The COVID-19 pandemic has resulted in increased strain on every aspect of business operations, and one major area where the pandemic disruption has caused serious challenges is in the area of Know Your Customer (KYC) compliance and the smooth implementation of anti-money laundering (AML) programmes, which are an important component of both local and international financial operations.
This has led to an increased need to find ways and means to cope with challenges the pandemic has thrown at this field of endeavour. In this article, we'll look at what these challenges are, and how businesses have learned to cope--and how you can also mitigate COVID's impact on your own organisation's KYC and AML.
KYC compliance and AML checks are mandated by regulators such as MAS and ACRA as a legal requirement, meant to combat fraud amongst corporations in general. It is required to ensure that clients or partners are genuinely who they say they are, in order to reduce the risk of financial loss, legal trouble, or reputational damage from financial misconduct.
Before COVID-19, companies often obtained information about other companies through traditional means such as hardcopy reports, to find out in-depth information and any irregularities which may be constituted as risk. For instance, customers had to be physically present when performing banking transactions, and physical documents had to be submitted to verify a customer’s identity.
Once these traditional methods were disrupted because of COVID, many companies have been unable to fully obtain the required information they need to validate and verify a client in person or on-site, thus becoming unable to thoroughly verify clients or partners according to their established SOPs.
As a result of remote working, companies are starting to see a dip in KYC and AML rigour, which increases the risk involved in customer and third-party risks. According to a Refinitiv worldwide survey of 2,920 managers, up to 65 percent of organizations are forced to make the difficult decision of taking shortcuts with KYC and AML in order to keep their business operations running. These compromises occur when companies are forced to increase their revenue during the pandemic by sourcing for more clients, and when remote working practices make it difficult to perform equally rigorous checks or contain cybercrime as robustly as from within a proprietary corporate network.
With COVID-19, consumers are shifting towards the digital landscape, making it difficult to track and control real-time, cross-border payments. At the same time, the increased dependence on digital transmission of documents and communication has led to increased vulnerability of financial transactions and communications to cyberattack and manipulation. As a result, financial institutions may be more vulnerable to criminal activities.
With traditional exhaustive KYC procedures and AML checks becoming difficult to carry out in their entirety, companies have begun pivoting to a more strategic risk-based AML approach, often using the pandemic as an opportunity to reassess and redesign their existing approaches to take into account the new realities. To fight this, companies should learn to integrate data and analytics into their KYC compliance and AML processes to help protect themselves.
Digital identification, virtual banking tools, and utilisation of data and analytics, are all ways corporations have transformed their KYC compliance digitally to provide the same customer experience, while ramping up their security against cyberattacks and criminal activity. At the same time, to reduce the delays and inefficiencies caused by manual processes at a time when staff strength and efficiency may be impacted by lockdowns, quarantines, contagion, or simply working from home, many have also begun pushing towards greater digital automation of their KYC processes.
As usage of financial services have gone increasingly online post-COVID, a corresponding increase in phishing scams, call spoofing, and other cyber identity theft techniques has made it harder to ascertain actual identities of counterparts. Companies have become increasingly reliant on alternative forms of KYC to ascertain the identity of the persons transacting with them.
While some companies have turned to using video-conferencing to replicate the face-to-face experience, more have turned to looking for secure and accurate business information that can be easily found online and does not depend on a company's own representations.
This has led to companies turning to specialised business data providers like CRIF Bizinsights, which can draw from a diverse range of international sources, to provide comprehensive insight that can rival and supplement traditional approaches.
Besides requiring authentic, accurate and timely data for customer verification, speed and efficiency is also paramount. Besides commissioning business data providers for searches, companies have increasingly discovered the value of APIs (Application Programming Interface) in automating and speeding up the process by integrating specialised search functions directly into their business software.
API integration not only allows searches to be automated, but can also plug the obtained data directly into the areas where the data is needed, reducing the need for slower manual input, and giving you faster searches that provide deeper, more usable insights into a counterpart. Such manual processing is also prone to human error and creates opportunities for fraud.
With CRIF Bizinsights, data is provided so that you are equipped with all you need to make your informed decision - all you have to do is focus on the kind of data you need. We provide secure API access to our extensive global database as a highly efficient digital approach to acquiring the right information for you.
With these technology aids, you can be sure that human error is greatly minimised, providing you with the latest corporate information to help you in your decision-making process. Nonetheless, if you wish to do any searches yourself, we are happy to integrate our technology with your own risk management or CRM.