Perpetual KYC — keep on top of client monitoring
May 23, 2022 by Cecile Monico
Perpetual KYC (pKYC) is a smarter version of the standard KYC.
It takes a proactive approach by creating a digital profile of a customer and dynamically refreshing its associated data in response to specific triggers. Data accuracy and time-to-capture are central to the activity. Also, when the bank’s customer changes one or more of their data points, it’s an ideal opportunity to update their risk scorecard.
When the traditional customer data review is triggered on a set, periodic calendar basis (e.g., every 1, 3 or 5 years depending on the initial risk level calculated for a customer), pKYC monitors and amends the risk level for every change of data on this specific client. Each new piece of information triggers a review of the KYC situation on an automated workflow basis. Only complex data (as determined by each bank) requires human intervention, and a manual KYC and risk process to be run. That way, the customer’s risk level is always up to date, but there are key criteria for success.
There are many aspects to consider when transitioning from periodic KYC to the smart review. The bank needs to work on streamlining its activities and adopting a digital operating model. This is not just about which systems are best for the bank’s setup. It also depends on how fungible they are and how the bank connects them together — the data flow has to be fluid and to achieve fluidity end-to-end connectivity is essential.
Also, customer data would likely come from a broader range of sources. So, it would need to be qualified, sorted and aggregated for accuracy in an automated and real-time manner. Any delay would create inefficiency in the pKYC review.
Another aspect to consider is the change of the capacity model for the bank’s operations teams. The standard periodic KYC cadence is predictable, so the required team capacity can be calibrated based on the bank’s client base and their usual productivity. However, pKYC triggers an unpredictable volume of work as it depends on any new information on the customer, which can come up at any time of the client life cycle. Therefore, the operations capacity model needs to be thought through carefully. Operations teams also need to be trained in the new process. They must understand when to intervene and add value with a deeper analysis of the situation.
The bank would have to determine under which criteria the KYC requires human intervention, and new principles would have to be reviewed and accepted by every function in the KYC chain — operations, risk, compliance and so on. End-to-end acceptance of such a lean and automated process is a fundamental element of success.
By adopting pKYC, the bank will meet the regulator’s expectations, constantly maintaining risk monitoring. Traditional periodic KYC — refreshed every 1, 3 or 5 years, depending on the perceived level of the risk to the client — leaves quite lengthy gaps in the bank’s risk monitoring. And that could put the organization at risk of financial crime exploitation, breaches or regulatory actions.
In simple terms, the regulator wants banks to take a more proactive and robust approach, maintaining and monitoring client risk by recording accurate and up-to-date information. Having KYC done in a more dynamic way would secure the risk monitoring, streamline processes and ensure that the bank is continually focused on KYC.
Implementing pKYC allows the bank to reduce operational costs through automation by, either, focusing resources on more added-value tasks, or reallocating them to where the predicted client risk is highest. As such, automation becomes a practical tool for accelerating processes and enabling the human task allocation.
pKYC is also the perfect opportunity to reassess the bank’s risk appetite. It requires a strong, structured, change management program; a single, ideally central, end-to-end banking solution based on a digital operating model. A key aspect of the business case is around the avoidance of risks and enhanced monitoring of the bank’s engagement.
However, the sales function is also at the heart of the business case. pKYC added value can be extended beyond risk monitoring, using changes in client data to contact the client and explore new opportunities. This only makes sense for the relevant change of data though. The front office and sales function would benefit from knowing their clients better — their objectives, changes in their situation or changes in client segment or tiering. And based on a relevant change of data, sales professionals could upsell or cross-sell services to the customer.
At the moment, there’s no pKYC one-off tool. There are some tools that enable perpetual KYC as part of the workflow. But, what a bank wants is more of a combination of tools based around its existing architecture, data, resources and use cases. The RegTech market is full of firms offering the full range of services — from broad to niche — so, selecting the right tool combination could be central to the success of a transformation program.
Upscaling the KYC process to pKYC is a long, challenging transformation program involving every bank function, but it is worth the effort from a risk, operations and human perspective. Make pKYC an incentive rather than a constraint. Leverage this mandatory process and increase the quality of the customer experience.