Data Quality in KYC/AML

December 21, 2020

Ever since in May 2018 the ECB published the “Report on the Thematic Review on effective risk data aggregation and risk reporting” data quality has improved – not only in Europe- as one of the big topics for financial institutions in the area of Risk Management and thus also in the area of KYC/AML reporting. In the ECB report – written along the lines of the Basel Committee “Principles of Data Governance” – close attention is given to data quality, which is seen as one of the essential preconditions for proper risk governance and sound risk-based decision-making.

Why is data quality important for KYC/AML?

KYC/AML implementations are often large projects that require numerous changes to customer processes, customer data and reporting coming from different departments and business lines within the financial institution. For anti-money laundering (AML) investigations e.g. it is required to be able to verify information and trace individual transactions through the financial institution which assumes high quality and easily accessible information. All of the processing and reports build on top of the data entered, altered and stored within the organisation for which data quality plays a significant role.

In the KYC/AML regulated environment, maintaining a strong focus on data quality is therefore becoming one of the important success factors of being able to implement regulations. Let’s take a step back and see what financial institutions could do in order to be successful in improving data quality.

What steps can be taken to improve data quality?

Within the COBIT framework- but also within other frameworks – data quality is defined upon attributes that represent the criteria that must be satisfied in order to make information ‘reliable’. The general consensus is that there are four attributes of data quality that are seen as the most valuable. These are: completeness, correctness, timeliness and validity of information.

However, the problem with data quality is that not all mentioned attributes can be unified into a set of “hard” measurements. On the contrary, data quality has been proven to be difficult to measure. E.g. a set of data might be satisfactory in one of the attributes but inadequate in another one. Also, improving one data quality dimension (e.g. validity) could impair another dimension (e.g. timeliness). Within one organisation different stakeholders might also have different data quality requirements, while improvements concerning data quality have to compete within the same budget with other priorities.

In order to improve an organization’s ability to produce good quality data the ECB report states that it is important to have a program on data governance. Several good frameworks exist in the market for executing data governance, and many organisations have started working on these programs and have booked successes in improving data quality.

However, the implementation of a data governance program is a long term effort, due to the fact that data quality is not the outcome of a few good decisions, but rather the outcome of many good decisions taken in the process of obtaining, altering, producing and reports on data within many parts of the organisation over a longer period. Therefore, cross-functional collaboration is one of the keys for successful data quality initiatives.

Are there other perspectives on improving data quality?

Having concluded that KYC/AML projects reach out over multiple business units and departments of the company, it could be beneficial to look at improving data quality also from a change management perspective. What needs to change in the organisation to make a positive change to reach the desired outcome of “good” data quality?

Possibly, management science can help us with additional perspectives. Already before KYC/AML legislation became such an important topic, scientific research was carried out on which factors influence the actual data quality performance of an organisation.[1] Not surprisingly, the most directly influencing factor to improve data quality appeared to be the management commitment to do so.

Also in the earlier mentioned ECB report the same is concluded: “Senior management sets the tone and direction of any organisation and therefore their involvement, interaction and direction are very important in order to make real and substantive changes to the supervisory efforts spent on enhancing the quality of data…..”

Then the interesting follow-up question is: what influences management commitment?

In the management research carried out two types of factors came out that influence management commitment: directly, the presence of data quality “champions” in the organisation i.e. managers enthusiastic for improving data quality and secondly the fact that management is rewarded for data quality. Also indirect factors play an important role: the perceived usefulness for data quality as a strategic resource in products and services and the perceived need for data quality in meeting regulatory, stakeholder and competitive requirements.

Concluding

As a senior manager responsible for KYC it could prove valuable to look at data quality also from a change management perspective. Is there sufficient management commitment to drive through in daily decision making? Do we have sufficient data quality “champions”? And what are the arguments that can be used from a change management story like usefulness for e.g. competitive purposes? And are there – beside the mentioned regulatory requirements – other stakeholders that are in need of better data quality?

Richard Ippel

[1] Accounting and Finance 47 (2007) p.335–355, Factors influencing organizations to improve data quality in their information systems, Tee, Bowe, Doyle, Rohde.

From the blog

The new Payment Services Act in Singapore

Beyond Tick-the-Box Compliance: Unveiling the True Impact of Regulatory Annual AML/CFT Training

On the Wolfsberg Group, financial inclusion and the importance of financial crime compliance training