RegTech Intelligence 
By Darragh O’Grady and JWG.
Regulatory requirements coming in over the next 3 years will mean firms need to know – and prove that they know – more things about their customer than ever before. Combined with the growth of ‘digital banking’, firms are now having to innovate on the digital front, whilst ensuring compliance along the way … no easy task. But new technologies can enable both, alongside providing services for 21st Century banking.
Firms will need to know far more about their clients and counterparties, and across more levels (trading, tax, AML, etc.) than ever before. As OTC rules continue to mature globally, the rise of the Common Reporting Standard (CRS) looks set to continue the pain that FATCA started by setting new due diligence and reporting requirements to all account holders, while, in the EU and US, new AML rules in the form of the 4th Money Laundering Directive and FinCEN’s Customer Due Diligence proposal will force an entire reworking of firms’ procedures.
These rules are coming into effect at the same time as ‘digital banking’ is gaining more and more acceptance and becoming commonplace. In a world where every individual has powerful smartphone technology available at their fingertips, and where the technical constraints on the low cost, efficient movement of money between people, institutions and countries have been all but eliminated, technology is lowering the barriers to entry for more and more financial services.
Demonstrating KYC capabilities across these services has the potential to disrupt the ability to deliver them efficiently. Recent research has shown that onboarding can take up to 34 weeks and cost up to $25,000 per client. For businesses predicated on low transaction costs and high volumes, traditional KYC checks on customers may render these services unprofitable.
Leveraging new technology for KYC compliance
There is no real reason that the objectives of KYC compliance and low cost, technologically enabled services need to compete. Today’s technology offers enhanced capabilities for meeting both objectives. Better understanding of digital identity means both improvement in the delivery of services and the proof of essential KYC compliance.
One way of doing this is to have trusted institutions provide KYC services that are recognised as such by regulators. In a digital age, this manifests itself as ‘proof of process’ – i.e., a peer-to-peer transaction can only be complete when there is irrefutable proof that prior mandatory processes have happened.
To avoid real-time approvals from a 3rd party service (which may be feasible in some cases, but not others, e.g., when offline), blockchain technology can provide this proof that, for example, all relevant KYC checks had been performed by a trusted (regulated) body at the time of the transaction – the digital equivalent of a notarised proof of identity.
In the coming years, as clients become ever more cautious about who they should be sharing information with, and privacy risks associated with multiple redundant and potentially inconsistent copies of client information proliferate, financial institutions have the opportunity to become key brands in digital identity stewardship (aka KYC).
A bank’s reputation for trust and security will count above all else, and there could be substantial commercial rewards for those who gain their customers’ confidence in their ability to effectively manage their digital identity.
Digital security as an offering
Blockchain technologies allow digital peer-to-peer transactions to occur in a reliable manner, without the need for a traditional third party, thereby cutting out banks and other financial service intermediaries entirely from the financial transaction process. And it allows digital innovators to step in and provide intermediary services at a far lower cost than today.
But these digital pioneers are the new kids on the block, with little or no brand or reputation. They may have a lot of media hype. They may have great technology. But they have no history of stewardship of their customers’ financial affairs. Only a promise.
Banks, on the other hand, while having a somewhat tarnished reputation in recent years, still have powerful brands that emphasise trust and security. In the digital age, these will become the differentiators rather than technology, which will likely be ubiquitous in much the same way that the technology underpinning the Internet is.
In particular, there are two areas where banks (and only banks) can truly stand out in a digital world:
- Stewarding customers’ digital wallets
- Stewarding customers’ digital identity.
A reliable, secure and (at least partially) insured place to keep your hard-earned cash is needed just as much in the digital age of banking as it is today with fiat currencies. And, whilst many new firms will be created to provide these services, banks can reclaim their history of trust and security if they step in and provide these services as part of their core value proposition.
There has been significant regulatory focus on cybercrime over the last 18 months, with a number of new regulations, such as the General Data Protection Regulation (GDPR) and the Network and Information Security Directive (Cybersecurity Directive), coming down the track in the EU. Leveraging regulatory compliance to build business advantages is sound strategy.
The implications for this are substantial. For example, (technology) security needs to become a prime competence of a bank, not something that it relies on external vendors for. This requires significant investment in skills and a dramatic shift in how banks perceive IT security. It is no longer a cost centre, but a core service offering.
It also means presenting more digital-only services via APIs and other non-interactive interfaces, for those clients who may not be direct consumers, but rather users of the software and/or services provided.
Conclusion
The next few years will see dramatic changes in how financial institutions deal with KYC and related compliance issues. By using the current regulatory-driven initiatives to flesh out industry standards, market participants can lay the foundations for digital financial services innovation in which incumbent financial institutions can compete by leveraging their brands and reputation rather than relying on legacy technologies.
While emerging blockchain technologies are still too immature to commit to any particular solution, financial institutions should be clear about where they see their value propositions in a highly digital environment.