Subscribe to our blog
Get ahead with our award-winning insights on the latest developments in the fraud and compliance landscape. Enter your email below to receive our blog posts directly to your inbox.

One of the most stressful aspects of a KYC process is the last-minute scramble to gather all client/user information for an urgent investigative review. Organizing this information alone can be stressful, and the resources it can take to pull data scattered across multiple systems can create more stress and anxiety as the clock continues to tick. KYC fire drills like this are far more common than we realize, and with fire drills come operational inefficiencies.

How is it that large institutions suffer from constant fire drills, even years after high-tech compliance solutions have come to the fore? How is it that cases continue to “slip through the cracks,” and how is it that cases continue to not be properly escalated? When businesses use manual processes and manual escalation protocols, errors are bound to happen. This puts a strain on all involved parties, but most critically, it exposes the institution to unnecessary regulatory risk for non-compliance. For reasons such as these, institutions are looking to regulatory technology — RegTech for compliance solutions.

In an article late last year by Reuters, regulators made it clear that they encourage institutions to look for innovative ways to stay compliant with regulatory requirements and improve their own internal policies and procedures, the new catalyst driving the need for intuitive and flexible case and queue management systems that would later prove to be indispensable. In the simplest terms, think of case management as the boxcar that holds all the important information needed to review the case, and queue management as the railroad tracks that help route this boxcar to the correct place.

Believe it or not, many large institutions — especially in the banking world — organize and assign cases to analysts manually via massive spreadsheets with “safety macros” — a method for maintaining accurate data in individual cells of a spreadsheet for things like case status that make it difficult for analysts to alter data. Although it may seem like this is a fairly reasonable way to organize and parse out your workload, it quickly loses ground as the most viable option. Spreadsheets for compliance do not capture data in real-time and are completely at the mercy of batch or manual data entry. Other firms have chosen to build expensive in-house systems that cannot adapt to regulatory changes, and that are often not intuitive enough to address the growing volume and complexity of cases in real-time. These in-house systems also tend to lack the ability to set case conditions for automation of assignment or enhanced escalation capabilities to ensure execution of internal escalation policies and procedures.

Read the IdentityMind blog on the dangers of using spreadsheets for compliance, “Kill Excel: Better Compliance Efficiency Through RegTech

What if the analyst was pulled away for some other pressing matter and forgot to escalate a case, was overwhelmed and simply forgot to reassign a case to another team member, or simply forgot to change the status of a case? Then what? Human error is bound to happen, and manual processes only increase risk exposure to regulatory scrutiny. Managers and analysts need to know exactly how many cases are in the pipeline and which cases are the priorities for full transparency. Transparency and automation are key if you want to reduce your risk of slipping into the regulatory spotlight.

There are many challenges that growing companies of all sizes have to face when it comes to managing their workflow pipelines. Whether you have a small team of four to six analysts or you are a large financial institution with an army of them, when it comes to managing a growing workflow pipeline, the hurdles are very similar. Let’s take a look at some of the challenges and possible solutions.

Challenge: Lack of Centralized Data

Having scattered data throughout multiple systems is highly inefficient. It wastes time and takes away valuable resources, which costs companies money — lots of it.

Recommended Compliance Solution:

A flexible and intuitive case management system can pull together all the information that an analyst needs to review for a specific escalation and allow management to set default conditions for automation of case assignment, prioritization, and escalation protocols. This can:

  • Reduce analysts confusion over case priority
  • Increase analyst productivity, as it provides everything they need for review
  • Reduce cost, as you will no longer have to hijack resources from other departments to pull down information on your behalf
  • Most importantly, it reduces the risk of regulatory scrutiny for cases “slipping through the cracks” and remaining unreviewed

Challenge: No transparency into the team’s workflow pipeline, prioritization, or case statuses

When institutions rely on spreadsheets to assign cases and manually follow escalation protocols, it’s a recipe for a disaster. Managers can quickly lose track of the workload pipeline as case priorities change. This may yield the need to reassign a case to a more senior team member. There is also the possibility of last-minute ad hoc cases being added to the pipeline. Furthermore, institutions should have all the data related to the case easily and readily available for audit reviews. A lack of transparency during audit reviews can send negative signals to auditors. Managers and team leads must have full transparency into which cases they are working on and whether proper escalation protocols are being accurately followed based on internal compliance policies and procedures.

Recommended Compliance Solution:

A configurable case management system will allow you to filter through cases based on priority, expertise, type, and other variables. This option allows you to clearly see what is going on with each case. Complementary to case management is the use of a queue management system that allows managers and team leads to create queues based on their existing workflow models so they will know exactly where cases are in the process, and that immediately notifies them of any case escalations based on internal policies and procedures. You want to ensure that these systems will:

  • Allow prioritization of case queues, to ensure that your most high-risk and sensitive investigative reviews are taken care of first
  • Increase clarity and transparency, as analysts will know exactly what cases are in their queues
  • Allow segmentation of queues based on your requirements, so that  no cases will slip through the cracks
  • Queue management systems, which can also restrict access to cases in queues to safeguard case information and grant access to only those authorized to do so
  • Save managers and team leads critical time, as they can auto-assign cases to queues

Challenge: Reporting metrics are inaccurate

If analysts don’t stay on top of every single manual update, reporting will surely be wrong. Upper management will want to know exactly what the pipeline looks like, the status of each case, and how many cases are being escalated. These reports are utilized to adjust headcount, request any extensions from compliance if needed, and increase other resources based on these reports. Oftentimes, you see financial institutions with armies of consultants, as they don’t exactly know how many cases are in the entire case pipeline, which wastes millions of dollars.

Recommended Compliance Solution:

An aerial view into the workflow pipeline through case management and queue management systems will let you know exactly what is happening with the entire pipeline in real-time for accurate reporting. This will ensure that:

  • Management is allocating the right amount of staff resources
  • Cases are being evenly distributed amongst staff to reduce stress
  • Taking the proper steps needed with regard to requesting any type of extensions or exceptions on cases from compliance officers in order to stay compliant

IdentityMind, creator of Trusted Digital Identities (TDIs), offers a SaaS platform for online risk management and compliance automation. We help companies reduce client onboarding fraud and transaction fraud, and improve AML compliance, sanctions screening, and KYC compliance. IdentityMind also offers one of the industry’s most effective and efficient case and queue management systems and many other regulatory compliance solutions. To find out more about our enterprise compliance solutions, click here.