Hubbis and co-host IMTF, a Swiss-based process automation group working extensively in the field of wealth management and expanding in Asia, gathered a group of private banking regulation and compliance experts at a private and off-the-record discussion to deliberate on the escalating regulatory and compliance hurdles that they must overcome, and the role of technology solutions, and RegTech specifically, in helping them to do so.
Mark Buesser, Chief Executive Officer of IMTF, represented IMTF as Hubbis’ exclusive partner for the event, bringing to bear his experience as both an entrepreneur and an innovator who has helped many financial institutions with technology systems and automated processes to revamp their KYC and onboarding processes. Based in Europe, he offered a bird’s eye perspective on trends in that market that will inevitably flow into the Asia region.
The other key non-banker guest was Josh Heiliczer, a partner with EY and APAC Financial Crime Leader, who shared his deep insights and views on emerging trends in this sensitive area of wealth management data and compliance responsibilities and the role of digitisation.
The fast-evolving world of regulation
Buesser opened the discussion, explaining that the mission was to exchange experiences, ideas and insights the multitude of regulatory and compliance issues facing the private banks and wealth managers in the region and actual or potential solutions. “This is a fast-changing world we all operate in,” he said, “and it is far from simple to identify the right approach to these problems and the right solutions. There is no one approach or technology, no single solution that will prevail, these are multi-dimensional challenges requiring multi-faceted solutions.”
Buesser also observed that the banks should be wary of a siloed approach as a holistic vision of the hurdles and the solutions is preferable. “However, we also recognise that an overall solution to all these issues is very costly and the banks generally do not want to invest that much at one shot. Accordingly, we recommend a single, highly modular platform which allows the wealth management firms to invest step-by-step.
One expert opined that one of the most pressing priorities for the banks and wealth management community at large is handling the proliferation of regulations, keeping on top of all the developments, assessing the impact on their businesses, and working out how to manage the complexities of the implementation of solutions.
Managing the numerous variables
“The challenge is to address the multi-angle impact of the rules and the associated compliance requirements,” he explained. “We need to look at things from an account perspective, from a client perspective, from a booking centre and other perspectives, all of which means there are many complex variables to manage when defining a solution. Moreover, the scale of the implementation is enormous, including external approvals from the regulators as well. And finally, the pressure on the relationship managers is intense, as they need to handle the clients face to face.”
A private banker highlighted the end-to-end vision of the challenge their bank is handling and their holistic approach. “Intense focus internally on the strategy is essential, as well as appropriate budgets,” she said. “Dealing with the regulators is challenging and the levels of experience at some of the regulators is not ideal. For example, in one closed-door session with a regulator, three of their five representatives had less than six months’ experience in that role. Having said that, they appear to be realistic, certainly, that is the case in Hong Kong, and they are largely pro-business.”
A hefty burden…
Another banker expanded on the earlier observation regarding the mounting compliance and administrative pressures on RMs. “The burden on our RMs and our sales teams is very real,” he observed. “This is not their core skillset and we are changing the guidelines all the time as these regulations emerge and change, and as we or others interpret that regulation.”
He also commented that the RMs and sales force must also come to understand and then be able to use any new piece of technology the bank might introduce. “This is primarily supposed to help them tighten up the controls for the bank,” he explained, “so there is an inevitable element of change apathy that we need to overcome, to be honest. Additionally, we also need to help our RMs and sales teams with solutions that improve and do not hinder their business, in other words, that will be palatable for the clients."
He explained that a broad overview of the solutions is required, rather than solving each challenge on a piecemeal basis. “Moreover, we need to more accurately define the information we need our teams to gather, and we have not yet fully achieved that.”
Remediate, or be warned
The final challenge, he noted, is remediating existing ‘onboarded’ clients to provide the bank and regulators with updated information. “A client that might have been with us for a decade or more could be resistant of demands for more or updated information,” he remarked. “It is important therefore to consider how we approach that sort of conversation and what exactly we demand of them. Sometimes they can be awkward, especially the ultra-wealthy clients, and then sometimes a difficult decision has to be made; that decision must put the bank’s standards and responsibilities first and foremost.”
The discussion also highlighted the issues raised as faster payments systems go live. “Singapore has had a faster payment system for quite some time,” a guest reported, “but a core issue is how to conduct the screening, particularly on counterparties, to make sure we meet compliance regulations. There are sanctions on a global basis working in multi-currencies of course. The banks really have a lot of work to do in this area.”
Additionally, he highlighted the imminent arrival of the new Automatic Exchange of Information (AEOI) regulations. “For any clients that have offshore assets or entities that have offshore clients - and that means pretty much everyone around this table - information is going to be exchanged across many jurisdictions. Particular attention should be paid to whether CRS information matches KYC information and also special attention is required for dealing with countries such as China or Taiwan that have exchange controls.”
