Banking & Financial Services

White Paper

Reimagining KYC Using Blockchain Technology

About the Authors

Ganesh Raghavan Padmanabhan

Ganesh Raghavan Padmanabhan is a Domain Consultant with the Banking and Financial
Services (BFS) business unit at Tata Consultancy Services (TCS). He has about nine years
of experience in providing IT solutions and consulting services to TCS' banking clients
the world over. Padmanabhan's focus areas include exploration of innovative industry
solutions for capital markets. He has a Master's degree in Business Administration from
the S P Jain School of Global Management, Singapore and Dubai.
Anusha Sivaramakrishnan
Anusha Sivaramakrishnan is a Domain Consultant with the Clearing and Settlement
group of TCS' BFS business unit. She has over 15 years of industry experience in the
capital markets space. Sivaramakrishnan has worked with leading Wall Street firms on
their back-office systems and has been instrumental in developing IT solutions for
various banking projects. She holds a Master's degree in Finance and IT from the Birla
Institute of Technology and Science, Pilani, India.

Abstract

An integral part of client onboarding, the Know Your Customer (KYC) process requires banks
to validate and verify primary documents as part of due diligence. Today, the market is
flooded with KYC utilities that help manage these documents and share them with multiple
entities. However, these utilities only act as document agents and provide very little value
addition. The task of due diligence and investigation is still handled by the client onboarding
teams at financial institutions given the business and reputation risks involved.
KYC processes are generally repetitive, which results in inconsistencies in information storage
and duplicate processes across the different functions in a bank, thereby leading to high
administrative overheads and costs. The blockchain technology, with its concept of
distributed and timestamp ledgers can effectively overcome most of these issues that
financial institutions face while performing KYC processes. This paper discusses how
blockchain technology can help banks improve their KYC process by facilitating near realtime exchange of information among various stakeholders for faster and effective validation.

Contents

Introduction

Challenges in the Current KYC Process

How Blockchain Can Help

Document validation

Intra- and inter-bank document verification

Consolidated KYC as a shared service

10

Conclusion

10

Introduction
Document validation and verification play a vital role in the KYC process. There has been an upsurge in the number
of KYC registries because of initiatives by private entities such as The Society for Worldwide Interbank Financial
Telecommunication (SWIFT) and banking consortiums, as well as government bodies. These registries act as
centralized repositories that store all documents and information related to KYC compliance.
Every bank and financial institution has to perform the KYC process individually, and upload the validated
information and documents to the central registry that stores digitized data tagged to a unique identification
number for each customer. By using this reference number, banks can access the stored data to perform due
diligence whenever customers request for a new service within the same banking relationship, or from another bank.
Figure 1 shows how KYC is currently conducted at banks. Documents are collected and stored internally, using a
document management system or internal database, and then shared with multiple external agencies for
validation on an individual basis. On successful validation, banks update their internal repository and report to
central agencies.
POA & POI

Document
collection

POA & POI

Bank

Banks back-office

KYC certified

Banks compliance
team

Document checks

Digitize
documents

Customer

Internal due diligence

team
Validation
checklists

External
verification
agencies
Central KYC
repository

External
agencies
Information validation

Figure 1 : Current KYC Process

Challenges in the Current KYC Process

Following are some of the major KYC compliance challenges currently faced by banks and financial institutions.
Data management and integration: Currently, several third-party data providers and external validation agencies
offer data and interfaces to extract required customer information. For example, DTCC AvoxData provides legal
entity data, LexisNexis provides information to help assess risks by way of a list of politically exposed persons and
sanctions screening, NORCOM provides criminal data, and agencies like CIBIL, Experian PLC, and Equifax, Inc.
provide credit ratings. SWIFT launched the SWIFT KYC Registry in December 2014, and more than 2000 banks have
already enrolled with it. Banks are struggling to manage and integrate all the data required for KYC compliance to
obtain a consolidated view of the customer, which explains the popularity of central registries like the one
managed by SWIFT. Inefficiencies in data management have resulted in increasing instances of banks' failure to
comply with regulatory requirements, which translate into huge penalties and reputational damage.
Increasing costs: Post due diligence, banks need to convert documents to digitized data such that the information
can be fed into the repositories. This is an expensive exercise since it requires banks to invest heavily in advanced
technology platforms. Not only this, the need to transform processes for document collection, storage, digital
signature verification, and so on implies that financial institutions must deploy systems based on new-age
technologies, which is another reason for cost escalation.
Evolving regulations: The KYC landscape is constantly changing given the number of regulations being
introduced across different jurisdictions. This means KYC utilities also need to undergo changes to incorporate new
guidelines, like the ones under the Dodd-Frank Act, FATCA, and MiFID II (which is due for implementation in
January 2018). This also increases the need for banks to improve their data collection mechanisms for effective risk
management and timely regulatory compliance.
Absence of a single KYC system for multiple lines of business: Currently, banks do not have a single, unified KYC
system applicable to all lines of business like wealth management, asset management, and brokerage due to
variations in business requirements and associated regulations. This fragmented approach results in multiple
utilities and siloed infrastructure. Financial institutions therefore are under immense pressure to seamlessly
maintain these multiple systems and integrate different interfaces, which adds to the costs.

