Automating due diligence


Automating due diligence Ethical BoardroomBy Tapan Agarwal, SVP and Head of the Commercial Risk Product Pillar, iGTB, Intellect Design Arena


Many global financial institutions are looking to harness the power of social media to help them meet increasingly demanding know your customer (KYC) requirements – in other words, to identify potentially risky customers before the regulators do it for them.

But will banks and even their corporate clients be able to extract relevant information from social media channels to enhance due diligence? Or will it further complicate KYC and customer onboarding? Through this article, let’s explore possible answers to these and a few more related questions and thereby evaluate the effectiveness of automated due diligence backed by innovations, such as artificial intelligence (AI) and natural language processing (NLP).

Are regulations a drain on resources?

According to a recent report on banking regulations, bank spending on due diligence has been rising at an alarming rate. A leading global bank has added more than 5000 people to its compliance team in the last three years, following the $§ fine it had to incur in 2012 for not following AML monitoring and prevention regulations. According to a recent Morgan Stanley report, the cost of breaking sanctions by banks across the globe is $12billion. But do these statistics mean that regulations are an undesirable bottleneck for the banking industry? Let us try and answer this by drawing parallels with other industries.

Is banking the only business subjected to stringent regulations?

Compliance to regulations is not a practice restricted to the banking industry. Regulatory bodies prescribe stringent norms for most businesses. The healthcare and pharmaceutical industry, for instance, has regulations not only pertaining to the product, but also distribution, advertising, packaging etc. and these regulations vary not just across countries, but even within countries across states and regions. And complexity of regulations, again, is not a phenomenon unique to banks. It is common knowledge how an FMCG suffered huge losses in India because of misinterpretation of regulatory guidelines on the permissible percentage of lead in a food product. Not too long ago, the public in the UK was up in arms against the proposed review of the Bribery Act, which was treated as a hindrance by most businesses.

So, clearly, regulations are not just limited to financial transactions and banks are not the only institutions responsible for due diligence. The aim of regulators behind enforcing strict adherence to compliance is not just the protection of the banks’ clients. Adherence to regulations ensures banks adopt best practices and protect themselves as well as their clients from fraudulent practices, such as money laundering.

The virtual marketplace – where/who is the bank?

The emergence of the virtual marketplace, unfettered by geographical boundaries, fast-growing influence of block chain technology and the ubiquity of information are gradually blurring the lines between business verticals, with mobile network operators functioning as banks and banks offering integrated trading platforms. The online marketplace, however, also brings with it the threat of fraud, money laundering and other illicit practices. The blurring lines between businesses and the transformation of the market from a multi-storeyed warehouse to a desk at your fingertips has also raised a pertinent question – who owns the most valuable asset in the
knowledge-driven economy-customer data.

Who owns customer data?

If a customer were to buy a physical product through a social networking site using a banking app on my mobile device, which of the stakeholders in the transaction owns the customer data? How can this data be used? Can this data be shared or sold? From a different perspective, if the customer has used false information to buy a product, who bears the cost of the fraud? The industry is still grappling with these questions and there is still considerable ambiguity on this issue. Though this scenario refers to a retail transaction, B2B transactions also face a similar conundrum, just at a larger scale. The only definitive conclusion that can be drawn is that KYC is no longer just the bank’s responsibility.

Impact of social media: is it a bane or a boon for due diligence?

The vast amount of information being created and shared across social media is truly staggering: over 3.5 billion searches per day on Google;¹ an average of 4.75 billion items shared by Facebook users each day; ² 500 million tweets per day on Twitter.³ Then there’s YouTube, Tumblr, Flickr, Instagram, Snapchat… What makes it more cumbersome is the high probability of factually incorrect information. And herein lies the dilemma: is the sheer scale of the (largely unstructured) information available through social media going to add to your onboarding and KYC headaches – or will it help you to ‘tick all the boxes’ with regulators as events happen that may have risk implications for your customers and your bank?

“Regulators will surely look favourably on the addition of another tool to help with KYC. But use of social media will only be effective if the resource and technology issues that complicate onboarding currently can be avoided”

Regulators will surely look favourably on the addition of another tool to help with KYC. But use of social media will only be effective if the resource and technology issues that complicate onboarding currently can be avoided. That means automated, proactive processes wherever possible, with the resulting information easily accessible centrally and available in real-time, rather than buried in siloed systems or dispersed across business and geographical entities.

News is breaking ever faster – and often, breaking news is shared across social media first (just think of the coverage of the recent Paris attacks on Facebook and YouTube). Even tapping into social media, no bank can ever hope to be 100 per cent up to date with everything that is happening to their customers – or their customers’ clients. But it is no longer an excuse to say: ”We didn’t know”.  In the words of Dan Adamson, the CEO of OutsideIQ, an organisation that develops innovative artificial intelligence solutions that use big data to address complex risk-based questions and problems: “The problem, having computers understand this context, isn’t an easy one, but after years of R&D, I’m confident that there is a solution.”

So what is the solution?

The long and complex answer to this question would be an automated solution that searches regulatory databases and watchlists, sanctions lists, PEP lists, open web and premium structured content, as well as the humongous unstructured data generated through social media channels to prepare a red-flag report. One of the leading solutions in this space is OutsideIQ’s DDIQ, a solution that enables a faster, more cost-effective and automated due diligence research process that delivers consistent, accurate and auditable results.

In the words of Dan Adamson, CEO of OutsideIQ: “By automating the due diligence process, we are able to analyse a lot of content without bogging down the people we are employing to keep our companies safe. The key to being successful is to use a technology that starts thinking and acting like an investigator. It needs to be capable of finding the risks, but only surfacing what really need to be escalated.”

Simply put, the automated solution will function as a human researcher, possessing the capability to understand the searcher’s intent and the meaning of the query, but devoid of the inherent human limitations of language, efficiency, costs and individual perceptions.

About the Author:

Tapan Agarwal is the Product Council Head of Risk Management, and Head of Strategic Initiatives. Tapan has implemented banking systems in multiple banks and consulted to CTOs and CIOs at banks on technology driven business and operational efficiency improvement. He has played roles ranging from development, design and consultancy to strategy and operational roles including managing large teams , topline targets and bottomline responsibility.


² 41 up to date Facebook facts and Stats, Wishpond
³, Jan 2015