CRS stands for the Common Reporting Standard, which was confirmed by the OECD in 2014 and that began rolling out across 97 signatory countries in 2017.
He also touched on the approval of virtual banking licenses in Hong Kong, where a major concern is who that virtual bank is dealing with and vice-versa. “Obtaining the relevant information is difficult,” he explained, “and there are privacy ordinances to consider. Technologies that enable or accelerate the verification of information in this arena are very valuable.”
Still focusing on Hong Kong, the same expert noted that the Financial Action Task Force inspection will be a key hurdle for the banking and wealth management community. “I think in terms of compliance, the remediation of any of your legacy issues is going to be a real key. Accordingly, whether it is the source of wealth information, or transaction monitoring systems, or connecting information you have in the bank from a CRS perspective and the KYC perspective, these are all key considerations.”
He noted that the Hong Kong Monetary Authority (HKMA), for example, does not have much tolerance or patience for those banks that are not remediating older information held on clients.
The regulator – a double-edged sword
Another expert noted that there is a risk from the regulatory perspective, as the regulators are indicating they want to push for regular screening, rather than onboarding and then periodic screening. "Daily, weekly and other requirements have been mooted," he warned.
Nevertheless, this same expert noted that the Hong Kong regulator is in many ways accommodating the new era of technology. “They are approving virtual banking licenses, and new technology, they are willing to discuss things with the industry. They just want to be involved, and that communication is part of the compliance process as well because if they discover you have implemented a new system, targeted a new client base, or have changed your business model without prior knowledge, that is a big negative.”
Taking the holistic view
He concluded his overview by cautioning against over-reliance on automation as a solution. “Automation is great for reducing false positives and obtaining information, but the HKMA, for example, might later say that you, the bank, or your RMs know these clients and they might say that there are red flags that the automation process does not throw up that you the bank or the RMs would surely have known. People still need to be closely involved.”
The danger for the banks, noted another attendee, is the time and therefore cost involved in weeding out the tiny proportion of questionable clients and accounts. “The costs and the burden of time and energy are potentially huge,” he warned. “and very often for an outcome that shows the client flagged under screening and monitoring is completely innocuous.”
Buesser took this cue to comment that each regulator will take a different perspective on how to identify a client remotely. “Banks have been investing in some esoteric technology to solve these problems, but we hear of a 95% plus attrition rate,” he reported. “This brings me back to my earlier comment that the step-by-step approach with a single platform will side-step these failures, or at least allow you to address shortcoming or outright failures in a reasonable time-frame and at a manageable cost. It is important to retain flexibility when addressing these problems and to also take advantage of experiences which have been learned from some of those siloed type approaches.”
The ‘Lego’ of compliance management
Dealing with clients across many different languages and cultures is another major problem area. “Electronic screening is manageable, but the number of false positives needs to be reduced significantly,” explained one guest, “and perhaps that is where AI can help. For example, the Chinese language is not formed of Latinate characters and there are, I hear, about 16 ways to transliterate a Chinese name leading to a plethora of false positives from the screening process, just for one client name. To clear that is a nightmare, and then multiply that by the number of Chinese clients a leading bank might have, and one can imagine the scale of the problem.”
“The HKMA is indicating that it prefers a Chinese language screening, rather than transliteration,” another attendee added. “Some banks, mostly the Chinese banks, are able to as they are already screening in Chinese anyway. Others cannot as their systems cannot even yet take on a Chinese name. So this is a huge regulatory risk going forward. At this stage, it is not a requirement, but we do know from inspections that the HKMA want to progress on this front. The bigger the institution you are, the more is expected of you because the more risk you take on. And the more Chinese clients you have, the more you are supposed to be able to screen in the local language.”
Relevant to these concerns, Buesser explained that IMTF’s starting position is the belief that from the outset banks need to reduce the number of false positives. "We need a smaller field of results at the inception of the process, resulting in greater accuracy with lesser investigation required. Finding the people who have the skills and the experience to interpret the results is not that easy, especially as people move around, so RMs change, other staff move, customers change and so forth."
Turning false positives more positive
On a more encouraging note, Buesser reported that IMTF had been helping a major Swiss banking client the firm to ‘dramatically’ condense the number of false positives on somewhere near one million account names.
“We have compressed these false positives by a factor of about 100 times,” he said, “and I should add that the names are not only Swiss or European, as they include many, many transliterate names derived from the typical Swiss global client base, in other worlds middle eastern, Russian, Chinese and many others. So, there is some cause for optimism here; we believe our technology, which combines some 20 or more different algorithms and sophisticated balancing, is helping move the industry towards a solution. However, a key question is always how the regulator views these results, whether they have set expectations of numbers of red flags emerging from the screenings.”
