Why establish FinCrime data middleware?

Often, at organizations in the banking and insurance sectors, we find that workflow tools, such as case management systems or entity linking solutions, are tightly coupled to a handful of specific data sources, or even a single data source that aggregates from upstream sources. Various units across an enterprise typically adopt these tools to address basic, short term needs, like being able to tick a regulatory compliance box.

However, the cumulative effect of this activity is continued and incremental technical bloat, with multiple solutions deployed across the enterprise.

As false positives are realized, or worse, false negatives that relate to major compliance events, new data sources are explored, and new tools are considered—but all too often, enterprises are stuck, they can't simply layer yet another new solution without affecting the entire stack. Indeed, the existing processes and systems aren't for nought, as they are often adequate solutions to address many if not most of the enterprise's financial crime use cases.

The case for middleware

Middleware can go by many names, such as gateways, hubs, and orchestration layers, but the core idea is that centralized technology layers that decouple upstream (in this case data) from downstream (in this case tools) allow for better management, faster iteration, and better outcomes.

So why hasn't this evolved to widespread adoption? Well it is becoming more widespread than most people think, with nearly half of all regulated entities possessing some form of FinCrime middleware. However, progress towards this model is slow because it's hard for enterprises to justify the long term investment, and incumbent vendors that optimize the bundling of data and tools are not incentivized to encourage the proliferation of competitive marketplaces.

Beyond the tipping point: tougher regulations, increasing number of solutions

It comes down to forward thinking among ecosystem players. Tech-forward enterprises to drive these innovations in order to achieve better compliance outcomes, and truly data agnostic platforms, such as Demyst, to support their customers' journeys.

On average, Demyst clients in this space consume 7-8 additional data sources once they've onboarded our platform. And that can directly translate to the bottom line: we see greater than 50% reduction in multiple risk categories, from synthetic fraud to credit defaults; and, it's not rare to see more than 35% reduction in third party data related costs—another benefit of centralized ingestion and governance—all primarily through establishing a middleware.

We are well beyond a tipping point now. Compliance costs and fines continue to skyrocket. At the same time middleware adoption throughout the enterprise is at an all time high, and regulated entities understand and demand the value that comes from this. Furthermore, while many data vendors stand to add significant value to the equation, regulated firms have an increasing range of options, including the acquisition of data directly from government sources or partnering with the broader ecosystem to achieve more meaningful, sustainable outcomes.

The FinCrime & KYC Middleware Playbook

We encourage and support enterprises on their journey to create their own middleware. This typically follows the following playbook:

1. Plug the gaps
   1. Whether it's adding in adverse media, adding in an additional blacklist or watch list, or screening against international directorships, there is often a specific short term need
   2. Use this tactical use case to fund and drive the future state architecture. Add these attributes and screens in to an adaptable workflow that extends and adapts over time
   3. Go live, fast, and brag internally, to create internal momentum for change
2. Re-engineer what you have
   1. Define and centralize the understanding of the sources available under license today
   2. Include public sources and those embedded within existing tools - work with partners to ensure those tools offer access to the underlying data too, e.g. by bulk extract or API
   3. Refactor and engineer those sources in to the middleware from stage one, and re-route applications to query from the central hub, without any "breaking changes" to the underlying data itself
   4. This establishes the strategic foundation for the middleware while identifying any wasted spend (e.g. duplication)
3. Scale up, re-use, and automate
   1. Re-engineer and reuse data that is within the hub far more frequently (e.g. from monthly, to weekly, to daily, even to realtime streaming) and more extensively (e.g. run the whole book all the time, not just trigger based)
   2. This will drive real benefits based on using more realtime data
4. Establish automated discovery
   1. Establish a definition of "good" in terms of risk reduction, automation, and total cost of ownership
   2. Establish automated processes to scan, test, and flag data from the entire ecosystem that would be incremental to that definition
   3. Add incremental data to drive value, but also heavily use that platform to conduct analysis at key points review points with the top data sources and vendors
   4. This will drive you to 10x the data use, far higher compliance and benefits, without 10x the cost

We are in a renaissance period in the financial crime solution domain. Emerging realtime data sources, advanced solutions, and next generation workflow tools means that enterprises can do far more. Middleware is a necessary tool to get these solutions out of the lab and in to production.