Common-sense KYC: Customers should supply the knowledge

So, what was wrong? Was it my calculation, or the way in which we have failed to deal with financial crime and money laundering?

In 2001 I perceived the business of “know your customer” (KYC) to be a very straightforward process that would logically place the onus upon the customer to provide the required data and keep it up to date. I also saw transactions as records connecting accounts, customers, and other parties, each time creating an easy-to-follow audit trail. I thought my approach was common sense, and I have since learned it is ironically not so common after all.

Still, I continue to believe no one knows a customer better than a customer—thus, the customer should provide KYC data and keep it up to date. As I type, I hear some of you saying, “But what if a customer lies?” I counter: Did you lie when you opened your bank account?

Let’s compare financial services with the airline industry for a moment. Both businesses are regulated, accountable to shareholders, and driven by customers, but it is the relationship with the customers that is the difference. In the passenger airline industry, the airlines and the airports dictate the terms of the relationship with the customer, whereas in financial services we have allowed the customer to dictate the terms. We have pandered to their requests and bowed down to their money, hence we are still here wrestling with KYC and account frauds.

There is another area in which airports, airlines, and their passengers outperform financial service businesses: collaboration. Can you perceive a scenario in which a passenger clears customs; has correctly answered the questions regarding luggage, which has been scanned; then prior to boarding the plane, the cabin crew stops the passenger and poses the same questions regarding the luggage? This does not happen, because if the airline did not trust the airport, it would not land planes there.

In contrast, within the financial services industry, we have historically failed to adequately collaborate, and consequently, customers do sometimes face this duplication of questioning and KYC requests. All of which benefits money launderers, because our finite resources duplicate processes applied to legitimate customers.

It is though we are hostages to a process and have failed to question the benefits and objectives of that process. I am constantly challenged by the notion that as an AML compliance professional I cannot rely upon the KYC process undertaken by a regulator when providing a firm with a regulatory license.

In fact, I reject this and have previously written to a regulator and advised that as the head of AML for a regulated business in London, I was relying upon its KYC of a firm regulated by them. Subsequently, an employee of that regulator telephoned me and stated I could not place reliance upon them. I replied that my letter was a statement of intent to rely upon them, not a question as to whether they would allow me to rely upon them.

Of course, the regulator was not expecting this reply and protested. I said that when I received a letter, in answer to my letter, within which the regulator stated I could not rely upon them, I would change my position. The letter never came, because the regulator could not put into writing, “We the regulator do not know who we regulate.” The bigger issue was the lack of collaboration, and if we are to improve the results of our collective AML endeavors, this must change.

For a number of reasons, I do not envisage writing a similar article 19 years from now. I hope improved collaboration and the application of some common sense to KYC is one of them.