Buesser also highlighted another facet of the IMTF solution, which is the exchange of flagged activity information across those banks that use the IMTF system. “This,” he elucidated, “is done on an anonymous basis to flag up money laundering scenarios. We never reveal the bank's name as the source, but we send it out to all our participating banks who are part of this annual subscription-based service. Sharing information and best practice amongst banks to help identify patterns and anomalies is certainly a move we favour.”
RegTech and its handling of the acronyms
The discussion moved further into the realm of fintech and RegTech solutions available and the rationale for their use. “Quite frankly,” said one attendee, “manual processes are labour intensive and often lead to inconsistencies.”
The same expert said robotics process automation technology can also be used to help fight financial crime space. “Whether looking at false positives because you as banks have rules to go through the process, or whether it be linking account information together, or even filing suspicious transaction reports, there are worthwhile applications in this field,” he observed. “For example, we have worked recently with a client automating the information required for report filings of suspicious transactions. Automation in this area is a sensible first step.”
Another area of increasing note is OCR/ICR, which stands for optical character recognition. For example, the bank might have semi-legible account information on a paper form. “I know you bankers here all have many written documents still coming in,” one guest commented, “so the tech to digitise this information is helpful, even though the hit rate on OCR is still probably only about 80% at the best. We have also seen intelligent OCR bring that to 90% or more, so there are advances being made and there are even some entities now handling Chinese language OCR as well.”
Developments in the field of natural language processing were also highlighted. “Having conducted all these searches, bringing in all of this information,” the same guest reported, “you then need to limit that to what is relevant. Natural language processing can help do that and help flag that information.”
Additionally, from the perspectives of transaction monitoring and name screening, the guest noted the increase of algorithms being used to create event-based scoring. “That can help enhance the quality of the alerts in both name-screening and transaction monitoring because you are looking at multiple red flags,” he reported.
Technology, he added, can help combine these processes to influence or achieve a better outcome. For example, technology can help when in combining a name search in the public domain obtained through natural language processing, with a letter of authorisation read through OCR; then robotics process automation can help pull information from different sources within the bank to bring it together and make sure that they match up.
You only get out what you put in
“In short,” this expert concluded, “the more that you can put into the automation process that is of high-quality, the more that you enhance all your processes, from transaction monitoring to name screening, to CRS filing, to all of the processes. But the one caveat I would mention, by way of caution, is to discuss these things with the regulator, make them part of the process so that later on you don’t have them coming back and asking ‘well, how is your system so great that it is taking out all the false positives?’.”
He continued by adding that the regulators give the banks credit for taking a risk-based approach. Accordingly, if for whatever reason there is some flaw in the logic around one of these processes, and something slips through, the bank can demonstrate that it is not because it did not test it. “You can show the regulator that you were operating a risk-based approach,” he observed, “and that is essential for making sure you have and keep the regulator on side.”
A senior private banker agreed but noted that her private bank still has a mountain of paper-based documents that need to be resolved effectively in order that base data is accurate.
“This is the same for many or most banks,” replied one technology expert. “The reality is there is no 100% solution to this as yet. A lot of information that is still on paper is really difficult to convert and even if and when you would digitise it the data is still not structured in the way you can use it. Some of this will, therefore, remain the preserve of a manual reviewing and remediation process. You can add technology and case management, things like that but it will still be predominantly manual, as somebody has to look at it. However, I reiterate that the earlier steps of transferring or translating this paper-based information into a more digitised information format can be enhanced with certain OCR or other technologies available today.”
Just the ticket…
In conclusion, he commented that the new technology can help but not resolve. “It can assist,” he said. “It can make things easier. It can control. It can follow a more consistent approach. But, there is no miracle, no ideal solution to make this whole thing fully automatic.”
The discussion turned to whether the banks can improve the forms they use in order to make the written replies more uniform and data processing therefore easier. “OCR works if you have structured forms if you have structured data with it,” said one attendee. “But there will be a lot of unstructured data to manage for a good long time to come, even though digital data and digital forms are becoming more the norm.”
Another guest turned the focus back to the onboarding process, noting that his onboarding for one new bank account he opened personally was via a face scan and uploading of his ID card.
However, data added another attendee, is indeed not always correct at the level of government source, in fact, it is seldom verified in many instances. "We need to be aware of which official information sources within each country can be trusted,” he advised, “and also what the position of the regulator is if it is incorrect and if you, the bank, has treated that as a ‘golden' source. Here in Hong Kong, for example, the regulator has said little on this matter and what might be the truly reliable official data sources have not been opened up to our industry.”
