ING - data driven ecosystem - Ivar Lammers by The Business Profile

Building a data driven ecosystem Ivar Lammers discusses the Know Your Customer (KYC) process as he is tasked with finding more innovative ways forward for ING

MAGAZINE

ING GROUP

The Business Profile

BUILDING A DATA-DRIVEN ECOSYSTEM: INTRODUCING THE FUTURE OF KYC IN FINANCE Ivar Lammers has recently vacated his role as COO of Daily Banking and Treasury, to once again become Global Head of Financial Crime Wholesale Bank in 2024 - a role he previously held between 2017 and 2020. A “victim of his own success”, he jokes, as he is tasked with finding more innovative ways for ING, and indeed the wider financial services sector, to streamline the Know Your Customer (KYC) process and to ensure compliance, crime prevention, operational rigour and customer satisfaction in equal measure. A “victim of his own success”, he jokes, as he is tasked with finding more innovative ways for ING, and indeed the wider financial services sector, to streamline the Know Your Customer (KYC) process and to ensure compliance, crime prevention, operational rigor and customer satisfaction in equal measure.

We have vital internal and external partners, and the journey we have laid out has been considered and meticulous. It’s been designed in a way that means there needn’t be backward steps from here.

Hi Ivar. We seem to have caught you at a bit of a personal career juncture, but also at a crossroads from the perspective of ING and the finance industry more broadly. How would you surmise the current state of play in your sector? The absolute key thing for us Ivar Lammers

When I look at the client services side in my former position of COO Daily Banking, I was in continuous interaction with clients, and clients have questions like “what’s the balance of my account?” or “where is the confirmation for my payment order?”. All of these interactions can be significantly automated, because if you have, for instance, an account number or payment date, you should

be able to wire that fully automatically through the customer portal to your system of record, and back to the customer. However, when we’re talking about large corporate clients, they have a centralised Treasury Department, and they deal with not just ING but different banks in different regions. So, they prefer to engage with you via the global universal banking portal, “e-mail”, where you get text instead of data points. The question becomes hidden in the blur of text, and more difficult

to translate into structured data points that allow me to automate interactions and to automatically query my systems of record. That is one aspect of data-driven challenges, although partially addressed by eBAM, that needs to be addressed more passionately.

ING GROUP

now, with the volumes and workloads we are facing, is to be data and intelligence driven.

However, there is another side to this data conversation, which more revolves around my role around financial crime prevention. And that is the Know Your Customer (KYC) process.

www.BusinessSocial.org

ING GROUP

The Business Profile

Also jovially known as ‘Kill Your Colleague’ sometimes, as I understand… what impact could automation play in this traditionally frustrating process? There are a lot of redundant data points across the entire financial industry. Reviewing clients at regular timed intervals equates to hundreds, if not thousands of pages of data points across the industry, and those data points need periodic reviewing which is incredibly time-consuming and complex if done in an unstructured and manual way. Regarding the client’s digital identity (known as Identification and Verification of the ownership structure) this includes hard data points such as names or addresses, obtained from public trusted sources like trade registers. But there are also soft party data points which refer to the purpose and nature of business relationships, and therefore where and why transactions are done. Next to the digital identity, you must become familiar with and baseline the client’s transactional behaviour. This typically boils down to a per-individual relationship: “products vs jurisdictions”, “accounts vs

jurisdictions”, “flow fromand-to jurisdiction”, and an overview of booking and initiating offices. These data points allow a KYC operation to ensure that the correct local legislation and specific product legislation is applied to a Customer Due Diligence (CDD) review. Then there is something called verifiable evidence, where, for instance, identities of main principles within a legal structure identified in a trade register, need to be confirmed by an independent verifiable source which usually requires either an ID card or a passport. The aim has to be to have this data, and to both see and review this data, in a more structured and continuous way. Yes, because it is more seamless for us; but also so I don’t have to confront a client with a cold call for an ID document every three years, but rather ask for reconfirmation on what we have already exchanged. Here I’d initiate a CDD review, not just for the sake of a timestamp, but rather because my continuous (perpetual) view of the client’s identity and behaviour surfaces a change that - in line with legislation

