Episode 22: Peter Bainbridge-Clayton
AML Talk Show host Stephen Platt with guest speaker Peter Bainbridge-Clayton, CTO and Co-founder of kompany
AML Talk Show Hosted by Stephen Platt
Transcript
Stephen Platt:
Well, good afternoon, and thank you very much for joining me once again on the KYC360 AML podcast. My name is Stephen Platt, and I'm delighted to have your company again this afternoon. I have great pleasure in introducing my guest for today, Peter Bainbridge-Clayton. Peter is the chief technical officer and co-founder of 360 kompany AG, that's kompany spelt with a K. Which is a leading regulatory technology platform for global business verification and business KYC.
At 360 kompany AG, he has overseen the implementation of a network of connections to over 150 official business registers around the world, providing real-time official and audit-proof information for regulated and unregulated industries. And I felt that it was a great opportunity to meet and to chat with Peter, because as you all know, at KYB, Know Your Business and company ownership verification is becoming a very, very important part of AML due diligence requirements. ...
Stephen Platt:
Well, good afternoon, and thank you very much for joining me once again on the KYC360 AML podcast. My name is Stephen Platt, and I’m delighted to have your company again this afternoon. I have great pleasure in introducing my guest for today, Peter Bainbridge-Clayton. Peter is the chief technical officer and co-founder of 360 kompany AG, that’s kompany spelt with a K. Which is a leading regulatory technology platform for global business verification and business KYC. At 360 kompany AG, he has overseen the implementation of a network of connections to over 150 official business registers around the world, providing real-time official and audit-proof information for regulated and unregulated industries. And I felt that it was a great opportunity to meet and to chat with Peter, because as you all know, at KYB, Know Your Business and company ownership verification is becoming a very, very important part of AML due diligence requirements.
Stephen Platt:
And it is an area that many, many businesses continue to struggle with. For the main part, businesses certainly that I see, continue to try and verify corporate information manually, it’s fraught with difficulties and problems in inefficiencies, and regulatory technology companies, such as 360 kompany AG, are really bringing about enormous transformational change in the way in which organisations are able to automate their KYB due diligence processes. And now, Peter is a realistic blockchain and AI enthusiast. He has a long background in high throughput telecoms and government systems, including leading the redesign and implementation of the UK Government Business Register at Companies House. So, he is steeped in experience and knowledge of this particular area, and I’m delighted to welcome him to the show. Peter, welcome. Where are you talking to us from, because obviously we’re doing this remotely?
Peter Bainbridge-Clayton:
Good afternoon. Thank you Stephen. It’s a pleasure to be here. Although our company is based in Austria, I’m actually talking to you from where I live, which is just near Tunbridge Wells in the UK.
Stephen Platt:
Okay. Good. Well, I’m pleased you’re safe and well. Are you hoping for a summer holiday abroad this year? Or have you given up on it?
Peter Bainbridge-Clayton:
I’m hoping. Yeah. Yeah. Just about hoping. We were actually trying to get away just in one of the breaks between lockdowns. That didn’t quite work out, so fingers crossed. I’m double vaccinated, so yeah. Ready to go.
Stephen Platt:
Well, we live in hope, don’t we? Now, Peter, I’ve given by way of an introduction, a brief description of what 360 kompany AG does. Any listeners clearly that are interested can look it up for themselves online, but for the benefit of listeners that don’t use your service currently, as I understand it, essentially it allows users to access primary source business data in real time, by drawing on your global register network for access to commercial registries and financial authorities. And even in some cases, tax offices from around the world. I’ve got that right, haven’t I?
Peter Bainbridge-Clayton:
That’s spot on. Perfect. Yeah. So, kompany’s is basically, we’re a regtech platform for KYB, Know Your Business. We focus on companies and the people behind companies. So, managing directors, shareholders, that sort of thing. And as you say, what we’ve built is a mechanism, a platform rather, which connects to… It’s actually 200 plus jurisdictions directly, to get this information in real time on demand. So, we’ve taken care of all the connectivity, we’ve taken care of all the payment, we’ve taken care of all the different data structures and all of that. And what we have is a platform, a single source of data and information where you can come to have information across 200 jurisdictions, covering over 115 million companies, all in real time, all from golden source.