“There are also other risks, even if the information is correct,” warned another expert. “Once data is digital it is at risk is it not? So there need to be a variety of verification steps that are not associated with Biometrics, for example, credit histories, or government databases, multiple steps. But there is no standard collection mechanism yet and there are often multiple jurisdictions to deal with, especially for ultra-HNWIs. Open source investigation is, therefore, becoming even more important.”
Recognising the shortcomings of data
There was agreement around the table that as there are often discrepancies between some official data sources and some data extracted from open source the future will involve a combination of different elements to arrive at the solution required. “As yet,” noted an expert, “there is no single technology that will bring it all together and therefore for the foreseeable future, human intelligence will still be needed to take a decision on the discrepancies uncovered.”
Moreover, the panel noted that judging from the Hong Kong example, and this is likely to be the case elsewhere, the government is not going to take responsibility or assume any liability for any data from official sources.
Breathe easy – you will likely survive the technology cull
“Taking the big picture perspective, I have little or no fear that the human element in the wealth management industry will be replaced by computers or algorithm,” one expert concluded. “The various relevant teams within the banks will, I firmly believe, survive because nobody can replace them. However, their jobs will become more interesting, more enriching, and safer as technology will, to a considerable extent, protect them from later investigations, providing the right efforts and processes were pursued. Costs will drop, and efficiency will improve, to the benefit of the banks, assuming things are well structured. And the clients will benefit from less time spent onboarding and on other administrative elements while enjoying a better user experience."
Buesser closed the discussion by thanking the participants for the exchange of ideas and information. “Today’s conversation has underlined how these issues are global in nature and the solutions apply globally. The appropriate investment in technology for the banks and other wealth management firms are clearly significant, so we all need to be assured that certain approaches, certain steps are the right ones. And the people involved in these projects should understand that they can go step by step, to build the edifice in a logical and measured way, to roll out the investment stage by stage.”
IMTF: Technology Solutions for Private Banks’ Data and Process Automation Needs
Swiss process automation group IMTF is at the cutting edge of digital solutions to enhance operational efficiency and compliance from private banks, asset managers and other wealth management firms.
Founded in 1987, IMTF is an international software and application integration company headquartered in Switzerland and with a growing client base in Asia. The company offers innovative software solutions which enable clients to increase efficiency, achieving significant cost reductions with assured compliance.
IMTF builds RegTech software solutions to improve operational efficiencies, manage regulations and to offer new services like engaging with customers across all channels. The comprehensive offering, competencies and tools focus on: onboarding and client lifecycle management; AML, tax and market monitoring compliance; smart screening and open source investigation, custom-built front-ends for all types of channels and devices; technology and process consulting; professional services for the successful implementation of complex projects; secure document management; adaptive case management and collaboration.
“We offered our first compliance solution in 1999 so we have immense experience in this field,” Mark Buesser, CEO, reports. “Nowadays, everyone is talking about digital transformation; this is the process of bringing digital capabilities to different areas for ease of flows and access to products and services. It is about enhancing the customer experience, increasing efficiencies and opening doors to new revenue opportunities.”
The first step in any new client arriving at any private bank or wealth management firm is the onboarding, a minefield of potential errors and regulatory challenges. “Banks spend a vast amount of money on this area and today it is still largely manual, slow, time-consuming, and risky from the perspectives of compliance obligations and client disappointment.”
“There are many pain points in onboarding,” he explains. “This is where we can really bring digital capabilities to the banks to help them to improve this process and at the same time to be more compliant and reduce the risks.”
Buesser advises the decoupling of certain functions from the core banking systems because flexibility and agility is essential. "With our software, it is simple to add questions (including relevant data properties) if there are new regulations, change of workflows and processes rapidly. Rule-based on-boarding forms and workflows can capture data and documents at the source. Our software includes MIS Reporting of the processes and bottlenecks can be identified to improve the flow, while rules can be maintained centrally and rapidly changed when new regulations apply.”
Moreover, he notes, to cope with global regulations for multiple segments, the complexity today is in the rules and data, not in the process. “IMTF offers both technology and complete rule content with ongoing maintenance,” he elucidates. “With ICOS/2, screening of clients at the outset – for example for black marks or crime in their history or more important, sources of wealth - may be extended with a semantic and federated search and filtering across all data sources and languages, which is vital in a region as diverse as Asia. Semantic highlighting will guide users to the most relevant texts without the need of reading the complete document, speeding up this process. ICOS/2 comes with ‘out-of-the-box’ processes which can be tailored graphically and changed quickly.”
In conclusion, Buesser believes the IMTF platform software can help clients transform the onboarding to a truly digital process. “Efficiency, ease of use, the improvement of the customer journey, upgrading of compliance, reduction of risks, the enhancement of employee satisfaction, the reduction of costs, all these are benefits that our system offers.”