AML Resources

Perpetual KYC (pKYC): Evolution in Persistent Watchlist Monitoring

Getting to effective pKYC

In today’s rapidly evolving regulatory landscape, the challenge of maintaining compliance with anti-money laundering (AML) and counter-terrorism financing (CTF) regulations has never been more daunting. The requirements to monitor sanctions, politically exposed persons (PEPs), criminal convictions, and adverse media, as defined by the Financial Action Task Force’s (FATF) predicated offences, are continually expanding. This evolution demands a persistent, intelligent approach to Know Your Customer (KYC) and Know Your Business (KYB) processes, which is where the Perpetual KYC (pKYC) comes into play.

The primary goal of pKYC is to modernize the approach to watchlist screening. Traditionally, the updates to watchlists by various governments, the United Nations, the US with its OFAC, NGOs, and other regulatory bodies around the world have placed a significant burden on entities governed by ML/TF regulations worldwide. These updates, influenced by FATF Recommendations 6 and 7 and the United States OFAC list, require not only monitoring for sanctions but also for any high-risk individuals or entities that emerge as threats over time. The challenge is not just regulatory compliance but ensuring that compliance is effective, efficient, and up to date to avoid regulatory fines or worse, criminal convictions for failing to satisfy the pKYC requirements.

Chief Compliance Officers (CCO), Money Laundering Reporting Officers (MLRO), Chief Anti-Money Laundering Officers (CAMLO), and all those within the compliance and risk departments that are tasked with the prevention, detection, and deterrence of ML/TF within their organizations know the stakes are high. Failure to identify a true positive hit on new or updated lists can lead to significant legal and reputational risks.

What is Perpetual KYC or pKYC?

Perpetual KYC is a modern approach to Customer Due Diligence (CDD) and Watchlist Screening processes. Unlike traditional KYC methods that involve one-time or periodic reviews, pKYC enables persistent, real-time monitoring of a customer’s KYC information. This ongoing process ensures that any new information that is found within the various watchlists, based on the initial KYC information of the customer, is brought to the attention of the compliance team. Thus enabling financial institutions (FIs) to better manage risks, avoid regulatory fines and make their AML/CTF Compliance regime more robust and efficient.

Traditional vs Perpetual KYC

Traditional KYC involves periodic reviews at set intervals, typically annual, semi-annual or at specific points during the customer’s relationship with the FI, whereas Perpetual KYC is an ongoing, event-driven approach that monitors customer information using automated systems and takes into account real-time updates to watchlists against the KYC information throughout the lifespan of the customer relationship.

One of the main challenges faced in traditional KYC processes is the reliance on manual or semi-automated systems, which are not only prone to errors but often outdated by the frequency of regulatory updates, as well as, not really accounting for the time it takes to get to the new updates to watchlist data. These systems typically schedule monitoring of clients against watchlists on a monthly, quarterly, or even yearly basis. This infrequency can lead to significant lapses where an entity or individual is newly added to a watchlist and is not identified in a timely manner, posing severe reputational and regulatory risks to the organization. Conversely, pKYC uses a proactive approach by leveraging AI-driven solutions to continuously monitor KYC information and trigger reviews and investigations only when an actual hit occurs in a particular watchlist.

Lastly, traditional and legacy systems often operate in silos, with sanctions checks and adverse media screenings conducted in separate cycles, leading to disconnects in the information discovery process. The cost of integrating these systems and the manual effort required to manage false positives and verify true hits add another layer of complexity and expense. In contrast, Perpetual KYC systems, can cross reference data across multiple sources in real-time, reducing the chances of missing critical information due to siloed operations, and avoiding the information overload from reviewing past hits that typically come with rescanning alone.

The Mechanics of Perpetual KYC

  • Continuous Data Monitoring: Perpetual KYC systems must constantly monitor multiple watchlist data sources for additions or changes, ensuring FIs always have access to the most current data.
  • AI & ML Driven Analysis: In today’s world, advanced technologies like AI and ML are a must to automate the analysis of vast amounts data for the detection of unusual events such as sanctions or predicated offences.
  • Automated Alerts and Investigations: When the system detects these changes to the watchlist against the KYC information, they must trigger an automated alert, prompting the compliance team to investigate further.
  • Documentation and Record-keeping: Documentation for every step of the pKYC process must be maintained, including event triggers and alert histories, updates to customer profiles, and actions taken by the compliance team. This provides a clear audit trail for verifiable auditability.

The Challenges of pKYC

FIs are faced with multiple limitations in the process of implementing a pKYC system, some of the most significant challenges include:

Technology and Integration: Perpetual KYC requires real-time monitoring systems, advanced analytics and AI along with an effective case management system. Developing and integrating these with legacy systems can be complex and resource intensive.