Peter Bainbridge-Clayton:
And if you’re using the API, all in the same structure. So, if anyone is doing any kind of cross border trade or cross border KYB or AML, we’ve basically done a lot of the hard work for them. They can come to us and not have to worry about, in particular, where the data, sorry, what jurisdiction the company they’re dealing with is from. In essence, what we do is we aggregate access to these data sources, rather than taking the data and aggregating the data. So, you know that the data you’re getting is from a golden source. Essentially we’re doing business verification and not providing business information in a CRA manner.
Stephen Platt:
I see. Now, obviously in the interest of full disclosure, I think most listeners know that for my sins I’m the chief executive officer of KYC Global Technologies. KYC 360 is obviously the online AML knowledge portal of KYC Global. But KYC Global also designs, deploys, offers RiskScreen AML technologies, and hundreds and hundreds of institutions around the world use our technologies. And so, in the interest of disclosure, I should of course, point out to listeners that RiskScreen, RiskScreen’s onboarding and screening modules do in fact utilise data from kompany. We have a global partnership arrangement, which allows us to provide seamless integration for real-time lookup of that data that you’ve just described, Peter. Now, you bore a distinction between aggregating access to data sources, rather than taking the data and then aggregating it. Can you explain for the benefit of our listeners, Peter, why that is an important distinction?
Peter Bainbridge-Clayton:
So, the key distinction there is if you’re aggregating data, you essentially don’t know where the data came from in the first place. You don’t know when it came from there, so you have no idea of its provenance. You have no idea of its age. And more importantly, it can’t be demonstrated where this information came from or when it came from there. So, what you end up with may well be a lot of very detailed, good information, and no one’s disputing the quality, in most cases, of that information. It’s just that to fulfill the requirements, the requirements say you have to use these primary sources and you have to know when they were there… When you got the data, so when the data was fresh, where it came from and be able to demonstrate that. So, that’s the crux of the difference there.
Stephen Platt:
Yes. I see the importance of that. I mean, again, I guess it’s all about auditability, isn’t it? It’s about veracity, auditability, and it’s also about timing. I mean, if a third party has aggregated the data and then provided you with access to it, the question is, well, at what juncture in time did you aggregate the data and how real time is this?
Peter Bainbridge-Clayton:
Exactly. Yeah.
Stephen Platt:
That’s the point. Now your background Peter, is very interesting. You studied astrophysics I note, from my background research. How did you come to be involved in KYB against that background? Tell us a little bit about your history.
Peter Bainbridge-Clayton:
I did. Yeah. So, it’s funny. I’ve always been interested in computers and I learned to program when I was 11, which was back in 1981, so quite early. And when I went to university, I was considering what to do. And I was pretty good at physics and I was always pretty good at computing, and I looked at the computer science syllabus and I couldn’t see anything which I hadn’t already done. You have to bear in mind this is so early in the days of personal computing that there really wasn’t there. So, I went with my actual love, which was physics, but astrophysics was the part that I was most interested in there, so that’s how I did it. How I actually ended up doing nothing whatsoever to do with astrophysics, it’s a very human story.
Peter Bainbridge-Clayton:
I finished my degree and I was staying on to do a master’s, but I was self-funding, and my bank manager decided that I couldn’t have any more money. And the funny thing is, this was in the days when I had an overdraft of £1000, which is, at the time, was big for a student. Nowadays, of course, if you have a £1000 people are wondering where you’ve been robbing banks from. So, essentially, I had to leave and get a job. And so, I went back to do the programming, which I was good at, and I just ended up going from one job to another. I ended up in telecoms, the mobile telecoms in Vienna, which is where I met our co-founder and CEO, Russell Berry. So, we basically bumped into each other off and on over the years since then. I ended up going to Companies House and working there.
