Blockchain is very exciting for many and offers tremendous opportunities to make processes more efficient, create new markets and change existing market infrastructure. A lot of people are also joining the bandwagon because it is complex, difficult to understand
(oh well, its building blocks are game theory (consensus based), cryptography and peer to peer networks!!) and hard to explain and so by virtue of being part of it, you become the intelligent few that can make sense of it. All this excitement has led
to a lot of use cases becoming candidates for implementing on blockchain – whether appropriate or not. Gideon Greenspan put out an
excellent paper on comparing databases and blockchain to show where the advantages of blockchain come about. He concludes where you need confidentiality and performance, stick to traditional databases and where you need disintermediation and extreme fault
tolerance, blockchain is your answer. This got me thinking of one of the interesting and often talked about use cases in the financial services world – KYC (Know your customer) as a key candidate for blockchain ( is it or is it not ?) . In this blog, I look
at the KYC process and see what opportunities are there to make it more efficient – is it just blockchain or combine it with other change agents like AI and you get a powerful proposition that will help businesses save money and time – the two precious things
one can never have enough of.
Breaking down the KYC process
Ok, so what is the KYC process and why is everyone talking about it when it comes to creating efficiencies (oh yes, this is the experts can skip section!). One cannot say KYC without saying AML in the same breath. AML (Anti-money laundering) is the process
by which bad elements of the society hide their ill-sourced funds. So in effect, they ‘launder’ or ‘wash’ their money and make it look legitimate and therefore convert bad money to good money. To do this, the criminals and bad players need to route the money
through various channels via numerous transactions and create a smoke screen to hide the real source. Banks are convenient targets to hide money as they take deposits and immediately make the money legitimate. So, in order to ensure that the money is coming
from legal source, banks need to perform elaborate checks on the individual or institution opening an account with them and continue to monitor the transactions performed by them for any suspicious activity. KYC process typically entails the following, irrespective
of whether the account is opened for an individual, corporation, private banking or even a correspondent relationship (a customer):
- · Customer Identification: The first step of the KYC process is the customer on boarding where banks need to check the identity of the customer (name, address, date of birth, unique identity number etc). As part of this process banks
need to maintain proof of documents used to identify, have procedures to determine that the prospective customer is not wanted by government or does not appear on terrorists suspects and the like by consulting wanted lists maintained by governments and other
data providers
- · Customer Due Diligence & Enhanced Due Diligence: The next step is to perform basic background checks on the customer to ensure that the documents provided by them adequately represents them. Here it is also important to know about
shell companies that are setup by corporations for tax benefit purposes but these offer good hiding places for bad money as well. So this would mean that financial institutions will need to do detailed due diligence on ownership structures, relationships,
sanctions, social media mentions, negative news etc.
So where are the inefficiencies?
What is clear is to be able to have robust KYC processes and provide proof of the same to the regulators, banks and financial institutions need to maintain large operational teams that sift through documents after documents and online material to create
a reliable repository of information and data on any given customer. KYC process does not end with one time checking of documents, banks are required to continuously monitor activity and transactions of all customers and report any suspicious activity and
possibly redo the process every time there is a change to the customer’s ‘identity’.
I am sure you are already guessing where the inefficiencies are – there are 2 major areas of opportunities here. Almost every customer (individual or institution) have relationships with more than one bank and therefore both the customer and the banks are
repeating this process every time a new customer opens an account. This is inefficiency number 1. And every time, a lot of manual effort is spent in reading and making sense of numerous documents and legal structures that connect the customer to anything even
remotely suspicious. This is inefficiency number 2. An average bank spends about £50Mn a year on KYC compliance across their Data and Compliance departments and this cost is increasing year on year due to even tighter regulatory requirements. And it takes
an average of 7-10 days to on-board a new customer. So where is most of the time spent in the KYC process?
- Reading and making sense of the various connections and documents
- Back and forth communication with the customers and asking for more information
- Sifting through false positive alerts and focusing only on real issues
- Being able to ‘reason’ while putting together various sources and information to identify a potential fraud
- And of course, repeating this every time there is a change to the customer’s status, position etc.
What does it take to solve these inefficiencies – combine AI with Blockchain!
So having read all this, not sure how many of you are thinking of blockchain as the solution to solve inefficiencies in the KYC process. I certainly didn’t think of it as my first solution. A common KYC utility across banks was the first solution proposed
many years ago (makes sense) and there are many utilities/registries out there already trying to do exactly this (SWIFT’s
KYC registry for example). But of course the challenge with this model is creating an intermediary and therefore both a central control point and a central point of failure. So, here enters blockchain. As we recall from Gideon’s analysis that I mentioned
above, while distributed databases can very well create a shared KYC repository among the banks, if we need to have higher fault tolerance and have a need for disintermediation (I don’t think this is such a critical need for KYC and neither can it be disintermediated
– a debate for another day!) , blockchain is your answer.
So creating a shared repository between the various banks and financial institutions on the blockchain and also bringing customers onto it will help overcome inefficiency number 1 above. Blockchain creates a tamper proof highly secure repository that automatically
becomes proof for regulators as well as they can just become a node on the blockchain and view all information. But what about inefficiency number 2, the one that requires truckloads of operations people to read, reason and analyse information from various
sources. While blockchain brings timestamped immutability, higher fault tolerance and security, shared ledger and automated smart contracts, what we need here is Artificial intelligence (AI). AI brings us object recognition, reasoning, anomaly detection and
deep analytical capabilities. So how about we combine the two emerging technologies to create a truly efficient KYC service. We use the OCR capabilities to read and understand the various documents, store them on a blockchain based shared immutable repository
that is also visible to regulators, perform deep analytics and reasoning on the information to detect anomaly and reduce false positives and create distributed apps (dApps) and smart contracts to auto alert the participants on changes to a customer’s status
or position. So blockchain on its own may not be answer to every problem but yes, I truly believe that combining these two powerful technologies is the answer to making KYC efficient!