News & Media GLEIF Blog

The Compliance Catalyst: Transforming Entity Identification in the Digital Age with the LEI

Part III: How the LEI can be leveraged to enable straight through processing, to strengthen the fight against financial crime and to prepare for a global digital identity ecosystem


Author: Stephan Wolf

  • Date: 2018-11-21
  • Views:
  • Estimated Reading Time: 6 minutes

w-abstract-8-750x250

Investments in technology have achieved much in the fight against financial crime. If the quality and compatibility of financial data fails to improve, however, compliance processes will continue to lag behind the evolution of transactions, weakening our defenses on a global scale.

In this post, the third in our blog series exploring financial trust in the digital age, we investigate how the financial ecosystem can enhance sanction and transaction information systems based on broad adoption of the Legal Entity Identifier (LEI). By connecting multiple information sources globally through the consistent use of a global entity identification standard, it would be possible to create large knowledge bases that can better support automated transaction surveillance.

A broken system

The ability of the world’s financial ecosystem to curb fraud, terrorist financing and other illicit financial activity, is hindered by its reliance on outdated processes for identity verification. No more so is this apparent than in the management of sanctions and watch lists in financial transaction processing. Here, security and compliance check mechanisms still rely on the matching of names and aliases.

Following the recent terrorist attacks in Paris, Brussels and London, for example, the French, Belgian and British authorities developed lists of entities suspected to be involved in terrorism financing. These lists are shared, but because they adhere to different formats and do not support a common identifier, the speed by which authorities can react and share information is diminished. This impacts negatively on each nation’s transaction surveillance processes and results in inefficient screening processes.

Problems persist elsewhere, too. After introducing a near real-time payment system in 2008, the UK financial community observed a 132% increase in associated fraudulent transactions, reported The Sydney Morning Star (see ‘related links’ below). This escalation must not be allowed to continue.

While ID verification support is available through partnerships with service providers, they face the same fundamental challenge: low quality, non-uniform data sources resist easy implementation, prevent interoperability and promote inefficiency, meaning their capacity to add value to the process is, at best, limited. A recent report published by the Financial Action Task Force (FATF) and the Egmont Group of Financial Intelligence Units (see ‘related links’ below) noted: “There are a range of third-party service providers who specialize in providing support to identity verification and customer due diligence services to corporate clients, such as sanctions lists and other adverse information, and information on company ownership… However, some major financial institutions have reported, via the Wolfsberg Group, that the information provided by third-party service providers can be out-of-date or incomplete.” (The Wolfsberg Group is an association of thirteen global banks which aims to develop frameworks and guidance for the management of financial crime risks, particularly with respect to know your customer, anti-money laundering and counter terrorist financing policies.)

A deepening divide

Despite these issues, the transacting world continues to evolve. As investments in new technologies enable financial stakeholders to capitalize on big data, analytics and machine learning, for example, the potential to advance the fight against financial crime increases significantly.

However, even these new technologies are plagued by the imprecision of parsing names and aliases. Without a precise identifier these approaches risk making incorrect correlations and presenting wrongly aggregated conclusions. Furthermore, unless stakeholder uniformity based on a global entity identifier can be established in the data produced by these initiatives, the cost of attempting to realize this potential will skyrocket: more incompatible data means more complexity in compliance checks, and more checks to perform. The end result? Crippling inefficiency, massive bills for stakeholders and a toothless defense against crime.

The LEI: A simple fix today, a huge gain tomorrow

By mandating the use of the LEI in all financial flows, sanctions and watch lists globally, the use of identifiers would be standardized between institutions and, indeed, between nations. So doing would enable the compatibility of disparate data sources that is so severely lacking in today’s financial environment.

Enabling data compatibility is just the beginning. Given the LEI is already mapped to other identification systems like national IDs or Business Identifier Codes (BICs), for example, the LEI system enables stakeholders to act with greater confidence that all parties involved in a transaction are unambiguously identified.

Take identity theft, as an example. To avoid fraudulent substitution, the payment initiator might use the LEI to control the effective destination; in the ‘Confirmation of Payee’ they can ask the remitter to verify the name of the beneficiary.

Here the LEI would remove any ambiguity related to the destination of the transferred assets, and potentially allow the identification of a fraudulent pattern, by identifying an unexpected destination.

The formal representation of all the parties that the LEI creates can reveal other patterns of fraud, too. If the fraud is occasional, a ‘suspicion of fraud’ can be triggered if departures from common, repetitive payments scenarios are identified.

Alternatively, if the fraud is repetitive, other anomalies can be identified by aggregating more information from multiple financial flows going to the same destination, all thanks to the data compatibility afforded by the LEI.

These are just a few examples. In truth, the benefits of LEI adoption resonate across the whole financial ecosystem. In effect, the LEI can do for compliance what digital technologies are doing already for the rest of the world: enabling massive efficiency through automation and interoperability, on a global scale. There is no need for the compliance gap to widen further or, indeed, even for it to exist at all. If global support can be attained to generalize the LEI, compliance processes won’t just catch up with the rate of technological change, they will evolve concurrently. Only then will the fight against financial crime realize its fullest potential.

GLEIF Blog and Discussion Board

If you would like to comment on a blog post, please identify yourself with your first and last name. Your name will appear next to your comment. Email addresses will not be published. Please note that by accessing or contributing to the discussion board you agree to abide by the terms of the GLEIF Blogging Policy, so please read them carefully.



Read all previous GLEIF Blog posts
About the author:

Stephan Wolf is the CEO of the Global Legal Entity Identifier Foundation (GLEIF). Since January 2017, Mr. Wolf is Co-convener of the International Organization for Standardization Technical Committee 68 FinTech Technical Advisory Group (ISO TC 68 FinTech TAG). In January 2017, Mr. Wolf was named one of the Top 100 Leaders in Identity by One World Identity. He has extensive experience in establishing data operations and global implementation strategy. He has led the advancement of key business and product development strategies throughout his career. Mr. Wolf co-founded IS Innovative Software GmbH in 1989 and served first as its managing director. He was later named spokesman of the executive board of its successor IS.Teledata AG. This company ultimately became part of Interactive Data Corporation where Mr. Wolf held the role of CTO.


Tags for this article:
Client Relationship Management, Compliance, Data Management, Digital Identity, Know-Your-Customer (KYC), Open Data, Risk Management, Regulation, Standards