[1] SWIFT, SWIFT's KYC Registry surpasses 2,000 financial institutions (January 2016), accessed June 29, 2016, https://www.swift.com/insights/pressreleases/swift_s-kyc-registry-surpasses-2_000-financial-institutions

How Blockchain Can Help

The use of advanced systems based on blockchain technology can help address most of the aforementioned
challenges and ensure seamless exchange of documents and information between banks and external agencies
(see Figure 2).

Banks compliance
officer

External validation agency

KYC
certified

POA & POI

Customer

Banking
channels

Bank node

Digital identity
management

Blockchain network

Banks internal
applications

Central KYC
repository

External verification
agency

Figure 2: Proposed Blockchain-based KYC Process (Source: TCS Internal)

Document validation
The KYC process starts with a bank collecting the required documents from the customer. Using a data entry
application, the bank enters the customer information, uploads the documents to the blockchain solution platform,
and marks the status as 'pending validation'. The platform converts the documents into hash codes, stores them in a
distributed ledger, and publishes the encrypted information securely to other nodes maintained by external
agencies on the same secure network. External agencies then look up the customer information, download the
documents submitted by the bank, and perform requisite validation checks. On successful validation, the customer
information on the ledger is updated and the status is changed to 'KYC complaint and validated'. Using the existing
bank's applications and time-stamping feature of the ledger, banks verify the status and approve the onboarding
process. For dated customer records, a re-KYC cycle is performed to complete the validation process.

Intra- and inter-bank document verification

Figure 3 shows how blockchain technology can be used to develop two separate models to enable intra- and interbank verification and update processes.
Intra-bank KYC blockchain model

Inter-bank KYC blockchain model

External verification
agency

External verification
agency

Loan
division

Deposit
division

Bank 1

Bank 2

Blockchain
network

Blockchain
network
Card
division

Brokerage
division

Asset management

Mortgage providers

Figure 3: Blockchain-based Models for Intra- and Inter-bank Document Verification (Source: TCS Internal)

Intra-bank application: Using the blockchain technology, banks can effortlessly deploy an intra-bank application
within the same banking group. For example, if a savings account customer wishes to avail credit card services from
the same bank, the card division can look up the ledger using the unique reference number and easily ascertain the
customer's KYC status. Using this model, banks can significantly reduce the effort and time spent in performing
repetitive due diligence processes, and instead focus on core business activities. If a new service request requires
additional customer information not found in the ledger, the model allows the bank to update the information on
the ledger, followed by a revalidation by external agencies (which essentially translates into re-KYC).
Inter-bank application: This model requires consensus among participating banks on the validation process in
order to maintain the trust and integrity of the system. Here, one bank plays the role of the originating bank and
performs initial KYC verification for a customer. When the customer approaches another bank to open an account
or request some banking services, the approached bank acts as a requesting bank and queries the ledger to check
the KYC status of the customer. The requesting bank can request the originating bank to share the documents
available, and the blockchain platform ensures secure transfer of documents between the two banks. With this
model, banks can enhance process efficiency, standardize KYC processes, and perform customer validations in near
real-time. An inter-bank KYC model requires all participating entities to agree on the protocol of the framework and
the solution. This model requires sponsors to establish guidelines for effective governance.
8

To determine the efficacy of blockchain technology in easing the KYC process, banks should consider
experimenting with the intra-bank KYC model. This model is easier to implement as it only requires an internal
mandate from the banking group to all its divisions such as deposits, loans, cards, and brokerage. Depending on
the success of the implementation, banks can consider deploying an inter-bank system.
Centralized blockchain-based KYC solution: To ensure a seamless exchange of KYC information, banks can also be
linked to a centralized KYC repository along the lines of the existing KYC registry system (see Figure 4). In this
arrangement, customer data and documents are stored in the distributed ledger and the bank that performs the
KYC stores all relevant details and generates a unique KYC number. When another bank wants to perform due
diligence on the same customer, it can access the central registry and download details of the customer, using the
unique KYC number. The central registry normally charges a fee for the service, which is relatively insignificant
compared to the cost of duplicate effort that is eliminated with this arrangement. The onus of updating and
periodically reviewing the documents lies with individual banks. A blockchain-based solution, with its immutable
ledger, ease of integration, and considerably lower operational and infrastructure costs, is undeniably a better
option as compared to existing registries.

