There Is More Than One Source
March 2022 Martin Woods
Who knew? Many years ago when I was managing a client remediation project at ABN Amro Bank N.V. in London, we used a data source called One Source. As I recollect, the strength of the data was for corporate entities in Asia and it was used in conjunction with a number of other sources purchased for the project.
I have always been familiar with a wide range of data sources used within anti-money laundering (AML) and ‘know your client’ (KYC) processes. Different sources had different strengths and as with many other AML professionals I was always looking for better data. In truth, I was looking for the holy grail, one source. Alas, notwithstanding the endeavours of Indiana Jones and multiple data vendors, I have come to realise neither exists.
Well, that was what I had concluded until I joined Thomson Reuters (TR) in 2012, after the FCA eventually approved my appointment as the Money Laundering Reporting Officer (MLRO) for the regulated businesses within the substantial TR business. I was aware TR had purchased Worldcheck, I used to work for them as well. What I did not know was the TR owned One Source. Wow, I thought, this is great, but it was not to be. It transpires there is indeed more than One Source, because the TR One Source was not the company and product I was familiar with. No, the TR One Source was targeted towards the legal profession and was not the Asian corporate data set.
As a global business, TR used a mixture of sources and I was permitted to buy data from competitors, because in some areas our competitors had better data. This is not a unique situation; AML professionals are accustomed to deploying a blend or sources, some from open sources and others acquired. We rely upon AML/KYC analysts who have experience, intuition and the ability to navigate complicated regulatory websites to secure the required data.
Most of us never stop looking for data and better ways of consuming data. Out KYC requirements for prospective, new and existing clients seem to increase on an ongoing basis. All of this places an additional burden upon resources and funding. The risk-based, scheduled, periodic review of the KYC for clients requires up to date data, because without this we can be accused of not knowing our clients.
Out of date sources
Some sauces mature with age, not so sources. Our constant quest is to maintain client KYC files up to date and accurate. Of course, data is not always readily available or accessible and some data is less reliable. In the event a vendor does not update records, there is a possibility changes to a client’s business, ownership and control will not be identified.
Most client data never changes; for example an individual’s date of birth remains the same date forever. Most people never change their names and most active companies/businesses seek to establish a brand and maintain it. Moreover, employers seek to retain a loyal workforce and thus operational facilities remain static. But, change is a constant, we all become older, we may marry, change jobs, move home, likewise companies are bought, some fail and others merge.
What has not changed enough is the KYC process, we continue to seek the holy grail, even though it does not exist. We adhere to a three level, risk-based approach which commonly incorporates distinct groups of clients; high, medium (standard) and low risk. In maintaining the KYC, firms/banks apply a graduated scale of scheduled, periodic reviews. High risk clients tend to be reviewed at least once twelve months, whereas medium risk clients may be reviewed once every two/three years and low risk clients once every three/five years. Whatever the review programme, there is always a ‘car crash’ on the horizon, a year when all clients must be reviewed.
The year when all clients are reviewed is one of pain, long hours hard word and in many instances failure. Quite simply it is often impossible for many banks and firms to complete the client file reviews in that year. So what changes can be made to secure better outcomes, success and perhaps even reduced costs?
After all of these years, I have come to realise, whilst there are horses for courses, there are also sources for courses. Instead of looking for one (super) source, it is wiser to look for and use a collection of sources which compliment specific client groups. Recently, I have been using data provided by Kompli Global to assess and analyse multiple companies and partnerships at Companies House in the UK.
Kompli Global have taken all existing records for all entities incorporated at Companies House, inclusive of dissolved entities, as well as a daily feed for all new entities incorporated and all documents sent or received in relation to existing entities. All of this is blended with other public domain and opensource data to create a client profile and indirectly validate some of the data.
Should a user wish, Kompli Global can add sanctions/PEP screening as well as real-time, proactive negative media screening. When applied to prospective new clients, a client profile can instantly be created, with copies of documents from Companies House attached, if required. Of course , this adds yet another client to the lists that need to be reviewed.
So, how do we make it easier? The answer is to use Kompli Global to monitor all a firm’s/bank’s UK incorporated entities. This can be risk adjusted, but at an entry level, Kompli Global could monitor these entities for changes to; an entity’s name, registered address, appointment of directors or a change of ownership. The information could be provided instantly and populated into an up-to-date client profile.
What if and why?
Pursuant to all of the above some AML/KYC practitioners posit, why does my firm or bank need Kompli Global to do this? Of conure, the answer is they don’t need Kompli Global, instead a firm or bank could do this, but what level of resource would be required?
Then some AML/KYC professionals ask what if the client provides false information to Companies House? Well, some parties do deliberately do so, and all being well they are not clients of your firm/bank. The majority of company officers, partners and accountants do not provide false information. In the event an AML/KYC professional doubts the honesty of a client then the relationship should be terminated. Otherwise, the client is trusted and this extends to the information the client provides to Companies House.
Ponder for a moment, the present review models which see some low risk clients reviewed once every five years. This could mean, subject to an expedient change, a client’s KYC could remain out of date for almost five years. Using Kompli Global, all clients that are UK incorporated entities will be up-to-date, all of the time.
Using a monitoring solution from Kompli Global presents a strong, pro-active narrative to regulators and simultaneously does away with the need to undertake any periodic review of this KYC data. For major UK firms and banks, this will undoubtedly prove to be a money saver and may also ensure the year of pain, long hours and potential failure also goes away.
A bigger picture
Imagine, if a firm or bank could monitor a client’s registered address, in order to identify any other UK entities which may subsequently be registered there. Likewise, a director or an existing client entity being appointed as a director of a newly incorporated entity.
For new clients, would your firm or bank like to be advised if the client fails to register with the Data Commissioner’s Office in the next three months?
The source of eternal
Many years ago, when presenting at an AML conference in London, I likened client KYC, periodic reviews and remediation projects as an exercise similar to painting the Forth Road Bridge. At the time it was reported that upon arriving at the end of the bridge, have completely painted it, it was time to go back to the other side of the bridge and start all over again. It was never ending, at least that was what I thought.
I liked the analogy and used it several more times, until one day I happened to be reading the Financial Times and therein was the story of the creation of a new paint. It was a paint which had been applied to the Forth Road Bridge and it lasted for 25 years. My line was gone; change had come to the Forth Road Bridge. Our KYC problems have substantially remained unchanged, indeed any changes which have taken place have generally increased the burden.
Behold, Kompli Global is the 25 year paint for the KYC requirements of UK incorporated entities, indeed, it is more than 25 tears, it is eternal. It is a focused source which compliments a specific client portfolio.
There is no one source, but there are some very good, focused sources which I believe will suit the appetite of a number of firms and banks who continue to wrestle with the demands of scheduled, periodic KYC reviews. The next step is to find more sources, more automation and to consume them. Who doesn’t like a good