Know Your Customer (KYC) is primarily about the decisions a financial institution needs to make about a (potential) customer.
However, I have yet to find a definition online that focuses on decisions. Wikipedia’s definition focuses on the process, while Investopedia and The Free Dictionary place emphasis on the form that has to be completed. Although the latter makes reference to decision making, it does so almost in passing.
My own definition would be as follows:
‘Know Your Customer (KYC) involves the decisions a business makes to ensure due diligence is observed in evaluating risk in relation to both new and existing customers.’
Feel free to challenge my definition, as that would help me improve it.
In my experience, most business analysts are very process-centric but pay little attention to data modelling and none at all to decision modelling. In the case of KYC, the process really only serves to sequence the decisions being made and to provide activities which ensure all the necessary input data are in place before each decision is made.
The fundamental question being asked by KYC is: ‘Is it safe to do business with this customer?’ That question might be formally documented as the name of a decision (model) thus: ‘Determine Customer Risk Level’. Any other decisions being made prior to asking that are really just leading up to that final question. If it were feasible to gather all the input data up front, then you’d actually only be making that one business decision (which may well consist of a thousand individual business rules) and the process itself would be very short. However, in reality it’s useful to break it up into stages of decision-making to eliminate risky customers earlier without spending too much time gathering data you don’t need.
As you iterate your decision models, the data needs of each statement of logic will either trace back to attributes in the business’s taxonomy, or the taxonomy will have to be updated to reflect the new needs. This assumes, of course, that the business already has a clear and consistent taxonomy in place. Your job is much harder and success is much less likely if it doesn’t.
Many BPM tools, such as Pega4, come with built-in implementations of standard KYC decision logic. Of course, such out-of-the-box solutions need to be customised to suit the needs of each business. Before customisation, however, you need to do a gap analysis between what the business needs and what the tool can do and before that, you need to model and test what the business needs.
In summary, KYC is primarily about decision making, then about the data needed in order to be able to make those decisions and finally about the process that sequences the decisions and ensures the data is in place each time a decision needs to be made. My recommendation to business analysts working on KYC is that you tackle it with those priorities in mind.
BA techniques needed:
- Decision modelling
- Logical data modelling
- Business process modelling (ideally using BPMN)