and policy - requires investigation or confirmation. This would ultimately mean being able to do our work more effectively, with greater efficiency, while improving the customer experience. Because, at present, if I’m asking a treasury department to bother their CEO for a copy of their passport, they are typically not too excited about it. Whereas, if we’re just seeking seamless confirmation of data we already have as part of our continuous customer due diligence, then it’s much simpler for a treasurer to respond (reconfirm), everyone remains compliant, and nobody becomes fatigued by the process. I’m sensing there is still some hesitancy among clients to make this transition, though? Well, yes and no. They like the idea, but it’s not as simple as that for the larger clients with more complex structures, that deal with multiple financial service providers. The idea of interacting with structured data via a customer portal that automates parts of the relationship and makes their management more seamless,

ING GROUP

is attractive. But a treasurer deals with numerous banks, and would be confronted with needing to log in and out of multiple bank portals, being exposed to multiple KYC policies. They want one multibank vault to store their KYC information in, where they can decide which bank they want to provide the key. This is where we use CoorpID as the multi-bank portal. And that is where your recent initiated digital transformation comes in? Exactly. For KYC, we have established, through our partner, Blackswan, a market data hub. This hub creates the international profile of a client through a global trusted source and overlays every entity’s data, based on the country of incorporation, with a local trusted source. This is primarily the trade register, but a Financial Economic Crime (FEC) policy typically has a confirmed trusted sources setup with primary, secondary and other sources as well. The Blackswan datahub allows us to apply that hierarchy and receive an alarm where different sources provide a different value for the same data point. It issues www.BusinessSocial.org

ING GROUP

The Business Profile

point. It issues a “distillate” of ownership that could not be identified (private equity, trusts, etc) that requires us to reach out to our clients. This automates the majority of the identification and verification of ownership structures, and reduces our dependency or vendor lock-in to specific data vendors significantly. Also, with it being digital and structured, it also allows us to perpetually compare the values in trusted sources to those in our systems, to identify - for instance - new main principles or changed ownership percentages. For the aforementioned transactional behaviour side we perform the exact same perpetual comparison across our systems-of-record on a month-to-month basis for relevant data points, to identify any relevant change in transactional behaviour. This is done through our Domino system. And as for the still required verifiable evidence, wehave the multi-bank vault through which we can publish questions to the client. This perpetual way of working allows us to stay away from “mechanical” questions and

and structured, it also allows us to perpetually compare the values in trusted in our systems, to identify - for instance - new main principles or changed own If the identity and behaviour engage in a more clientpercentages.

remains unchanged, and centric way. Our data-driven For the aforementioned transactional behaviour side we perform the exact sa the verifiable evidences foundation allows us to relay comparison across our systems-of-record on a month-to-month basis for rele are reconfirmed, no full to the customer, ‘we are to identify any relevant change in transactional behaviour. This is done throug Customer Due Diligence giving you advanced warning system. process needs to be that your ID document, And as for the still required verifiable evidence we have the multi-bank vault t commenced, bringing statement of non-polluted can publish the questions to the client. This perpetual way of working allows u reliefclient-centric to both shares, trust letter, etc is up andsignificant from “mechanical” questions engage in a more way. Our da customer bank. for foundation reconfirmation’. Figure allows us to relay1to the customerand ‘we are giving you advanced wa

document, statement of non-polluted shares, trust letter, etc is up for reconfi

Figure 2

Figure 1 with - Forthis example purposes Presumably perpetual KYC, you’re also only receiving automated red flags for things that require your time and attention, so you’re also channelling your own operations and resources towards necessary tasks; rather than just complete reviews of often-static client profiles?

