Corporate payment processing is complex. It includes many steps and multiple parties and participants. This creates a number of operational challenges (and costs) for banks, but, more importantly, slow cross-border payments lead to dissatisfied customers who are more likely to take their business elsewhere. Therefore, banks need to streamline their cross-border payment processes and employ more effective methods for sharing information about clients and their transactions.

Reduced profitability and a new level of competition from ‘customer-centric’ challenger banks that do not have to contend with some of the complexities associated with legacy technologies is adding additional pressure. As a result, client retention is more important than ever before.

Before exploring how banks can use new technologies to accelerate and streamline the processing of cross-border payments, we start by looking at the key challenges that they face today.

Cross-border payments: Key Challenges

1. Slow processing of payments

Payments can be stopped at any point in the payment chain, resulting in delays and a poor customer experience for both the beneficiary and the sender. Reasons for delays include the need to conduct sanctions, fraud & AML checks, and incomplete payment information. Due to a lack of standardisation and digitalisation in the sharing of this information, these checks usually need to go through multiple channels of communication. This is often manually intensive, leading to further delays. In simple cases, a payment may be held for just a few hours, but in more complex situations, a payment may be held for several weeks.

2. Operational inefficiencies

Another challenge is often caused by the way banks’ messaging infrastructure is currently set up. A large proportion of cross-border payments go through SWIFT’s MT103 messaging format, which is highly reliable, but, like any messaging format of this nature, is limited in the information it can carry. If additional information is required, it is usually sent over an MT199 message. Anything over and above what can be contained in MT103 and MT199 messages is sent via email.

Non-automated messaging and manual processing on both sides of the transaction can cause operational inefficiencies for banks, impacting profitability and consuming employee time that could be otherwise spent on value-added activities.

3. Lack of appropriate frameworks and automation

Most banks do not have an automated way to securely share all of the relevant payment data for a corporate transaction in a permissioned manner. If a business in the US is sending a payment to a business in Turkey, the Turkish correspondent bank may require additional information about the sender before they can process the payment. However, the person dealing with this request in the US bank will often have to find this information first, before going through legal for clearance to ensure regulatory obligations are met. Appropriate frameworks for sharing information rarely exist. If they do, they are rarely automated, resulting in additional manual processing and inefficiency.

4. Insufficient payment information

If the sending bank has not collected all of the relevant information up front, the additional details required to process the transactions may not be readily available. Additionally, KYC and invoicing details, for example, may be stored in different systems. Without the ability to index the relevant data and quickly determine where it is located, banks can encounter further operational challenges and inefficiencies.

5. Regulations around data privacy and information sharing

Regulations on information sharing and differing interpretations of what regulations entitle banks to do can create complexity when information is shared across jurisdictions. In Pakistan, for example, banks cannot share any details about their (personal or business) clients, even with a different parts of the bank; even the best technology solution cannot help if customer data cannot be shared. The recently introduced General Data Protection Regulation (GDPR) affects every organisation processing the personal data of EU citizens, and has significant implications on what and how information can be shared.

6. Money laundering

2-5% of Global GDP, or $800m - $2trn, is laundered every year, according to the United Nations Office on Drugs and Crime. A very small portion of that money is currently detected. Enforcement procedures are getting stricter and fines larger. As Neil Katkov, Regulatory Analyst at Celent, commented in The Economist late last year: “The number of anti-laundering regulations is climbing yearly—by nearly 10% in America, Canada and the EU, and by roughly 15% in Australia, Hong Kong, Malaysia and Singapore.”

Banks are at significant risk if they do not fulfill their Anti-Money Laundering (AML) duties properly. Effective data sharing is a critical part of checking both the validity for the payment and the KYC process. A careful balance must be struck between two very different regulatory frameworks - financial crime prevention and data privacy.

So how do we begin to solve some of these deep-seated issues? How can technology improve information sharing to enhance customer experience and retention (and therefore profitability), whilst simultaneously reducing cost, operational inefficiencies and financial crime?

The KYC Solution

KYC has become an increasingly common phrase in the banking space, but the concept is not new, it has formed part of national regulations for decades. In recent years the focus on both regulation and the fight against financial crime has increased, and, as a result, KYC has risen up the agenda. KYC enables banks to establish and verify the identity of clients and is a critical step in helping with the reduction of financial crime. However, the current KYC processes executed by many banks have a number of limitations:

1. KYC is concerned with entity-level information, not transaction-level information. Two (corporate) entities with perfectly good KYC may be engaging in criminal activity, but this can be difficult to detect from the KYC checks alone. Banks need to rely on sanctions screening tools and transaction monitoring solutions, rather than solely relying on the limited information contained in the payment message.

2. Correspondent banks only do KYC on their own customers, and although they do KYC on other banks to ensure they have the right processes in place, they do not typically carry out these checks on the customers of that bank (KYCC). As a result, they are exposed to any limitations in the verification processes followed by the other banks.

3. Sending banks only have the KYC information about their customer (typically only the originator) and correspondent banks tend not to have the KYC details of the beneficiary or the originator. Again, KYC leads to a reliance on the collection processes of other banks.

4. As KYC checks are typically carried out at a certain point in time, information about corporates, such as who holds directorships, can change quite quickly and therefore become out of date. One solution currently being developed is self-updating KYC. Regular KYC checks will help, but will not be a solution in and of itself, as detailed transaction-level information is still needed.

The KYT solution

KYT, or ‘Know Your Transaction’, is the concept of sharing a range of data pertaining to a transaction in a secure, auditable and permissioned way. KYT provides banks with the ability to enrich payments with all of the information that is required to process them, or to easily request additional details from another bank.

In addition to sharing KYC information, KYT enables banks to identify where data is stored (even if this is across multiple disparate systems) and for data to be shared with permissioned entities. Details provided may include detailed KYC information, information on the payment’s purpose, such as an invoice, and supporting documents for that payment, such as a contract.

Introducing Distributed Ledger Technology (DLT)

DLT refers to a system where copies of the data are securely shared by all of the relevant parties in the network, meaning there is no centralised, single place where all of the data is stored. There are many reasons why banks are particularly interested in using this technology, not least because it can help to reduce operational risks and act as an overlay to legacy systems.

DLT has a range of benefits as an overlay to existing payment networks. The technology can be used with bank-to-bank messaging as a means of sharing information that does not fit into a typical payment message. A globally unique token referencing detailed data shared via a private distributed ledger, or ‘blockchain’, enriches the information available to counterparties about who, what and why a payment is being sent. Additionally, a cryptographic audit trail of the information exchanged can be created, detailing the data’s provenance, what was shared, time-stamped proof of when it was shared, who it was shared by, and why. That information can be used to prove that a bank had a particular piece of information at a specific point in time in the payment chain, and that cannot be tampered with.

Data security is further improved through hashing (the output of an algorithm that gives a document a digital signature at a particular point in time). The hash can then be stored in the distributed ledger, along with the signature of the entity providing the information, without storing the data itself.

Processing cross-border corporate payments no longer has to be costly, highly manual and time-consuming. By using technologies like DLT as an overlay to existing payment networks, banks can reduce costs, increase operational efficiency, and, crucially, improve corporate client satisfaction by minimising delays along the payment chain.