BLOG
Digitalization, cloud computing, and data insights are making real-time compliance automation possible.
Compliance automation has been talked about for over a decade. The promise of automating third-party screening and onboarding, combined with “always-on” compliance monitoring, is widely seen as the solution to ever-growing AML (anti-money laundering) and KYC (know-your-customer) demands.
The benefits are already becoming clear for businesses. In Dun & Bradstreet’s Continuous KYC Guide, we estimated that the combination of compliance automation and Continuous KYC could reduce businesses’ costs and workload by over 80% compared with manual processes. For compliance professionals, this translates into less time spent on frustrating manual tasks and more time focusing on proactive risk management and the more rewarding aspects of their jobs.
Yet with all these benefits on offer, many businesses are still hesitant to embrace automation. In this article, we look at what’s changed in the world of compliance automation and why it might be time to take another look.
In essence, compliance automation involves a highly configurable algorithm that screens third parties to assess risk according to the criteria you define. It then determines which third parties are safe to onboard directly and flags those that require further investigation.
This requires two elements: a cloud-based risk engine and a lot of accurate and up-to-date data. Previously, the technology powering risk engines was holding things back while digitalization caught up with expectation. To carry out real-time assessment, the first requirement was cloud infrastructure with the speed and responsiveness to power assessment platforms. These in turn required cloud-based data platforms that could make vast quantities of data available in milliseconds.
The good news is that we are now at the point where digitalization, cloud computing, and data technology have aligned to the point where real-time compliance automation has become a compelling proposition. (If you haven’t tried one of the new generation of automated risk engines recently, you probably should.)
It goes without saying that an automated risk engine can only be as good as the data it has available to analyze. This is even more the case as the world enters unknown territory in terms of AI-generated data and synthetic truth. It’s becoming increasingly important to understand where your data comes from — and whether you can truly trust it. This presents compliance professionals with the challenge of achieving a fine balance. It also creates gray areas that can lead to one of the biggest frustrations compliance professionals face: the dreaded false positives.
It goes without saying that an automated risk engine can only be as good as the data it has available to analyze. This is even more the case as the world enters unknown territory in terms of AI-generated data and synthetic truth.
Many early attempts at compliance automation were crushed by the weight of huge numbers of false positives. Immature or unfit-for-purpose tools (such as spreadsheets) tended to generate vast numbers of hits that were actually misses. These false positives were largely caused by not being able to access data rich enough to differentiate between entities or people who shared the same names.
This is an exasperating problem for compliance professionals, contributing to “compliance fatigue” that can undermine the effectiveness of compliance operations. It can also have very real impacts on a company’s bottom line. In a survey conducted for our Continuous KYC Guide, we found that 55% of the businesses that responded had been forced to reject potential customers due to a lack of risk visibility.
The solution is to cross-reference multiple data sources to gain a deeper understanding of the business entity, so you can determine whether they actually present a risk. This is one of the areas where Dun & Bradstreet’s data could be helpful. The Data Universal Numbering System (D-U-N-S® Number) was introduced in 1963 to assign a unique number to every business or entity. Today, there are hundreds of millions of records, each with its own unique identifying number. This means that all data related to that record can be consolidated by linking it to its identifying number.
This also makes it possible to trace the current and historical linkages between entities and provides greater granularity when it comes to tracking Ultimate Beneficial Ownership (UBO). By combining corporate linkage data with watchlist and sanction screening lists, businesses can gain greater insight into who they are really dealing with — and who they might potentially become linked with.
If you want to learn more about the new generation of compliance automation tools and the potential for achieving always-on compliance, read our Continuous KYC Guide, which includes a survey of more than 1,300 compliance decision makers across 9 countries and 15 industries.
The information provided in articles are suggestions only and based on best practices. Dun & Bradstreet is not liable for the outcome or results of specific programs or tactics undertaken based on your use of the information. Please contact an attorney or financial/tax professional if you are in need of legal or financial/tax advice.