If thebut identity and remains and verifiable evidences Precisely, BlackSwan, ourbehaviour systems of record and our unchanged, customer portal, are notthe alone in facilitating They are partDue of a broader digital transformation. no fullthis. Customer Diligence process needs to be commenced, bringing si

Thisboth is where Xlinq comesand in. Xlinq secures the workflow across the above three. At first it customer bank. verifies entities’ behaviour, flags any issues that it is potentially inactive with us, and where the Relationship respond within the potential workflow. For active Xlinqnewfound orchestrates efficiency? Are youManager able can to quantify the scaleentities of this what BlackSwan obtains to form a global digital identity profile to bounce that off against our internal system and to identify any changes. The changes are assessed within the workflow by To give an idea of the scale of data we’re dealing with and the need to perform the analyst to ensure we capture the correct data within our client profile. Xlinq equally does the ownership structure of the client canclient be up to hundreds thatpertains for the clientto behaviour. After applying the rules engine, Xlinq issueswhich the proposed outreach which are then it reviewed in the workflow by both andname, Relationship eachquestions of those entities is required to know theanalyst entity address, the own Manager before publishing these into our client portal.

main principles, industry code(s), which products are used in which jurisdicti

When aligned with policy, all required data and evidence is obtained, and the customer file is funds, Figure 2 purpose and nature of the relationship, what laws govern each of those complete, the actual review of that file can be done, which happens in our KYC orchestrator workflow system (KYCO) jurisdictions, etc.

With this transformation ahead of us we will in the future have real-time visibi

Presumably with this perpetual KYC, you’re also only receiving automated red fl information as it changes. KYC gives us a also datachannelling profile that can things that require your timePerpetual and attention, so you’re yourseam own Figure 4 ABC = commercial assessment (Activity Based Costing) updated, checked or flagged; rather than putting our clients through the entire and resources towards necessary tasks; rather than just complete reviews of of every one, three or five years where breaches or shortfalls could have also oc client profiles? 3

those timeframes. Maintaining our customer dossier in this data-driven way a

Precisely, but BlackSwan, our systems of record and our customer portal, are not al continuous, fluid relationship with clients in the future. facilitating this. They are part of a broader digital transformation.

This is where Xlinq comes in. Xlinq secures the workflow across the above three. At fi verifies entities’ behaviour, flags any issues that it is potentially inactive with us, and Relationship Manager can respond within the workflow. For active entities Xlinq orch what BlackSwan obtains to form a global digital identity profile to bounce that off ag

Figure 3 ABC = commercial assessment (Activity Based Costing)

continuous, fluid relationship with clients in the future. Figure 2

To give an idea of the scale of data we’re dealing with and the need to perform regular CDD on, it pertains to the ownership structure of the client which can be up to hundreds of entities. For each of those entities we need to know the entity name, address, the ownership control, main principles, industry code(s), which products are used in which jurisdiction, source of funds, the purpose and nature of the relationship, what laws govern each of those activities in those jurisdictions, and much more.

Presumably with this perpetual KYC, you’re also only receiving automated red flags for things that require your time and attention, so you’re also channelling your own operations and resources towards necessary tasks; rather than just complete reviews of often-static client profiles?

With this transformation ahead of us we will, in the future, have real-time visibility of that information as it changes. Perpetual KYC gives us a data profile that can seamlessly be updated, checked or flagged; rather than putting our clients through the entire, strained process every one, three or five years where breaches or shortfalls could have also occurred between those timeframes. Maintaining our customer dossier in this data-driven way allows for a

This is where Xlinq comes in. First, Xlinq verifies entities’ behaviour, flags any issues, and pinpoints where the Relationship Manager can respond within the workflow. For active entities Xlinq orchestrates what Blackswan obtains to form a global digital identity profile to bounce that against our internal system and to identify any changes. The changes are assessed within the workflow by an analyst to ensure we capture the correct data within our client

Precisely, but Blackswan, our systems of record and our customer portal, are not alone in facilitating this. They are part of a broader digital transformation.

profile. Xlinq equally does that for the client behaviour side of things too. After applying the rules engine, Xlinq issues the proposed client outreach questions which are then reviewed in the workflow by both analyst and Relationship Manager, before publishing these into our client portal.

ING GROUP

Are you able to quantify the potential scale of this newfound efficiency?

