and headcount. To help verify the client’s claim a wealth man- ager could first check the firm’s website to confirm a plausible amount of pages; next they could check the person’s LinkedIn profile to see they have numerous connec- tions to employees, before then finding press coverage of solid financial results and ascertaining the business exists physically via Google maps. Although none of these alone is sufficient proof that the source of wealth is legitimate, in combination they may greatly increase the institution’s confidence and help point the way with- out RMs having to go back to the client as much. “Obviously we can’t expect social media to be the image of truth, but we can use it as a source of hints and confirmations. While not impossible, buying that authentication from the online community is expensive and you can’t do it overnight,” said Ton- chia. “Taking media sources together you get a footprint that really points to this company existing, having legitimate busi- ness and a certain turnover that might jus- tify the client coming to the bank with that money, rather than them having misappro- priated it.” 5. ADAPTING TO REGULATORY CHANGE AND JURISDICTIONAL DIFFERENCES Only a tenth of respondents see coping with regulatory change and the interplay between international rules as the most frustrating part of the client due diligence process. Arguably, however, an unrelent- ing pace of change has become very much the norm. While wealth managers are grap- pling with an alphabet soup of new rules concerning market conduct, corporate governance and client protection, many of these are increasing screening and re- porting requirements, in addition to those specifically focused on CDD.
25SECTION 2 - MAJOR KYC PAIN POINTS AND THE RISKS THEY REPRESENT 2-4 DAYS FIGURE 9: Average onboarding time HNW client vs legal entity 45% 40% 35% 30% 25% 20% 15% 10% 5% 0% HNW client Legal entity 5-10 DAYS 11-20 DAYS 21-40 DAYS 41+ DAYS As fiduciaries, we are the legal owner of the assets we onboard and as a result we have higher duties. 6. TRUSTS AND ULTIMATE BENEFICIAL OWNER ISSUES Although trusts and Ultimate Beneficial Owner issues don’t seem as problematic as other elements of CDD, they do seem to be yet another drag on efficiency which regulatory change will only exacerbate. WealthBriefing research on how long on- boarding clients takes has revealed a very wide spread across the industry, with sur- prisingly lengthy times often the norm for both individual clients and legal entities. As Figure 9 shows, however, the very lengthy onboarding durations of over 41 business days are more common for legal entities and the very rapid ones of a few days less common. The crux of the matter is of course the need to identify, verify and clear all ultimate ben- eficial owners retaining more than 25% of the capital or profits of the legal entity. As the experts pointed out, identifying all the relevant shareholders and directors of a company can take weeks, if not months, particularly if companies or individuals are holding those assets in various sub-struc- tures – which in turn is likely to bring regis- tries in several tax-advantaged jurisdictions into play. While it may be relatively simple to screen domestic clients and companies through a single national corporate regis- try, multi-country database coverage of the kind provided by Bureau van Dijk or Dun Bradstreet is increasingly vital in a wealth management context due to the nature of HNWIs’ financial affairs, it was said. It is because of these factors, Dave noted, that CDD turnaround times are driven prin- cipally by client type and not just by risk classification. “Clients who are individual or joint and are not PEPs should have their accounts reviewed and opened within days,” she said. “Corporates with multiple layers of ownership and where multiple beneficial owners have to be identified and verified can take weeks due to additional checks being necessary and firms often having to refer back to the client for further information.” “The higher the net worth, we see increased use of Special Purpose Vehicles, such as use of British Virgin Island structures. Complet- ing due diligence on such structures can really burn your time. Also, geographical is- sues create a lot of work in coordinating the face-to-face meetings with the end-client,” said Toole. “Even the ID checks on multi- billionaires with business empires is never easy, even if they have a representative doing a lot of the groundwork.” This task will certainly not be made easier under MLD IV. As part of the international drive towards greater transparency regard- ing business and company structures, it im- poses far more prescriptive provisions for identifying and verifying beneficial owners for legal persons, trusts and similar legal ar- rangements. This applies for both new and existing clients, on a risk-sensitive basis. Under MLD IV, central registers for benefi- cial owners are required, which are to be maintained in EU countries and accessible to any person with a legitimate interest. (for the US approach see overleaf). Important- ly, institutions are enjoined to prove that they have not relied solely upon a central register to fulfil their CDD obligations. MLD IV also puts more emphasis on institu- tions making sure they are capturing chang- es to beneficial ownership, underscoring the need for more regular, automated re- screening capabilities. This will be particu- larly important for global banks rescreening tens of thousands of corporate clients a year and all their shareholders. “Screening legal entities with myriad beneficial owners and sub-structures could take weeks for an ana- lyst,” said Tonchia. “However, if everything is configured correctly to drill down like that it could take just minutes with an automated tool.” Here, the rapid-response advantages conveyed by carrying out in-depth media screens automatically were also highlight- ed, since corporate registries only tend to show new shareholders annually. The value of examining interleaved in- formation from official sources alongside that from wide-reaching media searches is brought into starker relief when the in- depth requirements placed on trust com- panies and the often labyrinthine business and family arrangements they work with are considered. “As fiduciaries, we are the legal owner of the assets we onboard and as a result we have higher duties,” said Isaac. “In practical terms, we need to go beyond the normal onboard- ing and understand the family tree.” Associ- ates or family members may have PEP status that they may have derived business benefits from; or there may be a PEP element to the shareholders of the business the client is run- ning. “You have to go to that level of depth; you have to understand the rationale of the structure,” he concluded. As ever, reputational risk is also a top concern when deciding whether to on- board a corporate entity, the panel noted. Investigating where companies do busi- ness, rather than just where they have offi- cial offices, and ruling out adverse media is something most wealth managers will want to do at a time when the negative impact of any corporate scandal is rapidly ampli- fied via social media. Here again, technology calibration is key because attracting adverse media is just as much to be expected for large corpo- rates as it is for UHNW clients, the panel observed. As such, a well-known name is likely to prove a double-edged sword: a large body of negative news may need to be dismissed but source of wealth will be easier to validate no matter how complex the ownership structure is.
26 Towards True KYC: Technological Innovations in Client Due Diligence CDD DEVELOPMENTS FROM A US PERSPECTIVE Are you seeing any significant divergences in EU and US policies on CDD? EW: They are congruent in most major respects. The divergence, from the US perspective, is AML, economic sanctions or anti-cor- ruption rules not being enforced with the same rigour in the EU. US law enforcement would point to almost all the major enforce- ment cases brought in the US against EU-based banks for pur- posefully changing information in SWIFT message fields to hide US-prohibited originators or beneficiaries of dollar-denominated electronic funds transfers. US officials would make this point even though the UK’s anti-bribery law, for example, has a broader scope than the US Foreign Corrupt Practices Act (FCPA). Divergent enforcement will become a particular issue once disclo- sure of beneficial ownership becomes widely adopted - which will take a good deal of time, and even longer to ensure accuracy. DA: I would agree that the US authorities are far tougher in prose- cuting AML cases than their European counterparts. Recent cases have shown escalating penalties and fines in the billions of dollars, the prosecution of senior management, and in certain cases, board members have been required to pay fines out of their own pockets. Also, since 9/11, US lawmakers have linked AML requirements to the USA PATRIOT Act and the notion of homeland security, so there is a special significance in the US attached to the overall AML effort. Europe’s MLD IV imposes far more onerous requirements for verifying ultimate beneficial owners, including the maintenance of national databases. Will the US mirror this? EW: The US approach, as outlined in a FinCEN proposed rulemak- ing, requires disclosure of the beneficial ownership of an entity opening an account with limited types of financial institutions - pri- marily banks and securities brokerages. FIs will be required to keep this information on file for a number of years and to provide this to this to law enforcement on request. Unlike MLD IV, beneficial ownership information in the US will not be made public; nor will the disclosure of beneficial owners upon formation be required, because corporations and LLPs etc., are almost exclusively creatures of the states, not the federal govern- ment. Absent an act of Congress, the federal government has no authority to direct states in this area. The federal government may, however, direct financial institutions because all but a very few banks are subject to federal regulation. It is anticipated that some states, on their own timetable, will re- quire disclosure of beneficial ownership information upon com- pany formation. Here, the federal system in the US will make searching for information difficult; when federal law enforcement agencies are searching for a beneficial owner unknown to them, they will be forced to ask a large number of FIs for information as they may only have the name of an individual and no connec- tion to a company. Searching state databases will be similarly cumbersome: the US has 53 jurisdictions in which companies may be formed. Absent knowledge of the state of formation, all jurisdictions must be asked. The New York authorities propose making CCOs personally liable for certifying the effectiveness of their firm’s AML transaction monitoring and watch list filtering systems. Are CCOs really in a position to do this, and might this further impact senior staff retention? DA: There are some understandable concerns about the proposed New York law. CCOs do not generally control budgets, and while many are increasingly getting much more proficient in technology, no system is perfect. What is of most concern is that the “reasonableness” standard present in rules 38-a1 and 206(4)7 by the SEC is missing. The ab- sence of this standard means that we are imposing essentially a Unlike MLD IV, beneficial ownership information in the US will not be made public; nor will the disclosure of beneficial owners upon formation be required, because corporations and LLPs etc., are almost exclusively creatures of the states, not the federal government. Absent an act of Congress, the fed- eral government has no authority to direct states in this area. Given its lead role in the global fight against financial crime and corruption, wealth managers keenly watch CDD developments coming out of the US. Here, Ed Wilson and Don Andrews, partners at US law firm Venable LLP, examine America’s latest regulatory and legal moves.
27SECTION 2 - MAJOR KYC PAIN POINTS AND THE RISKS THEY REPRESENT strict liability standard on an individual who does not control bud- gets, often has limited resources, and even under ideal condi- tions cannot be expected to be omniscient. This is the reason the proposed law has drawn so much criticism, which I believe is fair. Even under a reasonableness standard, it has been argued that the CCO is simply the wrong person to impose the certification on; they do not control hiring or resourcing decisions, and are limited in their effectiveness by the tone that permeates from the top of the organisation. Several institutions in the US have recently been drawn into private litigation related to CDD issues, with suits brought over the loss of applicant clients’ data and – far more seriously – the contribution of AML failings to the commission of drug-related murder. How well are firms addressing these huge legal and reputational risks? DA: The threat of regulatory sanctions for wealth managers, given the potential impact to a wealth manager’s reputation, is some- thing that cannot be ignored. Reputation is paramount in the wealth management business. As such, wealth managers need to take whatever steps are necessary to address and excel in the new regulatory environment. If that means reaching out to third-party attorneys and consultants to assist with designing and implement- ing a sound AML program, they should do so. The goalposts on AML/PEP/sanctions screening seem to be constantly shifting. What key trends do wealth managers need to be anticipating to minimise future risks? EW: The goalposts are changing, but in a predictable way, at least in the US – towards greater transparency in ownership and transaction participation, and easier law enforcement access to fi- nancial records. The one exception is the US’s reluctance to use tax data for purposes other than tax enforcement due concerns this will lower the voluntary tax compliance percentages in the US (although US tax treaties provide foreign governments with cross-border data about their residents). I think the greatest changes will be in the continuing use of in- creasing computing power to identify, track and apprehend bad actors. This has been the major theme since the early 1980s, when computers entered common commerce. In terms of US financial institutions, increasing regulatory expec- tations will force further concentration of cross-border banking activities into fewer banks as the cost of regulatory compliance continues to grow. There will also continue to be tensions among countries on enforc- ing economic sanctions. The US sanctions against Cuba have long been an example of this tension. On this point, the easing of US (and EU) sanctions against Iran is a big recent development. What can you say about the opportunities and challenges this market now represents? EW: Iran is a large market with a young and growing population, and every company interested in expansion would like to be there. There are, however, a number of issues to consider in addition to the substantial, ongoing US sanctions against Iran, entities in Iran, etc., and against using the US dollar in commerce with Iran. Doing business in Iran is largely an unknown for most of the OECD countries. How will disputes be resolved? Profits repatriated? Who may own what? What are the rules? What permits are necessary? Who regulates and to what degree? These and a number of other questions are being studied carefully. The goalposts are changing, but in a predictable way, at least in the US – towards greater transparency in ownership and transaction participation, and easier law enforcement access to financial records. Doing business in Iran is largely an unknown for most of the OECD countries. How will disputes be resolved? Profits repatriated? Who may own what? What are the rules? What permits are necessary? Who regulates and to what degree? These and a number of other questions are being studied carefully.
28 Towards True KYC: Technological Innovations in Client Due Diligence REDUCING REGULATORY, REPUTATIONAL AND PERSONAL RISK In every compliance officer’s mind, accord- ing to Chris Hamblin, there is a “hierarchy of fear” - a list of agencies and disciplinary processes that have the power to de-rail his career, with the most dangerous at the top. This is true of compliance officers at all wealth management firms the world over. In almost all jurisdictions, the most seri- ous threat comes from the Office of For- eign Assets Control, the US Treasury body which enforces economic and trade sanc- tions based on US foreign policy. “If you end up serving a terrorist or someone else on the OFAC list and they find out because the transaction goes through the New York Clearing House, then your career as a compliance officer is over,” Hamblin said. Ranking next would be a visit from the au- thorities if the firm were based in a Western or otherwise robustly-regulated jurisdic- tion, Hamblin continued, explaining that firms can have a real challenge in coping with the scrutiny of multiple regulators. “There might be a subsidiary here in the UK of a boutique German private bank that deals mainly with German expats and if half its clients are German, home state regulation applies; then, you might have other branches elsewhere and you’ve got to worry about what the regulators are do- ing there,” he said. “If you’re based in a jurisdiction that has really weak regulation where they hardly ever do visits then it’s the UK or the US regulator you’ve got to worry about. That happens a lot in private bank- ing here in the UK.” Confirming the FCA’s stance on prece- dence, Rob Taylor, head of investment management, said: “Problems are most likely to be found where global compa- nies are not setting up proper UK-sited decision-making before taking on new cli- ents. We expect client records as well as all decision-making with regard to client take- on to be a UK decision and not subject to another jurisdiction’s practices.” Behind all this, and dominated by the US Government, is the Financial Action Task Force, the international standard-setter that dictates the ways in which countries must make their financial firms combat money laundering and terrorist financ- ing. (Many FATF-style regional bodies ex- ist, including MONEYVAL, the Asia/Pacific Group on Money Laundering and the South America Financial Action Task Force.) As commentators have long highlighted, the US and UK are leading the world on regu- latory policy in a number of areas, with the rest of the world’s jurisdictions following their lead at varying speeds. Significantly, then, both continue to ramp up pressures on the CDD front. The US Securities and Exchange Commis- sion’s 2016 plan focuses on big data ana- lytics in transaction monitoring and the as- sessment of AML compliance. Meanwhile, the FCA has been high-profile recently in confiscating revenues arising from improp- erly-processed business and condemning any cutting of corners in order not to ir- ritate clients. It should also be noted that the UK authorities are pioneering “super- equivalence”, whereby a country insists that every “reporting firm” listed on its stock exchange and/or overseen by its regulators must follow home regulations all over the world. In a further interesting development, the start of 2016 also saw the FCA express “serious concerns” over the AML controls at Contracts for Difference providers. While they are certainly not limited to AML/ PEP/sanctions breaches, failings in these areas have contributed significantly to the tally of immense regulatory fines that have been meted out with such alarming regu- larity in recent years. And, it must be said, the US and UK have been leading the way here too, in issuing record-breaking penal- ties. These multi-million (and increasingly billion) dollar fines reinforce just how costly compliance failings can be, but of course it is not just top-level financial penalties that cause lasting harm, the experts said. Many wealth managers are listed/part of listed banks with shareholders to answer to, but all firms have to fear the reputation- al damage they face when they break the rules. This is a competitive sector serving a highly discerning client base where both individuals and corporations have a seri- ous interest in protecting their own reputa- tions. When finely-judged buying decisions are being made, wealth managers obvi- ously have to prevent any adverse media of their own – particularly when emotive topics such as money laundering (and its consequences) are concerned. As Mike Toole argued, protecting the firm’s good name will be an absolute priority for all, but perhaps even more so for newer firms that are still building the brand equity which would to some degree insulate them from public regulatory strife. “We’re going over and above where we need to be ac- cording to the law; as a business we’re very cautious when it comes to AML,” he said. “Being a younger organisation, if we get it wrong then in proportion the impact to the business is far bigger than for a longer- established one.” The panel also highlighted that interna- tionally, matters are very much tending towards compliance chiefs being held in- dividually liable for their firms’ behaviour. The FCA, for example, spoke of “embed- ding a culture of personal responsibility throughout the financial services industry” when introducing its new Senior Managers’ and Certification Regime in October 2015. Personal liability in a fast-changing and arguably capriciously regulated area like CDD is significant burden, but what may have CCOs even more concerned, how- ever, are moves towards making them personally liable for the specifics of techn logical set-ups too. As we’ve seen, when an institution’s reputation is tarnished internationally the impact on everyone – including the front-office – is very, very significant. SECTION 3 HOW NEW TECHNOLOGIES AID BEST PRACTICE
29SECTION 3 – HOW NEW TECHNOLOGIES AID BEST PRACTICE At the end of 2015 The New York Depart- ment of Financial Services proposed new minimum requirements for AML transac- tion monitoring and watch list filtering sys- tems, with CCOs under personal - and per- haps even criminal - liability for certifying their effectiveness each year. Regulators have long asked what technology provi- sion is like, but this is clearly a new kind of accountability. The new requirements, which would apply to all New York State-regulated institutions (including foreign ones with a NY licence) are modelled on the certification require- ment of the 2002 Sarbanes-Oxley Act, but have scope to be far more burdensome, commentators say, due to the absence of a “materiality” standard and the subjective assertions of system efficacy that must be made. Commentators have warned that asking CCOs to answer for this across a complex global banking group may exac- erbate the challenge of retaining top-flight AML executives. FOSTERING COOPERATION AND COLLABORATION Modern CDD tools are certainly very im- pressive in their processing power and use of techniques like semantic analysis. Yet thinking beyond the technical speci- fications, it is their potential to improve the human elements of the CDD process that seems to be really resonating. Work- flow practices that enable better intra- and inter-departmental cooperation are sorely needed, it was said. While it would be overstating the case to think of compliance and advisors as intrac- tably at odds, their differing priorities mean there are undoubtedly inherent tensions between the two sides. Resolving these is clearly a complex cultural issue, yet tech- nology can play an important role in help- ing the two sides work better together. Combative mindsets should in fact already be well on their way to dying out, the panel observed. Chief among the factors contributing to their demise is that firms are increasingly embedding the requirement for advisors to really understand clients’ risk implications in their remuneration poli- cies. Heightened reputational concerns are also focusing minds. “As we’ve seen, when an institution’s reputation is tarnished inter- nationally the impact on everyone – includ- ing the front-office – is very, very signifi- cant,” said Jonathan Kirby. To increase the likelihood of signing up a client, in the past advisors may have been tempted to take a minimalist approach to their investigations, but recalcitrance is increasingly no longer tolerated in any degree, it was said. It seems that both sides are increasingly asked to “dual-hat” in CDD matters. Ad- visors are valued as commercial operators, yet are firmly positioned as the first line of defence in risk management. Contrariwise, “Compliance can’t just be the ‘no people”, as several of the experts put it, since their very existence depends on revenues com- ing in. “Within the boundaries of regula- tions, policies and procedures, compliance should be working in partnership with RMs and not ruling by fear,” said Xavier Isaac. “They need a can-do attitude.” With one focused on getting business and the other on vetting it, the risk/reward em- phasis will necessarily differ between the two departments (and a certain level of tension is probably healthy). Underlying alignment is rather the aim, it was said, adding another strand to the challenge of maintaining corporate culture in an MA scenario. “This isn’t just about hard things like technology, politics and processes, it’s also about soft things like value systems and business culture,” Isaac continued. “It’s fundamental for RMs and compliance to share the same values and be dedicated to the same sustainable business model.” In practical terms, this requires both ad- visors and compliance to keep an open mind (in both directions) and take nothing at face value. “Without any presumption of guilt, you always have to interrogate the in- formation given to you and satisfy yourself that it is correct,” said Kirby. “You should investigate as much about your potential client as early as possible and leave room to interrogate that information at a later stage.” On the other hand, compliance must be enabled to sign off all the business it ap- propriately can, which creates a real im- perative to be able to drill deep into multiple sources of information. As one senior executive remarked: “The problem with Russian clients is that there are genuine ones you can’t find a good history to clear, and at the same time ones you know should be on a sanctions list above others, aren’t. You intuitively know whether you should deal with them, but it’s hard to find categorical facts any- where that backs your gut feeling.” As discussed, onboarding decisions are often far from clear-cut even on regulatory lines, without considering broader risk poli- cies and ethical issues. Amid these com- plexities, the panel identified a real need for easier but also better documented col- laboration within compliance teams. In practical terms, the scarcity of top bank- ers who can balance business development needs and the sharper compliance issues means that senior expertise must be opti- mally deployed. While tough decisions must ultimately be theirs, tools allowing more ju- nior staff to push cases further along their journey will be a real boon. As Alessandro Tonchia noted, being able to see the right information in the right order makes the decision to escalate or not far clearer. More broadly, modern workflow-based systems make it easier to call on the wider expertise of the institution and collaborate digitally with colleagues anywhere in the world. The merits of such an approach are clear, but maintaining accountability for each step in decision-making then becomes a challenge. In response, modern onboard- ing systems place great emphasis on creat- ing robust audit trails that can encompass multiple users, communication channels and information sources to capture all the inevitable to-and-fro – and to prevent mis- takes. While the vast majority of RMs take their responsibilities very seriously, mecha- nisms to prevent an overreliance on trust or even outright malpractice are wise, it was observed. “Our tool puts client searches into a database no-one can tamper with as part of a complete audit trail you can show the regulator,” said Tonchia. As well as documenting collaboration ef- fectively, modern technologies could also be said to make the kind of senior col- laboration required for firms to truly fulfil their obligations possible. Best practice is held to be a senior committee operating almost along adversarial lines in which, as Isaac said, “you challenge each other to see if you’re comfortable to go ahead”. However, the way that risk policies actually play out can fall short of this ideal, meaning that firms may be opening themselves to huge risks by relying on physical meetings to the exclusion of digital collaboration. Within the boundaries of regulations, policies and procedures, compliance should be working in partnership with RMs and not ruling by fear. They need a can-do attitude.
