WIXLIB

THIRD-PARTYDATA PROVIDERSTransforming Client Experienceand Data Quality

For financial institutions,the requirements of KnowYour Client (KYC) processesplace a heavy burden on clientsand relationship managers.The KYC information requirements are typically rule-based according to clienttype, product type, and geography, among other elements. Often, relationshipmanagers are uncertain about what information is required, resulting in clientsbeing asked multiple times for additional information. Even more problematic,the information provided can be unreliable without a proper vetting process.In short, financial institutions are faced with:1. Unclear requirements for information needed for KYC;2. Dissatisfied clients resulting from multiple requests for the same information;3. Unreliable information on hand for compliance purposes.There are solutions to these problems. For example, third-party data providersoffer trusted information on individuals and entities that can alleviate some of theburden of gathering information, while improving the quality of KYC information.In addition, there are KYC technology platforms that can integrate with the dataproviders’ platforms to make the process more efficient, providing a rules-basedengine that drives the requirements.However, the demand for KYC data has grown exponentially over the pastseveral years and as a result, finding the “right” provider can be difficult.In this document, we will discuss how to effectively identify the “right” third-partydata provider for a financial institution and explore the functional and technicalimplementation and considerations to allow the organization to effectivelybenefit from utilizing the provider.2THIRD-PARTY DATA PROVIDERS

Effective Identification of Third-Party Data ProvidersThrough our work in this space and our analysis of numerous third-party providers,we have seen how trusted third-party data providers can help financial institutions.The right provider can: Enrich and improve the client experience by reducing the amount of informationrequested directly from a client and sourcing the required data from providers. Validate the information provided by clients and thus reduce the institutions’risk exposure while improving its compliance capabilities. Integrate with existing systems and input client data directly for improvedefficiencies, and, by helping increase automation, can reduce inputting andhuman errors even further. Reduce the amount of time relationship teams spend collecting client data byhaving provider manage the activity, allowing the relationship teams to focustheir attention and efforts on generating more sales.3THIRD-PARTY DATA PROVIDERS

Third-PartyData Provider:Selection and EvaluationIdentifying the right data provider can be challenging, as the number ofoptions continues to grow. Many data providers have evolved over recentyears, responding to specific market needs. As a result, each providerdelivers a series of benefits to better meet targeted needs.The key steps financial institutions should taketo evaluate data providers include:1. Evaluate the financialinstitution’s client base to determinewhat type of data would best suitthe organization.Third-party data providers specialize incertain types of data that support certainlines of business or address pain pointsin an organization including: International versus U.S. domestic data Entity versus consumer data Publicly-traded versus privately-held entity data Small and large businesses versus financialinstitutional data Depth of data (for example, CustomerIdentification Program (CIP) requirements onlyversus a full-length report including legal filings)4THIRD-PARTY DATA PROVIDERS2. Identify and assess the biggestdata related challenges, issues andpain points across the organizationto develop the business case.Third-party data providers offer differentproducts and services that can support functionswithin the organization including: KYC data enrichment Identity and verification (ID&V) Beneficial ownership information Anti-money laundering investigations3. Develop a scorecard to supportthe vendor assessment process.This vendor scorecard can help evaluate and assesswhich third-party data provider is most capable ofaddressing the financial institution’s specific needsand should be used when conducting introductoryconversations with select providers.

Selection of a third-party dataprovider is not a “one size fits all”process. Each provider can begeared towards specific types offinancial institutions and clientbases. Therefore, doing researchand conducting demonstrations andtrials are important in understandingif the solution being consideredcan address an institution’s specificneeds and requirements.5THIRD-PARTY DATA PROVIDERS

Among key criteria that should be includedin an evaluation scorecard:Vendor scorecard1. Market Information3. Logistics Key benefits delivered Required configuration Key differentiators, strengths and weaknesses Timeframe for implementation Who does the vendor consider as their keycompetitor(s) Trial periods Does the vendor’s roadmap include enhancedsolutions and product offerings2. Solution Information List of data providers Access to privately held company data Access to foreign entity data Does the solution provide more entity dataor individual data ID&V capabilities Information required for ID verification Source for beneficial owner information6THIRD-PARTY DATA PROVIDERS Application programming interface (API)builds (what data is actually fed into otheruser interfaces (UIs), current integrations,and cost associated Pricing structure (per click, license, or other)After completing the evaluation and narrowingdown the list of potential vendors, the institutionshould conduct a trial period with the highestranked provider(s) to test and gain betterinsight into their capabilities and to properlyassess their ability to meet the organization’sneeds. A trial can be conducted with one ormultiple providers and such trials are typicallyoffered by providers for one to two weeks.Consider using a scorecard for the organization’susers to complete during the trial to providea quantitative and qualitative assessment.

