These are incredibly interesting – and challenging – times to be working in financial services or risk management/compliance in virtually any industry.  

A number of long-term trends seem to be accelerating:

• Regulators have dramatically increased the number of cases brought and size of penalties levied for violations of Anti-Money Laundering (AML) and Know Your Customer (KYC) due diligence requirements; 
• The costs of compliance continue to increase significantly year over year;
• The Covid-19 pandemic and related supply chain risks have added a new level of complexity and uncertainty to risk models, and;
• The drumbeat continues: improve efficiency and enhance customer experience.

In fact, all these factors underscore the urgent need to make changes in current KYC and risk management practices. More and more companies are concluding that it’s time to move to a more proactive KYC approach, transitioning away from the traditional practice of doing regular periodic KYC reviews and towards continuous KYC monitoring.

The Rising Cost of Compliance

Few would dispute the societal value of combating fraud, corruption, and money laundering, but the costs of doing so are not immaterial. 

In its most recent regulatory impact assessment, the U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) estimated the 10-year discounted cost of compliance at $700 million to $1.5 billion dollars (2016).  Approximately half that cost was estimated to fall on banks and other regulated financial institutions, and the balance on bank customers/clients.

In light of these compliance costs and the fact they continue to grow year over year without corresponding budgetary increases, an increasing number of companies are applying new technologies to automate their KYC processes.  

Automating KYC Processes to Manage the Cost of Compliance 

The average time required for a customer due diligence review of a medium-risk client is approximately 45 hours, according to a leading consulting firm. 

By automating more of the data collection and analytic processes, that time can be cut dramatically. Not to zero hours – there will still be time required to make direct contact with customers, suppliers, and others to gather data and verify information, but it will be far less time-consuming, which benefits customers as well. 

The benefits of a continuous KYC monitoring approach are not just in cost and time savings.  

FinCEN puts it this way: 

While the agency does not require it, FinCEN strongly encourages banks to conduct their customer analysis and monitoring on an ongoing basis. Such regular screening ensures that records are current and that any suspicious activity can be quickly monitored and flagged for law enforcement officials. Since banks are legally liable for any criminal activity associated with an account, they have a strong incentive to include regular monitoring activities in their compliance processes.

The European Banking Authority updated its CDD guidelines in 2021, revising them in response to industry feedback. The guidelines require EU banks to keep all customer information “up to date, with a view to understanding whether the risk associated with the business relationship has changed and to ascertain that the information that forms the basis for ongoing monitoring is accurate. 

Firms should determine the frequency and intensity of monitoring on a risk-sensitive basis, taking into account the nature, size, and complexity of their business and the level of risk to which they are exposed.”

Regulations in the UK are similar, mandating that banks maintain accurate information on customers and update their risk assessments if a specific customer’s circumstances change. 

A Continuous KYC Monitoring Approach

A continuous monitoring approach, using analytic tools to monitor a combination of internal and external data, can quickly identify material changes in a customer’s or supplier’s or business partner’s behavior or risk profile, bringing them to the attention of analysts, risk managers and senior managers for review.  And decision-making can be done more quickly with greater confidence and a deeper understanding. 

A frequent question from organizations evaluating KYC process changes is: “Won’t continuous monitoring actually create more work for our  operations and risk management teams by bringing more events, alerts, and status changes to their attention for review?”

In fact, a more automated KYC and CDD process will simplify the work of those teams, bringing much greater consistency to the process, auto-updating low-risk changes while escalating changes that need further analysis. 

The Benefits of A Continuous Monitoring Approach

One of the clearest advantages of continuous monitoring comes from using network generation and link analysis to evaluate your customers’ and suppliers’ associated network risk, evaluating a wide range of risk factors: where they do business, their suppliers and counterparties, their beneficial owners and top managers, relationships with politically exposed persons, supply chain routes, adverse news media coverage, ownership changes, and many more. All these data points allow you to reassess customer and supplier risk scores in real-time.

Based on all these factors, accelerating the digital automation of KYC and supplier risk management offers many advantages. Continuous monitoring will not only improve compliance with relevant regulations but will also improve efficiency and customer experience, reduce risk and cut costs.