30 Towards True KYC: Technological Innovations in Client Due Diligence “The process whereby the most senior executives make the onboarding decision for PEPs may look perfect on paper, but may be flawed in practice,” one compli- ance expert argued. “Executives may be travelling or otherwise unavailable and the onboarding decisions are actually made by delegates, or delegates of delegates.” As discussed in Section 1, bolstering the ability of junior compliance officers to stand up to perhaps more powerful RMs through giving them greater command of information is vital – as are mandatory trig- gers for red flag escalation. Indeed, con- structive challenging seems key to foster- ing the right culture overall. “Certain values and cultures need to be promoted and there’s an obligation to challenge each other on the decision- making process with good intent. Integrity needs to be coming from the top,” said Isaac. “The ability to say no is a big chal- lenge to a business; to say this is a big risk and we don’t want to go ahead even if it is a million-dollar fee a year client.” PROPER PROCESS (BUT NOT AD INFINITUM) As the experts argued, institutions cannot hope to be entirely infallible in matters like making the correct call on adverse media and nor do regulators expect them to be; rather, they need to show all reasonable steps were taken and that proper proce- dures were followed. Correspondingly, tools are dual-focused on getting firms to the point where they are comfortable with a decision - internally, with clients themselves and with regulators – and evidencing how they got there. The message from regula- tors has been abundantly clear in recent years: if it isn’t documented, it isn’t done. “Everyone can make mistakes, but what no one can accept – whether that’s a judge or an internal compliance head – is that you haven’t properly documented and pro- cessed the onboarding,” said Isaac, add- ing that this need to be able to withstand the second guessing described on p22 is a big driver of outsourcing. “If you pay a fee to professionalise a search with an inde- pendent specialist that gives you a degree of comfort and will help you if the decision was unfortunately the wrong one,” he con- tinued. “You can then at least defend your- self in a much stronger way.” While process is key, the panel did however caution that this needs to be reasonable, with both RMs and clients’ expectations of requirements and timeframes clearly set so that only what is feasible is promised. As sev- eral of the experts argued, an environment has been created where people are often afraid to make a decision and so firms run the risk of becoming mired in “endless pro- cess” in CDD a way that is very unfair to the business and to RMs. “They are entitled to an answer,” one exec- utive said. “You should help them give all the information to the compliance officer and also realise that not making a decision is making a decision.” To this end, the pan- ellists noted that firms increasingly ask new recruits to spend time with compliance to better understand their processes and priorities; including compliance officers in client-facing scenarios is also known. Interestingly, onboarding/CDD technology providers have also highlighted that forward- thinking institutions tend to approach imple- mentations by overhauling their policies and processes collaboratively from the start (often convening multi disciplinary working groups drawn from several markets). As well as streamlining workflows, wealth managers have been known to eradicate up to 100 un- necessary data points and scores of unnec- essary pages of forms from their onboarding processes this way. The experts also highlighted the impor- tance of fostering positive relations if interdepartmental Service Level Agree- ments on turnaround times/data capture are in place. Arguably more important, however, is the significant goodwill need- ed to develop the standardised “golden processes” in compliance global wealth managers now pursue. Arbitrating be- tween different jurisdictions and compet- ing internal interests is no easy task. As Emma Radmore affirmed: “Globalisation is only possible with collaboration and understanding of the whole business”. STEPPING UP MEDIA SCREENING They [RMs] are entitled to an answer. You should help them give all the informa- tion to the compli- ance officer and also realise that not making a decision is making a decision. DAILY FIGURE 10: How often are clients fully rescreened at your firm? 50% 45% 40% 35% 30% 25% 20% 15% 10% 5% 0% Low-risk Medium-risk High-risk clients WEEKLY MONTHLY QUARTERLY SIX-MONTHLY ANNUALLY 13% 49% Already daily Yes No FIGURE 11: Would you be in favour of your institution fulling screening all clients daily? 38%
31SECTION 3 – HOW NEW TECHNOLOGIES AID BEST PRACTICE As Figure 10 shows, wealth managers vary widely on how often they fully rescreen their clients: almost half are rescreening low-risk clients in full only once a year and just 14% daily; most will run full checks on high-risk clients monthly and 19% daily. Policies and procedures clearly differ very much across the industry. What level of rescreening frequency con- stitutes best practice is obviously highly dependent on the resourcing in place, the institution’s risk tolerances and the char- acteristics of its client base. Further com- plicating the picture, watch list and media screening typically bifurcate in frequency. “For the first we see a lot of banks doing it daily and some weekly; in contrast, for me- dia searches and the more exhaustive due diligence they are doing it every twelve months because they are very labour inten- sive,” Tonchia said. “This is exactly the pro- cess we want to automate with smartKYC, so firms can do the daily or weekly media checks too.” Contributors to this report confirmed that in some parts of the world their institution media screens clients daily, but elsewhere this is limited to PEPs only. Correspondingly, only a tenth of respondents said that media checks were their firm’s greatest priority. As Figure 13 illustrates, media searches are way down the list of wealth managers’ current priorities. There is a strong appe- tite for increasing the frequency with which clients are fully screened, however - this meaning overnight for many. In the near term, 42% of institutions plan to increase the frequency of fully screening their client books in the near term. Almost half (49%) of respondents would favour daily screen- ing of all their institution’s clients, adding to the 14% of institutions for which this is already the norm. Tonchia sees wealth managers increas- ingly coming to the realisation that in to- day’s 24-hour news, social media imbued society, media sweeps may be the fastest means of finding out if danger signals have emerged – making them a very important, if apparently somewhat under-used, risk management tool. “The media is far richer than watch lists, which means you can ac- cess more subtle gossip that might whisper a red flag in your ear,” he said. This, as the panel observed, allows firms to be far more proactive in protecting themselves. “We want to find anything relevant - not just from a formal KYC perspective, but from a reputational risk perspective,” said Dominic Crabb. “It might be that an indi- vidual isn’t on any sanctions list, but yet still isn’t someone we want to be associated with, or they may have been summoned, but not yet brought to court. We’d be look- ing to pick that up.” As well as bringing this risk management closer to real time, more regular media screening also helps relationship managers stay closer to their clients by catching posi- tive news. “You might find a commercial op- portunity because something interesting about your client emerges overnight in the press, like them having sold a business,” said Tonchia. “With our tool you can make media screening faster, and more or less automatic, to get compliance, operational and business benefits at the same time.” The objections of respondents not in favour of daily screening tended to centre on the misapprehension that they would then be dismissing red flags over and over daily, which of course is not the case. Technology providers are evidently creating a great deal of customisability in terms of aligning sys- tems with individual firm’s risk parameters. In an ever-shifting regulatory and geopoliti- cal environment, the ability to reflect chang- es in compliance policies and procedures easily within IT is essential. As discussed on p18, a degree of “fuzzy matching” is desir- able in searches, but optimal sensitivity lev- els may need to be refined over time, with flags up or downgraded according to sense or policy. Those fearing that more frequent screen- ing may create extra work will also be reas- sured to know that new generation software is designed not only to reduce workloads through automation, but also to smooth them by allowing tasks to be scheduled according to priority and resourcing. “We give banks a way to balance their re- views so they can structure daily reviews to fill gaps in other work or hold the refresh if everyone is busy,” said Tonchia. “Or, be- cause most of it is automatic, you could instruct the system that investigating some- one who was green and is now amber be postponed for a week or so. You can tweak the queues to balance the workload much better.” AUGMENTATION, NOT REPLACEMENT The technologies discussed in this report have very impressive capabilities, par- ticularly in automating previously manual searches and Straight-Through Processing. However, the technology specialists and wealth managers alike were keen to em- phasise that technology should only ever be seen as ameliorating expertise. This is a message that should also be replayed to secure staff buy-in for new ways of working, it was said. “This has always been an intelligence task and clearly the more tools you have, the easier it is,” said Spiers. “But then you still have to have someone at the end of the process who has a knowledge of the risk tolerance of the bank, the type of clients they want to take on and who can decide yes or no.” “We are not trying to substitute human judgement with our tool, but to make it easy for compliance officers to exercise their judgement based on automati- 50% 10% 10% Source of wealth/source of funds Watch lists Adverse media Connections to sanctioned countries FIGURE 13: Which checks are the greatest priority for your institution? 30% 13% 42% Already daily Yes No FIGURE 12: Does your firm plan to increase the frequency of fully screening clients in the near term? 45%
32 Towards True KYC: Technological Innovations in Client Due Diligence cally organised and relevant facts and information,” added Tonchia. “It’s about having an intelligent slave.” To illustrate, he explained that in a cutting-edge pro- cess thousands of documents in multiple languages are scanned in minutes; then, after semantic analysis of all text referenc- ing an individual or corporate entity all sen- tences with red flags are extracted. “This allows analysts to apply their human intelligence to critical sentences rather than just be lost in a haystack of Google results they can only randomly sample rather than process sources exhaustively,” said Tonchia. “No tool can replace human knowledge and corroborating capability, but they can certainly augment the abil- ity and the bandwidth of humans, thereby reducing the risk of missing critical cues.” ENHANCING THE CLIENT EXPERIENCE As well as rising compliance costs, the in- dustry is also lamenting the detriment to the client experience caused by increased regulation: 54% of wealth managers be- lieve that extended questioning and evi- dencing has had a negative effect on the onboarding experience; 52% say conver- sion times have been significantly slowed by additional regulations over the past five years9 . Notably, for 11% of participants in this study, the deleterious effect on the cli- ent experience is the most frustrating part of the due diligence process. Gathering the necessary information and documentation for CDD to take place is of course at the sharper end of the on- boarding process and there is little that wealth managers can do about the number of boxes that need to be ticked. What they can do is try to make the process as fast, smooth and beneficial to the relationship (on both sides) as possible, the panel said. Onboarding clients as speedily as – com- pliantly - possible is key to improving their experience, but moreover in preventing dropouts due to frustrating delays. Wealth- Briefing research has found that seven in ten wealth management professionals worry about clients dropping out during the on- boarding process - and it is little wonder. According to Roopalee Dave, clients who are individual/joint and are not PEPs should have their accounts reviewed and opened within days. Yet for 35% of firms, onboard- ing a non-complex HNWI takes 5-10 busi- ness days on average, with matters very much more drawn out elsewhere. For 5%, onboarding a HNW client is expected to take over 41 days and timeframes are slight- ly longer still for corporates10 . THE NEED FOR SPEED The speed of onboarding is not entirely within institutions’ control, due to delays in receiving documentation or clarifica- tions from clients, yet there are strong driv- ers for firms to optimise processes as far as possible their side. “There is increased pressure on wealth managers to open ac- counts quickly based on other firms being perceived as quicker,” said Dave, adding that this means operations teams increas- ingly have to manage tension between the risks to the institution versus efficiently taking on clients. Onboarding enhancements can clearly be a very powerful differentiator among certain client segments, the panel noted, meaning that this should be a real focus for international wealth managers likely to be dealing with UHNWIs with PEP consid- erations. As Isaac observed, because such clients expect a cumbersome process, delivering a relatively pain-free, speedy ex- perience becomes a key differentiator. “This means that strategically for players here in Switzerland, whether they are banks or fidu- ciary, it is increasingly important to be able to onboard PEPs in a smooth way,” he said. An even more important consideration are investor visa clients. In this regard, there may be said to be an element of tension caused by the fact that governments are offering visas in exchange for investment, but it is institutions that must bear the risk in terms of checking that money’s legitimacy. Rightly or wrongly, the burden is on wealth manag- ers however, and those courting this kind of business can afford no errors when clients may have a lot depending on a successful and speedy account opening. As one senior executive said, clients can become “very an- gry and litigious” if mistakes are made in the handling of their visa arrangements. This is perhaps one valid reason for firms to err on the side of caution if they foresee trouble ahead with certain clients. On the flip side, having the resources and experi- ence to manage the process well and quick- ly onboard legitimate business is a powerful marketing message many firms will be keen to get across. REDUCING DOCUMENTATION HEADACHES As part of expediting onboarding and im- proving the client experience, a growing group of wealth managers internation- ally are focusing technology investment on reducing the endless to-and-fro of documents onboarding can entail with in- novations like digital signatures and online document vaults. They are also working on ways to ensure that the maximum ground possible is cov- ered in meetings to fulfil both the softer and harder elements of client discovery. “The nirvana is to have marketing and compliance covered off at the same time, with the RM saying ‘I want to know about you and the money because I want to provide you with the best service I can’,” said Spiers. “Skilled relationship managers can elicit all this information as part of the natural client conversation.” RAMPING UP REVENUES As panellists pointed out, getting to know your prospective client as well as pos- sible during onboarding generates many opportunities to find out something useful about their needs, align this with the wider offering and offer better advice. “There’s absolutely potential to garner compliance and marketing-related information at the same time,” said John Whick. “The KYC procedure is a great opportunity to find out how much wealth there is in total, for example.” This allows analysts to apply their human intelligence to critical sentences rather than just be lost in a haystack of Google results they can only randomly sample rather than process sources exhaustively. This means that strategically for players here in Switzerland, whether they are banks or fiduciary, it is increasingly important to be able to onboard PEPs in a smooth way.
33SECTION 3 – HOW NEW TECHNOLOGIES AID BEST PRACTICE WealthBriefing research has long been focused on the simultaneous compliance, operational and business benefits institu- tions are seeking from their technology in- vestments. Rather than compliance just be- ing seen as a cost centre, wealth managers areincreasinglylookingtosqueezeaddition- al revenues from it: 69% of wealth managers see clear synergies between compliance reviews and the sales process11 . While relationship management skills are paramount, firms are turning to technol- ogy to foster the compliance/marketing “nirvana” in onboarding, tightening up processes and leveraging all the informa- tion advantages at their disposal. At the beginning of the client lifecycle, those that have made onboarding enhancements are using dynamic forms to ensure no crucial elements of compliance information are missed or incorrect (avoiding embarrass- ing repeat requests). Throughout, they are looking to make it easier for RMs to contin- ually deepen the institution’s understand- ing of client, using technology to ensure no useful insights are lost. With RMs at 79% of firms carrying out initial screening on prospective clients, system- atisation and automation here are not just about efficiencies or risk management. Be- ing able to carry out more comprehensive screening with very little time investment (or expense) can help RMs optimise their conversations with clients. “The healthiest way is to do as much re- search as possible at a very early stage because that internal process will first help you decide if it’s worth pursuing someone who might be controversial,” said Tonchia. “But also the more information you have the more you can structure the discussion to extract important information earlier in the cycle. You get a lot of interesting com- mercial discussion points and probably connect better.” Frequent media screening of clients could yield new opportunities to do business as well as highlighting adverse news – and the same degree of process can be applied by linking compliance monitoring to CRM and task lists. So, if a client has sold a business, RMs may be prompted to make sugges- tions for that liquid money or to start further compliance checks if required. What hap- pened with those conversations and checks can then flow back and forth through all systems and repositories of record. PROTECTING DATA PRIVACY Firms having to hold such large amount of very sensitive client data means that data security is top of the agenda for clients, in- stitutions and regulators. Arriving at the correct procedures is a chal- lenge in itself as there are many complexi- ties in the interplay of data protection and privacy legislation and regulation (both within individual jurisdictions and cross- border). Then, institutions have to consider the ever-changing cyber-security threat. We have seen attacks take many forms: The Hong Kong Monetary Authority regu- larly warns of fake websites set-up to steal private financial details, while a 2015 cyber- attack in the US affected 76m accounts and even the IRS has been hacked. As a sign of growing fears, in the second half of 2015, 46% of UK financial firms cited cyber risks as a key concern, up from 30% in the first half12 . Security concerns actually remain even when everything is kept in-house, ex- plained Tonchia, since searching the in- ternet “by hand” leaves many electronic traces that may be valuable to those with nefarious intent – and it should always be remembered that in many countries HNWIs’ privacy concerns are of the most serious kind. “Latin American clients are very concerned about security and are re- luctant to provide information for totally reasonable reasons,” said Kirby. Significantly, around a fifth of the respon- dents who said that detriment to the client was their biggest source of KYC frustration cited data privacy specifically. Here again new technologies can help. “Wealth managers are wrestling with cov- ering your traces. If you Google an indi- vidual’s name the conversation is essen- tially public and that automatically puts the name of your client on the street,” said Tonchia. “We implement technology to anonymise those searches so that even if they come from the bank’s domain and go out of your firewall, you strip away your ID and IP address.” Furthermore, having analysts searching thousands of documents and data sources gives rise to inbound security concerns which this technology also tackles. “When you retrieve a document you ensure noth- ing toxic gets back within your firewall. If you only give back clean text that can’t hurt you, but if you were to take back an entire binary file it could be a serious threat to your sys- tems,” Tonchia continued. “The security el- ement of screening is about protecting your identity when you go outside and protec- tion in getting stuff from outside, in.” Crucially, cybercrime insurance experts have also warned financial institutions that they are likely to have lots of data that is not strictly related to professional services and which therefore may not be covered by Professional Liability Insurance. To further underscore the imperative to guard client/prospect data zealously, there also is a grey area around how far PLI ap- plies to negligence in data breaches and whether it covers the costs of handling and remedying the breach. It seems that some policies may only cover services provided to actual clients, possibly leaving institutions liable for negligence payouts. Worryingly, in the US at least one class action lawsuit over a data breach has included applicant clients. Responses on the issue of detriment to the client experience/relationship brought data security worries to the fore. According to a recent appraisal of global corporate security standards by EY, such concerns are manifestly justified13 . • 88% of corporates internationally admit that their information security provision is inadequate • 54% do not currently have a role or department in their information security function that is focusing on the impact of new technologies • 36% doubt that they would even be able to detect a sophisticated cyber-attack DATA SECURITY CONCERNS The security element of screening is about protecting your identity when you go outside and protection in getting stuff from outside, in.
34 Towards True KYC: Technological Innovations in Client Due Diligence CONCLUSION Like previous WealthBriefing studies on other elements of the onboarding piece, this report on client due diligence proce- dures was an attempt to shine a light on an increasingly chal- lenging, yet hitherto relatively under-investigated, element of wealth management operations. Here again, institutions’ ex- periences are proving widely divergent. But while each is ex- periencing its own unique struggles surrounding CDD, across the sector these can be seen to be underpinned by a handful of key themes. It hardly needs to be said that an unrelenting pace of regula- tory change has become very much the norm for the wealth management sector globally, and in many ways CDD is a nexus between all the national, regional and supranational regulations firms are having to adapt to. New rules on market conduct, corporate governance and client protection are in- creasing screening and reporting requirements in a number of cases, while there are also a number of very significant changes relating specifically to CDD now in play or soon to be imposed. The regulatory burden has been weighing increasingly heavily on wealth managers in recent years, with sweeping overhauls of policies and procedures necessary for many and significant remedial work for still more. Tackling the ensuing drag on ef- ficiency and profitability - not to mention the inevitable drain on corporate energy – has kept technology investment at the top of the agenda. As our recent research has shown, wealth managers are increasingly turning to technology as something of a saviour in coping with the compliance challenge. This research chimes with many other studies highlighting the very real resourcing challenge wealth managers face in CDD. Compliance personnel with the requisite knowledge and ex- perience to be able to tackle the thornier regulatory, legal and ethical issues are a rare enough resource; those with the kind of in-depth technological knowledge that is increasingly called for are scarcer still. Add into the mix the very serious personal (and perhaps even criminal) liabilities that senior compliance officers will be asked to bear for decisions in CDD and it is easy to see why a war for talent is pushing compliance remuneration dramatically up. The challenge of finding, funding and retain- ing top compliance expertise is one most firms will be grap- pling with today. Technological tools which optimise the use of their time are naturally a key focus and it is clear from the results of our survey that CDD is an area ripe for improvement in a number of ways. While technology can never supplant the application of hu- man intelligence in such a highly-nuanced area as CDD, us- ing it as an “intelligent slave” ensures that human expertise is deployed where it will have most impact. The vast majority of clients present no issues from a due diligence perspective and maximising automation allows compliance officers to focus on the “tough cases”, reducing the very serious risks inherent in making the wrong onboarding decisions. At the same time, the better use of technology makes it more likely that all legitimate business that can be taken on, is. Com- pliance officers play a crucial role in both protecting and grow- ing wealth management businesses, and the new technologi- cal tools discussed in this report are designed to fulfil the same (often tricky) dual remit. In broad terms, the digitalisation of client onboarding is about converting cumbersome processes mired in duplication into efficient, beneficial experiences for all sides. As this report has argued, CDD is an area where technological enhancements can deliver perhaps the most powerful, multi-faceted benefits of all. WealthBriefing, EY and smartKYC would like to extend their warmest thanks to all the wealth management professionals and CDD experts who were kind enough to contribute to this report. As ever, feedback on any of the issues that emerged or ideas for further investigation would be most welcome. Wendy Spires Head of Research WealthBriefing wendy.spires@wealthbriefing.com
REFERENCES NUMBER SOURCE 1 Technology and Operations Trends in Wealth Management 2015 - WealthBriefing/Advent Software 2 Morgan McKinley, June 2015 3 LexisNexis Risk Solutions Future Financial Crime Risks Report 2015 - https://www.tracesmart.co.uk/news/banks-reach-tipping-point-in-fight- against-financial-crime-reveals-new-report-from-lexisnexis-risk-solutions-and-the-bba 4 Ibid 5 Technology and Operations Trends in Wealth Management 2015 - WealthBriefing/Advent Software 6 Ibid 7 Converting Compliance Challenges into Business Benefits: Optimising Client Onboarding in Wealth Management - WealthBriefing/Appway 8 LexisNexis Risk Solutions Future Financial Crime Risks Report 2015 9 Converting Compliance Challenges into Business Benefits: Optimising Client Onboarding in Wealth Management - WealthBriefing/Appway 10 Ibid 11 Ibid 12 The Bank of England’s Systemic Risk Survey 2015 13 Global Information Security Survey 2015, Creating trust in the digital world - EY
smartKYC&EYReportFeb2016wb

