20 July 2018
Thomas Hook

Thom Hook

Thomas Hook - Pegasystems Inc.

18Posts 126,374Views 0Comments
Finextra community

Financial Services Regulation

This network is for financial professionals interested in staying up to date on financial services regulation happening anywhere in the world. CFOs, bankers, fund managers, treasurers welcome.

Government Backed, Blockchain-Based KYC Registries: The Good, the Bad, and the Verdict

26 March 2018  |  9372 views  |  2

 

KYC requirements have become a very time consuming and costly process, requiring different banks to conduct similar (if not the same) due diligence on the same customers over and over again. This becomes especially onerous when dealing with entity customers with complex ownership structures. It’s frustrating for both customers and banks. One of the newer plans to solve this problem are government backed, blockchain-based KYC registries. Existing centralized KYC utilities have begun to explore the benefits of using blockchain technology in their offering (IHS Markit’s KYC.com has partnered with Cambridge Blockchain), but the development of a government backed registry based on blockchain technology is a new approach. There has always been discussion of government backed KYC utilities, but as of late those discussions have now included blockchain technology as the underpinning of these utilities. In fact, several jurisdictions are already exploring their development (e.g., Singapore, Hong Kong, Abu Dhabi).  But what are they? How can they help? What are the concerns? What should I do about them?


What are they?

A blockchain-based KYC registry is a single source of customer due diligence information developed on blockchain technology for use by a consortium of participating banking institutions to onboard customers. In the best case scenario, the registry has the support and backing of a governmental body (usually a financial regulator).  Using an agreed upon common set of due diligence standards, the blockchain technology allows each participating bank (and potentially the government) to be responsible for helping to keep the data up to date. Each banking customer would have its own chain of data that contained all the necessary KYC data and documentation for a participating bank to use when onboarding them. Each update to that information would be a new block in the chain, accessible to those banks with access to the registry. Once the blockchain has been updated, an encrypted update could be sent to each participating bank to allow them to keep their KYC up to date in near real time.

 

How do they help? (The Good)

There are numerous benefits to these registries:

Reduce the overall due diligence burden on banks

  • By sharing the overall burden among all participating banks, it dramatically reduces the level of work required by each bank in conducting due diligence

Create consistency amongst banks

  • Customers no longer shop around based on the amount of information a bank wants to open an account

Improve customer experience

  • By only requiring to provide information once, across multiple financial institutions

Quick, safe, secure

  • Blockchain technology allows near real time encrypted updates and the safety and security of having the information decentralized

 

What are the issues? (The Bad)

Given the huge benefits these could provide, why haven’t they been developed sooner? Well, the devil is in the details. Internally, banks have difficulty in coming to consensus on the due diligence requirements for onboarding customers. When you bring multiple banks into the equation, the complexity of coming to consensus only gets worse. Additionally, there are lots of other considerations that make this venture complicated:

How do you agree to one set of minimum due diligence requirements?

  • Every bank has its own policies, procedures, risks, and risk appetites so coming to agreement on a single due diligence standard is not easy. What may be easier is coming to a base minimum standard that everyone can use and build upon. Again, the multiple stakeholders of each participating bank as well as the jurisdictional regulators will need to be satisfied and agree. Not an easy task.  

How do you ensure the accuracy of the data and validate it?

  • While accuracy is always important, its importance multiplies when several banking institutions are relying upon it.  

How do you prevent one incorrect piece of information from having far reaching effects on a customer?

  • What happens if an incorrect piece of data leads a customer to be rated high risk at all institutions and denied banking services? It’s an extreme example, but one that has severe consequences, including legal ones 

How do you take into account that there may be pieces of information that cannot be shared by banks based on data privacy regulations and concerns?

  • This can make creating a minimum standard of due diligence more difficult, especially given regulations like the EU’s General Data Protection Regulation (GDPR) where customer consent of information use is a key tenet 

How will the regulators react to its use?

  • Any technology that you rely on as part of a compliance program will be examined by regulators. On a positive note, financial regulators are already showing increased interest in blockchain. Currently, the US Federal Reserve Bank and the European Banking Authority are doing their own research into understanding the technology and the R3 blockchain consortium now includes regulators from the US, Canada, Hong Kong, Singapore, and the UK.  

 

So What Now? (The Verdict)

Sometimes change is difficult, but often leads to better results down the road. Despite the issues above, the overall benefit to the industry is huge. With the right mix of technology, regulatory acceptance, and banking partners a blockchain-based KYC registry could be transformative for customers and banks. More governments and banks need to step out of their comfort zone to help usher along and participate in these industry changing solutions. 

 

TagsBlockchainInnovation

Comments: (2)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 27 March, 2018, 11:14

Nice post. India's UIDAI provides more-or-less the kind of KYC you've described. Its biometric-enabled Aadhaar Card / Number is used widely by companies in TELCO, BFSI and other industries to carry out KYC for various products and services.

That said, the first issue listed by you - How do you agree to one set of minimum due diligence requirements? - is quite a serious issue: One TELCO needs Aadhaar only for full KYC; another TELCO needs Aadhaar and at least one more artefact for Proof of Identity / Proof of Address (e.g. PAN card, Drivers License); most banks require Aadhaar and one more artefact; fintech PayTM requires you to visit a physical agent to authenticate Aadhaar whereas most banks don't.

End of the day, despite Aadhaar, the pain of having to do KYC multiple times to avail oneself of multiple services has not gone away. (Aadhaar is on a traditional, centralized database architecture but I doubt if Blockchain will make any difference in this specific regard.)

1 thumb up! 1 thumb up!
Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 27 March, 2018, 11:23

Just to add, the above was the consumer p.o.v.

Many service providers have gone on record publicly saying Aadhaar has brought down their cost of doing KYC. A Blockchain-based KYC might bring down the cost even further. I highlighted a few benefits of Blockchain in Flight Delay Insurance - Why Blockchain?. I see no reason why the benefits accruing to Blockchain Flight Delay Insurance Providers shouldn't also be available to a Blockchain KYC Provider. 

1 thumb up! 1 thumb up!
Comment on this story (membership required)

Latest posts from Thomas

KYC - More Than Just Satisfying Regulators

09 April 2018  |  6802 views  |  0 comments | recomends Recommends 0 TagsRisk & regulationInnovationGroupFinancial Services Regulation

The Only Constant is Regulatory Change

02 March 2018  |  2016 views  |  0 comments | recomends Recommends 0 TagsRisk & regulationInnovationGroupFinancial Services Regulation

A Technological Approach to Identifying Beneficial Ownership

11 December 2017  |  5417 views  |  0 comments | recomends Recommends 0 TagsRisk & regulationInnovationGroupFinancial Services Regulation

Thomas's profile

job title Director - Risk, Compliance & Onboarding
location Cambridge
member since 2016
Summary profile See full profile »
Thom provides industry expertise to the development of Pega KYC and CLM and other financial crime compliance solutions. With several years of AML and Sanctions experience, Thom has worked in audit, co...

Thomas's expertise

Member since 2016
15 posts0 comments
What Thomas reads

Who's commenting on Thomas's posts

Ketharaman Swaminathan