How to Leverage Effective Management Information (MI) within KYC/AML Operations

Within a bank or large financial services organisation, a massive amount of data is produced and analysed every day as part of the day-to-day business; for example, over the past 25 years, banks have diversified their product portfolios to such an extent that the textbook model of lending money to customers at a higher rate than they borrow it, is often not a bank’s primary source of income. This diversification has created varied business units and internal functions, each having their own specific risks and performance measures, further fragmenting how information is processed and understood.

This fragmentation makes it very difficult to look at how a bank, including its business and functional units, are performing when considered at a strategic level. Effective MI within a banking organisation will allow for different areas of a bank to be viewed through one lens allowing for interpretation and informed decisions to be made by the various management levels within the organisational structure.

In practice, MI should be used for both upstream and downstream communication and controls. For a function within banking operations, these could track a wide variety of things, such as:

  • Events – tracking of events due to failing of controls

  • People – individual and/or team performance and/or measuring communication of issues requiring management attention

  • Systems – efficiency of software and tracking of “downtime”

  • Processes – identifying bottlenecks, touchpoints or aging

By tracking these criteria against predefined targets and tolerances, an understanding of how a function is performing can be made, as well as identifying any areas that require attention.

There are questions specific to KYC which can be answered with effective MI, showcasing why it is an integral part of any KYC program, these include :

  • Are your CLM policies and procedures fit for purpose?

  • Can KYC reviews be completed to agreed run rates and tolerances?

  • Where can efficiency gains be made to spend less on resources?

  • What areas within the KYC end-2-end workflow require attention?

  • Do the resources spent per file align with a risk-based approach? i.e. is there proportionate spending when looking at client risk;

  • How can KYC/AML data requirements be leveraged from, and integrate into other areas of the organisation? For example, Operations and Compliance/Financial Crime;

  • What strategic decisions can be made when considering if it is worth keeping certain clients due to the (increasing) cost of ongoing KYC (especially for high-risk clients) and other related maintence requirements?

Once the information is produced and understood, it is important to ensure there are actions associated to pre-defined tolerances. For example, if a KYC analyst within a bank’s new client onboarding function had received outstanding documentation allowing for the completion of a KYC review, but after 2 days (“the agreed tolerance”) the client file had not moved forward within the process, a sub-process of notifications and escalations should be kicked off to ensure corrective measures are taken. The implementation of this type of downstream process is extremely important within banking operations, where controls play such an important factor in managing risk.

The upstream objective of any effective MI program is to give senior management the ability to successfully articulate the firm's major risks and performance criteria to key stakeholders, such as regulators or shareholders. This, in turn, can help secure further funding for change projects and BAU resources within the department.

Effective MI should also contain graphics to illustrate progress and the current state of a given project An informative graph, heat map or process flow can be an extremely helpful part of a middle manager's arsenal to get his/her message across. Some examples could be a graph representing performance over time, a heat map showing the associated risks connected to an array of business areas or process flows highlighting where bottle-necks are being encountered.

It has been mentioned how diverse a typical large bank’s business and operations can be ; however, the trend for some time has been for banks to contract out some of their operational services, and concentrate on the services they have a competitive advantage when compared to other banks. To make these strategic decisions the information required would need to be far-reaching but also consistent. By looking at relative return vs relative risk for all business units within a bank, the difficult questions on whether the business function should it be grown, contracted or maintained, must be asked.

It is, therefore, crucial that there is Synergy in the way a bank looks at and reports on its data, allowing managers to make informed and accurate decisions throughout the multiple management levels within a modern banking organisation. Starting from the ground level, where an analyst is pushing through his target number of KYC files for the week and ending in a board member voting on where internal investment should be made for 2020.


If you are interested in how Lysis can help with your organisation’s KYC/AML MI requirements, through bespoke MI solutions, please contact us info@lysisfinancial.com.