More Related Content

PDF
Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...
byEY
 
PDF
EY Business Pulse Report - Top 10 risks and opportunities for insurance in 20...
byey_insurance
 
PDF
KYC Initiative
byJeff Plein
 
PDF
EY Insurance Business Pulse, 2013-2015 – exploring the top 10 risks and oppor...
byEY
 
PDF
The CFO in Insurance
byAccenture Insurance
 
PDF
2014 Property & Casualty Insurance Industry Outlook: Innovation leading the way
byDeloitte United States
 
PDF
IDC concur analyst piece
byKathleen Wilhide
 
PDF
PwC 2016 Top Issues - The Aging Workforce
byTodd DeStefano
 
Overcoming compliance fatigue - Reinforcing the commitment to ethical growth ...
byEY
 
EY Business Pulse Report - Top 10 risks and opportunities for insurance in 20...
byey_insurance
 
KYC Initiative
byJeff Plein
 
EY Insurance Business Pulse, 2013-2015 – exploring the top 10 risks and oppor...
byEY
 
The CFO in Insurance
byAccenture Insurance
 
2014 Property & Casualty Insurance Industry Outlook: Innovation leading the way
byDeloitte United States
 
IDC concur analyst piece
byKathleen Wilhide
 
PwC 2016 Top Issues - The Aging Workforce
byTodd DeStefano
 

What's hot

PDF
Health Services Tax Conference Day Two
byPwC
 
PDF
Insurance Industry 2016: PwC Top Issues
byPwC
 
PDF
Managing sanctions compliance challenges
byGrant Thornton LLP
 
PDF
Adding internal audit value: Strategically leveraging compliance activities
byGrant Thornton LLP
 
PDF
Etude PwC "18th Annual Global CEO Survey Insurance 2015"
byPwC France
 
PDF
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
byLexisNexis Benelux
 
PDF
Pwc 2015 Technology Sector Sec Comment Letter Trends
byPwC
 
PPTX
IAOP Chicago Chapter April 28
bycurtherge
 
PDF
Forrester GRC Q1 2016 Report
byDaryl Resnick
 
PDF
Kroll Global Fraud Report 2011 2012
byAndres Baytelman
 
PDF
Briefing paper: Third-Party Risks: The cyber dimension
byThe Economist Media Businesses
 
PDF
CostofCompliance_2016.compressed
byArmis Inc
 
PDF
201206 Tech Decisions: Finding Profits
bySteven Callahan
 
PDF
The Productivity Imperative: 2013 Corporate Real Estate Trends for Banking an...
byJLL
 
PDF
Regulatory Change is a Business Opportunity, not a Burden
byAmit Agrawal
 
PDF
May newsletter 2017
byKAW Management Services Ltd.
 
PDF
June newsletter 2017
byKAW Management Services Ltd.
 
PPTX
How to Make Your Specialty Services Lending Rock: Credit Considerations for 4...
byColleen Beck-Domanico
 
PDF
Fighting fraud in construction
byGrant Thornton
 
PDF
APEC Building Better Cities
byPwC
 
Health Services Tax Conference Day Two
byPwC
 
Insurance Industry 2016: PwC Top Issues
byPwC
 
Managing sanctions compliance challenges
byGrant Thornton LLP
 
Adding internal audit value: Strategically leveraging compliance activities
byGrant Thornton LLP
 
Etude PwC "18th Annual Global CEO Survey Insurance 2015"
byPwC France
 
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
byLexisNexis Benelux
 
Pwc 2015 Technology Sector Sec Comment Letter Trends
byPwC
 
IAOP Chicago Chapter April 28
bycurtherge
 
Forrester GRC Q1 2016 Report
byDaryl Resnick
 
Kroll Global Fraud Report 2011 2012
byAndres Baytelman
 
Briefing paper: Third-Party Risks: The cyber dimension
byThe Economist Media Businesses
 
CostofCompliance_2016.compressed
byArmis Inc
 
201206 Tech Decisions: Finding Profits
bySteven Callahan
 
The Productivity Imperative: 2013 Corporate Real Estate Trends for Banking an...
byJLL
 
Regulatory Change is a Business Opportunity, not a Burden
byAmit Agrawal
 
May newsletter 2017
byKAW Management Services Ltd.
 
June newsletter 2017
byKAW Management Services Ltd.
 
How to Make Your Specialty Services Lending Rock: Credit Considerations for 4...
byColleen Beck-Domanico
 
Fighting fraud in construction
byGrant Thornton
 
APEC Building Better Cities
byPwC
 

Similar to smartKYC&EYReportFeb2016wb

PDF
DigitalTransformationInWealth Managementwhitepaper.pdf
byKunchidP
 
PDF
Through The Looking Glass : An executive perspective of UK wealth management ...
byScorpio Partnership
 
PDF
Data Science in Wealth Management
byPaddy Ramanathan
 
PDF
2016 wealth-management-trends
byMarie-Astrid Heyde
 
PPTX
Top Trends in Wealth Management 2020
byCapgemini
 
PDF
In my honest Opinion: a frank look at client onboarding procedures
byTHRONE Compliance Services Ltd
 
PPTX
Regulatory and Investment Change: The Client’s View
byComPeer Limited
 
PDF
Top 10 Wealth management trends_2017
byBrandy Enger, CIC
 
PDF
{339a0bff-62ee-47c2-9e18-2675dc757d27}_Wealth_Management_Report_by_FinTech_Fu...
byRenuSingh309355
 
PDF
KYC Compliance a Strategic Approach for banks
byAjay Alex
 
PDF
The rise of the bionic advisor 2019
byAntony Bream
 
PDF
Looking into the Future of Wealth Management
byRich Conley
 
PDF
Looking into the Future of Wealth Management - A Sawtooth Solutions White Paper
byRich Conley
 
PDF
Emerging Differentiators of a Successful Wealtlh Management Platform
byCognizant
 
PDF
EbookHigh touch and high tech in wealth management striking the right balance...
byKunchidP
 
PDF
EbookHigh touch and high tech in wealth management striking the right balance...
byKunchidP
 
PDF
Disruptions In Wealth Management
byAlison Rooney
 
PDF
Mercer Capital | How to Value a Wealth Management Firm March 2019
byMercer Capital
 
PDF
Pivotal CRM - Wealth Management
byPivotal CRM
 
PDF
Wealth Management Survey White Paper
byAmelia Young, CFA
 
DigitalTransformationInWealth Managementwhitepaper.pdf
byKunchidP
 
Through The Looking Glass : An executive perspective of UK wealth management ...
byScorpio Partnership
 
Data Science in Wealth Management
byPaddy Ramanathan
 
2016 wealth-management-trends
byMarie-Astrid Heyde
 
Top Trends in Wealth Management 2020
byCapgemini
 
In my honest Opinion: a frank look at client onboarding procedures
byTHRONE Compliance Services Ltd
 
Regulatory and Investment Change: The Client’s View
byComPeer Limited
 
Top 10 Wealth management trends_2017
byBrandy Enger, CIC
 
{339a0bff-62ee-47c2-9e18-2675dc757d27}_Wealth_Management_Report_by_FinTech_Fu...
byRenuSingh309355
 
KYC Compliance a Strategic Approach for banks
byAjay Alex
 
The rise of the bionic advisor 2019
byAntony Bream
 
Looking into the Future of Wealth Management
byRich Conley
 
Looking into the Future of Wealth Management - A Sawtooth Solutions White Paper
byRich Conley
 
Emerging Differentiators of a Successful Wealtlh Management Platform
byCognizant
 
EbookHigh touch and high tech in wealth management striking the right balance...
byKunchidP
 
EbookHigh touch and high tech in wealth management striking the right balance...
byKunchidP
 
Disruptions In Wealth Management
byAlison Rooney
 
Mercer Capital | How to Value a Wealth Management Firm March 2019
byMercer Capital
 
