BANKS: DUE DILIGENCE & COMPLIANCE.
COMBATING FINANCIAL CRIME:
3 focus
areas for banks to achieve more effective and efficient customer due diligence
KPMG 2019
 |
Banks around the world are
spending billions to improve their financial crime management. Yet the number
of fines and sanctions being imposed on banks is still increasing. What will
it take to achieve efficient and effective customer due diligence?
|
|
https://home.kpmg/xx/en/home/insights/2019/03/combating-financial-crime-fs.html
|
|
KEY CONTACTS
[1] [The
KPMG Approach]
One would be hard-pressed to suggest that banks
are ignoring the need for better CUSTOMER
DUE DILIGENCE. Indeed, according to a recent Forbes article, some banks
spend up to US$500 million each year in an effort to improve and manage their Know-Your-Customer (KYC) and Anti- Money
Laundering (AML) processes. The average bank spends around US$48
million per year. In the US alone, banks are spending more than US$25 billion a
year on AML compliance.
With this much investment going into customer
due diligence processes, one would think that the number of fines and sanctions
imposed on banks would drop. But quite the opposite; our research
suggests that the number of fines and sanctions has actually increased
over the past 3 years. In the US, where regulators are among the world’s most
aggressive in imposing fines and sanctions, banks have been hit with nearly
US$24 billion in non-compliance fines since 2008.
It’s not just big fines and the possibility of
sanctions that worry bank CEOs and boards; most also now recognize that
inefficient AML and KYC processes also lead to lower productivity (due to
significant re-work requirements), greater government scrutiny (in cases where
problems persist) and the potential for decreased customer satisfaction.It’s
not just big fines and the possibility of sanctions that worry bank CEOs and
boards; most also now recognize that inefficient AML and KYC processes also
lead to lower productivity (due to significant re-work requirements), greater
government scrutiny (in cases where problems persist) and the potential for
decreased customer satisfaction.
[2] BUILDING MATURITY
Our recent surveys and experience working with
leading banks around the world suggests that many banks currently display a
‘fundamental’ level of maturity when it comes to customer due diligence: they
have a defined policy that is aligned to regulation and is well communicated
within the business.
But the policy is often poorly executed operationally.
Banks with a fundamental level of maturity often find themselves doing
significant re-work and manual data entry.
Some of the more advanced banks have achieved an
‘evolving’ level of maturity. They also have a defined and aligned policy. But
their policy is supported by effectively managed processes and procedures.
Organizational structure is well established. Roles and responsibilities are
clear and technology is being applied to improve KYC operational management.
However, our experience suggests that most banks
are looking for ways to be ‘transformational’ in their approach to customer due
diligence. They want to make their policies actionable and embed them in the
culture by creating a set of business rules with traceability that allows them
to easily identify the impact that any changes to the policy may have on
operations. They want processes and procedures that are well defined across
customer onboarding, client refresh and screening. They want self-service
capabilities that allow customers to easily update their KYC and AML data
through multiple channels.
[3] GETTING BETTER
When we work with financial institutions to help
achieve this type of transformational maturity, we often start by helping
decision-makers think about the four key components of customer due diligence.
1.
Policy and risk
management: Every good AML
or KYC process is underpinned by relevant laws, regulations and company
policies. The more mature organizations, however, are able to identify the
linkage between AML and KYC policies, data requirements, underlying processes
and technology. And that allows them to quickly identify how any changes in
their policies will influence the wider AML and KYC ecosystem.
2.
Processes and
services: Most banks
now continuously monitor their customers throughout the life cycle with
event-driven reviews and specific actions triggered at specific times. The more
mature organizations are also working to reduce unnecessary customer outreach
by creating bespoke customer due diligence portals that allow customers to
perform their own profile maintenance. Some are also now using ‘search before’
contact models that harvest publicly available data from third-party
sources.
3.
