KYC (Know Your Customer)
Here is Damian Glendinning’s article based on our Treasury Peer Call on KYC (Know Your Customer) which took place on 26th February 2019.
This is an area where there is a lot of frustration, and all treasurers feel they are spending far too much time and resources on it. The situation is further complicated by a lack of consistency, and by data privacy laws, which make it difficult to collect and store the personal data of bank signatories. But the group had several interesting solutions, including how to define the data being stored so as to avoid the data privacy rules, using in-house data bases to store documents, and getting a notary to certify that they have seen all the source documents, thereby eliminating the need to provide copies again and again. There may be hope in SWIFT’s new central repository, but that does not yet seem to have the buy-in of the several of the world’s major cash management banks (*this has changed since the discussion took place).
KYC is a problem for most companies in most countries. The consensus in the group is that Asia is most challenging (especially China), followed by Europe and the US, which seems to be less so – but still not good.
- No standard set of data requirements – there is an unacceptably high volume in most cases.
- The need to provide personal documents, such as passports and proof of personal address – this leads to difficult discussions with the bank signatories.
- In Europe, a conflict between these requirements and GPDR, which requires companies to delete this kind of personal data. This means they have to be asked for again every time there is a need.
- A lack of co-ordination within the banks – it is not enough to provide a document once to the head office or the main relationship manager. It has to be provided at the level of each subsidiary.
- Problems keeping the data updated, for example, when a bank signatory leaves the company and is replaced. This, in turn, links into another issue: how is treasury informed of personnel changes which affect the established bank signatories.
- There seems to be a link between how much data a bank requires and how much it has paid in fines for past KYC failures. And the fines have been big
The discussion brought up several excellent solutions
- On GPDR, several companies have found that it is possible to describe an ongoing business need and use this as justification for not deleting documents such as passports. This does not, however, solve the problem of making sure copies are deleted when people leave the company.
- One company has set up its own internal secured data base of all the documents which are required, so they can be downloaded and sent to banks when required.
- One company has provided all the documents to its notary, who produces a standard letter certifying that he has seen and verified the documents in question. This has been accepted by banks in 25 countries.
- Several companies have tried working with the various providers of central repositories (see below)
- Several companies have worked with Bloomberg, and various other providers.
- There is a lot of interest in the latest SWIFT initiative – some companies are beginning to receive KYC data requests via SWIFT. Treasurers expect banks to be more receptive to SWIFT than other solutions.
- Despite this, the level of acceptance amongst the major global cash management banks remains disappointing: Bank of America Merril Lynch* and J.P. Morgan* are notably absent from the list in the US, and it was not clear that Citi participates. (*This we understand has changed sone the report was originally compiled have both JP Morgan & BAML have now joined)
- Some banks continue to try to push their own solutions for managing KYC data. The consensus amongst treasurers is that we need a cross-bank solution.
- Some areas seem to be more encouraging than others for this – the Nordic banks are moving towards a central data base, while South Africa has already implemented one and Singapore has been moving in this direction.
- Some people have been pushing blockchain as a solution: the feeling is it may work, but the problem is not a lack of technology – it is a process and people issue.
- Even if these repositories take off – and most people would like them to – they do not solve the problem of the lack of uniformity in the requirements from banks.
Tracking Leavers and Joiners
- No-one seems to have an HR department which filters joiners and leavers to know whether bank signatories need to be updated and personal KYC data deleted
- One team has treasury on the joiners and leavers checklist – but this means they receive high volumes of useless e-mails
There was consensus that this is an area where national treasury associations have a role to play in lobbying for a solution