The example below includes suggested criteria to developa scorecard to help evaluate the provider(s) during the trial period.A trial scorecard1. Key Capabilities2. User Interface and Intuitiveness Returns sufficient data to verify the entity Ability to easily navigate the UI (intuitive) Returns data on beneficial ownership/controlling parties Ability to customize views Returns data on subsidiaries Delivers a seamless experience(with no errors and/or bugs appearing) Shows linkages between associated entities Ability to easily search client information Shows corporate structuresIn addition to the scorecard, research with thesupport of the financial institution’s VendorManagement teams can help identify any existingcontracts that the provider or parent companymay have with the organization. At the end of thetrial period, there should be enough feedbackfrom users to confirm the suitability of each trialtested provider. Procurement should be engagedto support pricing discussions and any existingcontracts and/or relationships should be leveragedto negotiate more favorable pricing and conditions. Has a unique identifier (UID) Shows legal entity identifier and otherofficial company numbers Shows detailed company description Shows company financials Returns data on reputational risk Returns compliance and financial crimeinformation (such as politically exposedpersons, sanctions and adverse news) Shows North American IndustryClassification System (NAICS) code Returns entity and individual data Ability to pull reports with sufficient andrelevant data Ability to use graphs, dynamic companystructures, pivot analyses and other typesof visualization tools and analyses tointerpret results7THIRD-PARTY DATA PROVIDERS

Third-PartyData Provider:ImplementationIt is as important to implement a third-party data provider’s servicesproperly as it is to choose the correct provider. Without proper implementation,the financial institution may not capture the full benefits from the provider’scapabilities. In the worst case, the entire effort to select and onboard theprovider may turn out to have been a waste of time and resources.Once implemented, and to get the most valuefrom the new available data, we stronglyencourage financial institutions to: 1) automateas much of the data management process aspossible through technology integration; and 2)update the institution’s target operating model(TOM), policies and processes to reduce theburden on the front office.Technology ConsiderationsThere are now KYC technology platforms thatcan integrate with data providers to make theprocess even more efficient by providing arule-based engine that drive the requirements.Additionally, integration should enhance the KYCprocess by: 1) eliminating manual searches; and2) maintaining data integrity.8THIRD-PARTY DATA PROVIDERSEliminating Manual SearchesWithout the use of an application programminginterface (API) to facilitate integration of theprovider solution, a user would have to pivot or“swivel chair” between systems to search forclient data using the provider’s user interfaceand then copy/paste that information into thefinancial institution’s KYC platform.Most third-party data providers have APIsavailable, at varying cost and capabilities.Financial institutions should inquire with providerson how available APIs can meet their needs.Maintaining Data IntegrityAnother benefit of integration and of using APIsis the ability to monitor changes to client data.Many third-party data providers can send alertsand/or notifications when client information,such as ‘county of incorporation’ changes.With integration, a new case in a KYC platformcan be created to process the change in theclient’s profile and to adjust for any new riskscoring as needed.

These key benefits of integration are dependentupon the capabilities of both the financialinstitution’s KYC platform and those of the dataproviders. As such, this is an element that shouldbe considered when designing and/or evaluatingboth KYC platforms and data providers.Target Operating ModelBy utilizing third-party data providers, KYCroles and responsibilities can be shifted tothe institution’s operational support groupinstead of relying upon the relationship manager.This can be part of an end-to-end re-evaluationof the operating model.In addition, during the trial assessment, thereare opportunities to further enhance the KYCprocess. Financial institutions should considerundertaking the following initiatives during thetrial assessment:KYC Process Evaluation: Utilize a test case to gothrough the end-to-end KYC process and identifyissues, pain points and quick-win opportunities toenhance the process even further.9THIRD-PARTY DATA PROVIDERSTime and Motion Study: While a trial user isconducting a test case, the user can also timethe process. This can support the business casefor choosing the vendor (for example, noting thatapproximately 15 minutes of outreach time wassaved) as well as supporting capacity assessmentevaluations (for example, noting that KYC takes5 hours x estimated volume/working days FullTime Employee required).Staffing Assessments: Trial users canperform test cases that can be qualityassured to support role placement.Policy and ProceduresPolicy and procedures should be updatedfor the new process. Financial institutionsshould re-evaluate the ID&V, documentaryevidence requirements and event-drivenreview processes. Detailed desktopprocedures—along with appropriate training—should be developed to support users inlearning and navigating the new system.