Pivotal CRM - Wealth Management
byPivotal CRM
 
Wealth Management Survey White Paper
byAmelia Young, CFA
 

smartKYC&EYReportFeb2016wb

  • 1.
  • 2.
    ©2015EYGMLimited.AllRightsReserved.ED0617 Can retirement still bean opportunity to improve financial health? EY’s global financial services team can help improve your distribution, revenue streams and retirement outcomes. ey.com/financial #BetterQuestions
  • 3.
    FOREWORD 5 EXECUTIVE SUMMARY 7 EDITORIAL PANEL 9 SECTION 1 QUANTIFYING THE KYC RESOURCING CHALLENGE 12 SECTION 2 MAJOR KYC PAIN POINTS AND THE RISKS THEY REPRESENT 18 SECTION 3 HOW NEW TECHNOLOGIES AID BEST PRACTICE 28 CONCLUSION 34 CONTENTS
  • 4.
    Published by: CLEARVIEW FINANCIALMEDIA Heathman’s House 19 Heathman’s Road London, SW6 4TJ United Kingdom In association with: smartKYC No. 1 Cornhill London, EC3V 3ND United Kingdom In association with: ERNST & YOUNG LLP 25 Churchill Place London, E14 5EY United Kingdom Author: Wendy Spires, Head of Research, ClearView Financial Media Research: Anna Hallissey, Researcher and Data Analyst, ClearView Financial Media Graphic Designer: Jackie Bosman, ClearView Financial Media © 2016 ClearView Financial Media Ltd, publishers of WealthBriefing. All rights reserved. No part of this publication may be reproduced in any form or by any means, electronic, photocopy, information retrieval system, or otherwise, without written permission from the publishers.
  • 5.
    5FOREWORD WealthBriefing Research beganinvestigating global trends in client onboarding back in 2014, breaking new ground by exam- ining in depth the challenges and opportunities this crucial first stage of wealth management relationships represents. Having delivered a broad barometer of operational best prac- tice and technological innovation in onboarding; we next looked at the role of digital signatures in ramping up efficiency and enhancing the client (and advisor) experience during what can very often be an onerous and frustrating process. We now continue the onboarding theme with a deep-dive on what is undoubtedly its most important strand: AML/Know Your Customer and sanctions screening. Client due diligence is a key focus for management teams and is where many of the key challenges facing the wealth man- agement industry intersect. Chief among these is of course the pace of regulatory change and the concomitant issues this cre- ates across compliance resourcing – both human and techno- logical - operational efficiency and risk management. The EU Member States now have until June 2017 to write the Fourth Anti-Money Laundering Directive into national law. Meanwhile, in the US definitive guidance is awaited on Fin- CEN’s Proposed Rulemaking to amend the Bank Secrecy Act to hinder the use of anonymous companies for money laundering purposes. Add in the new requirements imposed by the Com- mon Reporting Standard on tax information exchange (now live) and MiFID II (only slightly delayed to January 2018) and it is fair to say that wealth managers face a heady mix of new rules concerning CDD, in addition to the general compliance onslaught the industry has seen in the past decade or so. The ever-heavier regulatory burden is making finding, funding and retaining top compliance talent increasingly difficult at just the time when their skills are most needed. As this report will discuss, many firms are carrying out extensive remedial work as they ready themselves to meet tighter regulatory requirements and those with the requisite skills and experience to meet all the multi-faceted demands of top compliance roles are a scarce resource. Indeed, as one expert later describes, the ability to effectively balance risk mitigation and business development calls for a “remarkable individual”- particularly when we con- sider the granular knowledge of investment products, technol- ogy, law, other cultures and so on they need too. The ensuing war for talent and very strong salary growth in compliance roles means that for many institutions it has become “prohibitive to hire”, as another contributor said. In their quest to optimise the time compliance officers spend on CDD – while still maintaining the very highest standards of risk management – wealth managers are increasingly turning to technology, as with other areas of the compliance challenge. In client screening, and in onboarding processes generally, new tools are now really delivering the automation, enhanced abil- ity to collaborate and auditability institutions need – and many are said to be achieving very impressive benefits as a result. At a time when margins remain under pressure and massive fines related to CDD failings are a regularity, the appeal of si- multaneously slashing turnaround times in client onboarding and achieving higher-quality processes is encouraging invest- ment in specialist tools and complete overhauls – despite, or because of, the legacy issues most firms face. We are delighted to have been able to gather insights from 20 senior wealth management executives, compliance and tech- nology experts, lawyers and consultants for this report. We are most grateful for their input, along with that of the wealth man- agement professionals across the UK, EU, Switzerland, Hong Kong, Singapore and US who took part in the survey. We welcome feedback on this or any other research, and would be pleased to discuss any ideas for development read- ers might have. Wendy Spires Head of Research WealthBriefing wendy.spires@wealthbriefing.com FOREWORD
  • 6.
    The smartest wayto know your customer Getting a full and dynamic picture of potential and existing clients - both individuals and business entities - is becoming increasingly challenging for financial institutions. But now a solution is at hand: smartKYC has applied innovative technologies to redefine KYC searches. The system increases rigour and speed in the identification of AML and sanction red flags, and in the constant monitoring of client related risks and opportunities. By automatically finding relevant information across multiple sources and languages and by intelligently eliminating false positives, smartKYC increases the precision, efficiency and auditability of your KYC and AML efforts. A multilingual semantic engine for KYC/AML screening and due diligence
  • 7.
    7EXECUTIVE SUMMARY EXECUTIVE SUMMARY Accordingto the global survey on which this report is based, almost two-thirds (63%) of wealth managers will increase their Cli- ent Due Diligence spend in the next year, with a third maintaining current levels and just 4% predicting a fall. Of those increasing their budgets in the year ahead, just over a tenth (11%) will focus on outsourcing. The majority, however, were evenly split (44% each) between those focused predominantly on recruiting more staff and those investing in technology. Wealth managers estimate that screening high-risk clients current- ly requires an average of 5.4 man hours of work, with medium-risk prospects taking 2.5 hours and even low-risk ones 1.6 hours. The very much higher standard deviation seen for high-risk clients (3.75) versus low-risk (1.08) should be noted, however. The vast ma- jority of firms of all sizes are able to screen a low-risk prospect in around two hours, yet a fifth of firms are taking double the peer group average time to screen a high-risk client. Clearly, variation in technology investment is having a significant effect on operational efficiency today. The panellists were unsurprised that nearly eight in ten institutions (78%) ask their relationship managers to initially screen prospective clients, rather than have compliance wholly responsible, or outsource to a business administration provider as some respondents specified. To highlight another significant, but possibly easily overlooked, element of wealth managers’ workload, almost eight in ten (79%) wealth managers carry out full DD screens on prospective employ- ees and 77% check prospective partner companies to head off risks like fraud and reputational damage. It was found that almost a third (32%) of firms use some form of outsourcing in CDD currently – a figure set to rise in line with the fact that 11% of wealth managers increasing their screening bud- gets in this area over the coming year will focus their spend mainly on outsourcing. The CDD process holds many frustrations for wealth managers, with PEP/watch list screening and proving source of wealth/funds tied at the top in the rankings of institutions’ biggest pain points with 29% of the votes each. The many challenges coming under the auspices of each of these top two (arguably interlinked) pain points merits their clear lead. However, given that respondents were asked to identify the most frustrating part of the CDD process, other pain points are also clearly weighing heavily on the industry. Issues around data cap- ture and document collation (17%), and detriment caused to the client experience/relationship (11%) - particularly because of data security concerns - are high on the agenda. Adapting to regulatory change and jurisdictional differences is the biggest cause of frustration for almost a tenth (9%) of firms, while 6% of respondents ranked issues around trusts and Ultimate Beneficial Owners highest. The frustrations surrounding the latter may be expected to rise in particular as regulations forcing greater transparency in this area, like the EU’s Fourth Anti-Money Launder- ing Directive (MLD IV), come into force. The survey revealed significant divergence in institutions’ risk-rat- ings for various key countries. While Iran, Sudan and (to a slightly lesser extent) Russia are universally seen as high-risk, others like China and Mexico appear to split wealth managers between medium- and high-risk ratings. Wealth managers also appear to vary widely on how often they fully rescreen their clients. For example, it is worrying that in to- day’s fast-moving environment approaching a fifth of firms appear to be fully rescreening their high-risk clients only once a year; at the other end of the spectrum, a similar proportion are doing this daily. CDD policies and procedures clearly differ very much across the industry according to each institution’s ethos, markets and cur- rent/target client base, with internal controls also having to evolve rapidly in line with regulatory and geopolitical shifts. Importantly, rescreening frequency is said to typically bifurcate along watch list/media lines, with the former done more regu- larly due to the laboriousness of carrying out thorough media checks manually. Only a tenth of wealth managers say search- ing for adverse media on prospective clients is their biggest priority, despite the manifest advantages that real time moni- toring confers across many areas of CDD. The various chal- lenges firms are evidently experiencing in documenting source of wealth/source of funds have made tracing monies the top priority for 50% of firms, while screening via watch lists was in second place with 30% of wealth managers focusing on this. The highly variable levels of automation in client onboarding pro- cesses WealthBriefing research has revealed across the industry is clearly a key factor in how feasible best practices like full overnight rescreens for all clients are. Today’s rapidly-moving regulatory and geopolitical environment presents particular risks to the 16% of wealth managers that are only fully rescreening their high-risk cli- ents annually (a further 19% of institutions are limiting themselves to rescreening high-risk clients biannually). Almost half (49%) of respondents would be in favour of their in- stitution fully rescreening all clients daily, adding to the 13% for whom this is already a reality. Overnight rescreening of all clients may soon become a reality for at least some wealth management professionals, as 43% of firms are said to be increasing the frequency with which clients are re-screened in the near term. METHODOLOGY: 106 senior wealth management professionals in the UK, EU, Swit- zerland, Hong Kong, Singapore and US were surveyed for this report in November and December 2015. In-depth interviews were carried out with 20 senior wealth man- agement executives, compliance and technology experts, lawyers and consultants.
  • 8.
    Broad capabilities availableto serve clients from strategy to technology, regulatory specialists and tax Wealth & Asset Management Contact details Gillian Lofts UK Wealth & Asset Management Leader Direct: +44 20 7951 5131 Email: glofts@uk.ey.com Keith MacDonald Advisory Leader, Wealth & Asset Management Direct: +44 20 7951 4114 Email: kmacdonald@uk.ey.com Linda Henry Tax Leader, Wealth & Asset Management Direct: +44 20 7951 8618 Email: lhenry@uk.ey.com Sue Dawe Assurance Leader, Wealth & Asset Management Direct: +44 131 777 2180 Email: sdawe@uk.ey.com Richard Gray Transaction Advisory Services Leader, Wealth & Asset Management Direct: +44 20 7951 2857 Email: rgray@uk.ey.com Roopalee Dave Senior Manager, Wealth Management Niche Direct: +44 20 7951 9897 Email: rdave@uk.ey.com Regulation and Risk EY offers comprehensive Risk and Regulatory Advisory services, with a dedicated FS Risk team who understand the requirements of the UK regulators. Our recent Wealth projects in this area include: • MiFID II and regulatory impact assessments • S166 and Conduct Risk assessments • Suitability framework design and implementation Technology EY has delivered a large number of technology- enablement projects across the UK wealth management industry. Our recent Wealth projects in this area include: • Target Operating Model design and implementation • Process optimisation and re-design • Platform / outsourcing selection and implementation Tax EY’s tax team provides unique insight into key tax considerations for wealth management firms and their clients. Our recent Wealth projects in this area include: • Personal Tax Centre services • Employment and business tax advisory • FATCA and CRS readiness and assurance reviews • Optimisation and tax cost reduction Transaction Strategy and Implementation EY has broad experience delivering transaction support. Our recent Wealth projects in this area include: • Deal advisory and due diligence services • Business level strategy design and implementation • Global Programme Management and PMO • Post-merger integration support Strategy and Transformation EY’s Customer Advisory team offers strategic solutions to assist wealth management firms in responding to changing client trends. Our recent Wealth projects in this area include: • New market entry • Target client and segment analysis • Customer reporting diagnostic • Advice framework design & implementation • Digital strategy development ©2015Ernst&YoungLLP.AllRightsReserved.40504.indd(UK)11/15.CSGDesign.
  • 9.
    9RESEARCH ORIGINATORS RESEARCH ORIGINATORS Roopaleeleads the business development initiatives for EY’s wealth management team. She has over 15 years of experience across industry and consulting; she has worked with a range of private banks, wealth managers and retail banks in the UK and India. Roopalee has supported wealth managers by providing insights and leading projects on proposition development, strategy implementation, operational design and regulatory change. ROOPALEE DAVE Senior Manager, Wealth and Asset Management, EY Alessandro is one of Finantix’s founders and as strategy director he focuses on the company’s growth and overall direction. He is responsible for communications with major clients, business partners and analysts worldwide. Since 1992, Alessandro has represented Finantix in various capacities related to product development and global account management and been responsible for large-scale implementations of wealth management platforms. Before establishing Finantix, Alessandro was a consultant specialising in the areas of process management and CRM. ALESSANDRO TONCHIA Co-Founder, Finantix, a partner firm of smartKYC Tom is a senior manager in the EY Wealth & Asset Management practice with over nine years of experience in financial services. This includes significant time spent in wealth management and investment banking operations before joining EY in 2015. Thomas’ areas of expertise include Target Operating Model considerations, regulatory change, client onboarding and custody services. THOMAS MORLEY Senior Manager, Wealth and Asset Management, EY Wendy has been a wealth management journalist and a research writer for eight years, covering a variety of international markets and sub-sectors over that time. She has written an array of in-depth reports on issues affecting private banks and wealth managers, including technology and operations trends, enhancing the client experience, branding and marketing strategy, and risk-profiling methodologies. As well as speaking at conferences in both the UK and abroad, Wendy also regularly consults on strategic and communications issues related to the wealth and asset management market, specialising in technology. WENDY SPIRES Head of Research - WealthBriefing; Report Author
  • 10.
    10 Towards TrueKYC: Technological Innovations in Client Due Diligence EDITORIAL PANEL Christian joined Barclays in September 2011 and is head of the private bank in London, where he is responsible for the key client business in the UK. Before joining Barclays, Christian worked at JP Morgan, where he was head of European equity sales and then co-head of sales in 2010 post the merger with Cazenove. Before this he worked at Merrill Lynch and Morgan Stanley. CHRISTIAN BERCHEM Head of Private Bank - London Barclays Dominic has been a compliance manager at the London-based wealth management firm London Capital for over four years. Prior to London Capital, Dominic was a compliance manager of a high net worth client advisory firm, and holds various investment and advisory qualifications. DOMINIC CRABB Compliance Manager London Capital Chrisol is responsible for managing and developing international AML solutions, including WorldCompliance data solutions for third-party risk screening, as well as for international identification verification solutions. His areas of regulatory compliance expertise include AML-KYC, real- time transaction filtering, negative media monitoring and anti-bribery and corruption compliance. Chrisol has over 12 years’ experience in developing com- pliance data solutions, primarily for the financial services sector. He has worked with clients in over 30 countries and is a regular speaker at industry events. CHRISOL CORREIA Director, International Head of AML Compliance LexisNexis Risk Solutions Chris has edited numerous financial publications over the years, primarily in compliance. He ran Compliance Monitor, Fraud Intelligence and Money Laundering Bulletin between 1997 and 1999 and then covered for the editors of all Complinet’s online publications as the one expert who had experience of every sector. In 2001 Chris set up Complinet Money Laundering and ran it until its dissolution in 2009, chairing many compliance conferences, including one for Chatham House, along the way. He is now the editor of Compliance Matters and Offshore Red, and the compliance editor of WealthBriefing. CHRIS HAMBLIN Editor Compliance Matters
  • 11.
    11EDITORIAL PANEL Xavier ishead of Salamanca Group Trust and Fiduciary, and as such is a principal driver of the trust and fiduciary vision and strategy, supported by a multi-jurisdictional management team. Xavier gained over 20 years of experience in various management positions at ABN AMRO Bank and Trust in Luxembourg, Geneva and Jersey prior to joining Investec Trust in 2005 as managing director of the Geneva office and as CEO of the Investec Trust Group in 2009. Xavier served as the inaugural vice- president of the Swiss Association of Trust Companies and is currently a member of its committee. XAVIER ISAAC Managing Director, Salamanca Group Trust John Whick read Economics and Geography at University College London before working as an economic analyst, both in the parliamentary and corporate world. While completing an MSc at the University of London, John taught economics and finance to degree and MBA students. Prior to joining Henderson Rowe, John worked for two years as a principal trader on the European bond markets. He set up the Investor Visa offering at Henderson Rowe in 2010 and continues to develop services for the firm’s international client base. JOHN WHICK Senior Investment Manager Henderson Rowe Mike Toole is group chief operating officer of Artorius Wealth, a multi-family office and wealth manager established in 2014 that is now growing quickly in the UK and Switzerland. Previously, Mike was a partner at accountancy firm Baker Tilly, where he was group operations director for the financial management and investment businesses. Mike has 12 years’ experience in financial services and banking, including with KPMG, Santander and UK mutual societies. He was also involved in founding a Saudi family office and managing a substantial private equity portfolio. MIKE TOOLE Chief Operating Officer, Artorius Wealth WealthBriefing would also like to offer special thanks to the following contributors for their invaluable insights: • Don Andrews - Partner and Co-lead in compliance and risk management, Venable LLP • Ben Harris - Manager, Compliance, Morgan McKinley • Jonathan Kirby - Managing Director – Switzerland, JTC • Emma Radmore - Managing Associate - Financial Services and Funds, Dentons • Mark Spiers - Principal, Head of Banking, Investments and Lending, Bovill • Rob Taylor - Head of Department for Investment Management, Financial Conduct Authority • DE (Ed) Wilson Jr - Partner specialising in Washington- related business and regulatory matters, Venable LLP ADDITIONAL CONTRIBUTORS
  • 12.
    12 Towards TrueKYC: Technological Innovations in Client Due Diligence According to the survey which forms the ba- sis of this report, almost two-thirds of wealth managers will increase their CDD spend in the next year, with a third maintaining current levels and just 4% predicting a fall. Of those increasing their budgets, a tenth will focus on outsourcing (as will be seen, just under a third of institutions partially outsource their KYC function). The majority, however, were evenly split between those focused predominantly on recruiting more staff and those investing in technology. According to the panel, the importance ac- corded to technology investment is a natu- ral consequence of the industry’s shortage of compliance expertise; it also reflects - as with so many other elements of operations - how regulatory and cost pressures are opening minds to new ways of working. With no respite from regulatory upheaval in sight, WealthBriefing research has found that 76% of wealth managers believe technology plays a crucial part in fulfilling compliance obligations. Moreover, 94% believe technol- ogy could play an even greater role1 . As the data on processing times and frequency on p25 show, CDD is evidently one such area. “We are focused on ensuring that we have the right resource and expertise in all regions to support enhanced KYC reviews and supplementing this as necessary, both from an employee and - more so this year - from a technology perspective,” said Chris- tian Berchem. In fact, a number of C-level executives have told WealthBriefing that although they have been hitherto primar- ily focused on hiring to support enhanced KYC procedures, 2016/17 will be about addressing technology enhancements to enhance productivity. This matches Alessandro Tonchia’s experi- ence, who said that firms may have been largely focused on bolstering compliance head count in recent years, but the tide is now beginning to turn due to the urgent need for cost savings and simple market forces. “Every time a major breach is detected, in- stitutions’ first instinct has been to hire - be- cause they feel that more people shows more goodwill, more quickly to the regulator,” he said (the UK regulator has followed the US in asking how much firms are spending on compliance). Compliance officers’ stock rises ever higher as a result, triggering a battle for talent which has seen average remunera- tion for director-level compliance profes- sionals hit £107,617* (US$154,924) among London’s wealth managers, according to recruiter Morgan McKinley2 . Ben Harris, compliance manager at Mor- gan McKinley, confirmed that compliance recruitment in wealth management has been “extremely busy” in the past year and is set to continue to be so over 2016, with most institutions having to hire large proj- ect teams of CDD specialists to remediate client files and onboard new business. “Wealth managers have had their fair share of AML issues over the last 12 months and the regulator has demanded they get their house in order. This has led to increased hiring, which has driven up salaries and made the wealth management talent pool very shallow,” he said. “Day rates for AML staff within a private bank are on average £500 ($726) per day in the UK and candi- dates moving on a permanent basis can expect a 20% pay increase on average.” Interestingly, Harris also highlighted grow- ing demand for specialist advisors on regu- latory developments as another symptom of firms’ struggle to stay ahead of a raft of new rules. “Most wealth managers will now have a dedicated professional covering this, whereas in the past it would have been a generalist covering numerous tasks,” said Harris. “Salaries will start in this space at £80,000 ($116,000), depending on expe- rience, and go upwards from there. This is again a very candidate-short pool.” Even when implementations are pushed back, this often still affords scant breathing space for those behind in their preparations 63% 33% 4% Increase Remain the same Decrease FIGURE 1: Will your institution’s CDD spend change in the next year? Every time a major breach is detected, institutions’ first instinct has been to hire - because they feel that more people shows more goodwill, more quickly to the regulator. SECTION 1 QUANTIFYING THE KYC RESOURCING CHALLENGE 44% 44% 11% Headcount Technology Outsourcing FIGURE 2: Where CDD spend will increase, where will this mainly focus?
  • 13.
    13SECTION 1 –QUANTIFYING THE KYC RESOURCING CHALLENGE due to the wide-reaching ramifications of new rules. In February 2016 the European Commission pushed the MiFID II deadline back a year to January 2018, citing the “ex- ceptional” challenges firms and regulators face to prepare, and clarifications to the new rules are still to be issued. Against this back- drop, those with experience of rapidly get- ting an institution up to speed with new rules (and remediation) will be highly sought after. The challenge of hiring compliance ex- perts with the right skill set is only going to get harder in the years ahead, in part due to the fact that, in the words of Don Andrews, “the future of compliance is in technology”. As he pointed out, the whole compliance function needs to have a good understanding of technology as it is impos- sible to carry out activities like suspicious activity monitoring robustly otherwise, but at the highest levels the trend seems to be towards compliance chiefs being asked to sign off on the soundness of their systems (see p29). CCOs must have multi-disciplin- ary knowledge base to match the broader and weightier responsibilities they are being asked to bear. “Thinking of what the CCO of ten years’ time needs to look like, they are going to require a very strong sense of technol- ogy and of complex investments like de- rivatives and structured products,” said Andrews. “They are also going to have to be incredibly astute with respect to inter- preting laws and requirements, and deal- ing with multiple regulators globally in cross-border scenarios.” “Being able to manage all this - and the different ways institutions are structured, from a legal or governance standpoint - that’s the profile of quite a remarkable individual,” he concluded. It seems then that wealth managers are very much at the mercy of labour market forces in compliance. While the 20-30% pay increases seen in mature jurisdictions are startling enough, in fast-growing and talent-constrained jurisdictions like Hong Kong, jumps of 40% or even more are not uncommon. “It is now becoming prohibitive to hire,” Tonchia concluded. “The sheer ex- pense of finding and paying for compliance skills means that people are more open to doing more with technology by necessity.” A TENTH OF HEADCOUNT; A TENTH OF TURNOVER? To underscore the mag­nitude of the over- all compliance costs being imposed, in 2015 the global financial services sector was predict­ed by Celent to spend $50bn on risk management and associated regu- latory compliance, with each Tier 1 bank spending $0.5bn. Compliance costs have long been dent- ing profitability across the board, with AML accounting figuring highly: some UK in- stitutions are estimated to be spending £660m ($950m) each a year here3 . Howev- er, as the panel noted, smaller institutions will generally bear a greater quantum of this burden due to their larger peers’ abil- ity to leverage economies of scale in both technology and staffing, and to share niche expertise. “The smaller you are, the greater the pro- portion spent on compliance. Down at the bottom you may be spending 10% of turnover; if you’re medium it could be 5%, and at the top it might be 2-3%,” said Chris Hamblin. “Institutions must also have legal expertise, in particular in esoteric areas such as letters of credit. Big banks will have a handful of experts, so you can deal with emergencies faster and need fewer people to cover the same ground.” Of course, CDD requirements are just one part of institutions’ increased need for compliance expertise, as adjustments in regulations such as UCITS V and AIFMD have spelt the implementation of new con- trols, policies and procedures. Heightened client screening needs are no doubt a big driver of the startlingly large compliance drives of recent years, however. Several global banking groups are known to have hired several thousand compliance staff in 2015 as new regulations came into view. Yet the experts argued these numbers should not obscure the challenge of secur- ing the senior expertise required, and the costs of hiring specialised veterans. “One of the biggest industry challenges is cor- recting the inaccurate assumptions - or ba- sic data gaps - on previous regulatory re- quirements, and as such there is increased spend on experienced staff for remedia- tion purposes,” said Thomas Morley. Thinking of what the CCO of ten years’ time needs to look like, they are going to require a very strong sense of technology and of complex investments like derivatives and structured products. For Anti-Money Laundering purposes, “Know Your Customer” is synonymous with “Customer Due Diligence”, a phrase invented by the Basel Committee in the early noughties. The UK tends to use KYC and CDD interchangeably, while the EU prefers CDD, as does the Paris-based (although strongly US- influenced and German-backed) Financial Action Task Force. Variations including “client screening”, “global screening”, and “background screening/checking” are also commonly in use. The KYC/CDD process breaks down as follows: First is client identification or client verification at the account- opening stage, where institutions are carrying out background checks and gathering supporting documents (note that in UK regulatory language the individual is called an “applicant for business” rather than a client). Sometimes this involves an element of reliance, in that the cli- ent may be new to the jurisdiction/institution in question but has previously been served by a reputable institution within an “equivalent” jurisdiction. Central to the verification stage is documenting source of funds and source of wealth, with both phrases used ubiquitously. For the former, an institution investigates where the funds it will be handling come from (there may be other funds elsewhere); for the latter it examines why the person is wealthy and where the wealth comes from. KYC/CDD also entails ongoing monitoring, which includes trans- action monitoring, but also more in-depth checks to ensure that nothing of concern has emerged in reference to a client – such as adverse media or new connections to PEPs. CLARIFYING KEY TERMINOLOGY
