Keynote Speech at Reg Tech for London:

“Knowing and Understanding your Customer in an International World”

Donna Bales, Co-Chair of RegTech RoundTable Foundation opened the dynamic event with a Keynote speech on knowing and understanding your customer across the globe at the first RegTech For London event on 10th July at Canary Wharf. 

"I am delighted to be given the opportunity to open the conference and meet so many professionals in this intimate forum.
Today we have an exciting agenda ahead of us where we will explore some of the opportunities new technologies can provide in unlocking value and understanding the customer.  Yet we must remember as we explore these topics that fundamentally KYC procedures preform a critical function in combatting financial crime. 

---

To complicate matters, there are several changing dynamics within the financial services landscape adding further complexity to an already challenging problem.
I can honestly say, I do not know exactly what the financial services landscape will look like in 5-10 years time but I believe it will be significantly different then it is today.
There are many factors contributing to these changing dynamics – technology being one of them.
Technology has always been a factor contributing to the improvement of the efficiency and effectiveness of banking operations. However, what is different now is the breadth of technologies available and their potential impact on AML programs. Emerging technologies can help to reduce risk and become more connected but they can also be used to create opportunities for criminals. Therefore, the potential exploitation by criminals must be considered along with the benefits. 
We are already seeing some of the potential of new technologies in the field of data analytics.

• AI and machine learning is being used to reduce false positives and create operational efficiencies and to make the subsequent case investigations process more focused
• Blockchain adds a new dimension to the transparency of workflows
• Biometrics allows for faster more secure identification

New suppliers (Amazon, Google, ANT Financial) are also entering the market and adding complexity – these new entrants have the advantage of already being embedded into the workflow of the consumer and are therefore a viable threat to traditional banking
Consumer behaviour and changing expectations are driving change
Of these factors, I think that the changing mindset of the customer will be one the greatest threats to how we currently bank – and consequently how customer activity is monitored.
My reasoning behind this view is that I do not think we can under-estimate the speed in which consumer patterns can change. We just need to look at the adoption of smartphones, tap and pay and the discontinued use of plastic bags for shopping as examples.
Adoption rates vary from country to country
A recent EY survey showed that:

• China (69%), India (52%), UK (42%) have the highest adoption rates of non-traditional financial service technologies – Singapore/Canada lowest at 18% (adoption = 2 or more fintech services in last 6months)
• The mean was 33% and growing

In addition to speed of adoption, demographics and the mindset of the younger generation plays a part in changing behaviour

• There are 13.8 million people who make up the group GEN-Y (20-35 years) in the UK (KPMG)

However, the #’s are not the most shocking part – its the mindset of the younger generation that is the treat to the norm

• I was reminded of this recently in a conversation with my nephew.
• I was just back from doing some consulting work in the UK on MiFID – I was belly-aching about geo-location software on my phone on how google was tracking and anticipating my routes
• He shook his head and said: “That is just AI Aunty Donna -  that’s the way it is”
• It was clear to me he had sheer acceptance

Not only has the younger generation grown up with technology but they have a totally different mindset when it comes to privacy. That different view on privacy has the potential to create fundamental change.
I have developed new products throughout my career and my # one rule is to develop from the end user case and work backwards.
However, in financial services and particularly when building solutions for AML compliance where there is an international focus, product managers are working with a series of constraints which makes it difficult to be truly agile and reactive to customer expectations. For example:

• Polices across jurisdictions are often not aligned and in many jurisdictions the policy is outdated. Example: Canada has only recently published draft legislation on pre-paid cards and virtual currencies – final rules are not expected until 2019.
• Stringent regulation, short regulatory deadlines and regulatory remediation constraints can make it difficult for firms to be agile.
• Integration issues with legacy system can be problematic
• Security ethical and reputational risk also complicate efforts (cyber crime makes up 50% of all financial crime in the UK)

All of us in this room will likely agree that we would like faster transaction times, better visibility of our activity, self-service tools, and an ability to bank seamlessly across the globe.  But the younger generation expects that banking will fit into their way of life. This brings a whole new dimension to product development and AML compliance.
Personally, I think the technology is playing the role it always has - to improve customer experience and overall operational efficiency. The difference now is that there are more technology options available.
I am less concerned with ‘WHAT’ technology to use but ‘HOW’ to implement it. The scale of some of these change programs is too great. Add on the pressure to execute fast to keep new entrants on the sidelines.
Good quality data is backbone of an effective AML program and many firms are still working to centralize data in Enterprise Data Warehouses -so the can be efficiently and proactively used and shared
Recently, I have been working with several firms on their Enterprise Data Strategies.

