The next five to 10 years are expected to see transformational changes in cross-border regulatory reporting and compliance. At a time when the regulatory burden grows ever larger, the ability to manage and simplify the compliance mandate will be driven largely by compelling advances in data management and digital technologies.
Initially, this (r)evolution is forecast to eliminate the vast amounts of manual and paper-based documentation and record keeping needed today; longer-term, the benefits in terms of quicker processing and faster, simpler identification could be even more profound. Such is the powerful opportunity presented by so-called verified identity solutions that know your customer (KYC), as we currently see, could disappear in as little as five years.
This application of new systems comes at a time of unprecedented reporting requirements and a record number of regulations – such as the Foreign Account Tax Compliance Act, Common Reporting Standard, Annex IV (under the Alternative Investment Fund Managers Directive), base erosion and profit shifting (BEPS), Solvency II, and the General Data Protection Regulation.
While much of the technology interest is on the authentication benefits of ledger technologies such as blockchain, all aspects of the global reporting system are under review with regards to how technology could positively impact it. The catch-all term regtech has been coined to cover these broad developments, with the aim to bring much more simplicity, efficiency and transparency to global reporting requirements for the benefit of all stakeholders.
One of the most promising ways that regtech will help is in eliminating overlaps and commonalities in the data and client verification requirements of different regulations. Many regulations cover common ground; as such, smarter use of shared, verified data – such as that promised by blockchain and distributed ledger technologies – will significantly reduce or even eliminate numerous, repetitive reporting requirements.
A report from KPMG published earlier this year, 'Could Blockchain be the Foundation of a Viable KYC Utility?,' sought to put some numbers against the challenge:
'According to current estimates, in excess of US$25 billion is spent each year on financial crime risk management in the banking sector, the majority of which is due to KYC. However, despite the critical importance of these processes, KYC at many financial institutions is extremely inefficient... It is estimated that up to 80 percent of the effort associated with KYC is dedicated to information gathering and processing, and only 20 percent to assessing and monitoring that information for critical insights.'
The race for implementation – and leadership
While the regtech sector is still in its relative infancy, the firms and jurisdictions − and regulators − that take a lead will be one step ahead in a world where speed, innovation and a desire for standardisation will be key.
Earlier this year, Cayman Finance announced, for instance, that around 50 blockchain companies had established or were in the process of setting up in Cayman Tech City – the recently branded branch of the special economic zone that caters to tech-related entities. In mid-May, the government of Bermuda announced it had signed a Memorandum of Understanding with tech firm Shyft to establish a highly regulated progressive framework with an emphasis on strong KYC, anti-money laundering and compliance.
In his keynote speech at the Global Blockchain Business Conference last October, Ravi Menon, Managing Director, Monetary Authority of Singapore, stated:
'[Distributed Ledger Technology] is particularly suited for industry applications where it is important to know the histories of ownership but there is no trusted central party or reliance on the central party is inefficient or costly...Probably, one of the potentially more powerful applications in financial services is in customer verification, the so-called 'know-yourcustomer' or KYC process. DLT brings about opportunities for a shared industry-wide KYC utility that can verify customers and transactions in a more efficient and robust manner...This is not just conjecture. It is beginning to happen. In Singapore, OCBC Bank, HSBC and MUFG have completed a KYC blockchain project to reduce the duplicity of KYC processes, providing convenience for customers and efficiency across the banks.'
How might such technology be realised in the real world? A challenge with current systems – and therefore a major opportunity for a disruptive new tech process such as distributed ledger – is that the current onesize- fits-all approach to KYC obligations is widely viewed as unnecessarily burdensome for many institutional investors.
A multi-billion-dollar pension fund established and regulated in a Financial Action Task Force member country, for instance, must adhere to the details of KYC requirements each time it invests. In contrast, a blockchain-based approach promises that a one-time, one-off verification may be possible, for all parties and stakeholders involved.
KYC obligations could also be better managed through a risk-based mechanism where lower risk investors such as large pension funds are pre-qualified for access to certain funds, albeit blocked for cash distributions until all clerical KYC is completed.
This development of digital keys is one area in which individual
jurisdictions and domiciles could seize the competitive advantage
and lead. Once an investor was registered or verified, as such,
they could effectively subscribe to a new manager or service
provider within that domicile with relative ease (albeit they would
have to keep inputting new data for each compliance event).
This compelling simplification is the driving force behind new thinking and a real willingness to understand and adopt new solutions. In a report entitled The Future of Onboarding, PwC, stated:
'A new development in the world of customer onboarding involves the use of blockchain technology to build Know Your Customer utilities. A KYC Utility provides a centralised location where customer identification and verification can be performed once for a customer, rather than several times by different organisations for the same customer. Crucially, the adoption of KYC Utilities should lead to a muchneeded set of common standards for KYC.'
Achieving such advances, however, will require a commitment to collaboration between industry, service providers, regulators and technology firms, to prove that regulatory obligations can be refined while their aims are still met. There will also need to be a strong focus on security and the protection of confidential information.
In this world, the responsibility would remain on firms such as Intertrust to 'know their customers', most obviously from a risk and reputational standpoint. But the underlying process – and, importantly, the client experience – could be greatly improved. In such an environment, it is not impossible to see the end of the current KYC era, replaced by a new system of 'we already know our customer' (WAKOC).
As reporting becomes a more commoditised process, it is expected that lower pricing will play an increasingly important role in fund administration and related corporate services. Talking about the prototype in Singapore last year, KPMG stated:
'Via the] proof-of-concept prototype, a collaboration between Bluzelle Networks, a consortium of three banks in Singapore (HSBC, OCBC, Mitsubishi UFJ Financial Group) and the Singaporean regulator, we were able to demonstrate the utility's functionality, security, and scalability... In addition to stability and security, the platform could result in estimated cost savings of 25–50 percent by reducing duplication and providing a clear audit trail.'
One consequence of the rise of new technologies such as blockchain and the commoditisation of reporting will be a strong focus from fund administration and corporate service providers on delivering value-add propositions for clients – with a concomitant gravitation towards service providers that have a global perspective and the global solutions to compete effectively in such a digital environment.
This would be a bold leap, and require various stakeholders such as fintech firms and client-facing institutions such as Intertrust working together within compatible environments. But, in the regtech era, the opportunity is there.
First published in September 2018 in IFLR's magazine.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.