Streamlining Compliance: A Strategic Approach to Know Your Customer Policies

Rajesh Menon

Design a single customer view where you can see all of a customers information and related data at one time. The capacity to take an allencompassing view of the customer and relevant factors is critical, since the most efficient way to uncover a money laundering scheme is having the ability to access and correlate a range of data about the client, the clients associates and transactions.

This article was published in the ACAMS Today May/June 2006 issue, a publication of the Association of Certified Anti-Money Laundering Specialists (ACAMS)

June 2006

As anti-money laundering (AML) regulations have intensified worldwide, the penalties of noncompliance have become increasingly severe, resulting in regulatory crackdowns, market capitalization and customer perception alterations and potential financial instability. In the United States, money laundering legislation has withstood several developmental phases, culminating with the USA PATRIOT Act. The legislation requires financial institutions to establish anti-money laundering programs along with customer identification programs for both new and existing customer relationships, as well as transaction monitoring of accounts for suspicious activity.

Key challenges in AML KYC compliance

As an immediate response to USA PATRIOT Act requirements, most organizations adopted a tactical approach to their Know Your Customer (KYC) programs. While doing so may have helped meet regulatory deadlines, the efficiency of the current systems and processes are not in line with organizational objectives. Challenges that current KYC programs face: Establish a single view of the customer across multiple business lines Boost efficiency and accuracy in manual, risk-prone procedures Bridge the existing gap between differing KYC procedures across company departments in global organizations with multiple lines of business Share KYC related information throughout the organization Employ risk-based surveillance In the current high alert, risk-based environment, financial institutions seek a more strategic approach to their AML compliance programs, including leveraging possible synergies with other compliance initiatives within the firm. Following are key organizational capabilities that financial institutions need to build into their AML programs to successfully meet current challenges.

Recycling data and systems

It is essential to reuse data and systems across the various levels of the institution and for different processes. Designing a single customer view where you can see all of a customers information and related data at one time may be useful. The capacity to take an all-encompassing view of the customer and relevant factors is critical, since the most efficient way to uncover a moneylaundering scheme is having the ability to access and correlate a range of data about the client, the clients associates and transactions. Having a single view of the customer provides benefits from both a client relationship management perspective and a client risk management perspective. Take into consideration that a client and his/her associates can hold numerous accounts in varying combinations across different parts of a financial institutions business, such as a mortgage, savings account, trading account, credit card, etc. While organizations can establish new procedures to capture such information going forward, the larger challenge relates to how the existing client data may be leveraged to the greatest possible extent. Given the global footprint of todays organizations, firms are increasingly considering the creation of global KYC hubs with data elements that cater to the needs of the various local regulations in addition to USA PATRIOT Act requirements: Increase scalability and flexibility. Having reusable data and system components enables enhanced standardization. The result? Greater extensibility and the flexibility to use such components relevant to a particular business line, geographical location, reporting jurisdiction or compliance report. Go beyond AML. Overlapping regulations mean that the data, reports and processes implemented for AML may also be used to meet other regulatory requirements, and vice versa. Therefore, reusable data and system components can help to reduce overall costs for the organization.

2 | Infosys White Paper

Centralize
A centralized risk management view across various divisions, systems and processes provide effective surveillance, strengthens internal information sharing and controls and facilitates external reporting. Centralizing key surveillance functions such as name matching against watch lists, including high-risk country checks, improves customer and transaction risk assessment and analysis. Use of centralized reference lists eliminates risks associated with different regions/lines of business using different versions of the watch list data. Consistency and coherence in the client risk classification and KYC processes adopted throughout the organization as well as improved information sharing across business lines and geographical locations provide: Ease of access to history of investigations on existing customers, 314(a) queries. Other than providing valuable input into the alert resolution process or responding to regulatory queries, ease of access also ensures that account opening systems across the firm have access to the same quality of surveillance information. Improved correlation capabilities, analytics: Centralized surveillance also enables improved risk analyses and enhances correlation across activities that span various businesses or account types.

Moving toward straight-through processing

Automating processes aims to address the main weakness in the current KYC procedures at most organizations. Precise definition of documentation requirements and integration with document management systems facilitates straight-through KYC flows with few exceptions flagged for manual reviews. Automated processes improve efficiency, enabling rapid turnaround and ease of portability, while simultaneously reducing operational risk, both accidental and intentional, associated with manual procedures. Other drivers include: Improved connectivity. Automated processes reduce reliance on email, fax and courier for collection and transmission of customer data, especially at the customer acceptance stage. Avoidance of potential gaps in data gathering. Automated processes can reduce gaps in data gathering, ensuring that all relevant data is captured at each step, reducing the risk of failing to comply due to incomplete or incorrect data. Enhanced information dissemination. Automated processes also enable efficient transmission of tasks and workflows across organizational areas or locations. While the compliance emphasis over the past couple of years has been to establish a basic surveillance program across the organization, the current emphasis is clearly to increase the efficiency and effectiveness of current processes. New regulations such as section 312 ensure that the KYC area continues to stay within regulatory focus. With regulators increasingly emphasizing enterprise-wide programs that adopt a risk based approach to surveillance, the process of replacing tactical solutions with more long term approaches has been further advanced.

About the Authors

Rajesh Menon is a principal at Infosys based in New York, NY USA. He holds a Masters degree in finance and has over 12 years of capital market experience. He can be reached at rajeshp_menon@infosys.com