  • 14.
    14 Towards TrueKYC: Technological Innovations in Client Due Diligence Nor is it just a case of fewer people hav- ing the necessary understanding the more esoteric a policy area or market is; it is also how that understanding is applied. Those who can balance business development and the thornier compliance issues are a very scarce resource, it was said. IRREGULAR NEW BUSINESS FLOWS Compliance is said to account for about a tenth of headcount typically, with salaries rising faster than those of revenue-generat- ing employees in some growth markets. So, although under-resourcing is dangerous, over-resourcing in compliance is something to be avoided perhaps as much. Compliance officers may be carrying out the full gamut of regulatory duties in ad- dition to CDD and arguably today there is scant chance of them being under-em- ployed for very long – particularly at small- er institutions, where the survey found that 88% of sub-£500m ($345m) AuM firms have maximum of five compliance personnel. Yet CDD is an area where it can be particu- larly difficult to get staffing levels right due to irregular new business inflows, the panel observed. “KYC resourcing issues relate to the need for the right experience level covering our global footprint,” said Berchem. “Good practice would include sharing resources where possible and careful business plan- ning to accommodate anticipated peaks and troughs - as you would do with call volumes or any other work of similar nature which is resource intensive or variable in volume.” Accurate planning may be difficult, how- ever, and Mark Spiers confirmed that this is frequently a focus of Bovill’s consultancy work. “We see lots of firms struggling with the number of people to put at the end of the process because it sometimes goes in peaks and troughs: you have busy seasons and then you don’t,” he said. A degree of over-staffing may be prefer- able to heightened regulatory risks and op- portunity costs, but as the panellists noted, it is far easier to gain than shed headcount and over-staffing can easily become very expensive - particularly when a niche seg- ment is involved. In addition to headline recruitment and salary/bonus costs, over- resourced firms will also likely have to con- tend with the costs of seating personnel in expensive wealth management hubs (start- ing at around $2,000 per month for each individual). Some firms are grappling with whether CDD resourcing should best sit within the opera- tions or compliance function as they care- fully examine and optimise their processes. However, compliance cost pressures appear to be catalysing far more dramatic opera- tional overhauls too. The experts observed that wealth managers are increasingly at- tempting to centralise their operational and compliance resourcing for CDD in lower- cost countries such as Poland. Predictably, however, firms are not as open to the pos- sibility of sharing compliance teams and fa- cilities with their peers, it was said. “Given all these pressures, it’s no surprise that wealth managers want technology providers to help them hire fewer people and then enable the ones they do hire to be more productive,” said Tonchia. As he explained: with the first aim, technology helps address the fact that wealth manag- ers are chasing new business across several markets highly disparate in terms of lan- guage, culture, media reliability, bureau- cratic quality and regulation. There is therefore often a need for what were called “the very special specialists” to cover each market, with future volumes still unpredictable. The number and deploy- ment of these in-demand, well-remunerat- ed compliance officers therefore has to be aggressively optimised. “Technology makes it possible for insti- tutions to hire fewer people for each na- tionality of client. Better use of technology might even mean you don’t necessarily need the Chinese or Russian specialist,” said Tonchia, noting that often volumes of a particular nationality can be too small to justify additional headcount. As Tonchia explained, technology which analyses documents for red flags in a variety of the tougher source languages, particu- larly those using non-Roman alphabets, can be a huge boon in cost and efficiency terms. “It causes real issues when you’re hitting websites only to find they are written in Rus- sian and you can’t even make a start,” Mike Toole confirmed. “You can start to get re- ally frustrated then without an efficient and reliable translation solution.” Cutting down translation costs is desirable in itself, particularly when multiple languag- es might be relevant. However, just as im- portantly, native language analysis also en- ables compliance officers to independently carry out preliminary screening to identify absolute non-starters at the earliest oppor- tunity. This not only minimises wasted time nurturing a relationship, but also allows firms to make better informed outsourcing decisions, the panel noted (see p16). As Figure 3 shows, wealth managers es- timate that screening high-risk clients currently requires an average of 5.4 man hours of work, with medium-risk prospects KYC resourcing issues relate to the need for the right experience level covering our global footprint. Good practice would include sharing resources where possible and careful business planning to accom- modate anticipated peaks and troughs - as you would do with call volumes or any other work of similar nature which is resource intensive or variable in volume. MEAN (HOURS) FIGURE 3: How many man hours of work would you say it takes to screen low-, medium- and high-risk clients at your institution? STANDARD DEVIATION 1.6 2.5 5.4 1.08 1.57 3.75 Low-risk Medium-risk High-risk clients
  • 15.
    15SECTION 1 –QUANTIFYING THE KYC RESOURCING CHALLENGE taking 2.5 hours and even low-risk ones taking 1.6 hours. The very much higher standard deviation seen for high-risk cli- ents (3.75) versus low-risk (1.08) should be noted, however. The vast majority of firms of all sizes are able to screen a low-risk prospect in around two hours, yet a fifth of firms are taking double the peer group average time to screen a high-risk client. As discussed opposite, in reality a large part of the new wealth institutions are now chasing derives from markets for which giv- ing clients a clean bill of health is inherently tougher. Investments today are focused on maxi- mising automation and applying new tech- nologies drawing on big data topographic algorithms and semantic search to sift and sort thousands of online documents – and institutions are said to be achieving very impressive efficiency gains in CDD as a re- sult. Tonchia has seen efficiencies as great as 90% achieved in the bulk rescreening of low-risk clients following new technology adoption. Automation is clearly integral to maximis- ing productivity as 80% of most institu- tions’ clients will present no issues, the panel noted. Furthermore, achieving these efficiencies is foundational to the compli- ance function fulfilling its tricky dual remit of mitigating risk and facilitating business growth. Relieving compliance analysts of much of the burden of identifying red flags so they can focus on assessing them will ensure that senior expertise is deployed where it will have most impact – whether that turns out to be in protecting the busi- ness from regulatory and reputational risks or ensuring that all business which can be compliantly taken on, is. ALL HANDS ON DECK The panel also highlighted the better use of junior analysts and researchers’ time as a priority, as part of a more efficient use of in- ternal resourcing to better cope with peaks of new business. As discussed, for both sup- ply and cost reasons, top-level KYC roles are hard to fill and recruiters serving the wealth management sector have told Wealth- Briefing it is increasingly difficult for wealth managers to source candidates who are appropriately qualified for roles involving onboarding new business specifically. Although tough decisions must be made at senior levels, there is scope for junior com- pliance officers to be more productive and take a more collaborative approach with their superiors, it was suggested. “We can allow all internal staff to do more, includ- ing the junior ones, because our system interleaves data sources and the informa- tion is presented in the right format to aid decision-making and enforce compliance policies,” said Tonchia. As discussed on p29, smoothing the process of junior ana- lysts calling on senior expertise is key here. BROADER SCREENING The panellists were unsurprised that nearly eight in ten institutions ask their relation- ship managers to initially screen clients, rather than have compliance wholly re- sponsible, or outsource to a business ad- ministration provider as some respondents specified. While prospective clients may not get run through any databases in the earliest stages (although they may if tech- nology investment has made this efficient), the experts observed that best practice will see RMs trained in the risk matrix their firm is applying and so well aware of what they should be focusing on when assessing which relationships to pursue. Not only are RMs the first line of defence in risk management and the guardians of their organisation’s reputation; their time must also be focused where it will be most productive. Unless potential compliance issues are detected as early as possible, much work across business functions may be wasted. The authorities certainly want client screen- ing to commence at the earliest opportuni- ty. Clarifying the UK regulator’s position for this report, Rob Taylor, head of investment management, said: “The FCA expects all private client firms operating in the UK and advising clients to work to the highest standards of KYC due diligence possible. Best practices include KYC being done on prospective clients before they are even visited and rigid control over clients coming from high-risk jurisdictions.” Given the inefficiencies (and possible inac- curacies) implied by firms carrying out light- touch initial screening and then compre- hensive screening, it makes sense for firms to carry out the latter in the first instance where labour-saving tools permit this. There is also an important distinction to be made between a relationship being entered and a client account becoming fully funded and active – and therefore a revenue gener- ator. Completing CDD at an early stage sig- nificantly reduces barriers to progress here. As Chris Hamblin observed of the UK’s Mon- ey Laundering Regulations 2007, rule 9(2) re- quires the identity of the customer (and any beneficial owners) to be verified before the establishment of a business relationship. However, 9(3) contains a carve-out that this can be done during the establishment of a business relationship, if this is necessary not to interrupt the normal conduct of business and if there is little risk of money laundering or terrorist financing, provided that verifica- tion occurs as soon as practicable after con- tactisfirstestablished.Thebusinessrelation- ship can commence but actual transactions are not permitted before verification has occurred, as per Regulation 9(5)(b). An important but perhaps easily overlooked element of the screening workload stems fromthemajorityofwealthmanagerscarrying out enhanced due diligence on parties other than prospective clients: almost 79% carry out full screens on prospective employees 78% 22% Yes No FIGURE 4: Do RMs at your institution carry out initial screening on prospective clients? FIGURE 5: Which parties other than prospective clients does your institution currently carry out full due diligence checks on? 79% 77% Prospective employees Prospective partner companies
  • 16.
    16 Towards TrueKYC: Technological Innovations in Client Due Diligence and 77% check prospective partner com- panies to head off risks like fraud and reputational damage. The experts confirmed that employee DD is essential in a private client context and that here proprietary databases do extremely valuable “double duty”. “For employees we reserve the right to run them through World- Check and Experian to find out if there are any problems with them and if they have any financial issues, because that’s obviously a risk to the firm,” said Dominic Crabb. “We certainly do credit checks on prospec- tive employees, because at the end of the day we’re giving them access to HNWIs’ details,” added Toole. “We do that right down to the cleaners in the office.” While not all firms are hiring in great vol- umes, some are and so the ability to screen recruits and candidates easily is vital. Simi- larly, many firms are entering multiple third- parties arrangements as operating and business models evolve and, as the survey showed, robust due diligence on these is also a priority. As Crabb explained, firms can be comfortable working with a regu- lated entity like a custodian bank in a repu- table jurisdiction, however, with other or- ganisations more attention has to be paid to questions like what the world is saying about them and who is on the board. Screening new recruits and third-parties may be a relatively small addition to the DD workload, but they are an appreciable burden that makes them yet another driver towards the better use of technology. In the experience of the panellists, at most firms these checks are currently carried out manually. The efficiency-savings and risk management improvements automa- tion could bring are clear. As with clients, it may be only the thousandth document that uncovers a potential partner firm has dis- tasteful business connections or activities, making the value of semantic search tools that can “read” multitudinous documents and databases in minutes clear. Further evidence of regulators’ leanings on employee DD may be seen again in the UK, where the FCA and Prudential Regulation Authority are set to subject all top employ- ees at institutions - though not yet CF30s - to a “regulatory reference” (CF30 is the “cus- tomer” function - giving advice, managing investments, dealing etc.). This means that all prospective employers would demand various references before employing indi- viduals – and these are to include any con- clusions that a conduct rule was breached and details of the outcomes of any disciplin- ary action, going back five years. CF30s are not earmarked for this process, but the Se- nior Managers and Certification regime was first intended only for banks and will now apply to all financial firms, Hamblin warned. Under the SMCR, from March 2016 regu- lators can fine or sanction senior bankers for misconduct that occurs in their areas of responsibility, including CDD procedures. Research by LexisNexis Risk Solutions4 has strongly indicated that increasing levels of personal liability may exacerbate the short- age of senior AML compliance officers in the UK: half of such professionals predict the SMCR will make their jobs more or a lot more stressful. More strikingly still, 54% say if they had the opportunity they would choose another career path in light of the increased personal liabilities. Importantly, 13% of ex- ecutives believe a lack of personnel in their risk function is the biggest single emerging financial crime risk they face in the next 12 months – a figure which also underscores just how time-pressed some employees must be. OUTSOURCING: A PRECIOUS RESOURCE THAT MUST BE USED WELL It was found that almost a third of firms use some form of outsourcing in CDD currently and a tenth plan to focus increased spend on this in the coming year, underscoring the important role third-party providers play in the resourcing puzzle. The reasons for wealth managers’ growing need for their services are of course inextricably linked to their expanding number of markets and the fact that each segment and jurisdiction presents its own unique challenges. Here, as with so many other elements of compliance, a whole ecosystem of out- sourcing providers has flourished under the harsher regulatory glare of recent years. LANGUAGE BARRIERS The need for linguistic skills is one of the main reasons for outsourcing in CDD since, as Tonchia observed: “If you’re searching for Chinese clients and you cannot read Simplified or Traditional Chinese, you’re missing things by definition.” But while the need for translation services cannot be eradicated, it can be significantly reduced. “We catch red flags by scanning the Chi- nese, Russian or Arabic text in the original and then provide automatic translation so you only call in an external translator when you really need to,” he continued. Many institutions have an urgent need of such capabilities, in his view: due to chang- ing wealth creation trends there are teams sitting in Hong Kong and Singapore on- boarding clients mainly from China and Indonesia, but with little or no internal compliance capabilities in their languages. To illustrate another productivity benefit from native language analysis, Tonchia de- scribed how - with traditional keyword searches - an actor could trigger a red flag because they starred in a film about terror- ism, but with semantic technology this entry can be automatically dismissed. UNKNOWN TERRITORY As discussed on p18, PEP screening is chief among the difficulties facing wealth man- agers, particularly the fact that quite deep knowledge of the relevant political land- scape is necessary to make an informed More strikingly still, 54% say if they had the opportunity they would choose another career path in light of the increased personal liabilities. Unsurprisingly, 13% of executives believe a lack of personnel in their risk function is the biggest risk they face in the next 12 months. 68% 32% No Yes, in part Yes, wholly FIGURE 6: Does your institution outsource its KYC function?
  • 17.
    17SECTION 1 –QUANTIFYING THE KYC RESOURCING CHALLENGE decision on whether to onboard. The need to use external intelligence provid- ers for support across an expanding global business is probably equal to language re- quirements in driving the fact that 32% of participants use outsourcing in CDD. For Crabb, the vastness and somewhat arcane nature of some key markets – like Russia and China – also makes the “manual overlay” outsourcing providers offer one of their key selling points. Such firms can often bring an immense, very well-con- nected network to bear (including perhaps journalists and people in office) to supple- ment public information that might not be readily available in certain jurisdictions. “If a prospect comes from an obscure town in Eastern Russia or city in China, they can really dig into it through people with on- the-ground knowledge,” he said. “It might be that there’s no risk in terms of bribery and corruption, but he is involved in po- litical decision-making, he is on certain committees or close relatives are linked to activities we are uncomfortable with.” As John Whick pointed out, the relative immaturity of some markets in terms of professional services providers is particu- larly a factor for arrivals on investor visa programmes, as compliance groundwork may not have been well laid in advance. “Specialists are useful if we get what you might call a ‘naked client’, who hasn’t got an accountant, lawyer or immigration team attached,” he said. “It is worth it for difficult cases when you’re looking at two inches of files to get through.” A further point to emerge here is that time is often of the essence when screening clients entering a country on an investor visa – lest their plans be jeopardised. The fact that external intelligence providers can typically produce an entry-level report within 48 hours and the most in-depth with- in a few weeks could be the key to winning new business. CARE REQUIRED Third-party reports can be extremely use- ful, and may constitute an efficient way to fulfil sporadic coverage needs, but their cost means they must be deployed careful- ly, the panellists said. Wealth managers pay £2-3,000 ($2,880-4,320) per in-depth report and may of course never onboard the pro- spective client. Some institutions ask that prospective clients bear these costs and it is arguably a useful exercise for some individuals to carry out. As Hamblin highlighted, firms will never- theless be grateful for the number and va- riety of authoritative sources of information they can draw on today: in the past, private investigators were sometimes the only re- course for firms that wanted to scrutinise clients from developing nations. For wealth managers grappling with a subtle case, it can be incredibly useful to receive a report produced by a specialist that gives clear conclusions in the form of a tiered traffic light system or numerical risk scores based a range of key metrics. Yet, as the panellists pointed out, institu- tions can never outsource responsibility for CDD decisions and so a green light from a third-party can only go so far. In the words of Jonathan Kirby: “Third-party help is very useful, but it’s not going to get you out of trouble with regulators.” The fact that several outsourcing organisa- tions have spun out of law firms is testament to the quality of leading CDD specialists. Yet, as the panellists said, amid a prolif- eration of providers internationally and an explosion of new wealth creation centres, institutions may have valid concerns. They may lack confidence over whether external CDD will be signed off at a senior level, or carried out in enough depth to really add value and mitigate risk. “There’s nothing worse than paying thousands for an ambig- uous report which just tells you what you already knew,” said Toole. “There needs to be a more balanced scoring system that gives a risk weighting indicating whether you should be worried or not.” A degree of circumspection over third-par- ty reports being carried out in good faith also seems warranted, particularly when cli- ents are often asked to pay for these them- selves. “Many are very reputable, but there are some that are hungry for business and so might write something favourable or minimise negative media,” one executive observed. Interestingly, this type of risk is said to be spurring firms with the technical capabilities to take the step of carrying out full DD on report providers, as well as all the other possible subjects. Due to these factors, Tonchia increasingly sees banks preferring to prepare special CDD reports internally today and using a mixture of technologies to help them achieve this efficiently. “With new solutions you can collate the information that goes on that report much faster and often with the same reliability you get with a human operator, just because a technology can be more thorough in ‘reading’ thousands or even millions of documents to identify the key information automatically,” he said. “The technology doesn’t solve everything, but by helping you leverage your internal researchers and compliance officers, and giving them all the elements to come to a conclusion quickly, it might make those external services less relevant, or relevant only in extreme cases.” A further incentive here is of course one of wealth managers’ prime considerations: data privacy (see p33). “Outsourcing is not only expensive for banks, it is also in itself a challenge to secrecy because you’re let- ting client names go to your provider,” said Tonchia. “They will sign a Non-Disclosure Agreement, but clearly the more people who know about this relationship, the more it might leak.” The technology doesn’t solve everything, but by helping you leverage your internal researchers and compliance officers, and giving them all the elements to come to a conclusion quickly, it might make those external services less relevant, or relevant only in extreme cases.
  • 18.
    18 Towards TrueKYC: Technological Innovations in Client Due Diligence SECTION 2 MAJOR KYC PAIN POINTS AND THE RISKS THEY REPRESENT As Figure 7 shows, the KYC process holds many frustrations, with PEP/watch list screening and proving source of wealth/ funds tied at the top, and data capture and document collation next behind. The many challenges coming under the auspices of each of these top two (arguably inter- linked) pain points merits their clear lead. However, given that respondents were asked to identify the most frustrating part of the process, other pain points are also clearly weighing heavily on firms. 1. PROBLEMS WITH PEP/WATCH LIST SCREENING False positives and their cost The fact that PEP and sanction list screen- ing is causing most frustration was no sur- prise to the panel due to there being so many overlapping challenges for firms to contend with, some being more techno- logical/procedural in nature and others philosophical. Both, however, impact ef- ficiency. The most obvious problem is that of “false positives”, since institutions are typically screening on the basis of a name, country and perhaps year of birth and this can gen- erate thousands of similar hits. Here, cultural naming customs are a fac- tor. The ubiquitousness of some names can make screening clients from certain markets difficult. The Hispanic convention of conferring two family names can also be problematic; being known by a paternal, maternal or hyphenated surnames all be- ing possible. Complicating matters even further are the Anglophone names those from non-Western cultures often adopt Amid these issues, firms have to keep initial searches broad to catch hits across all name permutations, the panel said. Correspond- ingly, while they may feel tools like World- Check are over-sensitive, there is also a rec- ognition that this is necessarily so. As one executive remarked, no information provid- er will want to assume liability for deciding whether a hit relates to a client or not. While having to dismiss a large number of false positives from initial results is a tire- some task, it is an unavoidable one due to the desirability of “fuzzy matching”. “Efficiency can be improved by inserting prospects’ middle names when searching, for example, but the risk of this is that this may seriously limit the information which is pulled back,” said Thomas Morley. Furthermore, fuzzy matching may also even have to extend to dates of birth as these may have been recorded/reported incorrectly. “You want to see some of those mistakes, so a perfect match on the client’s birthday or even age might be counterpro- ductive,” one executive said. Fuzzy matching may be wise, but the costs associated with dealing with false positives can run into the tens of millions every year, Chrisol Correia, international head of AML compliance at LexisNex- is Risk Solutions, pointed out. His firm estimates that in the US, individuals working within a Level 1 alert remedia- tion function typically earn $50-70,000 and that 75-85 of every 100 AML operations analysts are fully dedicated to confirming and closing false positives. “In dollars, this translates to over $5m each year per every 100 AML operations analysts,” Correia said. “Large financial institutions typically have teams of over 1,000 AML operations analysts, thus the expendi- ture devoted to confirm and close false positives is well over $50m a year for these organisations.” According to Correia, the primary causes of false positives are gaps in institutions’ own client records or in the data they exchange with others through their electronic wire transfer networks. Plugging these gaps through more intensive questioning alone raises client experience concerns that may mean more investment in technology and data is key in solving these issues. Of course, the leading proprietary data sources are highly configurable (a toler- ance of around 80% in matches seems to be best practice). To help firms deal with false positives even more proactively, Alessandro Tonchia highlighted two tech- niques users of tools like smartKYC can deploy. The first is intelligently scoring and disambiguating information to screen out hits with non-matching characteris- tics; the second is intelligently subjecting different types of information to semantic analysis. FIGURE 7: Which element of the client screening process causes the most frustration at your institution? 29% 29% 17% PEP/watch list screening 11% 9% 6% Source of wealth/source of funds Capturing data and collating documents Negative impact on the client experience/relationship Adapting to regulatory change and jurisdictional differences Trusts and Ultimate Beneficial Owner issues Efficiency can be improved by insert- ing prospects’ middle names when search- ing, for example, but the risk of this is that this may seriously limit the information which is pulled back.
  • 19.
