pKYC—7 key lessons banks can learn from real-world deployments
Banks are cutting through the ‘noise’ with Entity Resolution – making the process more manageable and allowing them to reap the benefits
Perpetual KYC (pKYC) isn’t just a theory anymore.
Banks are already moving to continuously monitor customers for changes so they can identify risk more accurately, drive efficiencies, and enhance the customer experience.
So how do you drive successful KYC transformation?
In this blog post, we’ll outline seven tips to help you on an incremental improvement journey, drawing on our KYC experts’ experience in guiding banks through real-world pKYC deployments.
1) Focus on what’s important
Define what you’re trying to achieve, the journey needed to get there, and if key milestones can provide value along the way. There’s no single blueprint for your journey to an event- or trigger-based KYC environment. Instead, it involves using automation-first principles to track customer changes or events.
To begin your journey, decide what your priorities are. Is it increased efficiency, more effective risk identification, or a blend of both? The scope of work required to deliver improvements and the customer populations you focus on might be different depending on which priority you choose.
2) Cut through the ‘noise’ to provide a solid data foundation
A typical concern holding operational teams back is that moving away from manual reviews every one, three, or five years will create unpredictability and complexity – making their workload more difficult to manage.
Entity Resolution (ER) is foundational to overcoming this challenge.
ER is the process of working out whether multiple data records are referencing the same person, organization, or other real-world thing. ER is critical to helping you understand if data is referring to your customers, organizations, or people within organizations with the same name – a situation that is responsible for much noise in the KYC process.
By utilizing ER, we’ve seen banks dramatically reduce the volume of changes they receive about their customers from corporate records, transactions, and other data sources to the changes that are truly relevant to their customers.
One bank we worked with lowered the number of changes received in a month from millions down to a few hundred that were relevant.
Resolving internal and external data sources creates a more robust data foundation that you can draw on not only to inform risk assessment but also as a resource to better understand your customers in revenue-generating parts of your business.
3) Start small and work end-to-end
Rather than starting with multiple, different trigger events, select the most important ones and build them out end-to-end from detection to treatment. This allows you to control change volumes, enable operations, and test the new way of working on a few trigger events.
You’ll then have the flexibility to change how you treat them and act accordingly with the support of the second line of defense. This avoids having to turn off events once they are live because they are too noisy, not easily treatable, or are not in line with existing policy and customer risk assessment protocols.
4) Put your customers in context
Truly understanding your customer comes from understanding their wider network.
Resolving datasets together doesn’t just help you build toward a single view of your customer, but when combined with Graph Analytics, it helps you put a customer change you’ve detected in context – so you can determine how meaningful the change is.
Graph Analytics reflects real-world relationships, revealing the context of how people, organizations, places, and other entities, which have been resolved through Entity Resolution, interact with each other. Once you’ve mapped these connections over time, Network Generation creates a dynamic view of the bigger picture, automatically compiling the most relevant connections, entities, and data for a specific decision.
Reaping the benefits of these technologies doesn’t require you to “rip and replace” your existing systems, processes, and controls. That’s why we work with an ecosystem of service integrators, and delivery, technical, and data partners to add value for customers in a way that’s complementary to the ways banks already work.
5) Apply materiality to automate your policies & procedures
Materiality helps determine whether a change should be escalated for review or simply processed and logged. It involves applying the logic from a bank’s policies and procedures to automatically inspect the change and determine whether it requires an analyst to review it.
Resolving entities across the wider network of entities associated with a customer means you can determine a change’s materiality in a more informed way. This is because you can identify if several changes have taken place, with each potentially shaping your view of materiality.
Risk scores can then be applied to changes identified and the customer network. This allows KYC teams to assess whether a change is risky, regardless of its materiality. Being able to assess both allows for greater granularity in the automated decision-making process.
6) Decide how you want to treat changes
Defining your response to risks that are identified is essential.
Where you detect such customer changes, it's useful to think about the following questions, while seeking alignment across relevant teams:
What additional action needs to be taken?
Do you need other data sources for verification?
What is the threshold for a material impact?
How will this event affect customer risk rating?
Will this change impact future monitoring needs?
7) Involve the second line of defense
Ensure all teams that will be directly or indirectly impacted in the transformation process are involved or at least informed from the beginning, to get buy-in. As much as the first line of defense will often be the driver and the first beneficiary of these improvements, the actions taken on the back of an event need to be aligned with your due diligence policy and in line with your risk appetite.
Your pKYC transformation is also a good starting point to reassess risk understanding within your organization. It gives you the opportunity to review its definition as part of the customer-risk-rating and enhanced due diligence processes, especially with the introduction of contextual risk factors.