People and
organization: Relationship managers
are too valuable to have their time soaked up collecting customer data and
conducting manual reviews. That’s why the more mature organizations are now
starting to create specialized delivery centers that allow 24/7 access to deep
pools of talent at an optimized cost. This allows them to bridge existing gaps
in the end-to-end process, centralize resources and focus employee skill
sets.
4.
Data, technology and
analytics: Many banks are struggling with siloed,
duplicative and inconsistent data, which means their ability to search and
access sources is limited. The more mature organizations are creating data
models and dictionaries that can serve as the master source of requirements and
business rules. Some of the more advanced organizations are now exploring how
they can leverage their AML and KYC data to unlock new customer insights that
can help influence both product offerings and risk decisions.
The path to efficient and robust customer due
diligence is never-ending. Banks will need to continue to invest into newer
technologies and processes if they hope to remain ahead of regulator and
customer expectations.
[4] THREE FOCUS AREAS FOR TRANSFORMATIONAL
CUSTOMER DUE DILIGENCE
1.
Optimize KYC business operations to reduce the
total cost of KYC compliance
1.
Implement a
data model/data dictionary to capture all required data elements, requirements
and business rules based on entity type.
2.
Define data
lineage between policy, business rules and technology to ensure alignment with
policy and to easily understand the impacts of policy changes.
3.
Leverage
technology solutions (e.g. workflow/case management) and client channels to
automate the processing of KYC cases, thereby reducing time and improving
operations efficiencies.
4.
Ensure the
right skilled people are undertaking the right activities in the right way
(e.g. sourcing options).
5.
Know your
customer better through relevant data collection
2.
Enhance the
customer experience for onboarding and refresh
1.
Improve the
customer experience and enhancing the KYC data collection processes by
leveraging clearly defined data requirements and business rules.
2.
Minimize
customer outreach by aggregating publicly available customer data.
3.
Provide a true
omni-channel experience by enabling self-service capabilities (e.g. portal,
mobile).
3.
Improve risk
management/financial crimes compliance by assessing and monitoring KYC client
information for critical insights
1.
Use
evidence-based, robust and auditable processes.
2.
Conduct early
risk-based assessment through customer segmentation.
3.
Achieve quality
financial crime judgement rather than simply conducting a data collection
exercise.
[5] CASE STUDY: IMPROVING COMPLIANCE AND EFFICIENCY
When a large global financial institution wanted
to develop a solution to enable them to review tens of thousands of customer
records against their financial crime policy standards and within a tight
deadline, they knew they needed to move away from their existing approach and
develop a holistic process that would not only have a minimal impact on
customers but also provide a clear audit trail and deliver at the scale
required.
Working with the institution and the local
regulator, KPMG’s financial services and regulatory advisory teams designed and
implemented an end-to-end solution comprising new technology tools, hosted in a
secure cloud environment and an off-shore delivery center for customer outreach
and case reviews.
The solution improved the efficiency of customer data
collection through a new customer portal; codified regulatory and policy rules
into an operational workflow minimizing manual effort and provided detailed
management information on progress as well as insights into customer behavior
enabling continuous improvement throughout the project.
Not only can the institution now make more
holistic decisions supported by a fully auditable process, they have also cut
the compliance process time in half, unlocking significant operational
efficiencies and savings.
FOOTNOTE:
“Know Your Customer Will Be A Great Thing When
It Works.'' Forbes, July 10, 2018
“Anti-money laundering compliance costs U.S.
financial services firms $25.3 billion per year,'' LexisNexis Risk Solutions,
October 11, 2018
“Europe Goes Harder on Money Laundering With
Record ING Fine,'' The Wall Street Journal, September 4, 2018
© 2019 KPMG International Cooperative (“KPMG
International”), a Swiss entity. Member firms of the KPMG network of
independent firms are affiliated with KPMG International. KPMG International
provides no client services. No member firm has any authority to obligate or
bind KPMG International or any other member firm vis-à-vis third parties, nor
does KPMG International have any such authority to obligate or bind any member
firm. All rights reserved.