    19SECTION 2 -MAJOR KYC PAIN POINTS AND THE RISKS THEY REPRESENT “We’ve found it very effective to interleave structured data like name, passport num- ber and date of birth, with unstructured information from the press and social me- dia,” he said. “So, if you are screening a person who 25 years old, you can dismiss articles about somebody who studied at Harvard in the ‘60s because you can infer there is no logical match between the two.” Evolving standards; an expanding PEP population False positives are clearly a big issue, but again one largely solvable by correctly configured technology. A far broader, and arguably thornier, challenge around Polit- ically-Exposed Persons is defining param- eters in an area where the interpretation and interplay of regulatory requirements is fraught with ambiguity. Even the defini- tion of what constitutes a PEP is problem- atic, and while the EU’s Fourth Anti-Money Laundering Directive (MLD IV) seeks to remedy this, the general consensus seems to be that it has only partially succeeded. MLD IV expands the definition to include domestic prominent public function hold- ers and requires institutions to screen their clients for domestic PEPs. Furthermore, as EY has warned, application of the Directive is tending towards firms being forced to treat all PEPs, either domestic or foreign, as high-risk. As a result, many firms will have to significantly increase the amount of searches they carry out to identify PEPs and then apply enhanced CDD measures to a far greater proportion of clients. Along with having far more PEPs to manage and monitor, there may also be a need for significant back-book remediation. While Simplified Due Diligence can cur- rently be applied to certain categories of client, MLD IV drastically reduces the cir- cumstances in which SDD applies. Instead, SDD will have to be justified on a case-by- case basis on the basis of a holistic risk assessment. EU states will have to take a view on the money laundering and terrorist financing risks their jurisdiction represents as part of this process. The industry now awaits further technical guidance from the European Supervisory Authorities on de- termining whether Simplified or Enhanced DD applies. Globalisation For institutions operating globally, pick- ing a path through the various applicable regulatory standards can be trouble- some, the panel said. Global standardisa- tion with minimal local deviations is what most firms will be seeking in operational efficiency terms, and to deliver a consistent experience to clients operating interna- tionally while leveraging information held elsewhere in the group. Here, some firms are already taking a “super-equivalence” approach of applying tough US or UK standards across the board, but here the experts urged common sense. (Several sur- vey respondents specifically identified go- ing beyond local requirements as a source of client annoyance.) Emma Radmore argued that although firms should try to apply the highest global standards, they also need to strike a sen- sible balance. “Due diligence on a Cana- dian client will be adequate for Canadian purposes, but may not be completely so for UK purposes. If this client is not going to have anything to do with the UK, can you say that on a global level you’re still compliant so long as it complies with local policies?” she said. “As long as you’ve got a procedure that correctly identifies which laws you have to comply with and a procedure that clearly identifies when you may be able to depart from those - and it doesn’t become an accepted norm - then I think it can work. A policy that doesn’t recognise that is probably doomed to failure.” Dialling thresholds up…and down As discussed, wealth managers are diver- sifying away from mature markets like the UK and US where it is easier to gather in- formation, to target newer markets like China, the Commonwealth of Independent States, Middle East, Russia, Latin America and Africa. Dramatic geopolitical shifts in growth markets mean policies, procedures and systems can rapidly fall behind, over-sensi- tivity to Iran perhaps being a case in point going forward. However, the real challenge represented by clients linked to these countries is simply that they are places where documenting source of wealth/ funds is harder and PEP issues are com- moner. “One of the particularities of these re- gions is that wealth is often created with a nexus with a PEP, or there is an element of PEP in the file, so we have to be very well-equipped internally to deal with these issues” said Xavier Isaac. As such, com- mentators have observed that firms really face a binary choice between ramping up technology investment or limiting the markets they target business in. As was pointed out, while someone con- nected to a PEP from a financial or business perspective might not necessarily go on a PEP list, best practice dictates that they still face similar DD. “Family members have to be treated as PEPs, as when you’re looking at the risk of corruption it’s often the case that people don’t put assets in their own name,” one executive said. Here again, media searches come to the fore. “Official lists are precise on actual PEPs, but we help where they perhaps aren’t so effective – in finding PEPs among friends, family and business partners,” said Ton- chia. “We can find out dynamically from business gazettes, company databases, blogs and social media if someone is a close associate.” Even more pertinently, media checks counter the risks inherent in many databases having a six-monthly up- date cycle. “You need to be ‘reading’ infor- mation in real time on the web of today to get a fresher sense of the client and catch things before a database may register they’ve happened,” he continued. On the flip side, institutions also need to be able to dial down systems’ sensi- tivity in line with their own risk policies (and a common sense overlay). As Jona- than Kirby highlighted, the Channel Is- lands’ position is that once someone is a PEP they always are, even 20 years after leaving office. Yet clearly at these dis- tances of time, or where an individual was only a minor official, there is arguably limited potential for financial foul play. “Your father might be listed as a PEP if he was in politics 30 years ago, but the chanc- es you are both corrupt are low. Our sys- tem would read biographical information semantically, see that he hasn’t been in office for 30 years, and downgrade the red flag,” said Tonchia. “Banks have dif- ferent policies to judge how relevant and time-critical certain roles are. We can do post-processing of what is found on World-Check and determine that actually someone is a junior PEP or not one at all according to policy.” One of the particularities of these regions is that wealth is often created with a nexus with a PEP, or there is an element of PEP in the file, so we have to be very well-equipped internally to deal with these issues.
  • 20.
    20 Towards TrueKYC: Technological Innovations in Client Due Diligence As Correia concluded, the risk-based ap- proach may have its complexities but it re- mains the best way of focusing on those cli- ents with the most potential to damage the institution and not turning down business unnecessarily. “There are millions of PEPs in the world and hundreds more elected each day,” he said. “Normally there is nothing wrong and in fact they are often desirable clients.” In a rapidly-changing world, institutions must ensure they can stand up to future scrutiny of their onboarding decisions and attempt to anticipate what might be termed “unknown unknowns”. “Four years from now there may have been a revolution and you may have the authorities ques- tioning why you onboarded this PEP with negative news,” one compliance expert observed. “You have to be able to answer well.” The wealthy have ever been the target of spite, yet the wise would never dismiss ad- verse media out of hand, the panel warned. As Mike Toole remarked: “You need to ap- ply a common sense overlay to the assess- ment process, thinking forward, conscious that context and goalposts change; some people aren’t on the watch lists and should be.” (Several executives said they have indeed seen anomalies, in fact.) As the panellists argued, better use of technology is vital in this sense because institutions cannot be omniscient (and nor, arguably, are they expected to be). Rea- sonable justification is the key. “Trying to stay on top of the changes in governments and how they affect an institution’s client base is almost impossible,” Correia said. “The best way to protect yourself is to have a good decision-making process, but also a well-documented process.” The prevalence of PEP risks among UHNW and international clients means they are traditionally those taking longest to onboard, since the process of clearing them has to be far more discursive, the panel observed. “It’s questions like: Is source of funds/wealth clear? Is there anything that I can’t explain? Why are they a PEP, and why might that influence be used to their benefit in ways that would cause issues,” said Kirby. “You can’t really have a checklist with PEPs, you have to find the answers to those ques- tions and then delve further.” While institutions no doubt crave certi- tude, the crux of the matter is that there are seldom simple answers, the panel point- ed out. “Dealing with PEPs is nebulous and not just a case of looking at a list,” said Chris Hamblin. “The operative word is reputation: that’s what the FATF and the regulation says is the guiding principle.” As will be discussed in Section 3, increased media searches are a vital piece of the CDD/marketing puzzle. Some blog posts may well be specious overall, but they might still reveal that an individual or com- pany operates under another name. Simi- larly, information-heavy Wikipedia is useful for disambiguating information, but can be incredibly onerous to pick through. Using multiple media sources has to inform rath- er than cloud decisions, the experts said. Amid such complexity, Roopalee Dave said top-level advice from EY is to liaise with industry associations, peers and consultancies on leading practice and industry standards, and to anticipate where regulation is heading by studying the rationale of enforcement ac- tions. (A detailed roadmap is set out by EY in its Global Information Security Survey 2015, Creating trust in the digital world). “Reviewing internal risk controls in tandem with the current cli- ent base and future business strategy is then vital in highlighting the main risk areas and where PEP controls may need tighten- ing,” she said. Importantly, enterprise and business unit-level AML risk assess- ments will need examination in light of national risk assessments and the ESA Opinion in the case of MLD IV, Dave continued; then firms will need to carry out ongoing policy reviews in line with changing external factors like changes to sanctions lists. EY is also urging firms to carry out root cause analyses of their management information on internal gaps or areas of non- compliance to identify where process, monitoring and control checks or training interventions are needed. Ultimately, the experts argued that institutions have to empow- er themselves to cope with the finely balanced decisions they are having to make as they respond to both internal and exter- nal shifts. “You have to be able to calibrate your systems to bal- ance risk and efficiency, and adapt as the landscape changes,” said Tonchia. The very significant changes discussed overleaf emphasise this need. EY’S LEADING PRACTICE ADVICE Trying to stay on top of the changes in governments and how they affect an institution’s client base is almost impossible. The best way to protect yourself is to have a good decision-making process, but also a well-documented process.
  • 21.
    21SECTION 2 -MAJOR KYC PAIN POINTS AND THE RISKS THEY REPRESENT Sanctions: shifting sands As Figure 8 illustrates, some wealth manag- ers are more comfortable with the more chal- lenging markets than others, yet Iran, Sudan and Russia are universally seen as high risk. The two headline recent changes in this space have been in opposite directions: moves to ease international sanctions against Iran (and unfreeze some $100bn of funds), and the imposition of sanctions against Russian corporations by the UK government and others. Iranian sanctions have been a massive compliance issue for wealth managers, with the US issuing a record-breaking sin- gle-institution fine of $8.9bn for breaches in 2014. Now, firms are eyeing opportu- nities, yet the country will still have to be approached with caution, experts warn. Iran might be subject to “snap-back” re- imposition of sanctions in the case of re- cidivism on its arms programme and new secondary sanctions have already been tabled. (2015 guidance from the US Office of Foreign Assets Control said contracts with Iranians should be dissoluble if Amer- ica or Europe reinstates sanctions, and in fact, most US persons will still be prevent- ed from transacting in Iran). The easing of sanctions cannot, therefore, be treated as a permanent matter and systems need to be able to flex significantly to cope. Beware beneficial ownership “Ever-changing sanctions have increased both the importance and complexity of this process,” said Correia. “As regulatory compliance pressures have increased, KYC screening has evolved to become more in- depth and more efficient.” As he observed, firms need a single process for AML, sanc- tions, bribery and tax compliance that allows them to collate the maximum client data un- obtrusively. Given the nuances of rule chang- es, he explained that leveraging multiple data sources to get a comprehensive view of a prospect’s risk profile and the potential benefits - or risks - of a relationship is crucial. One area where firms will need significant ca- pabilities is in uncovering the ultimate ben- eficial owners of Iranian entities, commenta- tors have warned. The agreement to ease sanctions does not include entities owned or controlled by the Iranian Revolutionary Guards Corps, the third wealthiest business organisation in Iran and which controls up to a third of its economy. Matters are further complicated by the fact that many business- es operate as “bonyads” – tax-advantaged, quasi-governmental bodies with little trans- parency over beneficial ownership. Broader media searches may be invaluable here. With business and politics intertwined, Iran ranked 130th in Transparency International’s 2015 Corruption Perceptions Index (with Russia at 119 and Sudan 165), thus expos- ing direct investors to risks from the Bribery Act 2010 in the UK, and the Foreign Cor- rupt Practices Act 1977 in the US. The grave reputational risks of being associated with terrorist financing need hardly be stated. 2. STANDING UP TO SCRUTINY ON SOURCE OF WEALTH/FUNDS Given the manifold complexities of PEP screening previously discussed, it may be somewhat surprising that proving source of wealth (how the client obtained the money) and source of funds (details of where the money has been) are held to be equally problematic – yet perhaps not when the practicalities of dealing with the bureaucratic and cultural differences of newer markets are fully considered. Furthermore, issues around PEP screening and source of wealth are often inextricably linked. Amid all the practical challenges CDD pos- es, it must not be forgotten that the interna- tional drive to prevent money laundering, bribery and corruption is at root about eth- ics. That institutions are not always dealing in absolutes creates very thorny dilemmas and a concomitant need for them to be able to robustly defend their onboarding decisions with evidence of well-considered policies and their enactment. As the panel highlighted, the benighted pasts of some countries is a key consideration as a cli- ent’s original source of wealth may evolve dramatically over time to become the cur- rent source of funds. Nor, it must be said, have attitudes towards the prevention of financial crime remained static. As was pointed out, some of the methods used to get control over a business in the 1990s may not have been technically ille- gal, but would nevertheless be unaccept- able today. If the owner then decides to sell the company to a well-known Western cor- poration, the funds received by the bank from the sale may be legitimate, but the reputation risk from the owner’s behaviour in establishing the company remains. This leaves firms with serious soul-searching to do in terms of where they draw the line and how far they should and go back in deter- mining the legitimacy of wealth today. Further complicating matters is the fact that UHNW PEPs are likely to have attracted some adverse news whether justified or not. “If a bank onboards a client that has UK FIGURE 8: Rate the following countries as either low-, medium- or high-risk, according to your firm's policies: 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% Low-risk Medium-risk High-risk clients US UAE CHINA SAUDI ARABIABRAZIL MEXICO RUSSIA SUDAN IRAN
  • 22.
    22 Towards TrueKYC: Technological Innovations in Client Due Diligence some negative news it risks being second- guessed at some time in the future,” one senior executive said. To be able to with- stand this kind of scrutiny, wealth managers cannot afford to take anything less than a thoroughgoing approach to adverse media searches. This need to scour documents going back decades, possibly in several languages and permutations of the client’s name, is one of the main drivers of invest- ment in technological screening solutions today. With even the best intentions, man- ual often means minimalist by necessity, the panel observed. Almost a fifth (19%) of survey respondents believe there is too much information avail- able online today for firms to ever be able to fully screen a client. This abundance is leading to dangerous random sampling rather than the exhaustive processing of sources, it seems. Here, Tonchia said that he sees even very reputable banks having operatives carry out Google searches only for them to read the first 10-50 documents before giving up; by the same token he believes that business information services are often underused as they can generate too many results to handle. “Reading the first 10 documents is good but it might be number 100 or even 999 that you need. Technology gives us better risk coverage because we can ‘read’ all of those,” he said. “It takes our system 5-10 minutes to process 10,000 documents, depending on your hardware, and that’s hard to beat with the human eye. And, yes, we have ‘automatically’ found cases in which an apparently ‘clean’ individual was involved with a company that had very explicit links to crime in this way.” As well as sifting huge volumes of data, modern systems also provide the kind of comprehensive audit trail firms need to be forearmed against the second-guessing just described. “We keep track of each micro-decision, such as an article being discarded because it’s from an unreliable source or because it’s a false positive,” said Tonchia. “Every click and every decision behind that click is auditable and some- thing you can show to the regulator years later. It offers a full ‘movie’ of all the deci- sions that ultimately led to the client being onboarded or rejected.” Following the money trail While screening PEPs may call for a par- ticularly extensive “movie”, the panel observed that since it is not enough for firms just to prove that funds were legiti- mately obtained and currently sit in a le- gitimate repository, documenting even less complex clients can also be tricky. “If the source of wealth is a person selling their business 15 years ago then it’s simple enough to obtain a solicitor’s letter saying they sold it for that amount, but we really need to see where the money has been,” said Dominic Crabb. “Just because it got paid into an account in 2000 doesn’t mean we know that it’s stayed there until 2016.” Establishing a money trail can of course become vastly more challenging with cer- tain client groups. For John Whick, proving source of wealth and source of funds are “without question the cause of most frus- tration”, with the latter perhaps the more problematic of the two. “We have to have a very good understanding of an individual’s wealth background then tie that directly into the money coming across,” he said. “With a client who sold a coal mine in Chi- na decades ago you may be dealing with handwritten statements that have to be put into source of wealth documents; then we’d have to evidence that that mine was sold and where the money then went. Fol- lowing that money pound for pound until it lands in their account is tricky.” Since the complexity of financial affairs rises in line with wealth, clarifying source of funds can pose a particular problem in the UHNW segment. “It’s easy to docu- ment money having been in shares and cash,” Hamblin said. “But if you have a cli- ent with half a billion that could be tied up in two Cayman Islands’ SPVs or Delaware companies, then you may struggle even to confirm who owns them.” 3. DATA AND DOCUMENT COLLECTION AND COLLATION Amid uncertainties around what the fi- nal requirements of new regulations will be – and what further inevitable rule changes will bring in the future – there is a strong argument for firms to store the maximum possible amount of data right across the client lifecycle as part of at- tempts to future-proof their compliance processes: 63% of wealth managers see the pace and impact of regulatory change increasing over the next three years5 . “The data under-pinning onboarding is a key challenge likely to be further compli- cated by upcoming regulations like MiFID II and the Common Reporting Standard placing further demands on client data and reporting requirements from wealth man- agers,” said Morley. “Firms have to ensure that all the relevant fields are captured and can be provided to the regulators.” Yet even given the business gains to be had from the better use of client data, and the risks surrounding any inadequacies, institutions’ capabilities for gathering and storing it seem to be diverging significantly in quality at present: 39% of wealth manag- ers rate their firm’s client data gathering ef- forts as poor to average and almost a tenth are gathering only the “bare minimum” despite the fact that data management en- hancements are a priority for 83% of firms6 . As Section 3 will discuss in more depth, data security remains a paramount concern and the more institutions are asking clients and prospects for, the greater the onus on them to protect it. The fifth of respondents identifying data and documentation issues as their biggest CDD frustration were evenly split between those who pointed to the technical difficulties of gathering and storing the requisite data, and those focused on the lengthy to-and-fro and repeat requests often required to obtain the correct documentation and the negative effect this has on the client experience. Reading the first 10 documents is good but it might be number 100 or even 999 that you need. Technology gives us better risk coverage because we can ‘read’ all of those. 39% of wealth managers rate their firm’s client data gathering efforts as poor to average and almost a tenth are gathering only the “bare minimum” despite the fact that data management enhancements are a priority for 83% of firms.
  • 23.
    23SECTION 2 -MAJOR KYC PAIN POINTS AND THE RISKS THEY REPRESENT Both are interlinked and together contribute a large part of the potential relationship and client experience detriment that concerns firms. Also in both, we might see the old spectres of disparate legacy systems and underdeveloped digital channels looming large – issues that are proving particularly pernicious in the onboarding phase of wealth management relationships, not only in oper- ational efficiency terms, but also in detriment to the client (and advisor) experience. According to WealthBriefing research, 70% of wealth managers are using a paper/digi- tal hybrid approach for onboarding, with only 6% having gone entirely digital to use tools such as online document vaults, digi- tal signatures and dynamic forms7 . Many firms are trapped in the delays and dupli- cation caused by hardcopy, posted docu- mentation; on the front-line, many RMs are working through massive forms with clients where it is easy to miss requirements, rath- er than being guided to fill in only the es- sentials on the basis of the information and regulations at hand. 4. DETRIMENT TO THE RELATIONSHIP/CLIENT EXPERIENCE Crabb confirmed that asking for more in- formation is a big source of frustration for the front-office because investigations have to ricochet off in new directions as additional facts emerge. “At quite a late stage you might see there’s a trust that also has a beneficial owner, or that there’s an- other shareholder who has a greater than 25% shareholding in that company, so you then need more information about that,” he said. Eliciting forgotten (or indeed veiled) information from clients can obviate administrative steps and prevent wasted time. It is reportedly not unusual for PEPs to forget that they are, but fortunately new technologies can quickly uncover the truth and prevent missteps here. It must also be remembered that while cli- ents might initially be very keen to prog- ress a relationship, their enthusiasm may wane as the number of onboarding steps required rises. Predictably, the timeliness of receiving responses from clients to doc- ument requests emerged as a source of significant frustration in the survey. While the need to ask for more informa- tion may not be eradicated, the length and onerousness of the documentation process may be significantly reduced through bet- ter structured and focused conversations geared towards asking for everything neces- sary just once. As discussed on p33, having the means to carry out thorough yet efficient research on prospective clients at the earli- est possible stage is key to this. Intelligently (yet sensitively) leveraging public information may also help smooth the more awkward el- ements of the process and relieve some of the burden on both clients and relationship managers, the panel said. As was highlight- ed, firms should also always look to come to a reliable decision on whether to onboard the client or not as quickly as possible to save embarrassment for all. Record-keeping requirements are a more prosaic, but no less important element of the documentation challenge – and one where the perils of paper-based systems stand out. MLD IV requires that CDD infor- mation must be retained for five years and thereafter deleted (unless otherwise stated by national law) with a maximum total reten- tion period of ten years. Identifying when data is reaching the five-year threshold will be difficult with paper-based records. Fur- thermore, firms might find that they have large amounts of historical data to review and destroy if necessary. As discussed on p13, many firms are having to do significant remediation work in certain CDD areas. Sensitive subjects Quite apart from the onerousness of tracing the journey of a client’s wealth is the need for RMs to address sensitive subjects in order to do so. While there may be no way of cir- cumventing the need to ask for documenta- tion of a death or divorce, for example, it is crucial that this is not mishandled, the panel observed. As such, implementing processes and tools to ensure this is as much of a “once and done” task as is possible is essential. The need to avoid repeat requests for in­ formation and documents is also key to minimising the potential to cause offence since, a one executive highlighted, “clarify- ing source of wealth is often difficult when cultural aspects come into play”. “Source of wealth requirements have in- creased dramatically in the last five years meaning that generally the customer expe- rience delivered in this area has room for improvement, as clients do not understand the rationale for additional documenta- tion,” said Dave. “Clients can also tend to be reluctant to share too much information on their overall wealth with their wealth manager as they are multi-banked.” Arguably, it may be overstating the case to say that sophisticated, internationally-mo- bile HNWIs from newer markets are naïve as to the requirements that need to be met in well-regulated jurisdictions. As Hamblin said: “People may resent it, but they know it is necessary.” That said, clients hailing from far less tightly-regulated jurisdictions may well be surprised by the extent of evi- dencing required if firms are adhering to the highest standards for best practice/ef- ficiency reasons. As one survey respondent observed: “Customer apathy can be a real problem as we have a global policy over and above regulation in all jurisdictions”.Standardis- ing internationally by adopting policies that are “super-equivalent” with the tough- est regimes may represent best practice, but heightens firms’ need to minimise an- noyance (and therefore differentiate them- selves from the competition) through hav- ing a well-structured, streamlined process. Here again the application of new tools can prove very useful, in perhaps unexpected ways, the experts pointed out. Validation via social media Most firms are still grappling with the appli- cability of social media for marketing and client servicing purposes, yet they should At quite a late stage you might see there’s a trust that also has a beneficial owner, or that there’s another shareholder who has a greater than 25% shareholding in that company, so you then need more informa- tion about that. Obviously we can’t expect social media to be the image of truth, but we can use it as a source of hints and confirmations. While not impossible, buying that authenti- cation from the online community is expen- sive and you can’t do it overnight.
  • 24.