Peter Bainbridge-Clayton:
And then we both ended up working together in South Africa on another mobile telecoms, and it’s then we came up with the idea, due to what I had just been doing at Companies House, and what Russell had just been doing in terms of aggregating access for this data, because we could… Russell’s very good on corporate law, and we were looking at what regulations were coming, in terms of KYC and AML. And we came up with the concept of making it simple, just so that people can go to one place, get what they need regardless of where the company is that they’re looking at in the world, and then just do their thing. And we did some market analysis and it seems quite a large market, and we thought we’d give it a go. And here we are 10 years later.
Stephen Platt:
Well, it’s a good story. Very interesting story. Now, obvious question, Peter, but I’m genuinely fascinated to know the answer to this. How do you get company registries to agree to allow you access?
Peter Bainbridge-Clayton:
Yes. Sometimes very easily and sometimes very painfully, the short description. We did have an advantage. Obviously, most people know that the UK access that Companies House gives is second to none. It’s simple, it’s free, it’s very, very easy to use, especially now they have the chase on API. And of course I had some knowledge of that already, so that gives a background there. But in Austria, there’s a system whereby if you want to get access to the register, you actually cannot go directly to it in the way that you would go to Companies House in the UK. You have to go through a licensed intermediary, and this is because they have to collect money on behalf of the government, they have to provide services of a certain quality. And we were able to get hold of one of these licenses. There are very few, I think there are maybe six that are actually in use.
Peter Bainbridge-Clayton:
So, this is all good and we could set up access. But what that also does is it gives us credibility in the eyes of other registers. So, we can go to them as licensed within Austria, which gives us within Europe as well, it gives us that credibility there. So, we passported that to other jurisdictions, and then we were one of the first companies, I think the first company, to be invited to the European Registers annual conference. So, we built up these relationships as well.
Peter Bainbridge-Clayton:
Now having said all that, there’s that personal aspect to it, that still are technically somewhat troublesome. I would say about 10% have a mature API, that’s probably the nicest way of putting it, which obviously that makes life much more simple for us. Each one is different, but given that there is an API, that makes life much easier. Where there isn’t API, we have to do certain things involving middleware code and seeing what’s hidden behind the layers of their code. So, there’s a lot of technology involved. There’s a lot of personal contacts involved, and it varies from case to case. But having the Austrian license was a definite bonus for us because that got us into… essentially into Europe as a whole. And being in Europe as a whole, that got us into the more global thing. So, like I say, from starting with two, we’re now at 200, so it’s done well, but you have to bear in mind that it’s taken us almost 10 years to get to this point. So, there’s a lot involved. It’s not for the faint-hearted.
Stephen Platt:
I can well imagine. I mean, it wasn’t so long ago, Peter, that there was a great deal of opacity around registry data. Now, I think we all know why that’s changed as quickly as it has, certainly in the long arc of history. It’s happened relatively quickly. But coming back to your reference to mature APIs, I can imagine, I may be wrong about this, but I can imagine that jurisdictions that have immature APIs are likely to be the most opaque jurisdictions. Would that be fair?
Peter Bainbridge-Clayton:
I’m not sure there’s a direct correlation. Clearly the jurisdictions who are deliberately opaque won’t have APIs, because that would be nonsense from their point of view. But there are a lot of very mature jurisdictions who have perfectly good websites to get this data from, or bulk data files or something, but actually have no usable API. So, the technology hasn’t caught up with a lot of registers. And of course, these registers were built many, many, many years ago. I mean, the UK one was built hundreds of years ago, and they spent so much time being paper-based, it’s actually only been this century when the vast majority of them have even considered going to electronic form, which obviously makes life difficult. And the first priority is to take data in, not necessarily to give data out, because they are in essence a repository of information, a register of information. And it’s not [crosstalk] clear that they exist to actually give data out.
Stephen Platt:
Yes. Yeah. That’s really… I wanted to ask you about that, because culturally, as you say, they are used to sucking information in, not reciprocating by sharing the data that they compel others to provide them. But clearly that cultural shift is being made, and this push for much greater transparency is relentless. It’s clearly, I don’t think, going to reverse anytime soon. But there are some jurisdictions that continue to cling to secrecy. How long do you think they can actually hold out?
