Financial Crime Risk Management Systems: Know Your Customer

This report is the first part of Chartis’ Financial Crime Risk Management (FCRM) Systems Market Update for 2018. The remaining parts – Enterprise Fraud Solutions, Watchlist/Anti-Money Laundering (AML) Solutions and Trade Surveillance Solutions – will be published later in the year. While previous iterations of our FCRM report included all four elements in one publication, this year we have separated them, to enable us to focus on the individual areas in more detail.

The phrase ‘Know Your Customer’ (KYC) may sound like a business school management course mantra. In financial services, however, KYC is an important, formalized process, one that has become more complex and workload-intensive in recent years. At its core, KYC is concerned with determining the accurate identity of a customer – a person or a company – and then assessing the risk to a Financial Institution (FI) of conducting business with that entity.

For FIs, the KYC process is now increasingly complicated. To verify a potential customer’s identity and examine their risk, KYC analysts must consult a vast, and growing, array of data sources.

Within retail KYC – which deals with individuals – these information sources include:

  • Lists of government-sanctioned entities.
  • Lists of Politically Exposed Persons (PEPs).
  • Registries of company ownerships and directorships.

Within wholesale KYC – which deals with firms – the information sources include:

  • Lists of government-sanctioned entities.
  • Lists of state-owned enterprises.
  • Company ownership and financial data.
  • News coverage of particular firms and entities.

Complicating things further, the exact information that an FI must consult and verify varies greatly across different regulatory jurisdictions. This means that a single, central KYC function may not be enough to deal with different rules around the globe.

With massive datasets to sift through – each with its particular regional quirks and requirements – the numbers of KYC staff FIs employ have risen rapidly. FIs are also becoming more concerned with the risk to their reputation of being accused of helping an entity evade sanctions, even indirectly. This has sharpened their focus on Know Your Third Party (KY3P) and Know Your Customer’s Customer (KYCC) – further pushing up the size of their KYC departments.

For years, technology solutions for KYC promised unrealistic results, but FIs are now re-examining how vendors can help them cut costs and improve their operational efficiency. Vendors are responding primarily with technical solutions augmented by large service components. In fact, we estimate that services now comprise a larger proportion of vendor revenue from KYC implementations, although technical advances have continued to provide a strong backbone for vendors’ KYC solutions. With this technology/services blend, vendors have focused less on replacing staff outright than on assisting FIs’ KYC employees by cutting down on menial tasks.

Vendor innovation is being driven by four key technologies and service models:

  • Workflow automation. Systems powered by Robotic Process Automation (RPA) and Artificial Intelligence (AI) that reduce much of the repetitive work that KYC analysts engage in (such as document and data retrieval).
  • Profile enrichment. Third-party data repositories that contain lists of sanctioned entities or details of company ownership structures. These reduce the time that employees spend searching disparate sources for the information they need.
  • Consortia and data sharing. An organized network of FIs, often anchored around a vendor that provides the requisite infrastructure.These FIs share information, so that customers onboarded at one FI can be assessed more rapidly for another institution.
  • Entity resolution and graph analytics. Systems to identify customers and prevent duplicate accounts or impersonation. Graph analytics aims to do this using networks to determine identities more precisely and confidently.

These models can apply in different areas of the KYC process, and the vendor landscape is highly differentiated. KYC vendors generally fall into one of the following categories:

  • Data providers.
  • Data hubs/anchors for consortia.
  • Entity resolution specialists.
  • Workflow specialists.
  • Packaged KYC providers.
  • Providers of enterprise financial crime solutions.

Faced with a complex market, FIs must carefully select the KYC components that suit their needs. They must also determine how to implement their chosen system – will they integrate the components themselves, contract an implementation firm to stitch it together for them, or choose an out-of-the-box KYC/financial crime solution? To ensure they make the right choices and meet their objectives, FIs must carefully consider the nuances of their KYC requirements and the offerings available.

Our recommendations for KYC vendors include:

  • Develop services partnerships. Due to FIs’ use of implementation partners, component vendors should ensure they build the links that put them on major consultancies’ radar screens when searching for new solutions in their respective KYC systems.
  • Improve systems integration. In the same vein, vendors should bolster their solutions’ capacity to work seamlessly with other KYC components, as well as core banking systems. This will strengthen FIs’ KYC workflow and boost their solutions’ appeal to FIs and implementation partners.
  • Deepen services offerings. Work to provide better services – like rules suggestions – within their KYC solution. For example, offer solution extensions that interface with external services such as Dun & Bradstreet for profile enrichment.
  • Offer proof points. Assure FIs and implementation partners of their solutions’ strengths now that systems are able to hit the targets for false positives reductions and onboarding times that previously proved unattainable.

This report uses Chartis’ RiskTech Quadrant® to explain the structure of the market. The RiskTech Quadrant® uses a comprehensive methodology of in-depth independent research and a clear scoring system to explain which technology solutions meet an organization’s needs. The RiskTech Quadrant® does not simply describe one technology solution as the best risk-management solution; it has a sophisticated ranking methodology to explain which solutions would be best for buyers, depending on their implementation strategies.

This report covers the leading providers of KYC solutions: Accuity, Arachnys, BAE Systems, Booz Allen Hamilton, EastNets, Equiniti, Fenergo, FICO, Fiserv, IHS Markit, iMeta, Intellect Design, LexisNexis Risk Solutions, Manipal Group, NICE Actimize, Oracle, Pega, Pitney Bowes, Quantexa, Safe Banking Systems, SAS and Thomson Reuters.