Find out more about the latest developments in credit risk management for your industry.

Logo Created with Sketch. SCHUMANN - EN

Compliance Forces Action in the Financial Services Industry

Compliance regulations force efficient action, especially in the financial services industry. What exactly should be taken into account? Find out more in SCHUMANN Insights.
Blog Post, Schumann Insights
25.04.2023, Prof. Dr. Matthias Schumann

Extensive Screening of Customers Required

Regulatory requirements in the financial services industry necessitate comprehensive screening of customers, both in private and corporate businesses. This ranges from clear identification and verification of beneficial owners to sanction checks or checking an ESG score. If comprehensive processes without media discontinuity are not implemented, high costs and errors with far-reaching consequences are inevitable. At this point, it is therefore essential to have end-to-end IT support that can be integrated and that provides automated support for all the necessary checks.

Which Processes Does the Verification Include?

1. Identification

The process often begins with basic identification checks, e.g., for leasing applications or the issuing of guarantees. This applies even more as the share of online business increases. With identity products from information service providers, corresponding checks can be carried out automatically, triggered by a new customer address, by exchanging the relevant data with the information service provider or credit agency.

2. Economic Beneficial Owners

Once the address has been verified, beneficial owners must be identified and cleanly documented for many transactions in order to prevent money laundering. With the appropriate communication to the service providers, this is possible. Multi-level organizational links are also considered. IT automatically performs the necessary logging, as long as the information is unambiguous. Otherwise, a template is created for the responsible employees. Additionally, a good IT solution can ensure that if an information service provider does not have a hit for the organization searched for, other sources are requested. In the case of global solutions, for example, the system can be configured to select the relevant information service provider for the check based on the address data for an analyzed address.

3. Sanctions Lists

Personal data must also be checked against politically exposed persons. For this purpose, corresponding information can be automatically queried, or this information is checked against corresponding lists.

The Ukraine war has made the checking of sanctions lists even more relevant and extensive in order to avoid doing business with customers who may not be supplied due to governmental or supra-regional decisions, e.g., by the EU. If mistakes are made, the company is also at risk of trade restrictions. A large number of embargo lists exist for this purpose, relating to companies and/or persons as well as for certain products in specific industries. Automated checks can be carried out in two ways. Firstly, the relevant system checks against the relevant embargo lists that are directly available to the company. These must then be updated continuously. On the other hand, the check can also be carried out individually, when the address is transmitted, at the information service provider.

4. ESG

In addition, ESG considerations have recently gained in importance, particularly with regard to sustainability aspects. The aim here is to assess the extent to which the respective business partners meet environmental, social and governance standards. In addition to rating agencies, credit agencies and new service providers are developing scores for this purpose and collecting data. It can be assumed that these scores will be included as an aspect of the business relationship in the future. This will complement credit ratings, which can be retrieved and processed automatically by information service providers.

With this entire spectrum of data, the customer is comprehensively classified and analyzed - in the best case, fully automatically. In the case of blacklists, a personal false-negative check may still have to be performed. Not only the automated initial check is relevant here. The data must be permanently monitored in parts, e.g., against sanctions lists, in order to document relevant changes. This can only be done efficiently if an integrated system automates this work as much as possible.

Conclusion: Automated Processes Ease Unnecessary Expenses

With appropriately comprehensive systems, it is possible to achieve transparency of address data without burdening personnel with additional time-consuming routines. This ensures that the necessary compliance regulations are adhered to and documented in an audit-proof manner.

About the author
Prof. Dr. Matthias Schumann

Since 1991, Prof. Dr. Matthias Schumann has held a professorship in Business Administration and Information Systems (Chair of Application Systems and E-Business) at the University of Göttingen. He also heads the joint computing center of the Faculty of Economics and the Faculty of Social Sciences. He is a shareholder of Prof. Schumann GmbH.

Prof. Schumann's research interests include information systems at financial service providers and systems for credit management, as well as issues related to knowledge and education management. Prof. Schumann has a wide range of experience in consulting companies, extensive lecturing activities and more than 350 publications.

University of Göttingen

Matthias Schumann q