Risk. It’s a true four-letter word. And “compliance” feels like a four-letter word in the banking and financial services industry, where since 2008, the regulatory microscope has been sharply focused in an effort to ensure the safety and stability of financial markets.
The struggle is real, as the kids like to say. An explosion of regulations has caused a dual problem for banks: Compliance is costly, whether you pay to meet regulations now or pay fines for non-compliance later. The average firm spends $60 million a year on KYC and Customer Due Diligence (CDD), and since 2008, banks have collectively paid more than more than $300 billion in fines for non-compliance.
These staggering costs beg the question: Why aren’t banks more proactive in order to save money on the operations side and prevent hefty fines on the risk mitigation side?
The answer lies in the data itself. With Know Your Customer and Anti-Money Laundering regulations, for example, much of the information needed to ensure compliance is floating around outside your systems of record in databases, websites and external portals. Sometimes information is actually in your organization, but inaccessible because another department owns it or the format is unusable.
Banks’ traditional approach to KYC-AML has been reactive, according to a recent Celent report, focusing on short-term fixes to gather and verify data that results in multiple and legacy systems and hiring more staff.
In a new research study, “Innovation in Compliance Technology: Emerging Themes and Vendor Solutions,” Celent explores four themes that have the potential to solve many of the current challenges in compliance. They are:
Artificial Intelligence (AI) and Robotic Process Automation (RPA)
While AI provides a next-level automation of compliance, fraud and surveillance tasks normally performed by humans, RPA is an automation solution that acquires, enhances and delivers the precise data you need from any internal or external source—eliminating not the “thinking” tasks from your organization, but the rote tasks that expensive and error-prone humans are unnecessarily performing today.
RPA eliminates that human error element by sticking to your banking business rules and regulatory compliance standards (employees usually mean well, but make mistakes). While this technology is applied in the back office, it actually enhances the customer experience by quickly gathering data you previously had to ask for at least once, if not half a dozen times.
Mutualizing noncore activities
The compliance equivalent of the saying “a rising tide lifts all boats,” Celent reports unprecedented levels of cooperation among banks to develop and mutualize compliance and reporting solutions. All financial institutions are drowning in the sea of regulations, and banding together to streamline compliance can make the whole industry more profitable.
An alternative to mutualizing and creating custom software, which can quickly become legacy in an ever-changing technology and compliance environment, is deploying a commercial solution and engaging with other financial users to share best practices and lessons learned. See how one financial institution automated KYC and CDD data-gathering.
Banking on the cloud
The flexibility, agility, transparency and savings of the cloud is attractive, and banks are finally overcoming security concerns in favor of reducing IT infrastructure and costs. As Celent notes, the cloud can enable both AI/RPA and a shared services model among several financial institutions to develop compliance solutions.attractive, and banks are finally overcoming security concerns in favor of reducing IT infrastructure and costs.
Distributed ledger technology
One of the hottest topics in financial services and capital markets, blockchain technology, or distributed ledger technology, has the potential to transform compliance and security.
Investopedia defines “distributed ledger” as a database that’s consensually shared and synchronized across network spread across multiple sites, institutions or geographies, allowing transactions to have public “witnesses” and making cyberattacks more difficult. Unlike centralized ledgers, which are prone to cyber-attack, distributed ledgers are inherently harder to attack because all the distributed copies have to be attacked simultaneously in order for the attack to be successful.
For KYC and AML, banks have to collect data and comply with rules around the validation, confirmation and verification of that data before new clients can be onboarded—a lengthy process in many markets. Blockchain could speed this process by housing the information in a secure, tamper-resistant database that provided protection and veracity of the information, although it’s still a nascent technology first popularized by Bitcoin.
Learn more about modern challenges in compliance operations and innovations in compliance technology from financial services research firm Celent in their latest report, Innovation in Compliance Technology: Emerging Themes and Vendor Solutions. Get your copy today.