A Guide to Best Practices for Implementing pKYC: The Perpetual Advantage

A Guide to Best Practices for Implementing pKYC: The Perpetual Advantage

Regulated Entities in the UAE can significantly benefit from adopting perpetual Know Your Customer (pKYC) measures. Regulated Entities can maximise their outcomes and make the most out of relying on pKYC tools or software by taking up certain best practices as discussed in this infographic. These best practices broadly include formulating the strategy for pKYC implementation, supportive role of top management, generating pKYC awareness, leveraging technology, evolving with regulatory changes, and developing Key Performance Indices (KPIs) while regularly monitoring them for efficacy and anomalies.

Formulate a Strategy for pKYC Implementation

Regulated Entities can start by having a place, a formal strategy for pKYC implementation; such a strategy must be inclusive of some of the fundamentals such as:

Scope out Organisational Goals:

As in what the Regulated Entity aims to achieve with pKYC implementation, including the extent to which they intend to automate the pKYC process and what are their expectations in terms of features, timelines, workforce training, budgetary concerns such as resource allocation.

Identify KYC to pKYC Migration Requirements:

A pKYC strategy must consider the fact that whenever the Regulated Entity has to switch from manual to automated solutions or from one pKYC tool to another, they must consider data migration requirements and limitations, identifying requirements would help with pKYC software selection process.

Organise pKYC Software Demos and Shortlist Suitable Vendor Options:

pKYC implementation strategy must provide for organising software demos to understand which tool suits the requirements the most, going through demos helps with shortlisting potential pKYC vendors.

Select, Test, and Implement pKYC Software:

pKYC implementation strategy must include parameters to select, test, validate, and implement pKYC software.

Define Knowledge Base:

The regulated Entity’s pKYC implementation strategy must define a knowledgebase  that includes formal documentation of processes relied on by the pKYC tool, user manuals, guidebooks, rulebooks, reference charts, etc., that helps humans using the system make decisions, implement training programs, and complete other related activities.

Top Management Support:

Another best practice that Regulated Entities should implement is paving the way for management support in the pKYC implementation, as compliance is always about setting the ‘tone-from-the top’ where the conduct and the drive for Anti-Money Laundering (AML) compliance by senior management set the tone of a compliance culture in an organisation. The senior management must play a proactive role in the following activities:

  • Put together a pKYC Software Implementation Team that includes specifically chosen individuals who understand the requirement at hand.
  • Deploy Adequate Resources based on the fundamentals of a risk-based approach (RBA) so that Money Laundering, Financing Of Terrorism, And Proliferation Financing (ML, FT and PF) risks are mitigated effectively.
  • Assist with Decision-Making as sometimes the Software Implementation Team would require direction and guidance with making crucial decisions.
  • Drive pKYC Deployment Plan by taking regular follow ups of the status of progress with the pKYC implementation.

Generate pKYC Awareness:

The implementation success of pKYC depends heavily on the ability of the personnel or end-users to understand what is going on and what would be the level of their involvement and what actions would they be expected to take. This can be made possible by generating pKYC awareness in following ways:

  • Put in place formalised End-User Training Program that contains details as to the timing, nature, frequency, training content, mode of imparting the training, trainer details and credentials, and the learning outcomes expected from the end-user training.
  • Educate End-Users with pKYC Requirements as pKYC has its own characteristics that distinguishes it from the regular KYC, requiring knowledge updation.
  • Define Users and their Roles to assign responsibilities of each individual employee regarding their role in pKYC implementation for clarity and easy operation of the pKYC tool.
  • Educate with Workflows and Timelines as employees need to be aware of whom to escalate a customer profile for further CDD measures if alerts are generated and what is the expected timeframe within which they must conclude their work.
  • Encourage Knowledge Sharing as this solves the major component of implementation as sharing and communication facilitates identification of bugs if any and ensure smooth operations.

Leverage Technology:

A Regulated Entity looking for implementing pKYC can leverage technology by:

  • Defining Configuration Requirements in the implementation strategy which are tailored to meet the specific requirements of the Regulated Entity based on its unique situation and risk based approach.
  • Alerts Configuration and Management to customise alerts on the basis of workflows and responsibilities assigned which are based on parameters triggered through any change in customer details directly impacting customer risk profiling and customer risk rating.
  • Integrate pKYC System with Existing Systems through API integration and interoperability features of software systems for streamlined workflow without operational overlaps.

Evolve with Regulatory Changes:

A pKYC system that does not keep up with regulatory updates is at the risk of becoming obsolete in no time. Regulated Entities need pKYC tool to evolve with regulatory changes by:

  • Developing a thorough understanding of Regulated Entity’s AML and CDD Obligations in UAE to make sure there are no blind spots in AML compliance requirements.
  • Keeping pace with regulatory changes often requires updating trigger points that generate alerts in pKYC system, this is made possible through proactive Scenario Development where the pKYC implementation team and transaction monitoring analyst of Regulated Entities need to upgrade systems by feeding in new rules or thresholds for generating alerts through “scenarios” they feed into pKYC configuration panel, helping keep up with changes in laws and obligations.
  • Craft Regulatory Change Management Plan as having a plan in place facilitates with taking action when the situation materialises where laws have changed, requiring re-configuration of alert systems and inclusion or deletion of any change in pKYC formats, templates or questionnaires.
  • Relying on Expert AML Compliance Advisory Services when in doubt as to what should be the right move to ensure continuous compliance with AML regulations in UAE.

Develop and Monitor KPIs:

To ensure that pKYC system is operating smoothly without glitches, Regulated Entities need to develop parameters to Monitor Key Performance Indicators (KPIs) such as:

  • Develop Feedback Channels through Post-implementation Support that encourages open communication from both, the customers as well as employees using pKYC tool where they can report any issues they are facing so that support team either in-house or of the vendor of pKYC tool can assist with problem-solving.
  • Ensure Operational Efficiency as timely identification of bugs, glitches, lags, etc., helps with achieving operational efficiency.
  • Identify what Post-implementation Success looks like and run Comparative Analysis by assessing KPIs achieved against projected KPIs assured by the vendor to identify variation in performance of the system so that timely action to rectify problems can be taken.
  • Adapt and Fine-Tune pKYC tool as need arises as when KYC can become perpetual, its system’s maintenance requires to be on perpetual or continuous basis to ensure its relevance in constantly evolving landscape.

Conclusion

Regulated Entities can achieve the best out pKYC by adopting the best practices that guide towards increased efficiency.

Related Posts

Need help with the customer pKYC process?

Get in touch with us now!