For most businesses, the term “know your customer,” or KYC, conjures dread and denotes inefficiency. In the Nordics, where the KYC burden has worsened in the wake of large money-laundering scandals, banks want to implement a standardized utility model to tackle the problem.
For some companies, providing KYC documentation to their banks ties up as many as three full-time employees, delays opening accounts and causes duplication of effort, according to a survey of treasurers by Swift and EuroFinance last year. It is costing banks their corporate clients.
The Nordic region — which includes Sweden, Norway, Finland, Denmark and Iceland — has more than any other felt the impact of a growing focus on anti-money-laundering, or AML, and compliance after four of its largest lenders, Danske Bank A/S, Nordea Bank Abp, Swedbank AB (publ) and Skandinaviska Enskilda Banken AB, were linked to alleged money laundering.
Nordic companies are facing both a growing number of information requests and increasingly complex ones from their banks in light of these scandals.
“The four Nordic countries have their own way of looking at regulations and each and every bank asks the KYC questions in their way,” said Marit Bø Bornstein, CEO of Invidem, a platform set up by the largest Nordic banks to help them and their corporate clients manage KYC information and requests in a standardized matter. The model is known as a KYC utility.
“Several of the corporate customers in the Nordic market are asking us more or less on a weekly basis when this [KYC utility] will be done commercially, because they are so tired of repeating all these answers,” Bornstein, who took on her role in March, said in an interview.
Invidem compares itself to a “clearing house for KYC information.” The utility gathers KYC data from third-party vendors, such as company registration offices and stock exchanges, as well as corporates themselves, then verifies, packages and sells it to banks. For corporate clients, a central entity will reduce complexity and the effort required to meet bank requirements.
Founded in 2019, the company was originally called Nordic KYC Utility, but was renamed Invidem earlier this year. The founding banks — Danske Bank, Nordea, Swedbank, SEB, Svenska Handelsbanken AB (publ) and DNB ASA — are piloting the model, and aim to commercially launch in the first half of 2021.
Other Nordic banks will be able to buy data, Bornstein said, and later it could be available to nonbank buyers that use KYC data for their onboarding processes, such as insurance companies or law firms. Down the line, the platform could also provide data for private banking customers, she said.
The Nordic approach
The KYC utility model has been around for some time, but most past attempts have failed because of lack of bank commitment and oversight, overly ambitious designs and privacy concerns, consultancy firm McKinsey & Company said in a note published in January.
Matthew Steinert, associate partner at McKinsey and one of the note’s authors, told Market Intelligence that he has seen a “renewed interest” in AML utilities, including those focusing on KYC, in the past six to 12 months. In light of rising compliance costs and a general pressure to cut expenses as a result of the pandemic, banks are increasingly looking at ways to make their AML and KYC processes more efficient, he said.
Banks are learning from past mistakes, he added. The importance of having close involvement and investment from multiple banks, either through a consortium or in close partnership with lenders, has become clear. “Unless the banks are invested from the starting point, to really go and build it, their interest today versus a year from now can be totally different,” he said. Additionally, it will enable banks to work together on a common a list of information that the utility will cover, he said.
Nordic banks already have a track record of successful bank collaborations, such as mobile payment applications, with Swish in Sweden, Vipps in Norway and MobilePay in Denmark now close to universal adoption in their respective countries thanks to the industrywide support.
The region’s lenders are now taking the same approach to their new KYC utility. The fact that Invidem is driven by six banks that have agreed upon one KYC standard is a “unique advantage” for the project, setting it apart from other KYC utilities, Bornstein said. This will increase the likelihood that other banks will follow and use the platform, she added. Invidem’s founders have already developed a common standard with more than 200 data points, according to the company.
Privacy concerns
KYC utilities also face challenges around banks’ concerns about compliance with privacy laws on data sharing, according to Steinert. “Usually privacy restrictions, whether it’s GDPR [the EU’s General Data Protection Regulation] or otherwise, have been one of the main reasons why this [KYC utility concept] hasn’t been able to get off the ground,” he said.
As previously reported by Market Intelligence, banks face increasing dilemmas when balancing obligations under anti-money-laundering legislation and GDPR, which was enforced in May 2018. Processing personal data can be crucial in banks’ AML activities, but GDPR restricts how organizations can use such data.
For Invidem, GDPR and EU competition regulation put limits on the type of data it can handle and share. The company collects only data that is itself noncompetitive, and it does not conduct or share any risk analysis or assessments, Bornstein said. “We are just presenting facts about a company,” she said.
While Invidem is hoping to help the financial industry to combat financial crime, ultimately it is up to each lender to assess the information and detect bad actors. “We are just part of the whole chain,” Bornstein said.
Allowing banks to share more data and intelligence could enable regulators to ensure more efficient prevention of financial crime in the future, she said, but added that such sharing must be done “in a very controlled way.”
“We need to do this in a way that protects everyone, because if somebody analyzes the data in the wrong way and gives you a stamp as a bad guy, you will never be able to get a bank connection,” Bornstein said.
Source: S&P Global Market Intelligence
Also read: Ividem Partners with Encompass and Imeta Technologies