When aligned with policy, all required data and evidence is obtained, and the customer file is complete, the actual review of that file can be done, which happens in our KYC orchestrator workflow system (KYCO). Figure 3 But by then you have only performed what you call data & evidence gathering, right? The actual KYC review still needs to happen? Indeed. The result is a more scalable operation. The Data & Evidence gathering is supported by this technology, performed by another team aside from the KYC analysts. This ensures we only deploy KYC analysts during the actual review of a customer profile against the policy, to rectify the KYC status of the client. Data (KYC) operations perform all the preparations. Continued on page 10 www.BusinessSocial.org

ING GROUP

The Business Profile

XLINQ ADVERTORIAL

www.BusinessSocial.org

ING GROUP

The Business Profile

More than just creating a more satisfying customer relationship, this has also already - had a positive effect on employee satisfaction as well.

working with the industry and, with most financial service providers moving in this direction, have constructively challenged us on directions and decisions taken.

So, if Blackswan is public customer data, and Xlinq allows you to model applications that helps workflow, where does PwC’s solution come into the mix?

And how are customers reacting to the shift so far? What do they think of the new and upcoming approach?

In setting up this capability we obviously needed to account for any regulatory and policy requirement. This is where PwC comes in as that third party, to offer an external legal opinion on whether every step, rule and setup is compliant. They are also

It’s interesting, because it’s not a process they enjoy anyway. That’s the nature of the beast. But from conversations with some of our larger customers that participated in the pilot, the consensus is that they appreciate the digital transformation, the emphasis on data, and on moving

away from time-based KYC to a perpetual KYC model. Their remaining frustration comes from what we have to ask them for to ultimately ensure compliance and to have that complete profile up to date. In that respect, they remark banks are almost more stringent than the law. But we have to be, and they understand that, and are very appreciative that we are making huge efforts to make it as “easy” for them as we can in the future. Of course, a lot of this transformation is quite technical. Are you able to illustrate the ultimate, highlevel ambitions of this more data-driven approach?

SIMPLY, WE WANT TO BECOME EVEN MORE EFFECTIVE AND EFFICIENT

it’s an exponential process because with each migration to the new way of working, capacity is released that we redeploy to the new way of working, further accelerating operationalisation.

We still have a long way ahead of us though. Yes, we successfully completed proof of concept and the pilot, but the actual migration of clients from the time-driven way of working to the new digital and perpetual way of working will take at least three years. This doesn’t happen overnight and will mean we have a hybrid model for the period to come.

I asked at the start how you would surmise the current industry challenge landscape. Circling back to that now, what do you believe ING’s role is in overcoming the KYC challenge in particular?

How do you envision this transformation evolving into 2024, in line with your role change? It started on January 1st, operationalising and rolling out the new way of working across 2024 and into the future. That means for clients that are expiring in 2024, we are already working ahead of the curve right now. Piece by piece, client by client, as their rulebased KYC expiration dates come into view, they will be migrated over to the new perpetual environment. But

We, and probably the industry, needed an onoff time travel into what a perpetual KYC experience would look like for clients and employees. It’s an industry challenge we’re all facing and dealing with, and pioneers need to be brave enough to fast-track its introduction and to expose stakeholders to this topic… to create the proof points. From there we travel back in time to today, the apostle will spread and the journey towards something else starts. The most complicated part of building something new is getting out of PowerPoint and to operationalise. But that’s what we’ve done, and I guess that’s what the industry is doing.

ING GROUP

Simply, we want to become even more effective and efficient. This means less strain on our clients and workforce, less strain on our partners, and more continuous KYC reviews.

It is designed and built to be bank- and industryagnostic with an expectation that the gatekeeper role in KYC and financial crime prevention becomes an obligation beyond financial institutions to also implicate sectors such as casinos and government bodies. For each, more effective and less costly operational options need to become available to secure the gatekeeper role across all applicable industries. I’m passionate about data’s role in all this, so the journey has been focused around not just efficiency at any cost; but very much also compliance, privacy and protecting customers through clearly established rules. It sounds restrictive, but if you have these elements clearly defined, it actually allows for more riskfree agility because you know exactly what boundaries you’re working within.

www.BusinessSocial.org

MAGAZINE For enquiries email info@BusinessSocial.org