By: Marc Murphy
At a recent AML event, a speaker from a global financial institution claimed that regulatory coverage of documentation was a hugely problematic and thorny issue for his organisation. In fact, judging by the nodding heads in the audience, it’s a problem for most financial institutions.
Documentation is required to show evidence of compliance and document management and control forms an integral part of the AML / KYC, due diligence, risk-scoring and classification processes for all clients. It is critical for regulatory compliance with other regulatory frameworks such as Dodd-Frank, FATCA, EMIR, MiFID II etc. Financial institutions must prove that they are in compliance with all local and global regulations through evidentiary record keeping and document management that proves coverage across all regulatory frameworks. The ability to evidence all key data elements that are captured and link these data elements, not only to a particular document but to the specific and relevant section of a document, is the Holy Grail of regulatory documentation and compliance management.
Added to this is the fact that financial regulators expect a high level of evidentiary documentation standards and coverage across all regulations. Yet, with no set documentation standard in the industry, the quality and standard of client and counterparty documentation from financial institution to financial institution varies considerably. In fact, financial institutions attending the AML event claim that proving coverage to the regulators, and, therefore, being able to manage regulatory expectations, is an ongoing challenge.
And yet despite its regulatory importance, for many financial institutions the area of compliance document management remains highly siloed and fragmented, with most institutions not knowing what documents exist within their organisation or where they are stored. As a key part of the CIP (Customer Identification Programme) and compliance processes, the collection of data and documentation is normally conducted by the front office account management teams in co-operation with the onboarding team, with KYC and other regulatory documentation being checked for adequacy by the compliance team.
However, client-facing functions very often don’t know what documents to request from clients in the first instance and, therefore, end up contacting the client multiple times, requesting documents that the client may have already submitted. Furthermore, previous research (Fenergo, 2012) has revealed that 40% of financial institutions believe repeated requests for information sours the client onboarding experience with their firms. Indeed, other research (conducted by Aite in conjunction with Fenergo, 2013) claimed that, in financial institutions lacking in client onboarding or legal entity data management teams, clients are often asked for the same documentation or information repeatedly by different parts of the institution, even those on the same desk.
This all comes down to a lack of integration, consolidation, coordination and visibility. Functionally divorced, most financial institutions find it difficult to share data and documentation across the institution, with documentation being stored in various and numerous client repositories. Additionally, with a substantial amount of documentation remaining in hard copy format, the process of identification and extracting useful information is even more challenging.
To overcome this, I’ve outlined below seven guidelines – based on implementations completed with leading financial institutions – that may help institutions to improve regulatory document management and compliance coverage across their organisation:
- Automate the document identification and request processes – preferably with a rules engine that provides an upfront checklist of all documentation and data required to support regulatory classifications and obligations.
- Encourage cross-institutional sharing and re-usability of data / documentation through integration of key bank systems, eliminating the need to ask clients to resubmit documents once again.
- Enable clients to self-serve when submitting documentation through a secure, online web portal in an effort to introduce convenience and speed into the client onboarding and document collection processes.
- Centralise all data and documentation to create a single client view, enabling business lines and divisions to (with appropriate entitlements) access, search, retrieve and re-use existing documentation to support regulatory onboarding activities across the entire institution. This will involve the digitising of paper documents and using tools such as IDR (Intelligent Document Recognition) and OCR capabilities to extract useful information from hard copy documents. From this, a document matrix can be created illustrating exactly all the documents that are held against each legal entity, supporting regulatory coverage.
- Optimise onboarding with outbound document content generation capabilities (e.g. Welcome Pack generation that informs the client of the products they are trading and the terms and conditions associated with their accounts, helping to comply with Client Suitability rules).
- Manage regulatory lifecycle events over the client’s lifetime through regular scheduled / ad-hoc reviews or event-triggered reviews (e.g. change of circumstance data or document expirations etc.) which may prompt fresh compliance and documentation reviews.
- Prove regulatory coverage of documentation through document auditing and progression charting (i.e. showing how many documents held and how many are outstanding) based on rules-based compliance determination.