The year has started with optimism that things will get better as markets become more buoyant.
But for the financial services market to seize the opportunities that this optimism brings, it must encourage customer confidence. This is tricky to achieve when customers are asking themselves who they should trust as the FSA fines high-street names.
The FSA is not handing out fines without cause. Safeguarding the public from another endowment-style crisis is high on the list of priorities, as is protecting the industry from fraud and money laundering and the effect that this has on legitimate customers.
Financial institutions have an obligation to fulfil know-your-customer guidelines, now staunchly supported by the Proceeds of Crime Act, in a bid to eradicate fraud and money laundering. The FSA is ensuring that steps are being taken to support the National Crime Intelligence Service (the enforcers of the Proceeds of Crime Act), hence the regulator's stringent requirements for meeting KYC guidelines.
The industry recognises that achieving KYC guidelines is critical for restoring customer and shareholder confidence but the FSA is still finding culprits because lessons are not being learnt.
There are still reasonable grounds for the FSA to fine a company which is unable to prove or disprove a suspicion. The ability to prove or disprove that a customer is who they say they are or that a transaction did take place is at the heart of this.
Traceability of a customer's full history through comprehensive audit trails is essential to uphold a company's integrity and an essential element that many financial services companies still lack.
Even then, it is not enough simply to demonstrate traceability and visibility. The critical part is that, when requested, a financial services company can retrieve a specific portion of an audit trail, or indeed the whole trail, within a reasonable timeframe.
But knowing where to look for the information will hinge on the recording methods applied. The FSA does not stipulate how a company should achieve the KYC guidelines. It is just as acceptable to have a paper method in place as it is an electronic method.
However, the FSA does recognise that technology is an appropriate vehicle to achieve compliance.
What is stipulated is that the system is robust and has an even more robust business continuity plan to cover any eventuality of loss, damage or theft. Achieving this is a challenge and the main reason behind the FSA's recent fines.
So what has gone wrong? There are a number of factors which will have hindered companies from adhering to the KYC guidelines. The first is historical. Mergers and acquisitions which have dominated the market have affected the portability of information.
Pockets of information reside on paper and electronic silos and some of it is even stored in cerebral cavities and for various reasons, usually cost, none of these silos has been consolidated, nor has a consistent way of managing, recording, storing and retrieving the information been sought or adopted.
The second factor is ownership. Different departments dealing with information in different ways mean that no one person has been responsible for championing the change. As a result, different departments are all trying to establish how they will achieve compliance and are arriving at different solutions, some electronic, some paper-based and some a hybrid of the two.
This is a fundamental error as retrieval and visibility rates vary greatly and will cause room for error when the time comes to test KYC measures.
Determining who should own the review is a challenge in itself but a necessary one. In Tower's experience, the task has often fallen to the customer services director as the customer is at the centre of all operations. But that does not have to be the case.
It might fall under the jurisdiction of the risk management team or the operations director. Whoever it is, a figurehead is required to maintain a consistent approach.
What is certainly required before anything can be decided by the KYC champion is a helicopter view of the organisation. This affords the company with the opportunity to assess the current records management methods, the ways in which the methods currently fulfil the FSA requirements and the discrepancies that must be removed.
Only then is the company in a position to understand how it uses information today, how it will in the future and how it can surpass KYC requirements and protect the integrity of the information at all times.
By working across departments and with a third party which has experience of making new records management systems and procedures work, companies will find that they arrive at a simple, comprehensive and sophisticated records management policy.
Good record management, however, is not just about KYC and the wider compliance picture. If it is done well, it helps to deliver customer service that can exceed expectation, help staff manage customers and in turn improve job satisfaction level which is one of the most underestimated by-products of automating business processes in a way that makes them inherently compliant with KYC guidelines.
It has to be done if the finance industry is to recover but why not do it really well?