KYC AND REGTECH: CHALLENGES AHEAD

Introduction

Know Your Customerpractices (“KYC”) are essential in the banking and financial services industry, from both a business and regulatory point of view.

Traditionally, clients interacted with banking service providers on a personal, face-to-face basis. Furthermore, some of the formalities required in the context of these services demanded a physical presence or had a physical expression.

However, the relationship between clients and service providers and the resources available to secure the authenticity of certain acts have significantly evolved over the past few years.

In this paper we argue for means to develop a KYC framework that is more efficient and more secure, keeping in compliance with the applicable rules and remaining protective of the parties’ interests in relation therewith.
KYC – who does it concern?

At first glance, KYC may be solely regarded as a burden imposed on financial institutions (“FIs”). This being said, if one dares to look a little closer, it will soon become obvious that this is not the case.

Customers are one of the parties that bear the inconvenience of being subject to a KYC check, being obliged to spend time and to incur costs in order to provide all relevant information required to complete a KYC process. This check becomes even more burdensome when the level of scrutiny placed on customers involves the identification of the beneficial owners and/or holders of qualified participations.

Regulators are also affected by KYC rules in the context of their supervisory duties, notably as regards their obligation to ensure the prevention of breaches and, if things come to worse, to initiate the applicable misdemeanour procedures and impose the corresponding fines and penalties on defaulting entities.

Is regulation the main problem?

As often occurs, regulation and reality follow different rhythms. While reality is always evolving, regulation tends to focus on past and present realities, leading to a growing number of applicable requirements to prevent future breaches and a tendency for rapid obsolescence.

However, this does not necessarily mean that regulation itself or supervisors are the main obstacles to a more efficient and more secure KYC.

Let us thus imagine that the applicable legal and regulatory KYC framework was sufficiently flexible to encompass every disruptive fintech product. Would this situation improve KYC processes? This could be a valuable starting point, but we are perhaps dealing with a more profound challenge that demands proper assessment.

RegTech as a three-way dance

Since UK’s Financial Conduct Authority (FCA) first showed interest in fintech solutions applied to regulatory mechanisms, notably, by coining the term “RegTech”, a global awakening to this phenomenon has taken place, especially among regulators.

RegTech products and services encompass a wide variety of technologies, such as big data techniques and blockchain technology. These disruptively innovative products and services may thus make the relationship between FIs (as well as the professional services companies working with FIs, including law firms) and their customers in KYC contexts much more efficient (particularly by operating through platforms already available to these customers – mobile phones, personal computers, etc.).

This is certainly a significant improvement in what concerns the submission of customer information and FIs’ data processing, but a high level of synchronisation will be required in what concerns the relationship between FIs and regulators. When it comes to RegTech, an innovation by a FI should be accompanied by a similar one on the part of regulators. Otherwise, the costs may double for both parties. The key word here is synchronisation. And this can only be achieved by mutual communication and understanding. FI and regulators must together identify which steps are to be taken towards more efficient and more secure KYC – that is, how and when? This is where RegTech companies join in the “dance”: they must not only understand the entire process, but also present realistic and competitive solutions to enhance it.

Therefore, although RegTech applied to KYC is an invaluable asset to all stakeholders, this “dance” we make reference to is no less so. Moreover, the same seems to be applicable to RegTech in general, i.e., beyond the boundaries of KYC.