The importance of “know your customer,” or KYC, activities to any AML compliance program is well known. A much less known – but equally crucial – component of an AML program is “know your data,” or KYD, which feeds into KYC and other AML compliance modules.
To run their AML compliance programs, financial firms use a variety of software to review customers, analyze transactions to identify suspicious activities and provide analytical and research capabilities to support suspicious activity reports (SARs). Both SARs and KYC rely on the quality and accessibility of data, which requires knowledge of that data – where it resides, who uses it, what actions are performed on it, etc. While over-stretched AML departments may not want to hear that they now need now to be more proficient in data management, KYD activities are needed and can drive efficiencies inside these departments through better data governance.
Due to the way they grow, financial institutions often are burdened with siloed organizational and technical infrastructure with redundant and difficult to integrate systems and data stores. This creates a particular challenge for AML compliance heads who have to make sense of disparate data that flows into the AML system from a variety of sources.
A recently published Protiviti point-of-view paper, AML and Data Governance: How well do you KYD?, sets out how firms can benefit from putting in place an effective data governance program to alleviate this problem. The paper covers the main challenges firms face with regard to data management in the context of an AML program and summarizes the main steps needed to create an effective data governance function as follows:
- Institute and enforce effective master- and reference-data management programs
- Institute enforceable enterprisewide data governance strategy and processes
- Be proactive in assigning data ownership and monitoring of data quality
- Create a centralized repository for metadata
- Support big data initiatives
Financial institutions that take these steps in an effort to create better data governance will not only be better equipped with regard to their AML efforts; they are more likely to achieve good standing with regulators who look favorably on firms that demonstrate data governance efforts.
Case in point: A Protiviti team, while working on a customer repository project at one of our clients, uncovered substantial data integrity and completeness issues across core systems supporting transaction monitoring at the organization. Regulators severely criticized the bank following an AML compliance program examination – a criticism that could have been avoided if effective data governance practices had been put in place. The firm engaged Protiviti to help expedite remediation of the data issues and formulate an effective and proactive data governance resolution to avoid an enforcement action.
We highly recommend reading this paper to gain a clear understanding of how critical KYD is to the long-term success of your AML program. Regulatory scrutiny around AML compliance has intensified after a series of high-profile lapses – so making data governance a priority seems like a prudent approach for financial firms.