Member firms of the KPMG network of independent
firms are affiliated with KPMG International. KPMG International provides no
client services. No member firm has any authority to obligate or bind KPMG
International or any other member firm vis-à-vis third parties, nor does KPMG
International have any such authority to obligate or bind any member firm.
Link:
*********************************
AVISO AOS NAVEGANTES! Internet civilizada:
NOTAS DO EDITOR do Blog Ronald.Arquiteto e do Facebook
Ronald Almeida Silva:
[1] As palavras e números entre [colchetes]; os destaques sublinhados, em negrito e
amarelo
bem como nomes próprios em CAIXA ALTA
e a numeração de parágrafos – se
presentes nos textos ora publicados - NÃO CONSTAM da edição original deste documento (mensagem, artigo; pesquisa; monografia; dissertação;
tese ou reportagem). Os mencionados adendos ortográficos foram
acrescidos meramente com intuito pedagógico de facilitar a leitura, a
compreensão e a captação mnemônica dos fatos mais relevantes da mensagem por um
espectro mais amplo de leitores de diferentes formações, sem prejuízo do
conteúdo cujo texto está transcrito na íntegra, conforme a versão original.
[2] O Blog Ronald
Arquiteto e o
Facebook RAS são
mídias independentes e 100% sem fins lucrativos pecuniários. Não tem
anunciantes, apoiadores, patrocinadores e nem intermediários. Todas as publicações de textos e imagens são
feitas de boa-fé, respeitando-se as autorias e respectivos direitos autorais,
sempre com base no espírito e nexo inerentes à legislação brasileira, em
especial à LEI-LAI – Lei de Acesso à
Informação nº 12.257, de 18nov2011.
[3] A eventual republicação
de matérias de sites e blogs que vedam a retransmissão de suas publicações deve
ser considerada como ato proativo não doloso de desobediência civil (tipo Soft
Wikileak) em favor da Transparência Total e da Melhor Democracia na comunicação
privada e pública, no espírito e com base na LEI-LAI, visando apenas ampliar o
universo de internautas que buscam informações gratuitas na rede mundial.
[4] Para usuários de correio eletrônico - e-mail, Facebook e blog: O Emitente desta
mensagem é responsável pelas opiniões de sua autoria, mas não se responsabiliza
pelo conteúdo elaborado por terceiros, embora tenha agido com zelo e descortino
na seleção de textos e imagens que reproduz nas mídias citadas, evitando
propagar fakes e informações injuriosas ou ilegais. Cabe ao Destinatário cuidar
quanto ao tratamento e destino adequados da mensagem recebida, respeitando
sempre as normas do marco regulatório brasileiro da internet. Caso a pessoa que
recebeu esta mensagem não seja o Destinatário de fato da mesma, solicitamos
devolvê-la ao Remetente e apagá-la posteriormente. Agradecemos a compreensão e
a colaboração de todos quanto ao uso correto, ético e civilizado das mensagens
e documentos tramitados por meios eletrônicos.
RONALD DE ALMEIDA SILVA
Rio de Janeiro, RJ, 02jun1947; reside em São Luís, MA, Brasil desde
1976.
Arquiteto Urbanista FAU-UFRJ 1969-1972.
Especialização em Desenho Urbano e Planejamento Regional (Universidade
de Edimburgo, Escócia, 1981-83).
Registro profissional (1972-2012 = 40 anos) CREA-RJ 21.900-D
Registro profissional (2013 em diante) CAU-BR A.107.150-5
Ouvidor Nacional
das Competições da CBF (2003-2012)
Inspetor do GT e da
CNIE - Comissão Nacional de Inspeção de Estádios da CBF (2004-2012)
e-mail: ronald.arquiteto@gmail.com
Blog Ronald.Arquiteto (ronalddealmeidasilva.blogspot.com)
Facebook ronaldealmeida.silva.1
Nenhum comentário:
Postar um comentário