Year in and year out Know Your Customer (KYC) procedures maintain the objective of identity verification whether for individuals or companies, to protect against illicit activities and safeguard the economy. While this stays constant, the means used to accomplish this goal shift along with the regulatory landscape. Now that the trial month of the year is up and we can safely say 2024 is upon us, norbloc has put together the 4 trends that stand out in KYC compliance for this year.
1. Notable Advancements in the Regulatory Landscape
2024 is panning out to be an important year for regulatory change within the Anti-Money Laundering (AML), Counter Terrorism Financing (CFT) and KYC landscape. Within the European Union, we will start to see changes notable being implemented.
The AML/CFT Regulation and 6th AML Directive
The European Commission is welcoming the 6th AML Directive (6AMLD) and the first AML/CFT Regulation. These proposals deliver the Single AML/CFT Rulebook and serve as the foundation for coordinating the work of the future AML Authority (AMLA). The new rules establish harmonized requirements for the private sector to ensure a standard that is consistent across the Single Market. They also harmonize tasks and powers for national supervisors and Financial Intelligence Units (FIUs) to enable effective cross-border cooperation.
Overall, this is indicative of the progress in harmonization across the EU and the removal of barriers, that will help regulated entities within the region optimize their processes, enabling business to flourish. To date, the inconsistencies across jurisdictions posed a significant challenge.
The Digital Services Act
Furthermore, the Digital Services Act (DSA), in effect since August 2023, is now extending its reach to encompass online platforms and marketplaces of all sizes across the EU. As a result of these new obligations, these online companies will be required to implement robust processes to safeguard the digital realm from illicit content and activity, protecting users’ fundamental rights.
Recognizing the diverse levels of risks and responsibilities inherent in different digital services, the DSA categorizes online intermediaries based on their business service type, size, and impact, thereby establishing distinct tiered levels of obligations. Meaning that larger, more influential platforms are obliged to take further action.
Worth highlighting is one crucial new obligation introduced by the DSA which pertains to online platforms and the requirement to implement more stringent Know Your Customer (KYC) processes. As such, regulatory technology (RegTech) that is modular and scalable will become the go-to solution for meeting these new obligations (more on this later).
The Markets in Crypto-Assets Regulation
The EU’s Markets in Crypto-Assets Regulation (MiCA) reflects the Union’s mission to bring cryptocurrencies and crypto-assets under the same level of scrutiny as the traditional finance sector, aligning with existing AML/CFT and sanctions rules.
MiCA aims to increase the level of transparency withing transactions, thus supporting market integrity and financial stability by regulating public offers of crypto-assets and by ensuring consumers are better informed about their associated risks.
Meaning that we will be seeing a need for RegTech that covers transaction monitoring, suspicious activity reporting, and clarity regarding beneficial owners within the crypto space, to provide insight into who owns the asset, and the overall journey.
Also, worth highlighting is the much talked about Travel Rule, which will be harmonized across the European Union in December 2024 following the implementation of Regulation (EU) 2023/1113.
2. The Rise of KYC Orchestration
Despite the growing move towards standardization, still jurisdiction to jurisdiction, industry to industry, there are regulatory differences. How can entities ensure compliance in a regulatory environment that is so diverse?
The answer to this question explains the second trend we are witnessing in 2024; the rise of KYC orchestration platforms that are modular, flexible and scalable. For example, norbloc’s Sancus is a perfect example of such a solution.
Differentiating Risk
The idea here is that a regulated entity can work with one platform that will encompass customer onboarding, handling data collection and verification, along with AML and sanctions screening with a varied intensity depending on the type of client, the geographies involved, the complexity of the corporate structure and more.
Essentially what is captured is the risk; Orchestration platforms are able to embed a weighted risk calculator that adjusts the client journey and checks depending on their risk appetite and regulatory requirements. Thus, modularity in risk allows an entity to take their own risk appetite in conjunction with legal obligations to create the perfect pairing.
The Sancus Workflow Engine enables entities to create user journeys with risk-ratings playing a pivotal role; Client characteristics, KYC history, country, business type and many more parameters can be included as triggers within a dynamic journey.
This facilitates automation depending on risk and empowers businesses to create personalized compliance journeys.
Regulatory Flexibility
The orchestration platform that allows for customizable workflows wins! Not all orchestration platforms allow for the client to tailor their customer journeys. Most solutions out there are limited to a couple of ready-to-use workflows alone.
However, solutions that allow for tweaking and customization are better equipped for the regulatory environment. Changes in KYC obligations can be easily reflected in a workflow without extensive effort or further economic investment needed.
Furthermore, this empowers the client to create a user journey that reflects their company, deciding how they would like to initiate communications, but also at which stage to implement identity verification for example.
Control over design means different customer segments can be accounted for and can be treated with personalized experiences. A more suitable customer journey ensures less drop-offs during onboarding and renewals. Consequently, companies improve their business processes and compliance.
Scalable KYC Solutions
Scalability means that the solution can easily accommodate for the growth of a company, or the increase in their clientele volumes. This includes a growth in numbers but also any increase in geographies or industries that may require new user workflows to support compliance with other regulatory frameworks.
Investing in a scalable solution to upgrade compliance processes is key to ensuring the longevity of the new technology implemented; In turn, the compliance teams within an organization that adopts scalable technology can be confident that they undergo efficient training for one platform for years to come.