Peter Bainbridge-Clayton:
I don’t think long. And what we have to remind us, drive to openness has come through a lot of European legislation and US legislation. There’s open data pushes, there’s the increasing compliance laws where customers have to have access to this data. And then of course, there’s been a whole bunch of technical improvements. I think, in a connected global economy, there’s simply no room for secrecy at this level. But there are conflicts with data protection, and those two things have to be balanced. Now, what’s interesting and what not many people actually know, is that when we talk of limited companies and limited liability, there’s actually a trade off built into that limited liability which is that your personal information, to some degree, has to be made public. And by that trade off, what you get in return is limited liability.
Peter Bainbridge-Clayton:
And people have forgotten that this is actually the basis of limited companies. And I think what’s going to happen is any jurisdiction which insists on providing this layer of secrecy, a) they’re not actually doing what they should be doing in terms of providing the trade off for limited liability. But also they’re running the risk of, okay, having a lot of companies which are registered there, because it’s easy, you don’t have to do filing or whatever the requirements are. But more and more of those companies are going to find it more and more difficult to actually get service, because they won’t be able to pass the KYB checks and the AML checks. So, I think it cannot work going forward, because by insisting on registered secrecy, you are insisting on making your register useless to the local and global economy.
Stephen Platt:
Yes. No, I see that. I see that. But I guess for some jurisdictions secrecy continues to be one of the very few levers that they have, one of the very few USP’s and they’re going to hold out until the bitter end, I suspect. Particularly if they have very little else to offer. But that’s interesting. I mean, as a junior lawyer, I mean, I remember being asked to go in-person to conduct company searches from time to time. I would traipse down and pay the fee and they would give me a printout, and there was really no way of knowing whether the information was correct. It’s not dissimilar really to the really rather ludicrous situation that we continue to have, in which professionals like me are asked to verify people’s passports. It doesn’t happen very often anymore, but when I was at bar school there was never a module which taught me how to analyse somebody’s passport to figure out whether or not it was the genuine article.
Stephen Platt:
And so, it’s an interesting analogy there, but now, in the case of KYB data, through services such as yours, that data comes with the highest possible veracity, because it’s retrieved straight from the primary source, and in real time. And so, that creates, if you like, a virtuous circle, doesn’t it? Number one, your customers get a higher level of anti money laundering assurance than they would if they were doing this manually, number one. Number two, they can do it in a risk-based fashion, which is what regulators want them to do. Number three, they benefit from massive operational efficiencies. So, it’s like a win, win, win situation. So, I think everybody can see and appreciate that. But how does it help in the fight against financial crime, which is essentially the genesis of all of these regulations? It’s the seed corn, isn’t it, for the growth of businesses like yours and mine. How does this real-time access to KYB data through these registries, from these registries, help in that battle, Peter?
Peter Bainbridge-Clayton:
Yeah. I mean, those are all good points. And I recall going to the London desk of Companies House many, many years ago and using the microfiche machines there, to look up information. I think that there’s, as you say, that there’s a few points to this. The most crucial one from my perspective, is that this data need not be used as supplied. And until very recently, if you went to a bank or something and you wanted to open a business bank account, they would expect you to give them the data. So, you would have to provide something from Companies House, the Article of Association, and you’d have to provide proof… Well, not necessarily proof, you’d have provide information about yourself, and information about the managing director, and try and convince them that you were the managing director. This of course is ludicrous.
Peter Bainbridge-Clayton:
Someone who’s going to indulge in financial crime isn’t actually going to be honest from the word go, they’re going to be dishonest from the word go. So, trusting them to provide accurate data is quite simply nonsense. So, it’s not user supplied, which I think is the main part of that. So, a lot of these attempts are stymied from the beginning. And the other one is speed of course, because it’s quite possible to set up a shelf company or buy an off the shelf company, register that, get your bank account, change your managing directors, change the shareholders, change whatever, and then do whatever you like, because no one necessarily knows that things have been changed. And this comes back to the veracity of data that we were talking about before.
