The KYC Registry Compliance at your fingertips Hans-Joachim von
17 Slides1.62 MB
The KYC Registry Compliance at your fingertips Hans-Joachim von Hänisch KYC Compliance Services March 2018
Transaction banking related compliance is a highly complex and expensive process that has to be repeated periodically Customer identification Customer Screening & risk id Customer due diligence Transaction & customer screening Start Business RMA / RMA Plus Behavioral monitoring Compliance Analytics Payments Data Quality Ongoing due diligence 2
Cost of Compliance results in “De-risking” Definition “De-risking refers to the phenomenon of financial institutions terminating or restricting business relationships with clients or categories of clients to avoid, rather than manage, risk.” (source: World Bank Group 2015) Reason for De-risking I. II. Customers do not generate sufficient revenue to overcome compliance costs; The Institution provides payment services to customers about which the necessary information for an adequate risk assessment is not available; III. Customers are located in jurisdictions perceived as too risky; IV. The Customer offers products or services or has customers that pose a higher risk for antimoney laundering/combating the financing of terrorism (AML/CFT) (Source: CPMI Correspondent banking July 2016) 3
Revenue vs Cost of doing business: Which elements can you influence? Insufficient information about (risky) clients: What more can you provide, and how? Perception: How can you change it? 4
Name Screening Sanctions Screening Sanctions Testing SWIFT offers a wide range of hosted solutions which help to address the challenges of compliance Customer identification Customer Screening & risk id Customer due diligence Transaction & customer screening Start Business RMA //RMA RMA RMAPlus Plus Behavioral monitoring Compliance Analytics Payments Data Quality Compliance Analytics Payments Data Quality Bankers World Online The KYC Registry Name Screening The KYC Registry Ongoing due diligence The KYC Registry 5
International correspondents will expect Compliance with best-practice Compliance with sanctions Complete information in payment instructions NO PROBLEMS And Require up-to-date information about your institution Want to understand your processes and procedures WANT TO KNOW YOU And do a reality check and Will SCREEN ALL TRANSACTIONS coming from you! 6
Addressing the cost: Identifying efficiency gains 100 banks have a relationship - manual approach, no standard Each bank completes 99 client KYC’s and provides own data to 99 banks Compliance teams at 100 banks respond to 99 KYC requests 9.900 outgoing KYC Profiles (data and document packages) Relationship teams at 100 banks complete 99 KYC’s each 9.900 incoming KYC Profiles that need to be analysed Same 100 banks when using The KYC Registry Each bank delivers its own KYC in standard format into The KYC Registry once 9.900 100 outgoing KYC’s Each bank completes 99 client KYC’s (9.900 as before) BUT: Now based on standardised validated data No need for conversion of data into electronic format Certainty that data conforms with regulations 7
Driven in partnership with leading Financial Institutions Promote Standards Drive Adoption Design Roadmap Validate Features
Constant growth of membership To date, more than 4500 financial institutions: 2,450 in Europe, Middle East and Africa 1250 in Asia Pacific 800 in the Americas 200 countries and territories worldwide 62 Central Banks & Monetary Authorities EBRD, ADB, AfDB
Recent Developments Full implementation of the new Wolfsberg Correspondent Banking Due Diligence Questionnaire (WB CBDDQ) in October 2017 Risk-based approach via selective sharing of CDD vs EDD data Advanced Notifications to automate counterparty monitoring Significant reduction of consumption fees for 90% of customer banks EUR 80 per KYC Profile per year, capped to limit maximum spend, for smaller / regional institutions (Global Tier 1) Free consumption of 5 KYC Profiles in total for all customers who have published a complete and current data-set on The KYC Registry
KYC Registry – User Approved sharing of KYC data CONTRIBUTOR Bank A CONSUMERS KYC Registry 2 Notification 1 Access Bank X Request* KYC Data & Documents validated by SWIFT Data Upload Counterparty or Relationship Management approves access** 4 Data is unlocked Bank X 2. Bank A receives notification that Bank X requests access to their KYC data 3. Bank A approves access of Bank X CDD or EDD 3 1. Bank X requires access and approaches Bank A via the KYC Registry 5 Notification 4. Access to data is unlocked on the KYC Registry 5. A notification is sent to users at Bank X that KYC data has been made available by Bank A. The permission is valid until pro-actively revoked or surrendered. *The access request can be for “basic” CDD data, or for “basic & extended” CDD and EDD data **Bank A decides at its sole discretion which level of access is granted – basic only, or basic & extended
