It struck me as I finished writing yesterday’s blog and went about my duties, that I’d missed one important point in this KYC debate.
I’d put it down to the reluctance for banks to outsource such a critical activity. Specifically, banks fearing the risk of non-compliance or compromise being the reason why this had to remain as an internal process.
But there is another piece that plays into this that is just as important, as it has been at the heart of what I blog and talk about all the time.
Back in the day, I used to tout around with data warehouses.
Back in the day, we would talk about 1:1 marketing.
Back in the day, we would espouse Enterprise systems.
Back in the day, we would dream about a single view of the customer.
Back in the day, we would lament the issues of legacy systems.
Back in the day, we would talk about over-coming the legacy through modular, object-based systems development.
Back in the day is today.
It amazes me that over the twenty year cycle of talking about these issues, we are still lamenting these issues today.
Today, we are still talking about the issues of legacy systems and the inability to create enterprise-based capabilities.
And this is not down to a technology issue. Technologists have all the clever tricks to overcome legacy (middleware), enterprise (ERP et al), single view of the customer (data warehouse) and modular, object-based systems design (SOA etc).
No, the issue is the internal one of the bank itself.
And, if a bank cannot get a single view of the customer at the enterprise level, then how the hell are they ever going to effectively deal with KYC.
How can you Know Your Customer if you disperse all their data into divisional silos.
It’s not even divisional silos, but functional silos within divisions.
Does audit, compliance, anti-money laundering, fraud, information security and the general counsel who holds the legal duty to Know Your Customer share a single view of the customer?
Can they get that single view at the Global Bank Enterprise Level as well as at the Local Bank Branch Level?
If they cannot then I’m sorry, but you’re never going to effectively look after KYC within the bank.
In fact, that is the reason why Barclays threw Somalia off the network and why HSBC is closing down Brett King’s account along with all the diplomatic accounts of countries they cannot KYC effectively, globally, within a single, enterprise view.
Meanwhile, for those customers who are not being KYC’d effectively, they have the issue from the other way around.
As an Egyptian bank highlighted at the BAFT-IFSA conference, banks are being forced to work together in nested community structures so that they can get one official bank to front the one hundred banks that are too small to KYC.
Too small to KYC because the risk is too high.
And what all of this ends up doing is allowing huge amounts of money laundering and fraud to rise up through the system.
Gear up for the house of cards of nested bank risk thanks to the regulators creating the opportunity and the banks being too fearful of regulatory non-compliance because their KYC infrastructure is not even good enough to deal with Knowing The Customer internally.
Seems to me that we’ve uncovered a hornet’s nest of an issue here, but then it’s been an issue ever since I started dealing with banks … back in the day.
Back in the day.
Back in the day.
Way, way, way back in the day.
Come on guys. Find a solution.