Katja Zschieschang looks at how KYC challenges have evolved for correspondent banks in recent years, the benefits of a collaborative approach to data collection and the use of APIs in pulling data from a common repository.
How have KYC challenges evolved for correspondent banks in recent years?
Katja: Knowing the customer has always been at the heart of banking business, but regulatory changes have increased correspondent banks’ due diligence obligations significantly over the past decade. At its core, this means banks must take the necessary steps, both in terms of compliance frameworks and related processes, to understand the risks inherent in the payment flows of not only their own clients, but also their clients’ clients. This is a challenge in its own right, but made more difficult by the vast data collection requirements that it inevitably brings.
As well as anti-money laundering (AML) rules, we must also comply with multiple sanctions regimes and fraud prevention requirements. The increased data collection workload is perhaps best reflected in the fact that the new due diligence questionnaire from The Wolfsberg Group – an association of 13 global banks which aims to develop frameworks for the management of financial crime risk – stretches to more than 20 pages. This industry initiative has been welcomed by global regulators such as the The Basel Committee on Banking Supervision (BCBS), the Committee on Payments and Market Infrastructures (CPMI), the Financial Action Task Force (FATF) and the Financial Stability Board (FSB).
How are correspondent banks adjusting their processes to handle KYC challenges?
Katja: We embedded SWIFT’s KYC Registry into our KYC process for financial institutions very early on, back in 2015, which helps us to check the business case and risk assessments involved with managing our correspondent banking network. Due to the larger volume of data we must now collect, we, like other correspondent banks, have to be much more efficient in our data processes, both internally and externally. As such, having a central repository with frequently updated customer information is a welcome aid to the KYC process.
Internally, we are improving how we share and utilise data across business units in order to remove duplicate checks over the same core pieces of information. Like many banks, we initially bolstered our head count to cope with the increased demand for data capture and evaluation brought by more stringent regulatory obligations, but we’re now getting smarter in how we review information. Rather than several different departments sourcing the same or similar information, we take a more holistic approach whereby we share the same core information then request more specialist product-specific information if necessary.
For many correspondent banks, the natural consequence of heightened KYC obligations, and the associated costs, has been strategic de-risking. It is inevitable that banks will evaluate the commercial value of a relationship against the cost of maintaining it – leading to some withdrawal from selected relationships and markets.
How can utilities support KYC efforts?
Katja: Receiving information from banks in different formats can very quickly become problematic in an environment where we have lots of correspondent relationships and a vast flow of information. It can be a significant operational challenge if we all ask slightly different questions of our counterparty banks or if they answer those questions using slightly different definitions. With a utility such as SWIFT’s KYC Registry, the questions and terminology can be standardised so that all participants develop a common understanding.
Such utilities also bring benefits for our financial institution clients. Those that make their data available to us via the KYC Registry benefit from a smoother and streamlined review as part of the regular KYC process the bank has to undertake.
How have you and other users worked with SWIFT to ensure the KYC Registry meets the evolving needs of correspondent banks?
Katja: The KYC Registry was developed in collaboration with major global banks – with Deutsche Bank being a part of the 15-member working group, set up by SWIFT to understand the needs of users, since June 2015. This collaborative approach has yielded significant benefits – we have identified the need for timestamps on documents, for example. The next priority is to explore the use of APIs to pull data from the KYC Registry directly into our internal systems, although this may be a longer-term project.
We’re keen for as many of our correspondent banks to use the KYC Registry as possible, but there has been some resistance from smaller banks on account of upfront costs. However, it is hoped that ongoing efforts to explain the security and standardisation benefits of sharing data via a dedicated utility – rather than bilaterally over email – will overcome these reservations.
What is the regulatory view of utilities, and what further regulatory challenges are on the horizon?
Katja: Regulators require us to conduct AML assessments on entities we deal with. As such, the KYC Registry, or any other third party utility, is regarded as a structured and useful source of information which can complement our own assessments.
AML compliance will continue to be a big focus this year, especially given the incoming requirements brought by the Fourth EU Anti-Money Laundering Directive. Given how sweeping the regulation is, all market participants will be highly focused on meeting its requirements – and we will be engaging frequently with our financial institution clients and other banks in the market.
Sign me up
Register for exclusive insights
relevant to your area of
Manage your profile and
preferences to receive exactly
what you need