.png)
Every Financial Crime leader is balancing the same pressures: the need for strong controls, regulatory confidence and cost efficiency.
Nowhere is this more evident than in KYC. It’s one of the largest cost lines in Financial Crime and one of the most operationally demanding areas. Yet in many banks it’s still delivered through a heavily manual model.
Analysts have to navigate between systems, extract data from PDFs, reconcile inconsistencies, re-key information into case tools and maintain offline trackers. Technology exists, but people do the heavy lifting.
In larger institutions, KYC can cost tens or hundreds of millions each year. Because the model is largely manual, cost scales directly with volume. More customers, new regulation or additional complexity usually mean more headcount.
A large European bank we encountered had around 6,000 KYC analysts performing mostly manual activities, supported by basic tooling and a CLM platform. That may sound ‘people-heavy’, but three years earlier they had more than 7,000. Through sustained simplification and selective automation, they had reduced the team by over 1,000.
That’s real progress. But 6,000 analysts still represents a people-heavy model where economics are tied to headcount. If cost rises in line with volume, an operating model isn’t scalable.
Across the industry, leaders know this. But the problem is that many assume meaningful improvement requires a major architectural overhaul or a multi-year transformation. So they wait for cleaner data, better systems or a fully engineered end state.
While they wait, the cost base compounds.
Most KYC cases don’t require complex investigative work. Roughly 80% involve structured, repeatable tasks for low to medium risk customers. Information is retrieved and validated, registries checked, discrepancies reconciled and outcomes recorded.
The 20% of cases that do require judgement typically include:
- Complex alert investigations involving false positives and edge cases, where understanding sanctions evasion tactics and criminal typologies is essential.
- High-risk periodic reviews where evolving business activity must be reassessed against the bank’s risk appetite.
- Nuanced PEP decisions, such as whether historic adverse media genuinely points to higher money laundering risk.
When organisations hold back on automation because it might struggle with complex scenarios, they allow a minority of cases to dictate the economics of the entire operation.
At one global financial services firm we supported, 200 analysts were almost entirely focused on investigating KYC screening alerts.
Leadership wanted to automate alert decisions, with a view to reducing volumes. Yet before any decision could be reached, each analyst was spending 20 to 30 minutes extracting data from documents and searching for adverse media.
The biggest drain of cost, time and capacity was manual data gathering.
Straightforward document extraction tools and well-configured web scraping could have removed a substantial share of that effort.
Once this was identified, the priority became obvious: before attempting to automate decisions, remove repetitive work from skilled analysts.
The game changer here was understanding the issues clearly, sizing them in terms of cost and benefit, and using that to inform our priorities.
Caution is second nature in Financial Crime. Stability and auditability are vital considerations.
But a manual model carries risk as well. As volumes grow and teams expand, inconsistency increases. Error rates grow. Backlogs build. Quality assurance layers have to be added. Second line oversight expands to compensate.
Over time, the operating model becomes more complex and more expensive, because manual processes don’t scale well.
The opportunity cost of delayed automation is rarely modelled. It should be.
Automation in KYC doesn’t mean giving up control. It means redesigning to reduce effort.
Technology can retrieve records, compare internal and external data, interpret documents and assemble a proposed view linked to source evidence. Analysts can then review, challenge and approve. The decision trail is captured automatically.
In the case of the 200 screening analysts mentioned earlier, removing 20 minutes of manual extraction per alert would release immediate capacity. That time could be redirected towards higher-value activity such as risk assessment and anomaly investigation. Improving productivity without weakening control.
The objective is to redeploy scarce expertise where it genuinely adds value.
To get automation underway, start with a clear challenge and manageable scope.
Begin by analysing analyst time at task level. Quantify how much effort is spent on data gathering and reconciliation. Identify structured, repeatable activities such as document extraction and adverse media searches, where manual effort dominates.
From there, set up a pilot, using AI and automation as structured assistance in a contained area, with clear success criteria and robust audit trails. Measure the impact rigorously, both in terms of time saved and quality of outcomes.
Perfection is the enemy of progress, so rather than trying to fix everything at once, take the ‘MVP’ approach used in software development. Make small, contained changes that reduce risk or improve performance, and prove value quickly.
KYC will remain central to Financial Crime Compliance. But how much of it genuinely requires skilled human judgement?
Waiting for ideal conditions before you automate extends reliance on an increasingly expensive model.
Automating the straightforward 80% of work through well-designed system changes fundamentally changes the economics. It lowers cost and improves consistency.
More importantly, it frees experienced risk specialists to focus on the cases and control weaknesses that actually drive risk.
Whatever the state of your data, systems or governance foundations, there is a practical way to begin. The key is to start.
-1.png)