The KYC burden on corporates
A centralized approach to manage KYC
It is mandatory for financial institutions to investigate whether cash is being used for money laundering, financing terrorists and criminal activity. Criminals exploit any situation to pursue their damaging activities and the recent increase of cybercrime shows that the COVID-19 situation is no exception. The purpose of KYC (Know Your Customer) is to protect the global financial system from being used for fraudulent activities. Banks play a key role in identifying suspicious transactions. To determine whether a transaction is suspicious, banks need to know their clients and their possible changed activities. The flip side, however, is that the KYC burden on corporates has already increased since the previous (financial) crisis. Will the KYC burden further increase or are there ways to release the burden?
Corporates can benefit from a centralized and standardized KYC process
In recent years, multiple global cash management banks have been subject to significant regulatory fines due to weaknesses in their anti-money laundering controls. To avoid fines in the future banks have enhanced the collection of information on their client relationships, even collecting more information than necessarily by law. This has resulted in a very inefficient and time-consuming compliance process for both the bank as for the corporate.
As a result of the intensified KYC process, it can now take three to six months to open a new bank account. Moreover, existing accounts are sometimes blocked by banks because information is not being provided by the corporate during KYC renewals and bank accounts are sometimes closed by corporates in order to reduce the KYC burden. Corporates can benefit from a centralized and standardized KYC process. In addition, the KYC burden can be further mitigated by leveraging on technical innovations in the market which automate the KYC process.
Increased scrutiny of KYC processes
KYC is the process established to identify and verify the identity of customers. Following the classification of SWIFT, KYC requests from financial institutions to corporates can be divided into four main categories: identification of the customer, ownership and management structure, type of business and client base, and tax information. Most KYC requests are received by corporates when entering a new banking relationship and opening new bank accounts. However, regular review and reconfirmation of KYC information is usual and changes at the bank or corporate side can result in new KYC requests.
As a result of the financial crisis, regulatory authorities introduced an increasing number of multi-jurisdiction anti-money laundering regulations and sanctions. This resulted in substantial regulatory fines for banks. Consequently, banks reacted by increasing scrutiny of their KYC processes. The KYC process between banks and corporates has become increasingly complex and time-consuming. A survey carried out by SWIFT and EuroFinance last year indicated that 93% of finance and treasury professionals found KYC more challenging than five years ago.
Absence of standardization
The more challenging KYC process is not only caused by increased regulation, however. It is also due to the conservative approach taken by banks to avoid further fines. Banks request more information than laws and regulations require. In addition, banks and even branches within the same bank ask the same information in different ways and at different times.
This is partly due to local regulatory requirements in different jurisdictions. But it is also a result of the bank’s or branch’s individual KYC policy, interpretation, and lack of guidance of the application of regulations. Consequently, to avoid additional work and providing additional information, which is not required by law, it can be worthwhile for a corporate to push back and challenge banks on certain information requests.
The absence of standardization in the KYC compliance process makes it very inefficient, time consuming and costly. These challenges slow down the bank account opening process. In a survey carried out by SWIFT and EuroFinance last year, some 28% of the polled treasurers indicated to have at least once abandoned the account opening process because of KYC. In addition, the survey also showed that 53% of the respondents had performed bank rationalization due to the KYC challenges. Furthermore, KYC renewals could also lead to a bank freezing an account because the corporate has not (yet) been able to provide certain information.
Trends in KYC
In the future, banks will scrutinize their clients more closely since regulatory authorities will continue to implement new regulations and directives. Since the fourth EU Anti-Money Laundering Directive (4AMLD) came into force in 2015, it has already been followed by the fifth (5AMLD) and sixth (6AMLD). The European Union (EU) seeks to improve the supervisory system and improve the enforcement of the rules. The EU acknowledges that current regulations are not defined sufficiently and leave room for jurisdictions’ own interpretation. As a result, new directives will be introduced to complement and reinforce current regulations. To improve the enforcement of the regulations, the EU is also considering introducing an independent supervisory body.
There are multiple initiatives in the market to reduce the KYC burden. Banks are working on platforms where clients can upload their documentation, which decreases the number of e-mails going back and forth from the individual banks’ branches to the corporate.
Meanwhile, third parties are also developing KYC solutions. For example, SWIFT has extended its online software application – used by banks for KYC information exchanges – to corporates. Known as the KYC Registry, it enables SWIFT-connected corporates to share the required KYC documentation in a global platform with connected banks. This again streamlines the data collection process. The main benefits for corporates are that the KYC Registry is managed by SWIFT – which is a trusted third-party cooperative – and that SWIFT collaborates with multiple corporates and banks. The goal of the latter is a standardized format of most information that each bank connected to KYC Registry accepts.
Lastly, embracing technical innovation could mitigate the KYC burden even further. For example, application programming interfaces (APIs) enable applications to communicate with each other with minimal human intervention. APIs can be programmed to automatically retrieve KYC information out of a corporates’ treasury management system or a third-party tool and send towards banking platforms.
Since the KYC compliance process between banks and corporates has become more complex and time-consuming, it is of added value to have a clear KYC management process. Treasury departments should create an open dialogue with their cash management banks and manage the bank relationships carefully.
One way to manage KYC is through a centralized approach.
The advantage of a centralized approach is the establishment of a standardized KYC process for all subsidiaries and branches of the bank. For example, a corporate can agree regarding on a standardized format for the generic KYC requirements that are requested by each branch. On the mid- to long term, this reduces time spent on pushing back on requests from individual branches and providing documentation in a certain format that is not required by law. However, due to local regulations, per jurisdiction some additional documentation might still be required.
In addition, the treasury department should not only discuss what should be delivered but also investigate how this information can be delivered in the most secure and efficient way. Currently, most treasurers use e-mail to provide the requested KYC information. Treasurers should discuss with their cash management banks the possibilities of secured platforms that every branch can access or third-party tools that multiple banks can access. Besides the improved security and accessibility, these platforms can also improve the visibility for internal colleagues of the progress of the KYC process. Furthermore, treasurers should discuss with their banks which technical innovations are supported by the bank to automate the process.
Lastly, a corporate’s internal policies can make the KYC process more cumbersome by hampering or preventing treasurers from providing certain information. This is particularly the case for sensitive information. Therefore, to avoid delays in the KYC process caused by internal misalignment, treasurers should also create an open dialogue internally and discuss the required information needed from each department. Furthermore, internal stakeholders should be aware that opening a bank account can take up to six months. The implications of a delayed bank account opening on the business should be assessed.
Collaboration is required
The current amount of KYC requests from banks to corporates exceeds its purpose of protecting the global financial system from being used for money laundering, financing terrorist and criminal activities. A switch needs to be made from working hard and providing a lot of (duplicate) information multiple times a year to working smart and using technical innovation where possible.
Industry alignment and standardization of the KYC compliance process requires collaboration from all the stakeholders; regulators, banks and corporates. To further improve and make the KYC compliance process more efficient, third parties such as SWIFT should be involved to leverage on their technical innovation.