Identity Matching:

What You Need to Know About It

source: cyberdefensemagazine.com

image: pexels.com

When asked how they can improve a bank’s security from financial crime, many bankers are at a loss for words. Granted, the question is a broad one and difficult to answer right away—financial crime has always been multifaceted, and its nature has only evolved further over time. Still, if banking institutions truly want to steer clear of connections to money launderers or terrorist financiers, they must identify which aspect of their operations is worth strengthening.

Industry experts for anti-money laundering (AML) have recently reached a consensus: there’s a lot of potential in using the customer screening stage to prevent suspicious transactions. The most sensible paradigm to adopt is one that’s called identity matching, which involves assessing customer risk based on the full context of their account enrollment data. This, along with upgrading the bank’s customer due diligence (CDD) technologies, will prove much more effective than the default rules-based name matching approach.

If you’re an officer of your bank and are looking to improve your bank’s compliance to its regulators—as well as enhance its overall responsiveness to financial crime—then consider updating your customer screening program. Here’s how an awareness of identity matching and modern CDD solutions can safeguard your bank against financial crime and keep you in good standing with both your regulators and your legitimate customers.

Why Advanced Analytics is Absolutely Necessary for Customer Due Diligence

First, a note on why the banking industry is experiencing something of a technological overhaul with regard to AML: regulators are now tightening their standards for banks’ CDD processes. The rationale is to make banks even safer and more adept at dealing with financial criminals who treat today’s climate of unpredictability like a cloak of darkness. Money launderers and terrorist backers have gotten very good at covering their tracks using either shell companies or frontmen. Their chief tactic is to sow as many distractions as possible so that banking staff are always guessing about the real mastermind or beneficiary.

With the steep requirements that regulators now demand—all in response to financial criminals’ growing proficiency at “gaming” conventional CDD systems—it makes sense for banks to change their strategy. The use of advanced analytics in CDD will allow banks to keep up with regulators’ standards and avoid steep penalties or implementation issues down the line. Sadly, most banks haven’t transitioned out of their legacy rules-based name matching system and thus cannot advance further than the task of flagging individual transactions.

Though upgrading to a better tech stack may seem unappealing right now, either because of the cost or the initial disruption to workflow, it’s definitely worth considering for the long-term advantage this will afford your bank.

Switching Paradigms from Name Matching to Identity Matching: What You Should Look for in Your New CDD System

Ideally, when customer screening takes place, it should account for all the risk factors that arise from different data points in the enrollment process. That includes not only the customer’s name, but also their address, their country of origin, the country where they’re currently based, their affiliated organization, and the like. But more often than not, a bank only deploys a rules-based name matching system for all the names in their existing database. Then, the staff list down all potential matches, plus only a couple of secondary identifiers, and pass the data over to an investigator to do a case-by-case analysis. The turnaround time for this kind of approach, which can take weeks, is cause for concern. By the time the investigator returns the data, agents in a money laundering network or terrorist financing ring may have already carried out their next move.

This makes it apparent that a rudimentary customer screening program will fail to curb the most masterful financial criminals—all because the team is working on late or incomplete analyses. That means that a new and up-to-the-minute CDD solution should be more comprehensive, streamlined, and capable of doing identity matching instead of mere name matching. It must be able to learn the context behind each customer’s enrollment when multiple customer accounts indicate suspicious relationships to each other.

For example, what if several different customers are trying to open an account with the bank using only one IP address? The use of different names, but the same IP address, might be evidence that one person is trying to open multiple accounts through the use of aliases. Another example is a customer who’s affiliated with a firm that’s actually involved in illegal activities overseas. Without sufficient third-party integration to sources that could verify Politically Exposed Persons (PEPs) or blacklisted organizations, that case will evade detection. In both examples, simple name matching alone isn’t enough to detect the subtleties that may be masking a form of financial crime. Identity matching based on a deeper context, however, could uncover vital clues about the true nature of each transaction.

Staying true to the principle of identity matching, a good CDD solution should be capable of the following:

  • A customer view that truly represents any significant relationships the customer has with others, in a way that could intelligently point to their involvement in suspicious activities.
  • The ability to assign initial ratings to customer screening events, as well as the ability to update them in real-time once customers’ data is verified.
  • A single source of truth for all data to be used in customer screening, rather than siloed-off systems.
  • High-level automation and machine learning (ML) capabilities that allow staff to process huge swathes of customer data of increasing complexity.
  • Compatibility with third-party applications that can match customer details with blacklists, sanction lists, or lists of PEPs.

The benefits of using such a solution will be immediate. Banks will be motivated to rethink their overall CDD processes, to improve their data collection and management in order to yield data of better quality, and to meet their compliance goals. As the saying goes, context is everything—and that definitely applies to customer due diligence.

Final Words

Revamping your customer screening program with a new approach and some new technologies will give you a fighting chance in the battle against financial criminals. Thus, consider switching to a paradigm that relies on identity matching, as this will save you time and money while directing your focus to the real threats.

Protect your institution and your legitimate customers by being accurate and responsive in your risk assessment procedures. Make the necessary changes before it’s much too late.