Account management module

Customer management module
API

Banks processing node

Customer
information
KYC status

Hash code

Consensus-based
distributed ledger

Updates

Digitally signed
documents

Document
management

Verification

Service
requests

Information
update

KYC blockchain solution

Banks internal application

Entry & validation

Upload
documents

KYC App

Customer

(Mobile / Online channel of bank)

Customer service
requests

Cryptography
P2P network

Banking in-premise

Central KYC registry node

Bank node
Other banks nodes
External validation agencies

Figure 4 : Centralized Blockchain-based KYC model (Source: TCS Internal)

Consolidated KYC as a shared service

Offering KYC compliance as a shared service is complicated when we talk about global institutional customers, as
different jurisdictions are governed by different regulations. Nonetheless, this option is worth exploring. Here,
following the completion of the KYC process, customer details such as legal entity, tax compliance, criminal records,
AML compliance, and counterparty information can be consolidated and stored in a distributed ledger. This
information can then be offered to other banks through a shared services model in return for a fee. This means that
banks will need to do minimal due diligence, like customer identity verification, as most of the data can be obtained
by accessing the distributed ledger. KYC utilities currently available in the market could form an alliance with banks
to offer this information as a service.

Conclusion
A blockchain-based solution offers a unique set of advantages over the current crop of technology solutions, given
its immutable ledger that can be replicated across different nodes and use of cryptography to convert information
to hash codes for secure distribution over peer-to-peer network. These features enable seamless and secure
exchange of information between different trusted entities. KYC is an apt candidate for the use of blockchain
technology, as it results in significant reduction in of the time, cost, and effort involved in KYC validation. Our
engagements with leading global financial institutions lead us to believe that blockchain-based solutions can drive
substantial reductions in processing costs, as the infrastructure cost for building the new solution will be a mere
20% of the current KYC processing costs. We recommend banks to start with blockchain-based systems for intrabank KYC processes, and then move on to the inter-bank model. Centralizing the KYC process will create a common
customer onboarding framework, making the entire process a lot more efficient and cost-effective.

10

About TCS' Banking and Financial Services Business Unit

With over four decades of experience in partnering with the world's leading banks and financial
institutions, TCS offers a comprehensive portfolio of domain-focused processes, frameworks, and
solutions that empower organizations to respond to market changes quickly, manage customer
relationships profitably, and stay ahead of competition. Our offerings combine customizable
solution accelerators with expertise gained from engaging with global banks, regulatory and
development institutions, and diversified and specialty financial institutions. TCS helps leading
organizations achieve key operational and strategic objectives across retail and corporate banking,
capital markets, market infrastructure, cards, risk management, and treasury.
TCS has been ranked #1 in the 2015 FinTech Rankings Top 100 of global technology providers to the
financial services industry, by both, FinTech Forward (a collaboration of American Banker and BAI)
and IDC Financial Insights. TCS has also been recognized as a 'Leader' and a 'Star Performer' in
Everest Group's 2015 PEAK Matrix report for Capital Markets Application Outsourcing (AO), as well
as a 'Leader' in the 2015 PEAK Matrix report for Banking Application Outsourcing (AO).

Contact
Visit TCS Banking and Financial Services unit page for more information
Email: bfs.marketing@tcs.com
Blog: Drive Governance
Subscribe to TCS White Papers
TCS.com RSS: http://www.tcs.com/rss_feeds/Pages/feed.aspx?f=w
Feedburner: http://feeds2.feedburner.com/tcswhitepapers
About Tata Consultancy Services (TCS)
Tata Consultancy Services is an IT services, consulting and business solutions organization that
delivers real results to global business, ensuring a level of certainty no other firm can match.
TCS offers a consulting-led, integrated portfolio of IT and IT-enabled infrastructure, engineering and
assurance services. This is delivered through its unique Global Network Delivery ModelTM,
recognized as the benchmark of excellence in software development. A part of the Tata Group,
Indias largest industrial conglomerate, TCS has a global footprint and is listed on the National Stock
Exchange and Bombay Stock Exchange in India.

IT Services
Business Solutions
Consulting
All content / information present here is the exclusive property of Tata Consultancy Services Limited (TCS). The content / information contained here is correct at
the time of publishing. No material from here may be copied, modified, reproduced, republished, uploaded, transmitted, posted or distributed in any form
without prior written permission from TCS. Unauthorized use of the content / information appearing here may violate copyright, trademark and other applicable
laws, and could result in criminal or civil penalties. Copyright 2016 Tata Consultancy Services Limited

TCS Design Services I M I 07 I 16

For more information, visit us at www.tcs.com