Peter Bainbridge-Clayton:
Another aspect of it, of course, is that when you’re using this prime resource, real-time data, the red flags come up so much more quickly. So, if you’re doing an AML, KYB check on a company, and you know that all their shareholders are in the Dutch Antilles, for example, where there’s no information available for them. Beforehand someone in the compliance department may have attempted to find something out about that, but even pre-internet days, how do you even consider doing that? Now, you know that there’s a red flag around that jurisdiction because there’s no information there. You can do automated sanctions and adverse media and PET checks so that these red flags just pop up straight away. Excuse me. And this is all of course, building into automation of onboarding and automation of compliance processes.
Peter Bainbridge-Clayton:
Now, one interesting point which is often forgotten is, because we have this network and we have these connections, we can actually keep the data up to date. So, a lot of the financial crime, which as you say quite rightly, Stephen, is the driver for all this, occur after the company has been closed down. So, company closes down, banks don’t know, they just keep on allowing it to trade, for example. And then whoever’s still running the account can pretty much do whatever they like, because there’s no company there to monitor. With technologies such as ours, we can inform our customers that this company has moved. This managing director has resigned. The shareholders have changed. The company has actually closed down, so they can stay on top of all these things. And of course, this is all good metadata for behavioural analysis as well, to feed into our client’s GRT systems.
Stephen Platt:
Yes. That’s fascinating. I mean, the point about the ongoing abuse of company bank accounts in circumstances where companies are effectively dormant, or they no longer exist, is a fascinating one. And providing that information proactively to businesses, as opposed to them simply reacting, trying to close the stable door after the horse has bolted at some future periodic review point in time, the difference is night and day, isn’t it? I mean, it’s a quantum leap in compliance capability really. [crosstalk] Interestingly, I ran a webinar, this morning in fact, looking at the root causes of the Danske Bank scandal, which was obviously a huge, huge scandal. 200 billion euros laundered through their Estonian branch, over the course of about 12 years. And the whistleblower, blew the whistle repeatedly over a series of years.
Stephen Platt:
I mean, he was pretty much ignored in the sense that none of his allegations were ever properly investigated. But one of the concerns that he raised to his superiors related to a UK LLP, that according to the registry in the UK when he did the search, had absolutely no assets, it was worth nothing. It was essentially dormant. And he couldn’t quite reconcile that with almost half a billion euros in FX trades through the account of the company with the Estonian branch of Danske. And it’s an absolutely brilliant example, isn’t it, of the type of real time data that could be provided by your organisation to a bank, in order to alert them to the fact that the transactional activity that they are seeing is completely inconsistent with the data that’s held on a company at its registering.
Peter Bainbridge-Clayton:
Absolutely. Yeah. And the truth is that no bank or no FI really has a compliance department big enough to handle tens of thousands of accounts without this level of automation.
Stephen Platt:
Exactly right. I mean, we’ve tried to square that circle as an industry, by relentlessly hiring ever more compliance related staff. Tier one banks have tens of thousands of employees dedicated to AML around the world. But what we know is that despite that huge investment, the return that they’re getting on that investment has been poor. I mean, investment is increasing, but fine levels are increasing and we don’t seem to see any abatement in the number of anti money laundering scandals within industry. You simply cannot deal with this by throwing more bodies at it. You have got to embrace these next generation technologies in order to be able to cope with the sheer volume of data that indicates the risks that are inherent in the relationships that you’re in. I mean, that’s my view, and that’s my experience from conducting investigations into AML failure at tier one banks.
Peter Bainbridge-Clayton:
No. You’re totally right. And of course, the problem with throwing people at it is that that becomes diminishing returns very quickly. You end up with, all due respect to them, you end up with people who aren’t trained enough to know what to look for, trying to oversee what is actually quite subtle behaviour in some cases, across hundreds if not thousands of accounts. And the people at the top of the compliance set up, who have the experience to see the wood for the trees, they’re too busy helping everyone else to try and actually worry about the high value, higher risk accounts, which is what they should be doing. And although I think having a lot of compliance people is probably a good thing, they need the assistance of the technology of the automation, of the data, to actually make good, meaningful decisions and ignore the noise, ignore the guy who one day spends 10,000, which is a slight bump on his normal trading, but don’t ignore the fellow who’s doing half a billion in FX with a closed company, which is a great example.
