With increasing global regulations on KYC, corporate treasurers are seeking some standardization and simplification in a process that also causes a great deal of administrative red-tape at banks in their efforts to comply with ever expanding regulatory requirements.
At the opening of the latest Universwiftnet forum in Paris, March 13, 2018, Michel Abaza, Treasurer of the Safran group, an international high-technology supplier of systems and equipment in the Aerospace and Defense markets, and Phillipe Vollot, Managing Director and Global Head of Anti-Financial Crime and Group Money Laundering Reporting Officer at Deutsche Bank, discussed the need to simplify the cumbersome ‘Know Your Customer’ identification processes.
“I’m trying to understand why I have to fill out the same extensive forms several times a year to explain who Safran is to our same banking group. I’m trying to understand why there is no preliminary internal work done at the bank to first collect generally available public information. I’m trying, finally, to understand why some banks require more information than others and if it wouldn’t be possible to standardize the requirements! ”, said Michel Abaza, who relayed this question from the community of treasury-financing directors at this forum of 1,000 attendees on business-bank relationships.
Phillipe Vollot shared the podium to explain how Deutsche Bank was working to improve things: first, through the 1,300 people in his group responsible for identification of possible money laundering, fraud and sanctions and, second, through ongoing dialogue with his counterparts from other financial institutions and the regulators.
With focus on the fight against the financing of terrorism, regulators and public authorities have required banking institutions to prove they know who their customers are (KYC) and to be capable of sounding an alert in suspicious cases. For all banks, this customer identification process is cumbersome and complicated and the requirements from the regulators are increasing. In particular, the Fourth Anti-Money Laundering Directive added 40 new recommendations. What can banks do to facilitate easing of this burden on their corporate customers? “We are currently simplifying our internal processes among all our subsidiaries”, stated Phillipe Vollot. “The regulations require the bank to know each entity of the customer doing business with all parts of the bank. It’s not possible to limit yourself to a dialogue with just the parent company. In order to facilitate the gathering of information efficiently, our banking institution is aggregating the information requests to the same company or group over a specific period. For example, there would be Safran month! ”
Implementing each regulation easily can result in excessive requests by banks, and some corporate customers may legitimately question whether some banks go well beyond a reasonable level given the nature of that customer’s business. Should the questionnaire be standardized? Sharing the view that a toy manufacturer or a broadcast company might not warrant the same level of investigation that a defense contractor might, Deutsche Bank is currently adopting a client risk rating, which will weigh the risk of the customer by its registration country, business segment, and legal structure. This rating will also be weighted by each banking product used to further classify the level of risk. Customers considered low risk will have to respond to a request for an update of its documentation every five years, average risk every two years and high risk customers will be subject to annual testing.
To complicate things further, regulations designed to fight terrorist financing differ by country. Some country regulations also prohibit any one bank from relying on a KYC created by another bank that is a counterparty to a particular transaction. This requirement to conduct their own KYC procedures has caused some financial institutions to pull out of doing correspondent banking activities in certain countries.
In this context, global standardization of KYC information gathered from corporations will not happen overnight, despite the welcomed adoption by some in the banking sector of a standardized questionnaire for correspondent banking activity.
If banks cannot rely on their counterparts for their KYC, the creation of a centralized repository of all useful information at the European level would require the agreement of the public authorities. Additionally, initiatives like those by KYC.com could run up against a corporate reluctance to place private and sensitive information on a public server, even if it is encrypted. The SWIFT international financial messaging system has created its KYC registry for banks. The platform will soon be proposed for corporate users. The pilot begins in 2ndQ 2018 with major French institutions that are participating in the project.
In summary, while KYC requirements have resulted in highly cumbersome constraints on companies, these tighter controls over cash flows have helped the fights against both financing terrorism and money laundering. It also has pushed corporations to set up multi-level controls to detect fraudulent cash flows. “The dysfunctions are now better tracked“, concludes Michel Abaza.
Redbridge’s point of view
Dan Gill, Senior Director, Redbridge Analytics: “Treasury departments can help the KYC endeavor as well by maintaining accurate records on their entire inventory of bank accounts and those employees that have some authority over those accounts. Furthermore, companies and banks should invest in streamlined methods to communicate accurate information to their banks regarding the company as a whole, the inventory of bank accounts and the employees that hold authority over those accounts. A centralized source of truth within the company as found in some bank account management (BAM) systems will help. And when coupled with a standardized communication system such as SWIFT’s eBAM framework, it comes several steps closer to both a standardized and efficient approach.”