3. Increased Personalization in KYC
Personalization is popular across industries, solutions and services and also finds its place within the KYC compliance trends for 2024. As we are in the age of data this comes as no surprise. Now, customers and consumers have expectations for tailored experiences and comfortable user experiences within the digital sphere.
Previously we outlined how KYC orchestration platforms help to achieve personalized onboarding journeys, but there is more to uncover within this realm.
Digital Identities
When it comes to individuals, digital identity solutions are on the rise. Take for example digital government IDs, such as BankID in Norway and Sweden, UAE Pass in the United Arab Emirates, or Singpass in Singapore. Beyond these initiatives that are on the forefront of government-led digital IDs, last year Australia launched ConnectID and during the COVID pandemic, Greece saw an acceleration in digitization that also encompassed a digital ID wallet for citizens.
Additionally, it’s worth mentioning the rise in standalone identity verification across social media platforms. For example, platforms such as LinkedIn, Twitter, Instagram and more, are now suggesting that all users take steps to verify their identities online. This is aligned with new regulatory trends seen, such as the DSA mentioned above, that intend to increase transparency in the digital sphere in order to minimize illicit activities and safeguard fundamental rights.
These initiatives in the public and private domain, streamline efforts for identity verification and KYC for individuals, speeding up the process but also providing the opportunity for personalized user experiences based on the initial ID verification.
Automation and AI
Automation is the next step following on from digital identities and the ability to offer personalized journeys. Where individuals are able to onboard an institution using their credible digital identity, RegTech solutions can leverage dynamic, automated workflows to offer a customer journey that correlates with the individual that is before them.
For example, where a German citizen is opening a bank account, the bank will know to treat that individual differently from an American citizen that would trigger additional reporting obligations.
One level up from this is AI. However for AI to offer actual added value, institutions must be in a position where they have already adopted an adequate RegTech solution. This is for a couple reasons:
1. Data Quality – AI is dependent on the inputted data and so it is vital that what is fed in is accurate, up to date and complete. An obstacle to this is the lack of digitization and the collection of physical paperwork which is prevalent in the field of KYC, especially in the banking and financial sector, but also other regulated industries such as the maritime industry, trading, supply chain and the legal sphere.
2. Dynamic Workflows – in order to unlock the benefits of AI, entities should have already adopted an adequate RegTech solution that allows for automation and dynamic client journeys. Then AI can be plugged on top of this solution to enhance transaction monitoring, fraud detection and analytics.
3. Digital Culture – another incremental piece of the puzzle that is often overlooked is the effort and investment needed within an organization to train and educate their personnel and compliance teams to utilize the latest solutions adopted
4. Upsurge in Data Sharing in the Financial Sector
Another forward-thinking legislative proposal coming from the European Commission is the Financial Data Access (FIDA) framework which will push the wider financial sector into the digital age while keeping consumer interests in the forefront.
The FIDA framework sets out to establish clear rights, obligations and standards for customer data sharing within the financial sector. Building upon the already existing ‘open banking’ framework, FIDA aims to empower consumers with effective control over their own data.
Moreover, FIDA aims to ensure that there are control tools in place for data protection and privacy aligned with the GDPR. In this way, the EU Commission hopes to create a data sharing framework that is consistent with the Union’s overall approach to citizen-centric data protection and data processing.
KYC Data Sharing
The FIDA framework comes to support all kinds of financially-relevant data, as is KYC data. Norbloc is the first and only company globally to have successfully established a KYC data sharing ecosystem, bringing into fruition the benefits that the EU Commission hopes to see in the European Union.
Drawing from norbloc’s experience, the creation of a data sharing ecosystem requires the standardization of key terms throughout the process in order to facilitate effective sharing. Moreover, the ecosystem helps to maintain a single version of truth per customer file, making data silos a thing of the past and improving data quality.
Furthermore, the entities involved experience significant operational costs as processes are streamlined; With the customer’s consent, institutions are able to share customer files where there is an overlapping customer base, thus eradicating duplication of efforts, optimizing resources and improving data consistency in the region.
Conclusion: The 4 KYC Compliance Trends for 2024
1. The regulatory landscape is becoming increasingly complex with KYC obligations extending to other industries and into the digital sphere and world of crypto-assets. Simultaneously, steps are being taken within the European Union to harmonize the regulatory landscape for AML, which is a promising step towards breaking down internal barriers to business.
2. Orchestration platforms are on the rise because they are able to accommodate for institutions’ varied risk and client segmentation, the complexities of the regulatory landscape and the growth of the institution, client base along with any associated changes. Institutions that invest in KYC orchestration platforms that are dynamic, flexible and scalable are those which are looking decades ahead instead of opting for short-term solutions.
3. Personalization has found its way into the KYC space. As KYC processes move into the digital realm they take into consideration the rise of consumer expectations for personalized experiences and swift user journeys. Initially, this is made possible with digital IDs and the rise of identity verification along with embedded automation within dynamic KYC and onboarding workflows. However, as we move further down the route of digitization, AI will also find its place.
4. Data sharing within the wider financial sector will become a key topic within the European Union with positive implications for the KYC space. The FIDA proposal is carving out a framework that will ensure citizens have control over their data, while also empowering technology like norbloc’s Fides that can facilitate secure data sharing.