Stephen Platt:
Yeah. Yeah. It’s interesting. Now, of course there are those within industry who will say these innovations in regulatory technology and the ability for us to be able to access real time data with a high level of veracity, is all well and good. But the bar keeps being placed ever higher and that therefore means that unless we avail ourselves of it, we don’t have a viable defense, because the absence of knowledge/suspicion about our customers becomes less and less excusable if we don’t embrace these sorts of innovation. You understand the point. And there are many within the industry who say, well, frankly it’s not fair. We’d rather just keep our head in the sand, and we’d rather not know. We’ll do the best with what we’ve got, but we don’t want to be compelled to continue to go down this track. Do you encounter those sorts of objections from time to time as well?
Peter Bainbridge-Clayton:
We do have to spend some time on education with our clients, potential clients, on the full ramifications of AML5, AML6, and that kind of legislation. The financial impact on a company for not doing these checks, and if demonstrably choosing not to do these checks, can be huge. And it literally is a company destroying scenario in a lot of cases. Now, we see that sort of attitude as compliance as a burden quite a lot, and we have entirely the opposite view. We see that if you use the technology, use what’s available to you, you turn compliance from a burden into a competitive advantage. And regtech, in particular companies like ourselves, it’s an enabler for the efficient and effective adoption of that. If compliance departments are thought of as a crucial, competitive part of the company, then that whole viewpoint switches, and actually it becomes not a burden, it becomes if we invest in this, what actually we get back is we’re going to get much more customers.
Peter Bainbridge-Clayton:
We can onboard faster. We can monitor faster. And if you’re monitoring faster, you can up sell faster because you have a better view of what your customers are doing, you have a better view of what products and services they may require. And what falls out of it is all positive, and there’s a bonus. You know that you’ve met your AML requirements, you know that you’re not going to do necessarily an annual screen and find that companies have been closed for the last 11 months. You know all this, and you know you’re safe, so you can sleep soundly at night, knowing that the regulator isn’t going to come and fine you 10% of your annual income. And better than that, you can onboard customers quicker, you can give them better service. It actually is a competitive advantage to have good compliance, and you’re not going to end up talked about on the news, with adverse news, to say that you’ve been fined 5,000,000,000 euros for not doing what are relatively simple checks. And that’s the way we see it, and we try to act as a mentor and educator for this mindset.
Stephen Platt:
Well, I think you put it incredibly well. And I encounter myself a good deal of skepticism from industry when I talk about a good compliance as a competitive advantage, but it is absolutely true. And we see it for example, with RiskScreen onboard, which partly is a consequence of COVID and the FATF statement encouraging the use of remote onboarding technologies at the beginning of last year, this technology is proving to be very, very popular. But it is an example of precisely what you described, because it provides customers of institutions with a better experience, certainly for legitimate customers, or obviously for customers with illicit motives it’s a nightmare, because they get found out much more quickly, as you said earlier. So, you get a better experience for your legitimate clients, and it puts illegitimate clients off even attempting to do business with you.
Stephen Platt:
You increase the velocity of the whole onboarding experience, which means you get more rapid time to revenue and possible upsell, as you say. You meet your AML requirements, and you get a high level of assurance. I mean, what’s not to like in all of this? I mean, if that doesn’t provide you with a competitive advantage over organisations that remain in the dark ages, with their manual processing of customer data, then I don’t know what does. So, I think the competitive advantage point is very well-made.
Peter Bainbridge-Clayton:
Definitely. I like to say that the cost of compliance is not what should keep you awake at night. It’s the cost of not being compliant.
Stephen Platt:
That’s right. That’s right. The difficulty though of course is… I remember when I founded the International Compliance Association with Wilmington PLC, and I wrote the International Diploma in AML Compliance. In the early days, I used to teach those classes, and a refrain that I would often hear, I hear it less nowadays, but I still hear it from AML professionals, is that they think the dice are loaded against them because business units are always able to value the cost of business avoided as a consequence of the application of controls and procedures. Whereas, the AML guys are never able to point to the value of disasters that have been averted or avoided.
