bankingciooutlook

Evolving Efficiency of KYC Process

By Brad Mitchell, CIO, CTBC Bank Corp. (USA)

Brad Mitchell, CIO, CTBC Bank Corp. (USA)

Regulations like the Anti Money Laundering/ Bank Secrecy Act (AML BSA) demand strong risk assessment and control of activities typically associated with money laundering. The CTBC Bank Corp. utilizes KYC processes to strongly comply with all existing rules and regulations.

Technological Trends and Challenges in the KYC Space with AML BSA

The current KYC system at banks and other financial institutions are very labor and time intensive. They are usually rule based systems relying only on the data it contains and the rules that are created for it, with no forward learning capabilities. Some banks don’t have enough staff to attend to the number of AML BSA alerts it receives and there is an industry rate of 85 percent or greater false positive rate right now. An adaptive system that is truly designed to capture, identify, categorize, and provide more granular data on the already identified high risk accounts is required because that is a big area of focus and concern for federal regulators as well as banks. In order to ensure proper amount of due diligence by the bank in executing the KYC process, CTBC Banking Corp. system utilizes KYC systems that greatly reduce the number of false positives, are far more automated, less time consuming, and provide predictive modeling.

Identifying the Right KYC Technology Solution Providers

We are looking for companies that already have a financial background, whether in the up and coming fintech world or an established pattern like the Statistical Analysis System (SAS) who are experienced with the regulations. There are a vast number of companies that claim to have great ideas for KYC solutions, utilizing buzz words like AI but without the capability and experience to assist banks in ensuring compliance with regulations. It really comes down to meeting the required role of not just throwing buzz words around, but making the AML KYC process better in terms of accuracy as well as time and labor consumption.

The KYC Arena

The KYC or the AML process overall has three distinct parts. The first part consists of the on-boarding section requiring the bank’s diligent evaluation of individuals before determining to make them a customer. The other two are the ongoing monitoring and the reporting as per the design prescribed by the federal regulators.

The regulators play an important role of helping banks in ensuring the accuracy, relevance, and practical nature of the work done by financial institutions, which strengthens the safety of the banking and financial industry as a whole.

Unlike static systems, a system learning tool or AI is a lot more flexible and can start taking into account things that were not thought of. It can certainly dig in and go backwards in time a lot faster than a human can, in terms of addressing all of the data in various locations. It can drive out false positives and make information more relevant. Any transaction not normal for banks’ rule sets would trigger an alert for which the AI can search different systems immediately and provide a predictive risk/criticality score. The banks can then utilize this score to prioritize the alerts that come in, instead of using a first come first serve method.

"It really comes down to meeting the required role of not just throwing buzz words around, but making the AML KYC process better in terms of accuracy as well as time and labor consumption"

For this transformation a systematic modeling technique is required that is more automated, heuristic, and holistic. Clarity via communication is essential to understand, discuss, and plainly lay out AI in terms of its working, how far back it can go and all the other systems it can touch. This shall enable the federal regulators to comprehend, verify, and endorse this new technology while also eliminating human error that human interventions are prone to.

Advice to Aspiring or Current CIOs in the Banking and Financial Industry

CIOs should really understand the limitations of the current system they are using and see how those impact the staff contained in a BSA environment, in order to improve the current system.

Historically, we have heard of companies being hit by five year old virus malware that came around again because the individuals who wrote it know or found out that the pattern had been removed from the antivirus software. New companies like Cylance and other anti-malware/virus companies are doing the same thing where they are not looking for specifics. It is actually important to look at details like the overall behavior pattern of use, the individual, the application, the working of the PC, and calculating a risk score. With enough computing power and logical software, data and information from other places can be taken to create a more accurate picture for AML and AI. Though AI can sound like science fiction, we have to enlighten people about the fact that AI is actually based on real world science that is current and evolving since the last three to five years. Companies like Nvidia are working on AI self-driving cars and Amberoon is partnering with CTBC on an AI assisted AML system. But nothing should be imposed for AI’s sake or marketing buzz’s sake as this is detrimental to the organization of BSA or the banking organization as a whole. A methodological approach with side by side comparison of what is current and what the new system can do, would be preferable because BSA is not one of the things that a CIO might be an expert in, so certainly it is crucial for them to become more familiarized with that area and work hard on the same.