As financial services firms face an increasing compliance burden, technology is helping to make the process faster, more efficient and less onerous for clients
To some, compliance is a challenge, to others it’s a burden. To everyone working in the financial services industry, it’s a reality. The seemingly never-ending growth of regulation and compliance can’t be ignored by any company that wants to continue operating in the Channel Islands.
Long ago, Jersey and Guernsey accepted the carrot of increased reputation in exchange for their ability to meet standards set down by major international organisations such as the OECD, the IMF and the EU. These in turn used the threat of blacklisting as a stick to encourage compliance.
“There have been a huge number of changes caused by reactions to various financial services sector crises and leaks, which have led to an increase in political will internationally to address what are perceived as socially unacceptable behaviours,” explains Andy Pryke, Deputy Group Head of Compliance and Risk at fund administrator Ipes.
Companies had to begin collating Know Your Client (KYC) data and instituting Client Due Diligence (CDD) and Anti Money Laundering (AML) procedures. Today, these are everyday tasks, but back in the 1990s few firms had such formal procedures in place.
Historians are likely to point to the financial crash of 2008/09 as a key cause of this change in political will and the subsequent acceleration in the growth of regulations and standards. The US, UK and OECD response to widespread public concerns about the possible misuse of international finance centres was to introduce new responsibilities for financial institutions.
They are now required to report in-depth client financial information via mechanisms such as FATCA and the Common Reporting Standard (CRS).
These new regulations and reporting requirements mean that financial service providers throughout the world are having to receive, process and store vast amounts of highly confidential data. Clients, who more often than not use a range of professional service providers from accountants to lawyers, trust companies and banks, have to supply this information over and over again.
“The world of risk and compliance is only going in one direction, which is more of it,” says Robert Surcouf, Group Chief Enterprise Risk Officer at JTC Group. This means companies need to keep their clients informed so that they understand why they are continuously being asked for information.
“It’s important to liaise with clients to help them understand that this is necessary and isn’t us trying to generate more work. Communication with clients, explaining why you’re asking for something, is important,” Surcouf says.
Data transfer
The information that clients have to give every professional services provider that they engage in the Channel Islands ranges from the banal – such as name, address, birth dates and certificates – to the more intrusive, including information about business interests, sources of funds and, in certain circumstances, the purposes for which withdrawn money is being used.
This information is collated and analysed by the firm in question, which then attributes a level of risk to that client. This factor is dependent on a wide range of elements but includes information such as whether the client is politically exposed or operates in countries that are known to be corrupt or unstable.
Under the terms of the different FATCA regimes, financial institutions must report information about their clients’ investments to tax authorities in the UK and US, which means that firms aren’t only holding vast amounts of sensitive data but are also transferring it to other jurisdictions.
With such a large amount of work surrounding every client, it’s easy to make the case for using technology to help to securely store, analyse and transfer the information.
The need for clients to repeatedly present the same information to every service provider has been identified by a number of Channel Island firms as an opportunity to create technology that enables clients to provide that information just once, usually via an online app, so it can subsequently be shared with other providers or the relevant authorities in a secure and authorised environment.
“Anyone who wants to access any Jersey service provider experiences a situation in which their KYC details, copies of their passports, birth certificates and so on are asked for at every turn,” explains Dan Le Blancq, Director of Operations at Elian in Jersey.
“For the client, it’s irritating. But the opportunity is there for us, as a jurisdiction, to say we can do it differently. That once you’ve provided the details on one occasion, then that’s enough and we will share the information. That’s where the opportunity is, and technology has a role to play in that, sitting in the middle and enabling institutions to share.”
Share and share alike
The opportunity lies in removing the burden of compliance for both clients and the businesses themselves. In the Channel Islands, JTC, Ipes and Elian have all developed solutions that attempt to address this for use within their businesses and, in some cases, as software that other firms can adopt for themselves.
From an internal perspective, multijurisdictional firms such as these benefit from being able to share their own client information with their offices in other countries. However, the Holy Grail would be for regulators to accept these solutions because this might also encourage other businesses to use them.
“Firms are looking for a kitemark of approval, but regulators, quite rightly, won’t endorse products because they need to remain independent,” says Andy Pryke. “It would be good for government to look at creating a kitemark, or something similar. If Jersey and Guernsey could use a kitemarked CDD system, it could create a competitive advantage.”
In order to overcome the Catch 22 of needing an endorsed product to gain client confidence, but not being able to get such an endorsement from an independent regulator, Le Blancq suggests another way. “Whilst people understand the system and the problem that it addresses, there’s no guarantee for them and there’s a reluctance to rely on something new,” he explains. “It’s seen as just too different. But this could be overcome by a centralised registry.”
Whether a centralised, trusted registry could ever become reality is open to argument. In the meantime, in actively seeking to rise to their own compliance challenges, are the aforementioned firms developing systems that could become the foundation of a Channel Islands-based technology industry?
Two of the three companies have developed their solutions using only in-house resources, effectively turning parts of their financial sector businesses into island versions of Silicon Valley start-ups. Whilst this may be an unexpected development, it does make sense within the context of the challenge the industry is facing.
Digital Jersey, the government-owned company charged with developing the island’s digital sector, has invited conference speakers to make the argument that the compliance environment presents an opportunity for the island. This line is reinforced by the presence of a number of firms that are developing marketable systems in the area.
As with all technology markets, there is a problem of fragmentation, something that’s already reflected in the fact that a number of Channel Island firms have individually set about developing compliance systems.
Whether consolidation among island-based businesses will be able to address this is difficult to tell, but Le Blancq says another option may be impossible to resist. “For there to be a real shift, you probably need a Google or a Microsoft to turn their mind to solving the problem,” he says.
The most realistic view may also be the most pessimistic from the Channel Island perspective, but that isn’t likely to stop the islands trying. By addressing the issue of compliance, they are backing an industry that’s set for considerable growth in the coming years. To truly make the most of the opportunity, however, a rapid increase in coordination will be necessary.
The Channel Islands in action
As the compliance burden has increased, companies have increasingly looked to technology to relieve the pressure. Here, we look at the technology solutions used by several Channel Island firms.
• JTC Group worked with Jersey-based firm Prosperity 24.7 to develop Self-Certify 24/7, a tool that uses Microsoft Azure and Microsoft Dynamics CRM to enable JTC’s clients to provide CDD information at their convenience, any time of day or night. JTC is then able to process any exceptions that have been flagged during the firm’s normal working hours.
• Elian and Ipes have developed tools using their in-house teams, with a view to making these available to third parties and, in the process, turning the compliance cost base into a revenue stream.
• IDCheck is an app launched by Elian in 2014. It is billed as being ‘the completely paperless alternative to certified true copies for client due diligence purposes’. The app enables clients to upload their identity information (passport, national ID card or driving licence, and utility bill) by using their smartphone. The app verifies this information by requiring a nominal payment to be made from an appropriate bank account. The information is checked by Elian staff, who compile a single-page ID report that’s held in a secure online vault.
• Ipes’ ID Register creates a KYC and FATCA profile of individuals that can link to their investments, lawyers or bankers. The profiles are continuously screened against politically exposed persons and global sanctions lists and are assessed for FATCA and CRS. This easily updated profile gives firms live CDD data to fulfil compliance requirements. The tool is available to other firms, giving Ipes an extra revenue stream.