Stephen Platt:
And that’s fundamentally unfair and it’s a fact of life, right? But it’s something that I think all risk management professionals have to constantly grapple with. And it’s incumbent upon directors and senior officials within organisations to recognise that that imbalance does exist. So, it’s an interesting point. Now, your service at kompany, Peter, presumably makes understanding the shareholder structure of legal entities a relatively easy task. Are you able to search in, what I would describe, as both directions, so that you can see linkages from companies to individuals and vice versa?
Peter Bainbridge-Clayton:
Yeah. So, we have a product which we call UBO Discovery, and this is exactly what you’ve described there. So, we basically start with a company, and we say, okay, create a UBO Discovery report for this. And what we do is we’ll use our network to get the shareholders of that company. Now, be that shareholder in data or in document format, if it’s in document format we obviously… They have to extract the text and do some machine learning to extract the actual meaning of that. We figure out who the shareholders are, and then any corporate shareholders we can then use our network again, to repeat the process. So, we can walk the tree in that direction. What we do have built in there is logic which will say basically, this chap over here, and this chap over here, they have the same name.
Peter Bainbridge-Clayton:
They have the same address. They have the same birth date, and that varies depending on the data. So, when we can make a reasonable assumption and actually quantify that. We can say there’s 80% confidence that these two people are the same actual entity. Going the other way is very troublesome, because the data and the documentation just literally isn’t structured in that fashion in the registers. And although we can make those assumptions, the risk of a false positive is pretty high. So, it is something we’re actively working on, but right now it’s upstream rather than downstream. So, from the root of the tree out to the leaves rather than from the leaves in.
Stephen Platt:
Yes. I see. And I can understand as a consequence of the way in which the registry data is structured, that going from the leaf back to the trunk is more difficult. I do see that. But it’s interesting. Now, criminals obviously often use complex corporate structures and layers of shell companies to hide their connection with assets, and to launder money, and they also obviously utilise the structures in the facilitation of active predicate criminality themselves. I mean, I think back to cases that I’ve investigated involving bribe payments on large arms contracts and so on, where the bribe paying organisations have used offshore slush funds, which look legit, because they’re branded as special purpose vehicles and expensive firms of lawyers who put all of the right paperwork in place. But they’re really just a vehicle for the payment of a bribe to another corporate structure, which is ultimately connected with the corrupt public official. I mean, that’s a pretty basic example of a methodology that I’ve certainly seen in use from time to time. How do you help to pierce those overlying entities that are used in the ownership chain?
Peter Bainbridge-Clayton:
Sure. Piercing is a somewhat loaded word, but I’ll explain what we do. So, using our technology and the network of connections that we have, and our machine learning that we’ve built to extract data from things like shareholder lists, we can do an awful lot. And by an awful lot I’m talking 90% plus of the work that a competent compliance officer would have to do in a manual fashion. We can make speed gains there from weeks through to minutes. Having said all that, and as hard as we try, there will always be jurisdictions and there will always be potential ways of structuring things, which make it impossible to actually completely pierce that shroud. However, if you imagine a person doing this, then if you get to a point where you simply cannot go any further in your compliance checks, that’s okay, but you don’t actually know as a person, whether or not you just haven’t found the information, whether or not the information is available, whether or not the information should be available but isn’t. You don’t really know why you’ve reached this dead end.
Peter Bainbridge-Clayton:
Whereas with the technology, we can actually say with certainty, why that dead end exists. So, we can put red flags up in a much shorter timeframe, to say this structure does look peculiar. We can’t go any deeper here because they’ve got to jurisdiction X, which doesn’t publish anything. Or they’ve got to jurisdiction Y, which does publish things but that company type doesn’t have to file its shareholdings. Sorry, its shareholders. Now, there’s always going to be this gray area where people simply cannot find out. Now, it’s important to stress that what we do is we do not make a judgment on that. We’re not in the business of providing credit scores. We’re not in the business of providing traffic lights to people, that is entirely the business of the GRC model of our particular customer.