KYC Registry – Notifications whenever KYC data is updated Bank X Update Notifications are sent - By email - In application CONTRIBUTOR Bank A Bank Y KYC Registry SWIFT validates updated data and publishes data Bank Z Data Update Authorised Consumers: Bank X Bank Y Bank Z Other Updates are communicated in real-time Other
Ongoing Monitoring – Trigger Event and ad-hoc KYC Review Management CONTRIBUTORS Bank A CONSUMERS in Bank X The KYC Registry 1. Legal Name update Bank X has access to A B C Peter, Paul, Mary have set Notification Preferences Upon update, SWIFT validates update and publishes new data. SWIFT checks, then sends immediate notifications: Bank B 2. New board member (Onboarding) Has set Notifications for Static data changes incl Legal Name Contact details (fax) 1. Legal Name . Paul 2. Board Member . (Relationship Management) 3. Regulator . Bank C Peter 4. Annual Report. 5. Fax number . Has set Notifications for Legal Name Board member Annual report 3. New Regulator Bank 4. Annual Report 5. New Fax number Further fine tuning possible: - Ability to define for which counterparties the notification settings shall apply - Includes Adverse Media notifications (separate subscription required)! Mary (Compliance) Has set Notifications for Legal Name Board member Regulator
The KYC Registry Data contribution and Validation The KYC Registry Your Group Head Office Submitter Approver Netherland Belarus China Controller 1 Submitter Ownership and Management Structure Identification of the customer Submitter Approver Type of business and client base Complianc e Tax Controller 2 Contributing your data to the KYC Registry is free Your Data contribution is verified by our controllers using a 4 eyes process Your data is never published without your approval Granting access to your data is free You can allocate user locally or submit information from the head office Each bank appoints its own internal KYC Registry Administrator who manages user rights of all colleagues Secure cloud environment. Fully maintained by SWIFT Adverse Media on all counterparties
Qualifications scope and principles Fact-based checks No judgmental or subjective checks Completeness and accuracy - Required information provided - Data fields evidenced by documents content and/or official sources - Document containing the required information - Documents consistent against each other - Documents uploaded at the right place - Questionnaires filled in Documents validity Documents valid in time or not expired (if required) Documents format requirements Documents provided in the expect format: signature, stamp, letterhead, logo, etc. Translations Availability of translation / English version of documents Document provided in the expected format: certified or internal translation These requirements are defined in the KYC Registry Baseline Definition document, available on the KYC Registry Evidences Where possible: Data validated against supporting documents Documents validated against public/official sources, limited to - Website of regulators / supervisory authorities - Website of commercial registers / registration authorities - Website of stock exchanges - Website of the IRS - Website of the institution SWIFT ‘publishes’ the information only if validated as correct, and approved by customer. A category may be published as - Incomplete Expired Not meeting the format requirement With missing translation This impacts the qualification score which is visible for both contributors & consumers
Add-on: The SWIFT Traffic Profile, addressing ‘KYCC’ You Your correspondent Country of your correspondent counterparty Country of ordering / beneficiary party’s bank Consumer of the SWIFT profile Publisher of the SWIFT profile Your correspondent’s direct exposure Your correspondent’s indirect exposure KEY BENEFITS Provides unique insights into bank’s activity, based on unique data Substantiates declared behaviour by relying on factual data provided by a neutral third party Promotes a pro-active approach in the assessment of existing relationships and continuous monitoring of exposure Enables focus on riskiest correspondents Low annual cost of EUR 2,500, including automatic quarterly update
www.swift.com Power Point template - You can edit footer content by going into 'Insert' tab 'Header & Footer' 17