    24 Towards TrueKYC: Technological Innovations in Client Due Diligence Automatic Exchange of Information will see jurisdictions obtain financial information from local institutions and automatically exchange it with other countries on an annual basis. Implementation of the Common Reporting Standard (the Stan- dard for Automatic Exchange of Financial Account Information), which contains the reporting and due diligence rules of AEoI, began on 1 January 2016, requiring institutions to gather rel- evant KYC information and report to tax authorities across 58 early-adopter countries (the first exchange is set to take place in September 2017). A further 97 countries have also signalled their intention to adopt the OECD-developed legislation, which is closely modelled on US FATCA and superseded the UK’s CDOT Tax Reporting and Ex- change of Information legislation (itself known as UK FATCA). To give an indication of how seriously tax offences are being taken in the UK, prosecutions have increased 300% since 2010. The EU’s Fourth Anti-Money Laundering Directive came into force on 26 June 2015 with a two-year deadline for the legislation be written into national laws. MLD IV will oblige most EU countries to force their financial institutions to take a risk-based approach to the due diligence process for the first time. (The UK has been taking the risk-based approach since 2007). MiFID II will come into force in January 2018, the deadline having been pushed back one year. It will impose new granular reporting requirements on wealth managers, including concerning client data. As Roopalee Dave pointed out, increasing regulatory require- ments are often adding unexpected complexity due to addi- tional checks and documentation requirements. Even osten- sibly simpler elements can cause real headaches and costs. “FATCA requirements dictate that a National Insurance num- ber, or equivalent, is required at point of onboarding,” she said. “Yet several prominent countries like Saudi Arabia do not have those, meaning judgement calls are required.” REGULATORY HOT-SPOTS UK banks have reached tipping point in the fight against fi- nancial crime, with 61% believing there is enough or too much regulation, but inadequate enforcement, according to a study of 200 senior AML compliance professionals by LexisNexis Risk Solutions and the British Bankers’ Association8 . Some UK institutions are now spending as much as £660m ($950m) a year on AML compliance, yet still lack confidence they can effectively combat risks in a fast-changing crime landscape. Nearly a third think that MLD IV will have no effect on or could even increase levels of money laundering across Europe. Over 2016, 44% of banking and financial services professionals believe evolving criminal methodologies will be the biggest sin- gle emerging financial crime risk to their business. Correspond- ingly, over 2016/17 preventing cybercrime will be the single big- gest area of investment for 37% of respondents (followed by fraud at 23% and AML at 20%). Fighting financial crime in the context of online/mobile banking and digital currencies are seen to be the most significant chal- lenges banks are set to face in the future. The very serious AML complications arising from the latter are clear. UK INSTITUTIONS AT AML TIPPING POINT FATCA requirements dictate that a National Insurance number, or equivalent, is required at point of onboarding. Yet several prom­inent countries like Saudi Arabia do not have those, meaning judgement calls are required. also see its potential to facilitate CDD and minimise what might seem to be intrusive questioning, argued Tonchia. To illustrate, he described a scenario whereby a Chinese PEP claims their source of wealth is a profitable, operational busi- ness, but since the company is Chinese the usual information bureaus are unable to supply all the documents/information related to its financials and headcount. To help verify the client’s claim a wealth man- ager could first check the firm’s website to confirm a plausible amount of pages; next they could check the person’s LinkedIn profile to see they have numerous connec- tions to employees, before then finding press coverage of solid financial results and ascertaining the business exists physically via Google maps. Although none of these alone is sufficient proof that the source of wealth is legitimate, in combination they may greatly increase the institution’s confidence and help point the way with- out RMs having to go back to the client as much. “Obviously we can’t expect social media to be the image of truth, but we can use it as a source of hints and confirmations. While not impossible, buying that authentication from the online community is expensive and you can’t do it overnight,” said Ton- chia. “Taking media sources together you get a footprint that really points to this company existing, having legitimate busi- ness and a certain turnover that might jus- tify the client coming to the bank with that money, rather than them having misappro- priated it.” 5. ADAPTING TO REGULATORY CHANGE AND JURISDICTIONAL DIFFERENCES Only a tenth of respondents see coping with regulatory change and the interplay between international rules as the most frustrating part of the client due diligence process. Arguably, however, an unrelent- ing pace of change has become very much the norm. While wealth managers are grap- pling with an alphabet soup of new rules concerning market conduct, corporate governance and client protection, many of these are increasing screening and re- porting requirements, in addition to those specifically focused on CDD.
  • 25.
    25SECTION 2 -MAJOR KYC PAIN POINTS AND THE RISKS THEY REPRESENT 2-4 DAYS FIGURE 9: Average onboarding time HNW client vs legal entity 45% 40% 35% 30% 25% 20% 15% 10% 5% 0% HNW client Legal entity 5-10 DAYS 11-20 DAYS 21-40 DAYS 41+ DAYS As fiduciaries, we are the legal owner of the assets we onboard and as a result we have higher duties. 6. TRUSTS AND ULTIMATE BENEFICIAL OWNER ISSUES Although trusts and Ultimate Beneficial Owner issues don’t seem as problematic as other elements of CDD, they do seem to be yet another drag on efficiency which regulatory change will only exacerbate. WealthBriefing research on how long on- boarding clients takes has revealed a very wide spread across the industry, with sur- prisingly lengthy times often the norm for both individual clients and legal entities. As Figure 9 shows, however, the very lengthy onboarding durations of over 41 business days are more common for legal entities and the very rapid ones of a few days less common. The crux of the matter is of course the need to identify, verify and clear all ultimate ben- eficial owners retaining more than 25% of the capital or profits of the legal entity. As the experts pointed out, identifying all the relevant shareholders and directors of a company can take weeks, if not months, particularly if companies or individuals are holding those assets in various sub-struc- tures – which in turn is likely to bring regis- tries in several tax-advantaged jurisdictions into play. While it may be relatively simple to screen domestic clients and companies through a single national corporate regis- try, multi-country database coverage of the kind provided by Bureau van Dijk or Dun Bradstreet is increasingly vital in a wealth management context due to the nature of HNWIs’ financial affairs, it was said. It is because of these factors, Dave noted, that CDD turnaround times are driven prin- cipally by client type and not just by risk classification. “Clients who are individual or joint and are not PEPs should have their accounts reviewed and opened within days,” she said. “Corporates with multiple layers of ownership and where multiple beneficial owners have to be identified and verified can take weeks due to additional checks being necessary and firms often having to refer back to the client for further information.” “The higher the net worth, we see increased use of Special Purpose Vehicles, such as use of British Virgin Island structures. Complet- ing due diligence on such structures can really burn your time. Also, geographical is- sues create a lot of work in coordinating the face-to-face meetings with the end-client,” said Toole. “Even the ID checks on multi- billionaires with business empires is never easy, even if they have a representative doing a lot of the groundwork.” This task will certainly not be made easier under MLD IV. As part of the international drive towards greater transparency regard- ing business and company structures, it im- poses far more prescriptive provisions for identifying and verifying beneficial owners for legal persons, trusts and similar legal ar- rangements. This applies for both new and existing clients, on a risk-sensitive basis. Under MLD IV, central registers for benefi- cial owners are required, which are to be maintained in EU countries and accessible to any person with a legitimate interest. (for the US approach see overleaf). Important- ly, institutions are enjoined to prove that they have not relied solely upon a central register to fulfil their CDD obligations. MLD IV also puts more emphasis on institu- tions making sure they are capturing chang- es to beneficial ownership, underscoring the need for more regular, automated re- screening capabilities. This will be particu- larly important for global banks rescreening tens of thousands of corporate clients a year and all their shareholders. “Screening legal entities with myriad beneficial owners and sub-structures could take weeks for an ana- lyst,” said Tonchia. “However, if everything is configured correctly to drill down like that it could take just minutes with an automated tool.” Here, the rapid-response advantages conveyed by carrying out in-depth media screens automatically were also highlight- ed, since corporate registries only tend to show new shareholders annually. The value of examining interleaved in- formation from official sources alongside that from wide-reaching media searches is brought into starker relief when the in- depth requirements placed on trust com- panies and the often labyrinthine business and family arrangements they work with are considered. “As fiduciaries, we are the legal owner of the assets we onboard and as a result we have higher duties,” said Isaac. “In practical terms, we need to go beyond the normal onboard- ing and understand the family tree.” Associ- ates or family members may have PEP status that they may have derived business benefits from; or there may be a PEP element to the shareholders of the business the client is run- ning. “You have to go to that level of depth; you have to understand the rationale of the structure,” he concluded. As ever, reputational risk is also a top concern when deciding whether to on- board a corporate entity, the panel noted. Investigating where companies do busi- ness, rather than just where they have offi- cial offices, and ruling out adverse media is something most wealth managers will want to do at a time when the negative impact of any corporate scandal is rapidly ampli- fied via social media. Here again, technology calibration is key because attracting adverse media is just as much to be expected for large corpo- rates as it is for UHNW clients, the panel observed. As such, a well-known name is likely to prove a double-edged sword: a large body of negative news may need to be dismissed but source of wealth will be easier to validate no matter how complex the ownership structure is.
  • 26.
    26 Towards TrueKYC: Technological Innovations in Client Due Diligence CDD DEVELOPMENTS FROM A US PERSPECTIVE Are you seeing any significant divergences in EU and US policies on CDD? EW: They are congruent in most major respects. The divergence, from the US perspective, is AML, economic sanctions or anti-cor- ruption rules not being enforced with the same rigour in the EU. US law enforcement would point to almost all the major enforce- ment cases brought in the US against EU-based banks for pur- posefully changing information in SWIFT message fields to hide US-prohibited originators or beneficiaries of dollar-denominated electronic funds transfers. US officials would make this point even though the UK’s anti-bribery law, for example, has a broader scope than the US Foreign Corrupt Practices Act (FCPA). Divergent enforcement will become a particular issue once disclo- sure of beneficial ownership becomes widely adopted - which will take a good deal of time, and even longer to ensure accuracy. DA: I would agree that the US authorities are far tougher in prose- cuting AML cases than their European counterparts. Recent cases have shown escalating penalties and fines in the billions of dollars, the prosecution of senior management, and in certain cases, board members have been required to pay fines out of their own pockets. Also, since 9/11, US lawmakers have linked AML requirements to the USA PATRIOT Act and the notion of homeland security, so there is a special significance in the US attached to the overall AML effort. Europe’s MLD IV imposes far more onerous requirements for verifying ultimate beneficial owners, including the maintenance of national databases. Will the US mirror this? EW: The US approach, as outlined in a FinCEN proposed rulemak- ing, requires disclosure of the beneficial ownership of an entity opening an account with limited types of financial institutions - pri- marily banks and securities brokerages. FIs will be required to keep this information on file for a number of years and to provide this to this to law enforcement on request. Unlike MLD IV, beneficial ownership information in the US will not be made public; nor will the disclosure of beneficial owners upon formation be required, because corporations and LLPs etc., are almost exclusively creatures of the states, not the federal govern- ment. Absent an act of Congress, the federal government has no authority to direct states in this area. The federal government may, however, direct financial institutions because all but a very few banks are subject to federal regulation. It is anticipated that some states, on their own timetable, will re- quire disclosure of beneficial ownership information upon com- pany formation. Here, the federal system in the US will make searching for information difficult; when federal law enforcement agencies are searching for a beneficial owner unknown to them, they will be forced to ask a large number of FIs for information as they may only have the name of an individual and no connec- tion to a company. Searching state databases will be similarly cumbersome: the US has 53 jurisdictions in which companies may be formed. Absent knowledge of the state of formation, all jurisdictions must be asked. The New York authorities propose making CCOs personally liable for certifying the effectiveness of their firm’s AML transaction monitoring and watch list filtering systems. Are CCOs really in a position to do this, and might this further impact senior staff retention? DA: There are some understandable concerns about the proposed New York law. CCOs do not generally control budgets, and while many are increasingly getting much more proficient in technology, no system is perfect. What is of most concern is that the “reasonableness” standard present in rules 38-a1 and 206(4)7 by the SEC is missing. The ab- sence of this standard means that we are imposing essentially a Unlike MLD IV, beneficial ownership information in the US will not be made public; nor will the disclosure of beneficial owners upon formation be required, because corporations and LLPs etc., are almost exclusively creatures of the states, not the federal government. Absent an act of Congress, the fed- eral government has no authority to direct states in this area. Given its lead role in the global fight against financial crime and corruption, wealth managers keenly watch CDD developments coming out of the US. Here, Ed Wilson and Don Andrews, partners at US law firm Venable LLP, examine America’s latest regulatory and legal moves.
  • 27.
    27SECTION 2 -MAJOR KYC PAIN POINTS AND THE RISKS THEY REPRESENT strict liability standard on an individual who does not control bud- gets, often has limited resources, and even under ideal condi- tions cannot be expected to be omniscient. This is the reason the proposed law has drawn so much criticism, which I believe is fair. Even under a reasonableness standard, it has been argued that the CCO is simply the wrong person to impose the certification on; they do not control hiring or resourcing decisions, and are limited in their effectiveness by the tone that permeates from the top of the organisation. Several institutions in the US have recently been drawn into private litigation related to CDD issues, with suits brought over the loss of applicant clients’ data and – far more seriously – the contribution of AML failings to the commission of drug-related murder. How well are firms addressing these huge legal and reputational risks? DA: The threat of regulatory sanctions for wealth managers, given the potential impact to a wealth manager’s reputation, is some- thing that cannot be ignored. Reputation is paramount in the wealth management business. As such, wealth managers need to take whatever steps are necessary to address and excel in the new regulatory environment. If that means reaching out to third-party attorneys and consultants to assist with designing and implement- ing a sound AML program, they should do so. The goalposts on AML/PEP/sanctions screening seem to be constantly shifting. What key trends do wealth managers need to be anticipating to minimise future risks? EW: The goalposts are changing, but in a predictable way, at least in the US – towards greater transparency in ownership and transaction participation, and easier law enforcement access to fi- nancial records. The one exception is the US’s reluctance to use tax data for purposes other than tax enforcement due concerns this will lower the voluntary tax compliance percentages in the US (although US tax treaties provide foreign governments with cross-border data about their residents). I think the greatest changes will be in the continuing use of in- creasing computing power to identify, track and apprehend bad actors. This has been the major theme since the early 1980s, when computers entered common commerce. In terms of US financial institutions, increasing regulatory expec- tations will force further concentration of cross-border banking activities into fewer banks as the cost of regulatory compliance continues to grow. There will also continue to be tensions among countries on enforc- ing economic sanctions. The US sanctions against Cuba have long been an example of this tension. On this point, the easing of US (and EU) sanctions against Iran is a big recent development. What can you say about the opportunities and challenges this market now represents? EW: Iran is a large market with a young and growing population, and every company interested in expansion would like to be there. There are, however, a number of issues to consider in addition to the substantial, ongoing US sanctions against Iran, entities in Iran, etc., and against using the US dollar in commerce with Iran. Doing business in Iran is largely an unknown for most of the OECD countries. How will disputes be resolved? Profits repatriated? Who may own what? What are the rules? What permits are necessary? Who regulates and to what degree? These and a number of other questions are being studied carefully. The goalposts are changing, but in a predictable way, at least in the US – towards greater transparency in ownership and transaction participation, and easier law enforcement access to financial records. Doing business in Iran is largely an unknown for most of the OECD countries. How will disputes be resolved? Profits repatriated? Who may own what? What are the rules? What permits are necessary? Who regulates and to what degree? These and a number of other questions are being studied carefully.
  • 28.
    28 Towards TrueKYC: Technological Innovations in Client Due Diligence REDUCING REGULATORY, REPUTATIONAL AND PERSONAL RISK In every compliance officer’s mind, accord- ing to Chris Hamblin, there is a “hierarchy of fear” - a list of agencies and disciplinary processes that have the power to de-rail his career, with the most dangerous at the top. This is true of compliance officers at all wealth management firms the world over. In almost all jurisdictions, the most seri- ous threat comes from the Office of For- eign Assets Control, the US Treasury body which enforces economic and trade sanc- tions based on US foreign policy. “If you end up serving a terrorist or someone else on the OFAC list and they find out because the transaction goes through the New York Clearing House, then your career as a compliance officer is over,” Hamblin said. Ranking next would be a visit from the au- thorities if the firm were based in a Western or otherwise robustly-regulated jurisdic- tion, Hamblin continued, explaining that firms can have a real challenge in coping with the scrutiny of multiple regulators. “There might be a subsidiary here in the UK of a boutique German private bank that deals mainly with German expats and if half its clients are German, home state regulation applies; then, you might have other branches elsewhere and you’ve got to worry about what the regulators are do- ing there,” he said. “If you’re based in a jurisdiction that has really weak regulation where they hardly ever do visits then it’s the UK or the US regulator you’ve got to worry about. That happens a lot in private bank- ing here in the UK.” Confirming the FCA’s stance on prece- dence, Rob Taylor, head of investment management, said: “Problems are most likely to be found where global compa- nies are not setting up proper UK-sited decision-making before taking on new cli- ents. We expect client records as well as all decision-making with regard to client take- on to be a UK decision and not subject to another jurisdiction’s practices.” Behind all this, and dominated by the US Government, is the Financial Action Task Force, the international standard-setter that dictates the ways in which countries must make their financial firms combat money laundering and terrorist financ- ing. (Many FATF-style regional bodies ex- ist, including MONEYVAL, the Asia/Pacific Group on Money Laundering and the South America Financial Action Task Force.) As commentators have long highlighted, the US and UK are leading the world on regu- latory policy in a number of areas, with the rest of the world’s jurisdictions following their lead at varying speeds. Significantly, then, both continue to ramp up pressures on the CDD front. The US Securities and Exchange Commis- sion’s 2016 plan focuses on big data ana- lytics in transaction monitoring and the as- sessment of AML compliance. Meanwhile, the FCA has been high-profile recently in confiscating revenues arising from improp- erly-processed business and condemning any cutting of corners in order not to ir- ritate clients. It should also be noted that the UK authorities are pioneering “super- equivalence”, whereby a country insists that every “reporting firm” listed on its stock exchange and/or overseen by its regulators must follow home regulations all over the world. In a further interesting development, the start of 2016 also saw the FCA express “serious concerns” over the AML controls at Contracts for Difference providers. While they are certainly not limited to AML/ PEP/sanctions breaches, failings in these areas have contributed significantly to the tally of immense regulatory fines that have been meted out with such alarming regu- larity in recent years. And, it must be said, the US and UK have been leading the way here too, in issuing record-breaking penal- ties. These multi-million (and increasingly billion) dollar fines reinforce just how costly compliance failings can be, but of course it is not just top-level financial penalties that cause lasting harm, the experts said. Many wealth managers are listed/part of listed banks with shareholders to answer to, but all firms have to fear the reputation- al damage they face when they break the rules. This is a competitive sector serving a highly discerning client base where both individuals and corporations have a seri- ous interest in protecting their own reputa- tions. When finely-judged buying decisions are being made, wealth managers obvi- ously have to prevent any adverse media of their own – particularly when emotive topics such as money laundering (and its consequences) are concerned. As Mike Toole argued, protecting the firm’s good name will be an absolute priority for all, but perhaps even more so for newer firms that are still building the brand equity which would to some degree insulate them from public regulatory strife. “We’re going over and above where we need to be ac- cording to the law; as a business we’re very cautious when it comes to AML,” he said. “Being a younger organisation, if we get it wrong then in proportion the impact to the business is far bigger than for a longer- established one.” The panel also highlighted that interna- tionally, matters are very much tending towards compliance chiefs being held in- dividually liable for their firms’ behaviour. The FCA, for example, spoke of “embed- ding a culture of personal responsibility throughout the financial services industry” when introducing its new Senior Managers’ and Certification Regime in October 2015. Personal liability in a fast-changing and arguably capriciously regulated area like CDD is significant burden, but what may have CCOs even more concerned, how- ever, are moves towards making them personally liable for the specifics of techn logical set-ups too. As we’ve seen, when an institution’s reputation is tarnished internationally the impact on everyone – including the front-office – is very, very significant. SECTION 3 HOW NEW TECHNOLOGIES AID BEST PRACTICE
  • 29.
    29SECTION 3 –HOW NEW TECHNOLOGIES AID BEST PRACTICE At the end of 2015 The New York Depart- ment of Financial Services proposed new minimum requirements for AML transac- tion monitoring and watch list filtering sys- tems, with CCOs under personal - and per- haps even criminal - liability for certifying their effectiveness each year. Regulators have long asked what technology provi- sion is like, but this is clearly a new kind of accountability. The new requirements, which would apply to all New York State-regulated institutions (including foreign ones with a NY licence) are modelled on the certification require- ment of the 2002 Sarbanes-Oxley Act, but have scope to be far more burdensome, commentators say, due to the absence of a “materiality” standard and the subjective assertions of system efficacy that must be made. Commentators have warned that asking CCOs to answer for this across a complex global banking group may exac- erbate the challenge of retaining top-flight AML executives. FOSTERING COOPERATION AND COLLABORATION Modern CDD tools are certainly very im- pressive in their processing power and use of techniques like semantic analysis. Yet thinking beyond the technical speci- fications, it is their potential to improve the human elements of the CDD process that seems to be really resonating. Work- flow practices that enable better intra- and inter-departmental cooperation are sorely needed, it was said. While it would be overstating the case to think of compliance and advisors as intrac- tably at odds, their differing priorities mean there are undoubtedly inherent tensions between the two sides. Resolving these is clearly a complex cultural issue, yet tech- nology can play an important role in help- ing the two sides work better together. Combative mindsets should in fact already be well on their way to dying out, the panel observed. Chief among the factors contributing to their demise is that firms are increasingly embedding the requirement for advisors to really understand clients’ risk implications in their remuneration poli- cies. Heightened reputational concerns are also focusing minds. “As we’ve seen, when an institution’s reputation is tarnished inter- nationally the impact on everyone – includ- ing the front-office – is very, very signifi- cant,” said Jonathan Kirby. To increase the likelihood of signing up a client, in the past advisors may have been tempted to take a minimalist approach to their investigations, but recalcitrance is increasingly no longer tolerated in any degree, it was said. It seems that both sides are increasingly asked to “dual-hat” in CDD matters. Ad- visors are valued as commercial operators, yet are firmly positioned as the first line of defence in risk management. Contrariwise, “Compliance can’t just be the ‘no people”, as several of the experts put it, since their very existence depends on revenues com- ing in. “Within the boundaries of regula- tions, policies and procedures, compliance should be working in partnership with RMs and not ruling by fear,” said Xavier Isaac. “They need a can-do attitude.” With one focused on getting business and the other on vetting it, the risk/reward em- phasis will necessarily differ between the two departments (and a certain level of tension is probably healthy). Underlying alignment is rather the aim, it was said, adding another strand to the challenge of maintaining corporate culture in an MA scenario. “This isn’t just about hard things like technology, politics and processes, it’s also about soft things like value systems and business culture,” Isaac continued. “It’s fundamental for RMs and compliance to share the same values and be dedicated to the same sustainable business model.” In practical terms, this requires both ad- visors and compliance to keep an open mind (in both directions) and take nothing at face value. “Without any presumption of guilt, you always have to interrogate the in- formation given to you and satisfy yourself that it is correct,” said Kirby. “You should investigate as much about your potential client as early as possible and leave room to interrogate that information at a later stage.” On the other hand, compliance must be enabled to sign off all the business it ap- propriately can, which creates a real im- perative to be able to drill deep into multiple sources of information. As one senior executive remarked: “The problem with Russian clients is that there are genuine ones you can’t find a good history to clear, and at the same time ones you know should be on a sanctions list above others, aren’t. You intuitively know whether you should deal with them, but it’s hard to find categorical facts any- where that backs your gut feeling.” As discussed, onboarding decisions are often far from clear-cut even on regulatory lines, without considering broader risk poli- cies and ethical issues. Amid these com- plexities, the panel identified a real need for easier but also better documented col- laboration within compliance teams. In practical terms, the scarcity of top bank- ers who can balance business development needs and the sharper compliance issues means that senior expertise must be opti- mally deployed. While tough decisions must ultimately be theirs, tools allowing more ju- nior staff to push cases further along their journey will be a real boon. As Alessandro Tonchia noted, being able to see the right information in the right order makes the decision to escalate or not far clearer. More broadly, modern workflow-based systems make it easier to call on the wider expertise of the institution and collaborate digitally with colleagues anywhere in the world. The merits of such an approach are clear, but maintaining accountability for each step in decision-making then becomes a challenge. In response, modern onboard- ing systems place great emphasis on creat- ing robust audit trails that can encompass multiple users, communication channels and information sources to capture all the inevitable to-and-fro – and to prevent mis- takes. While the vast majority of RMs take their responsibilities very seriously, mecha- nisms to prevent an overreliance on trust or even outright malpractice are wise, it was observed. “Our tool puts client searches into a database no-one can tamper with as part of a complete audit trail you can show the regulator,” said Tonchia. As well as documenting collaboration ef- fectively, modern technologies could also be said to make the kind of senior col- laboration required for firms to truly fulfil their obligations possible. Best practice is held to be a senior committee operating almost along adversarial lines in which, as Isaac said, “you challenge each other to see if you’re comfortable to go ahead”. However, the way that risk policies actually play out can fall short of this ideal, meaning that firms may be opening themselves to huge risks by relying on physical meetings to the exclusion of digital collaboration. Within the boundaries of regulations, policies and procedures, compliance should be working in partnership with RMs and not ruling by fear. They need a can-do attitude.