Peter Bainbridge-Clayton:
We can tell them the ultimate beneficial owner for this is a company in the Seychelles, for example. Or in the Dutch Antilles, that’s as far as we can go because literally that is the only information that is publicly available. What you then do with that information is entirely up to you, as a customer, as a compliance officer, as someone who’s trying to run a corporate GRC model. So, we can certainly do a lot of it, and a lot of these corporate structures are, although they’re long, they’re relatively simple. And of course, a lot of legitimate companies, especially smaller startup companies have a lot of seed funding. They have a lot of investors who may invest in a lot of other companies, and when you look at them it looks like a complete mishmash of share holdings, which may look suspicious, but in reality it’s not. It’s just there are actually four or five shareholders who happen to have a lot of other shareholdings in similar sized small companies.
Peter Bainbridge-Clayton:
And what our tools allow you to do is get rid of all that noise and just focus on what’s actually important. So, you can say, yeah. Here we go. Here’s the five UBOs. One of them is a company in the Dutch Antilles, the rest are people with real addresses. So, how big a risk is that? It’s probably okay. If all the shareholders happen to go to different companies at the same address in a jurisdiction which doesn’t give out much information, that’s a bigger red flag. So, it’s all about… It’s never going to be about 100%. It’s always going to be about as close to 100%, and then potentially some human saying, “…yeah, this is okay,” or, “…we need to do further investigation here”. But of course, this comes back to the earlier questions about jurisdictional secrecy and data availability.
Stephen Platt:
Yes. I see that. Very interesting Peter. Really is fascinating. Now, I know from my own experience of running these investigations and also way back when I was running asset recovery actions on kleptocracy cases, that many of these companies that are used for illicit purposes are ultimately owned by trustees. You can’t own a company, a trust can’t own a company, because a trust simply doesn’t exist. It’s not a legal entity. A trustee owns a company through a trust structure. Now, that is a feature of many, many money laundering scandals, the ultimate ownership of underlying corporate entities by a trustee. How can your service, if at all, help to… Again, I’m using the loaded word, pierce the people, the individuals behind the trust?
Peter Bainbridge-Clayton:
Yeah. Trusts are amusingly named, I always think. They’re the least trustworthy structures that you can actually do. I mean, trusts are basically obscurations of ownership. There’s perfectly good reasons to have trusts and there’s lots of nefarious reasons to have trusts, I suspect. Unfortunately, the nefarious ones outnumber the perfectly good ones. Now, given that our service is based deliberately on golden source, official information, we are dependent upon what’s in that source, and therefore dependent upon the legal structures that that sources is based upon in that jurisdiction.
Peter Bainbridge-Clayton:
So, in some jurisdictions trusts are required to have at least a named individual as the trustee of the trust, for want of a better term. That’s not the actual term. And in some jurisdictions it might be that you are supposed to say who actually is controlling this trust. And I think the UBO registers will be extended to include that thing. So, right now there’s very little we can do, but that’s based on what information we can get from the registers. I suspect, and I expect, that that will change. And I think that trusts will be treated more like real corporate entities, and have to provide beneficial owner information. That’s my suspicion. But right now that’s probably still the most misused vehicle for this kind of thing.
Stephen Platt:
Yes. That’s very interesting. Very interesting. Peter, I’m very, very conscious of time, and I know that it’s towards the end of the day. It’s almost 5:00 PM. So, I think we’re going to wrap it up there. You’ve given us some really, really valuable insight into the criticality of real-time access to KYB data through your service, which it can be connected with technologies such as RiskScreen. So, I’m very grateful because I know the full extent of the abuse of corporate structures by money launderers and by criminals in the facilitation of predicate crimes. So, on behalf of our listeners at KYC360, thank you very much for taking the time, and good luck as you broaden your connectivity with company registries around the world. As I say, I’m sure that the wind is going to continue in your sails. And so, the very best of luck with that. Thanks again for your time.
Peter Bainbridge-Clayton:
Thanks Stephen. It’s been a pleasure. Thank you.
Stephen Platt:
Okay. Well, thanks very much for listening to today’s AML podcast from KYC 360. I hope that you found it interesting. We have a host of very interesting guests lined up for the show over the course of the next six months, so watch out for notifications for podcasts and interviews coming shortly. For now, stay safe, stay well, and I’ll speak to you again soon. Goodbye.
Other Episodes
Count this content towards your CPD minutes, by signing up to our CPD Wallet
