Do We Need Robotics in AML/KYC?

There’s been a lot of news and discussion around the use of robotics in anti-money laundering (AML)/know your customer (KYC) compliance recently, and it appears to be somewhat of a buzzword. In the popular conception, a robot is a physical machine that is computer-controlled and performs physical tasks (e.g. in car manufacturing). However, the term also covers software, in which context it is usually truncated to “bot” and operates digitally. Ultimately, both robots and bots are aimed automating repetitive tasks. But what does it mean in real terms for financial institutions (FIs)?

Surely, in this data-driven world, it should be easy to connect to data sources to obtain relevant information from vendors, create business rules in an application, and wrap this within a workflow environment?

The change required to move to new processes that correctly leverage APIs and new technology is often a barrier. RPA can help bridge the gap, improving efficiencies and the customer onboarding experience.
Neil Isherwood, Compliance Subject Matter Expert, Dun & Bradstreet

In fact, D&B engages with many organisations, especially banks and other FIs, around automating AML/KYC via API links to our data. This is often used for entity verification, for ultimate beneficial owner (UBO) data, and alongside other providers for screening and electronic identify verification. For a long time, we have advocated the use of APIs to deliver data into an FI’s systems – the benefits being to reduce the errors of manual keying and improve the customer onboarding journey by pre-filling forms with business details that clients can simply confirm rather than input from scratch. However, these engagements have always been met with significant process and technical friction within the bank and can add cost to a compliance project.


However, the cost of not using friendly API’s can be greater with customers going elsewhere if the application process is too onerous. A recent study by the Digital Banking Report highlighted that abandonment rates for new account applications via a website are still high and, although large strides have been made for personal accounts, only 9% of business accounts can be opened entirely online through APIs.

Does the business process match the technology?

To assess whether there is a need for robotics – or, more accurately, robotic process automation (RPA) – we need to take a step back and think about traditional business process re-engineering.

Much of the information needed to efficiently onboard an entity client with a bank now exists, and can be consumed, via vendor APIs. The main facets of verifying business details, obtaining the directors, calculating the beneficial owners, screening the entity and individuals, and processing individual ID and verification can all be achieved with this data, accessed through those APIs. (For now, we’ll leave out additional onboarding burdens such as FATCA/CRS/FSCS classification, etc.) A key problem banks and FI’s face is that this hasn’t always been the case, and their (usually manual) processes and procedures were built before APIs existed. Often these processes, and the teams that carried them out, morphed into “centres of excellence” to serve multiple divisions of a bank, the most common being a sanctions/PEPS screening centre of excellence.

Today, however, these old processes, procedures, and centres of excellence cause problems. The onboarding flow often gets handed off to a different area, usually running a different system that is not integrated with the starting point. This can happen with various parts of the flow (e.g. there is some missing documentation, which requires customer contact to obtain – usually provided as a hard copy – which is then re-keyed back in to the system).

So, when a change team is tasked with reviewing and re-engineering the process to match the new technology, what options do they have? Here are some of the approaches we see most commonly being taken:

  1. Section by Section – Breaking down the process into discrete steps. Having more manageable sub-projects can show results quicker than other approaches. However, this can be time consuming if each sub-project continues to interface with existing legacy systems (which may themselves ultimately be replaced in future phases).
  2. Big Bang – Looking at the process as a whole. The benefit of this can be the breaking down of barriers between functions, ultimately streamlining the entire flow. However, this tactic often requires a huge IT investment and it can take time to see any material results.
  3. Champion Challenger – An interesting approach, whereby entirely separate “agile” labs have been tasked with creating a process from scratch. The benefits of this method are that it isn’t hindered by any legacy systems and the labs can be run in parallel to test and ultimately scale.

In light of the above, taking advantage of innovations in data and technology isn’t as straightforward as it may seem. It’s not that the new world – with processes and procedures that fully support these advancements – is unobtainable, but that the cost – both financial and in terms of disruption – required to move away from old ways of working is often a barrier. Robotics can help bridge the gap.

So, back to my original question: Do we really need robotics and RPA in AML/KYC? I believe the answer is yes, but I don’t see it as a silver bullet.

Pick your battles

Clearly, there are no overall right or wrong answers when it comes to re-engineering a process; it completely depends on the organisation, the landscape and architecture in place, the finite time and resources afforded to you to effect change, and (of course) budget.

So, pick your battles. Can you really take on the task of disbanding a screening centre of excellence and fully incorporating that into a holistic, more efficient process? If not, these are the areas where RPA, by using robotics to complete tasks, can help reduce friction and the potential for mistakes.

Using RPA to improve efficiency and customer experience

From a customer experience point of view, filling in forms is tedious and notably the largest cause of abandonment when a potential client is trying to open a new account. This is a good place to start with RPA. Look for data vendors who will use their information to pre-fill fields so the client simply needs to confirm or amend the entries. If you can’t re-engineer the existing workflow to accommodate this, then you could build a lightweight front end that collects, pre-fills and confirms the information, then hands it off to a bot that mimics the user entering the information into the existing system.

RPA can allow you to introduce new capabilities where relevant (such as automated UBO calculation) and take away some of the strain of interfacing with subsequent systems. It cannot entirely replace the human touch – the assessment of adverse press and clearing false positives from screening can be reduced, but it still needs a trained person to complete.

By picking your battles and using a combination of external data, re-engineering/re-platforming where possible, and RPA more effectively, you can make huge gains in terms of efficiency and new client satisfaction.

Thinking of streamlining your onboarding process? Find out more about Dun & Bradstreet’s data integration capabilities.