  • 30.
    30 Towards TrueKYC: Technological Innovations in Client Due Diligence “The process whereby the most senior executives make the onboarding decision for PEPs may look perfect on paper, but may be flawed in practice,” one compli- ance expert argued. “Executives may be travelling or otherwise unavailable and the onboarding decisions are actually made by delegates, or delegates of delegates.” As discussed in Section 1, bolstering the ability of junior compliance officers to stand up to perhaps more powerful RMs through giving them greater command of information is vital – as are mandatory trig- gers for red flag escalation. Indeed, con- structive challenging seems key to foster- ing the right culture overall. “Certain values and cultures need to be promoted and there’s an obligation to challenge each other on the decision- making process with good intent. Integrity needs to be coming from the top,” said Isaac. “The ability to say no is a big chal- lenge to a business; to say this is a big risk and we don’t want to go ahead even if it is a million-dollar fee a year client.” PROPER PROCESS (BUT NOT AD INFINITUM) As the experts argued, institutions cannot hope to be entirely infallible in matters like making the correct call on adverse media and nor do regulators expect them to be; rather, they need to show all reasonable steps were taken and that proper proce- dures were followed. Correspondingly, tools are dual-focused on getting firms to the point where they are comfortable with a decision - internally, with clients themselves and with regulators – and evidencing how they got there. The message from regula- tors has been abundantly clear in recent years: if it isn’t documented, it isn’t done. “Everyone can make mistakes, but what no one can accept – whether that’s a judge or an internal compliance head – is that you haven’t properly documented and pro- cessed the onboarding,” said Isaac, add- ing that this need to be able to withstand the second guessing described on p22 is a big driver of outsourcing. “If you pay a fee to professionalise a search with an inde- pendent specialist that gives you a degree of comfort and will help you if the decision was unfortunately the wrong one,” he con- tinued. “You can then at least defend your- self in a much stronger way.” While process is key, the panel did however caution that this needs to be reasonable, with both RMs and clients’ expectations of requirements and timeframes clearly set so that only what is feasible is promised. As sev- eral of the experts argued, an environment has been created where people are often afraid to make a decision and so firms run the risk of becoming mired in “endless pro- cess” in CDD a way that is very unfair to the business and to RMs. “They are entitled to an answer,” one exec- utive said. “You should help them give all the information to the compliance officer and also realise that not making a decision is making a decision.” To this end, the pan- ellists noted that firms increasingly ask new recruits to spend time with compliance to better understand their processes and priorities; including compliance officers in client-facing scenarios is also known. Interestingly, onboarding/CDD technology providers have also highlighted that forward- thinking institutions tend to approach imple- mentations by overhauling their policies and processes collaboratively from the start (often convening multi disciplinary working groups drawn from several markets). As well as streamlining workflows, wealth managers have been known to eradicate up to 100 un- necessary data points and scores of unnec- essary pages of forms from their onboarding processes this way. The experts also highlighted the impor- tance of fostering positive relations if interdepartmental Service Level Agree- ments on turnaround times/data capture are in place. Arguably more important, however, is the significant goodwill need- ed to develop the standardised “golden processes” in compliance global wealth managers now pursue. Arbitrating be- tween different jurisdictions and compet- ing internal interests is no easy task. As Emma Radmore affirmed: “Globalisation is only possible with collaboration and understanding of the whole business”. STEPPING UP MEDIA SCREENING They [RMs] are entitled to an answer. You should help them give all the informa- tion to the compli- ance officer and also realise that not making a decision is making a decision. DAILY FIGURE 10: How often are clients fully rescreened at your firm? 50% 45% 40% 35% 30% 25% 20% 15% 10% 5% 0% Low-risk Medium-risk High-risk clients WEEKLY MONTHLY QUARTERLY SIX-MONTHLY ANNUALLY 13% 49% Already daily Yes No FIGURE 11: Would you be in favour of your institution fulling screening all clients daily? 38%
  • 31.
    31SECTION 3 –HOW NEW TECHNOLOGIES AID BEST PRACTICE As Figure 10 shows, wealth managers vary widely on how often they fully rescreen their clients: almost half are rescreening low-risk clients in full only once a year and just 14% daily; most will run full checks on high-risk clients monthly and 19% daily. Policies and procedures clearly differ very much across the industry. What level of rescreening frequency con- stitutes best practice is obviously highly dependent on the resourcing in place, the institution’s risk tolerances and the char- acteristics of its client base. Further com- plicating the picture, watch list and media screening typically bifurcate in frequency. “For the first we see a lot of banks doing it daily and some weekly; in contrast, for me- dia searches and the more exhaustive due diligence they are doing it every twelve months because they are very labour inten- sive,” Tonchia said. “This is exactly the pro- cess we want to automate with smartKYC, so firms can do the daily or weekly media checks too.” Contributors to this report confirmed that in some parts of the world their institution media screens clients daily, but elsewhere this is limited to PEPs only. Correspondingly, only a tenth of respondents said that media checks were their firm’s greatest priority. As Figure 13 illustrates, media searches are way down the list of wealth managers’ current priorities. There is a strong appe- tite for increasing the frequency with which clients are fully screened, however - this meaning overnight for many. In the near term, 42% of institutions plan to increase the frequency of fully screening their client books in the near term. Almost half (49%) of respondents would favour daily screen- ing of all their institution’s clients, adding to the 14% of institutions for which this is already the norm. Tonchia sees wealth managers increas- ingly coming to the realisation that in to- day’s 24-hour news, social media imbued society, media sweeps may be the fastest means of finding out if danger signals have emerged – making them a very important, if apparently somewhat under-used, risk management tool. “The media is far richer than watch lists, which means you can ac- cess more subtle gossip that might whisper a red flag in your ear,” he said. This, as the panel observed, allows firms to be far more proactive in protecting themselves. “We want to find anything relevant - not just from a formal KYC perspective, but from a reputational risk perspective,” said Dominic Crabb. “It might be that an indi- vidual isn’t on any sanctions list, but yet still isn’t someone we want to be associated with, or they may have been summoned, but not yet brought to court. We’d be look- ing to pick that up.” As well as bringing this risk management closer to real time, more regular media screening also helps relationship managers stay closer to their clients by catching posi- tive news. “You might find a commercial op- portunity because something interesting about your client emerges overnight in the press, like them having sold a business,” said Tonchia. “With our tool you can make media screening faster, and more or less automatic, to get compliance, operational and business benefits at the same time.” The objections of respondents not in favour of daily screening tended to centre on the misapprehension that they would then be dismissing red flags over and over daily, which of course is not the case. Technology providers are evidently creating a great deal of customisability in terms of aligning sys- tems with individual firm’s risk parameters. In an ever-shifting regulatory and geopoliti- cal environment, the ability to reflect chang- es in compliance policies and procedures easily within IT is essential. As discussed on p18, a degree of “fuzzy matching” is desir- able in searches, but optimal sensitivity lev- els may need to be refined over time, with flags up or downgraded according to sense or policy. Those fearing that more frequent screen- ing may create extra work will also be reas- sured to know that new generation software is designed not only to reduce workloads through automation, but also to smooth them by allowing tasks to be scheduled according to priority and resourcing. “We give banks a way to balance their re- views so they can structure daily reviews to fill gaps in other work or hold the refresh if everyone is busy,” said Tonchia. “Or, be- cause most of it is automatic, you could instruct the system that investigating some- one who was green and is now amber be postponed for a week or so. You can tweak the queues to balance the workload much better.” AUGMENTATION, NOT REPLACEMENT The technologies discussed in this report have very impressive capabilities, par- ticularly in automating previously manual searches and Straight-Through Processing. However, the technology specialists and wealth managers alike were keen to em- phasise that technology should only ever be seen as ameliorating expertise. This is a message that should also be replayed to secure staff buy-in for new ways of working, it was said. “This has always been an intelligence task and clearly the more tools you have, the easier it is,” said Spiers. “But then you still have to have someone at the end of the process who has a knowledge of the risk tolerance of the bank, the type of clients they want to take on and who can decide yes or no.” “We are not trying to substitute human judgement with our tool, but to make it easy for compliance officers to exercise their judgement based on automati- 50% 10% 10% Source of wealth/source of funds Watch lists Adverse media Connections to sanctioned countries FIGURE 13: Which checks are the greatest priority for your institution? 30% 13% 42% Already daily Yes No FIGURE 12: Does your firm plan to increase the frequency of fully screening clients in the near term? 45%
  • 32.
    32 Towards TrueKYC: Technological Innovations in Client Due Diligence cally organised and relevant facts and information,” added Tonchia. “It’s about having an intelligent slave.” To illustrate, he explained that in a cutting-edge pro- cess thousands of documents in multiple languages are scanned in minutes; then, after semantic analysis of all text referenc- ing an individual or corporate entity all sen- tences with red flags are extracted. “This allows analysts to apply their human intelligence to critical sentences rather than just be lost in a haystack of Google results they can only randomly sample rather than process sources exhaustively,” said Tonchia. “No tool can replace human knowledge and corroborating capability, but they can certainly augment the abil- ity and the bandwidth of humans, thereby reducing the risk of missing critical cues.” ENHANCING THE CLIENT EXPERIENCE As well as rising compliance costs, the in- dustry is also lamenting the detriment to the client experience caused by increased regulation: 54% of wealth managers be- lieve that extended questioning and evi- dencing has had a negative effect on the onboarding experience; 52% say conver- sion times have been significantly slowed by additional regulations over the past five years9 . Notably, for 11% of participants in this study, the deleterious effect on the cli- ent experience is the most frustrating part of the due diligence process. Gathering the necessary information and documentation for CDD to take place is of course at the sharper end of the on- boarding process and there is little that wealth managers can do about the number of boxes that need to be ticked. What they can do is try to make the process as fast, smooth and beneficial to the relationship (on both sides) as possible, the panel said. Onboarding clients as speedily as – com- pliantly - possible is key to improving their experience, but moreover in preventing dropouts due to frustrating delays. Wealth- Briefing research has found that seven in ten wealth management professionals worry about clients dropping out during the on- boarding process - and it is little wonder. According to Roopalee Dave, clients who are individual/joint and are not PEPs should have their accounts reviewed and opened within days. Yet for 35% of firms, onboard- ing a non-complex HNWI takes 5-10 busi- ness days on average, with matters very much more drawn out elsewhere. For 5%, onboarding a HNW client is expected to take over 41 days and timeframes are slight- ly longer still for corporates10 . THE NEED FOR SPEED The speed of onboarding is not entirely within institutions’ control, due to delays in receiving documentation or clarifica- tions from clients, yet there are strong driv- ers for firms to optimise processes as far as possible their side. “There is increased pressure on wealth managers to open ac- counts quickly based on other firms being perceived as quicker,” said Dave, adding that this means operations teams increas- ingly have to manage tension between the risks to the institution versus efficiently taking on clients. Onboarding enhancements can clearly be a very powerful differentiator among certain client segments, the panel noted, meaning that this should be a real focus for international wealth managers likely to be dealing with UHNWIs with PEP consid- erations. As Isaac observed, because such clients expect a cumbersome process, delivering a relatively pain-free, speedy ex- perience becomes a key differentiator. “This means that strategically for players here in Switzerland, whether they are banks or fidu- ciary, it is increasingly important to be able to onboard PEPs in a smooth way,” he said. An even more important consideration are investor visa clients. In this regard, there may be said to be an element of tension caused by the fact that governments are offering visas in exchange for investment, but it is institutions that must bear the risk in terms of checking that money’s legitimacy. Rightly or wrongly, the burden is on wealth manag- ers however, and those courting this kind of business can afford no errors when clients may have a lot depending on a successful and speedy account opening. As one senior executive said, clients can become “very an- gry and litigious” if mistakes are made in the handling of their visa arrangements. This is perhaps one valid reason for firms to err on the side of caution if they foresee trouble ahead with certain clients. On the flip side, having the resources and experi- ence to manage the process well and quick- ly onboard legitimate business is a powerful marketing message many firms will be keen to get across. REDUCING DOCUMENTATION HEADACHES As part of expediting onboarding and im- proving the client experience, a growing group of wealth managers internation- ally are focusing technology investment on reducing the endless to-and-fro of documents onboarding can entail with in- novations like digital signatures and online document vaults. They are also working on ways to ensure that the maximum ground possible is cov- ered in meetings to fulfil both the softer and harder elements of client discovery. “The nirvana is to have marketing and compliance covered off at the same time, with the RM saying ‘I want to know about you and the money because I want to provide you with the best service I can’,” said Spiers. “Skilled relationship managers can elicit all this information as part of the natural client conversation.” RAMPING UP REVENUES As panellists pointed out, getting to know your prospective client as well as pos- sible during onboarding generates many opportunities to find out something useful about their needs, align this with the wider offering and offer better advice. “There’s absolutely potential to garner compliance and marketing-related information at the same time,” said John Whick. “The KYC procedure is a great opportunity to find out how much wealth there is in total, for example.” This allows analysts to apply their human intelligence to critical sentences rather than just be lost in a haystack of Google results they can only randomly sample rather than process sources exhaustively. This means that strategically for players here in Switzerland, whether they are banks or fiduciary, it is increasingly important to be able to onboard PEPs in a smooth way.
  • 33.
    33SECTION 3 –HOW NEW TECHNOLOGIES AID BEST PRACTICE WealthBriefing research has long been focused on the simultaneous compliance, operational and business benefits institu- tions are seeking from their technology in- vestments. Rather than compliance just be- ing seen as a cost centre, wealth managers areincreasinglylookingtosqueezeaddition- al revenues from it: 69% of wealth managers see clear synergies between compliance reviews and the sales process11 . While relationship management skills are paramount, firms are turning to technol- ogy to foster the compliance/marketing “nirvana” in onboarding, tightening up processes and leveraging all the informa- tion advantages at their disposal. At the beginning of the client lifecycle, those that have made onboarding enhancements are using dynamic forms to ensure no crucial elements of compliance information are missed or incorrect (avoiding embarrass- ing repeat requests). Throughout, they are looking to make it easier for RMs to contin- ually deepen the institution’s understand- ing of client, using technology to ensure no useful insights are lost. With RMs at 79% of firms carrying out initial screening on prospective clients, system- atisation and automation here are not just about efficiencies or risk management. Be- ing able to carry out more comprehensive screening with very little time investment (or expense) can help RMs optimise their conversations with clients. “The healthiest way is to do as much re- search as possible at a very early stage because that internal process will first help you decide if it’s worth pursuing someone who might be controversial,” said Tonchia. “But also the more information you have the more you can structure the discussion to extract important information earlier in the cycle. You get a lot of interesting com- mercial discussion points and probably connect better.” Frequent media screening of clients could yield new opportunities to do business as well as highlighting adverse news – and the same degree of process can be applied by linking compliance monitoring to CRM and task lists. So, if a client has sold a business, RMs may be prompted to make sugges- tions for that liquid money or to start further compliance checks if required. What hap- pened with those conversations and checks can then flow back and forth through all systems and repositories of record. PROTECTING DATA PRIVACY Firms having to hold such large amount of very sensitive client data means that data security is top of the agenda for clients, in- stitutions and regulators. Arriving at the correct procedures is a chal- lenge in itself as there are many complexi- ties in the interplay of data protection and privacy legislation and regulation (both within individual jurisdictions and cross- border). Then, institutions have to consider the ever-changing cyber-security threat. We have seen attacks take many forms: The Hong Kong Monetary Authority regu- larly warns of fake websites set-up to steal private financial details, while a 2015 cyber- attack in the US affected 76m accounts and even the IRS has been hacked. As a sign of growing fears, in the second half of 2015, 46% of UK financial firms cited cyber risks as a key concern, up from 30% in the first half12 . Security concerns actually remain even when everything is kept in-house, ex- plained Tonchia, since searching the in- ternet “by hand” leaves many electronic traces that may be valuable to those with nefarious intent – and it should always be remembered that in many countries HNWIs’ privacy concerns are of the most serious kind. “Latin American clients are very concerned about security and are re- luctant to provide information for totally reasonable reasons,” said Kirby. Significantly, around a fifth of the respon- dents who said that detriment to the client was their biggest source of KYC frustration cited data privacy specifically. Here again new technologies can help. “Wealth managers are wrestling with cov- ering your traces. If you Google an indi- vidual’s name the conversation is essen- tially public and that automatically puts the name of your client on the street,” said Tonchia. “We implement technology to anonymise those searches so that even if they come from the bank’s domain and go out of your firewall, you strip away your ID and IP address.” Furthermore, having analysts searching thousands of documents and data sources gives rise to inbound security concerns which this technology also tackles. “When you retrieve a document you ensure noth- ing toxic gets back within your firewall. If you only give back clean text that can’t hurt you, but if you were to take back an entire binary file it could be a serious threat to your sys- tems,” Tonchia continued. “The security el- ement of screening is about protecting your identity when you go outside and protec- tion in getting stuff from outside, in.” Crucially, cybercrime insurance experts have also warned financial institutions that they are likely to have lots of data that is not strictly related to professional services and which therefore may not be covered by Professional Liability Insurance. To further underscore the imperative to guard client/prospect data zealously, there also is a grey area around how far PLI ap- plies to negligence in data breaches and whether it covers the costs of handling and remedying the breach. It seems that some policies may only cover services provided to actual clients, possibly leaving institutions liable for negligence payouts. Worryingly, in the US at least one class action lawsuit over a data breach has included applicant clients. Responses on the issue of detriment to the client experience/relationship brought data security worries to the fore. According to a recent appraisal of global corporate security standards by EY, such concerns are manifestly justified13 . • 88% of corporates internationally admit that their information security provision is inadequate • 54% do not currently have a role or department in their information security function that is focusing on the impact of new technologies • 36% doubt that they would even be able to detect a sophisticated cyber-attack DATA SECURITY CONCERNS The security element of screening is about protecting your identity when you go outside and protection in getting stuff from outside, in.
  • 34.
    34 Towards TrueKYC: Technological Innovations in Client Due Diligence CONCLUSION Like previous WealthBriefing studies on other elements of the onboarding piece, this report on client due diligence proce- dures was an attempt to shine a light on an increasingly chal- lenging, yet hitherto relatively under-investigated, element of wealth management operations. Here again, institutions’ ex- periences are proving widely divergent. But while each is ex- periencing its own unique struggles surrounding CDD, across the sector these can be seen to be underpinned by a handful of key themes. It hardly needs to be said that an unrelenting pace of regula- tory change has become very much the norm for the wealth management sector globally, and in many ways CDD is a nexus between all the national, regional and supranational regulations firms are having to adapt to. New rules on market conduct, corporate governance and client protection are in- creasing screening and reporting requirements in a number of cases, while there are also a number of very significant changes relating specifically to CDD now in play or soon to be imposed. The regulatory burden has been weighing increasingly heavily on wealth managers in recent years, with sweeping overhauls of policies and procedures necessary for many and significant remedial work for still more. Tackling the ensuing drag on ef- ficiency and profitability - not to mention the inevitable drain on corporate energy – has kept technology investment at the top of the agenda. As our recent research has shown, wealth managers are increasingly turning to technology as something of a saviour in coping with the compliance challenge. This research chimes with many other studies highlighting the very real resourcing challenge wealth managers face in CDD. Compliance personnel with the requisite knowledge and ex- perience to be able to tackle the thornier regulatory, legal and ethical issues are a rare enough resource; those with the kind of in-depth technological knowledge that is increasingly called for are scarcer still. Add into the mix the very serious personal (and perhaps even criminal) liabilities that senior compliance officers will be asked to bear for decisions in CDD and it is easy to see why a war for talent is pushing compliance remuneration dramatically up. The challenge of finding, funding and retain- ing top compliance expertise is one most firms will be grap- pling with today. Technological tools which optimise the use of their time are naturally a key focus and it is clear from the results of our survey that CDD is an area ripe for improvement in a number of ways. While technology can never supplant the application of hu- man intelligence in such a highly-nuanced area as CDD, us- ing it as an “intelligent slave” ensures that human expertise is deployed where it will have most impact. The vast majority of clients present no issues from a due diligence perspective and maximising automation allows compliance officers to focus on the “tough cases”, reducing the very serious risks inherent in making the wrong onboarding decisions. At the same time, the better use of technology makes it more likely that all legitimate business that can be taken on, is. Com- pliance officers play a crucial role in both protecting and grow- ing wealth management businesses, and the new technologi- cal tools discussed in this report are designed to fulfil the same (often tricky) dual remit. In broad terms, the digitalisation of client onboarding is about converting cumbersome processes mired in duplication into efficient, beneficial experiences for all sides. As this report has argued, CDD is an area where technological enhancements can deliver perhaps the most powerful, multi-faceted benefits of all. WealthBriefing, EY and smartKYC would like to extend their warmest thanks to all the wealth management professionals and CDD experts who were kind enough to contribute to this report. As ever, feedback on any of the issues that emerged or ideas for further investigation would be most welcome. Wendy Spires Head of Research WealthBriefing wendy.spires@wealthbriefing.com
  • 35.
    REFERENCES NUMBER SOURCE 1 Technologyand Operations Trends in Wealth Management 2015 - WealthBriefing/Advent Software 2 Morgan McKinley, June 2015 3 LexisNexis Risk Solutions Future Financial Crime Risks Report 2015 - https://www.tracesmart.co.uk/news/banks-reach-tipping-point-in-fight- against-financial-crime-reveals-new-report-from-lexisnexis-risk-solutions-and-the-bba 4 Ibid 5 Technology and Operations Trends in Wealth Management 2015 - WealthBriefing/Advent Software 6 Ibid 7 Converting Compliance Challenges into Business Benefits: Optimising Client Onboarding in Wealth Management - WealthBriefing/Appway 8 LexisNexis Risk Solutions Future Financial Crime Risks Report 2015 9 Converting Compliance Challenges into Business Benefits: Optimising Client Onboarding in Wealth Management - WealthBriefing/Appway 10 Ibid 11 Ibid 12 The Bank of England’s Systemic Risk Survey 2015 13 Global Information Security Survey 2015, Creating trust in the digital world - EY