Bank Rolls

PNC Bank’s information-systems team wasn’t thinking about compliance with the Patriot Act when it started a cleanup of customer files in 2000. The Sept. 11, 2001, terrorist attacks and the federal legislation that quickly followed hadn’t happened yet. The new regulatory climate would ultimately demand that PNC be able to prove it knew its clientele well enough to sort the legitimate customers from illegitimate ones—and perhaps even identify potential terrorists.

The project that started in 2000 was designed to give PNC a better understanding of its customers so it could market to and serve them better. The bank wanted to cleanse its customer records of incorrect addresses and eliminate confusion about multiple accounts opened by the same individual under slightly different names.

That experience is turning out to be valuable in the face of increasingly stringent anti-money-laundering regulations, aimed not just at terrorists but also at drug kingpins and foreign leaders hiding money in U.S. banks. These rules make it necessary to match names against a variety of aliases and alternate spellings (particularly Arab names such as “Khaddafi,” “Gaddafi,” “Qadhafi” and so on), which is a variation on the same issue PNC learned to address through its data-quality project.

The U.S. Office of Foreign Assets Control (OFAC) publishes “watch lists” of individuals and countries with whom U.S. companies are banned from doing business—that’s not new. But the Patriot Act threatened stricter penalties, including fines of up to $10 million and prison sentences of up to 30 years for executives judged to have been criminally negligent.

Banks that had never cleaned up and consolidated their customer data are being forced to do so as part of their compliance with the new regulations, says Richard De Lotto, principal analyst with the financial-services practice at Gartner Inc. “Suddenly, you start looking at 30-year prison sentences, and it focuses your budget wonderfully,” he says.

PNC Bank is the largest business unit of Pittsburgh-based PNC Financial Services Group, a diversified financial-services company with assets of more than $68 billion. The bank provides community-banking services, as well as wholesale banking services, to 2 million households and 190,000 businesses in Pennsylvania, New Jersey, Delaware, Ohio, Kentucky, and Indiana. Although it has grown partly through acquisitions—most recently, the $649-million purchase of New Jersey’s United National Bancorp completed in January—PNC has a strict policy of combining systems “on Day One,” says George Kunkel, the bank’s vice president of management- information systems.

While many of PNC’s competitors have found it more economical to let their acquisitions operate discrete systems in parallel, rather than integrating them, PNC’s approach “shows that they care about the data, they care about their customers, and they’re trying to return profits to their owners,” De Lotto says. Compared with banks that merely clean up their data in response to the regulatory threat, PNC is ahead of the game, he says. “That’s one of the places where people screw up because they think data cleansing is not sexy.”