Data Privacy: The continuous access to and updating of customer information raises concerns around data privacy and security. FIs implementation of robust systems to protect sensitive data and ensure compliance with data protection regulations can be challenging and requires an ongoing process of ensuring the data is secure.

Data Quality and Consolidation: pKYC relies heavily on high-quality, consolidated data from multiple sources. Ensuring that data is accurate, comprehensive, and up to date is critical not only for regulatory compliance but also for minimizing false alerts.

The Benefits of pKYC

Despite these challenges, pKYC presents clear advantages in terms of efficiency, costs, and risk management once implemented correctly. The most beneficial advantages are:

Continuous Risk Management: Perpetual KYC’s proactive approach allows FIs to spot suspicious activities related to sanctions and financial crimes in near real-time, enabling compliance teams to respond quickly and effectively. This reduces the risks of reputational damage and potential fines that may be incurred from failures to detect potential threats. Furthermore, automated monitoring processes minimize the chance of human errors and inconsistencies in AML/CTF compliance programs.

Operational Efficiency: By automating many aspects of the KYC process, pKYC eliminates the need for time-consuming periodic reviews, greatly reducing the manual effort required by compliance teams on unnecessary reviews. It also breaks down the siloed nature of compliance operations, thus significantly reducing overhead costs.

Customer Satisfaction: Automated workflows reduce the need for repeated documentation requests and reviews if there are no changes in a customer’s risk profile. This improves customer experience and reduces friction in customer onboarding and ongoing engagements.

Implementing pKYC – The KYC2020 Advantage:

As financial transactions become increasingly global and regulatory burdens expand, the shift from traditional KYC to pKYC becomes crucial. KYC2020’s persistent ongoing monitoring solutions can help facilitate this transition, ensuring that FIs stays ahead in the fight against money laundering, terrorist financing, and other financial crime.

The move to pKYC begins with an effective data strategy. KYC2020’s aggregates data from a growing list of 1500+ sources and 10,000+ news outlets across 193 countries to build a comprehensive global watchlist database. Advanced technology, including Artificial Intelligence (AI) and Natural Language Processing (NLP) goes into normalizing, de-duplicating and contextualizing the data to create personas. This approach integrates OFAC/SDN, Sanctions, PEP, Regulatory, Criminal, HIO, High Risk Business and Adverse Media data to provide a more holistic view of the customer’s risk profile to compliance staff when it comes to watchlist screening.

Persistent ongoing monitoring systems for KYC/KYB data that can alert compliance teams in real-time is a critical element. KYC2020 achieves this with SanctionWatch which continuously monitors OFAC/SDN, Sanctions and Adverse Media data sources using advanced data science techniques to compute data change vectors. SanctionWatch is able to proactively detect changes in underlying KYC/KYB data with faster processing and lower costs versus the tradition of rescanning methods predominantly used today by most FIs.

Add to this, KYC2020 utilizes human centric knowledge or Collaborative Intelligence to automate the processing of alerts generated and in accordance with an organization’s risk-based approach. This results in minimizing false alerts, providing a significant reduction in manual interventions and overall costs, and allowing compliance teams to focus on reviewing true positives, i.e., those alerts that pose the real risk to the organization from a sanctions and financial crime perspective.

Data Privacy baked in

An essential part of implementing pKYC in is to ensure that data privacy, privacy considerations, and legal aspects of data privacy are built into the solution from the beginning. Customer data must be stored securely and in accordance with data protection accepted practices, laws, and regulations such as GDPR. This is why in one of the reasons why KYC2020’s has ensured all its solutions are ISO27001 compliant and SOC 2 Type 2 certified This provides a strong foundation for demonstrating the seriousness of secure data management at KYC2020. Furthermore, when it comes to uploading KYC/KYB data and downloading the results, or using KYC2020’s APIs, all of the sensitive files and data the customer provides, benefit from the heightened encryption methods used such as SSL, sFTP, PGP.

In conclusion, the transition to Perpetual KYC is not just a strategic advantage but a necessity in today’s increasingly complex regulatory environment. KYC2020’s persistent monitoring solutions are designed to support your transformation to pKYC, providing continuous, real-time oversight while reducing the risk of missing a sanction or financial crime alert.

Our solutions enhance verifiable auditability both internally and externally with regulators, auditors, or examiners that includes alert histories, clearing process decisions, and reviews that are tracked and documented. This level of detailed record-keeping also provides FIs with the transparency and accountability needed to build trust with all involved parties. With KYC2020, FIs can navigate the shift to pKYC, knowing that their compliance operations as it relates to KYC/KYB watchlist management are robust, secure, and ready to tackle future concerns of transparency and functionality.

 

Leave a Reply

Your email address will not be published. Required fields are marked *