• Currently I am doing an assessment of a firms’ Enterprise Data Warehouse strategy
• The original strategy was pretty good -centralize the data in a single platform and use Hadoop technology -seamless data ingestion/extraction
• But 3 years in they are still on their journey –they are struggling with operational and data governance challenges.  The scale of the project is too big.
• It is important when considering new technologies and for KYC/AML particularly where project risk can be high that you keep the application and implementation simple and expand considerably
• Its crucial to get the implementation right because with new platform competitors entering the market -there is no time to get it wrong!

Implementation also extends to the operating model

• A consultancy that I partner with quite often recently conducted a survey with the Canadian banks on their enterprise data warehouse strategies – evaluating the overall maturity of their programs
• Most of the banks varied in terms of the technology used and operating/business model but one of the commonalities across the banks was that they were focusing on integrating client master data (business definitions and lineage)
• This is a good tactic, but for the data to be effective and usable–there are other factors to consider to be successful

There must be a strong data governance policy
The security policy must be compliant but not be too restrictive in terms of PII data that it restricts usage
Permissioning and access must be reliable and adaptable
The decision to use a new technology is not the hard part – the work begins when you attempt to integrate and operationalize it within your firm.
I have touched upon some of the technology and business challenges but there are also several regulatory considerations when operating within an international context.
AML regulations and data protection and privacy rules vary across jurisdictions – these rules need to be constantly updated in systems – the rigidity of rule-base systems creates an excessive number of false positives.

• It is estimated that 90% of false positives are not deemed suspicious.
• UK firms spend approximately 2.7 billion pounds a year analyzing false positives.

Developing an international KYC/AML program can be particularly challenging because standards are developing at different paces across jurisdictions to address their particular risks.
Therefore, arriving at a consistent view on the question of ‘effectiveness’ can be extremely challenging.
Following a risk-based approach is a practical and essential step towards managing AML compliance.
International bodies such as FAFT play an important role in creating standards and consistency across jurisdictions and are actively engaged in efforts to improve the sharing of information between private and public sectors.
The management of KYC data is one area where public and private collaboration can be beneficial and there has been some good progress internationally. Collaboration can be an effective tool when:

• Developing standards
• Providing better access/availability of data.  For example, through centralize repositories
• Agreeing on privacy standards - (note the changing perception of privacy and variance across age groups)

Just as technology acts as an enabler for good quality KYC programs – the government also can act as an enabler.  Examples:

• India has a government initiative to collect biometric and demographic data and store in a centralized database an issue a 12 digit # of all residents
• Singapore has ‘myinfo’ database. It is an open data portal – stores individual data but allows individuals to give access to their data to others
• Also in Singapore -Monetary Authority of Singapore (MAS) has worked with a group of banks on a KYC utility – the ‘myinfo’ database is being leveraged- the objective of the utility is to streamline the end-to-end KYC process and harmonize and enhance KYC checks across the industry.
• EU’s AML 4th directive creates a strong framework for Beneficial Ownership (BO) and requires EU jurisdictions to have a BO central registry that is openly available. France Germany, Italy and the UK have one in place but only the UK has its publicly available.

It is clear from these examples that public/private sector collaboration has helped to drive the AML agenda forward…but collaboration also works well when sharing knowledge.
Prior to the fintech/regtech revolution –In 2011, I was working closely with MAS to get a regulatory licence for a dark pool trading venue for a firm that I was working for at the time.  Even before the concept of the regulatory sandbox - MAS was interested in learning about the technology, trading types and the algorithms we were using. This information exchange was beneficial for both parties.
The global sandbox takes this one step further – offering a powerful, practical way of improving outcomes for consumers by making it easier for firms to get new products to market.
​
In conclusion, I do not think we can under-estimate the complexity and change that is currently impacting the financial services industry. Irrespective of these changing dynamics the fundamentals behind the KYC process will not change. Firms regardless of whether they are a traditional or non-traditional provider of financial services will be expected to have a sound KYC process in place – one that is risk-based and robust.
Technology can improve operational efficiencies but the potential abuse of new technologies by criminals can also accelerate crime and therefore any program cannot be static -it must constantly evaluate new risks
At a firm-level, banks must be dynamic and flexible, adapting in real-time to meet the needs of their demanding and increasingly tech-savvy customers. But the public sector can also not be complacent.  They have an important role to play in creating standards and tools to improve sharing of information so that the KYC process is more seamless and effective globally while still adhering to the basic objective of AML – the prevention of financial crimes."

Speaker: Donna Bales, CAMS, Co-chair of Regtech Roundtable Association 

We will be hosting "AML & KYC TECHNOLOGY ENABLED COMPLIANCE" in Toronto in October, for more information please see the attached PDF:

regtech_for_toronto_aml-kyc.pdf
File Size:	8977 kb
File Type:	pdf

Download File

---