California Privacy Rights Act – What Businesses Must Do to Comply

The California Privacy Rights Act (CPRA), also known as Proposition 24, was approved on November 3rd, 2020 and amended the existing California law, the Consumer Privacy Act (CCPA) from June 28th, 2018. January 2023 will see new amendments to the data privacy regulations of California and will require businesses to make the necessary changes to stay compliant.

The new regulations not only apply to businesses operating in California but also to those operating outside it and promoting their services in the state. This makes the new amendments quite important, as California is a leading economy that hosts the largest total population of a US state.

Businesses that Need to Oblige

Both the CPRA and CCPA are applicable to businesses based in California and offer services from outside its borders. The conditions for businesses to fall under the new regulations are as follows:

California Consumer Privacy Act (CCPA)

The CCPA applies to businesses that generate annual gross revenue of over $25 million, or deal in buying or selling personal data of over 50,000 individuals, households, or devices for commercial purposes. Another condition is that the business sells customers’ personal information for more than half of its annual revenue.

California Privacy Rights Act (CPRA)

The CPRA applies to businesses that generate annual revenue of over $25 million and deal in the sale or purchase of personal information of more than 100,000 individuals or households. The other condition is that the business takes more than half of its earnings from selling or transferring the personal information of its customers.

As per the new regulations, there is a broad scope of the terms “selling” and “sharing” of personal information, which implies that businesses need to pay close attention to know what they must do. The regulations define selling as: “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to another business or a third party for monetary or other valuable consideration”.

Whereas, sharing is defined as: “sharing, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to a third party for cross-context behavioral advertising, whether or not for monetary or other valuable consideration, including transactions between a business and a third party for cross-context behavioral advertising for the benefit of a business in which no money is exchanged”.

New Types of Businesses Under the Updated Regulations

The amendments to the CPRA have brought new types of businesses under the scope of the regulations. For instance, joint ventures and partnerships that provide every business with at least 40% interest fall under the same criteria. Similarly, a business that voluntarily decides to certify to the regulation will also be obliged to comply. Moreover, the CPRA also applies to those businesses that share common branding with an already regulated business. As per the amendments, common branding is defined as a “shared name, service mark, or trademark that the average consumer would understand that two or more entities are commonly owned”.

Parties that Fall Under the Regulations

As per the CCPA and the CPRA, the sending and sharing of personal information involve three major parties, which are contractors, service providers, and third parties. A contractor is defined as a “person to whom the business makes available a consumer’s personal information for a business purpose, pursuant to a written contract”. A service provider is defined as “a legal entity organized for profit that processes personal information on behalf of a business.” Just like a contractor, service providers get information from businesses “for a business purpose, pursuant to a written contract”. Third parties are defined as entities that do not fall under the category of contractors or service providers but are counterparts to whom businesses “sell or share” personal information.

The sharing of personal information with contractors and service providers is overseen by a written contract, which states the rules for the transfer of personal data and imposes a ban on its resale. However, there is a different system for transferring personal information to third parties, which considers the customers’ rights to their information. 

What are Consumer Rights Under the Regulations?

The CCPA and the CPRA state that personal information includes anything that a business collects related to its customers. This means that personal information is not limited to names, dates of birth, and locations. It also includes IP addresses, behavioral patterns, web search history, and even cookies. The businesses that fall under these regulations are required to offer California’s people the measures to fully utilise their privacy rights. These include the right to know which information is collected, its source, and the purpose for which it is required. Consumers also have the right to know with who their personal information is shared, and to whom it is sold. They also have the right to reject “selling or sharing” their personal information.

Customers of any business can access their previously provided personal information and get it deleted/amended at any time. Furthermore, the regulation also mentions that businesses cannot refuse or change the quality of their services in case a customer utilises any of the above-mentioned rights.

Depending on the type of violation, businesses can face different amounts of civil penalties under the regulation. In case of an intentional violation, the business will be fined $7,500 per violation. Whereas in the case of accidental violation, the business will be fined $2,500 per violation. However, penalties are only effective when businesses fail to rectify a violation within a period of 30 days. In case an individual sues the business, the regulatory fines vary depending on the personal information used or breached. If personal information is not harmed in a data breach, the customer can take between $100 and $750 for each instance. If the personal information is affected, the customer can take more than $750. Although the actual amendment will not be effective until January 1st, 2023, it will be applicable to the personal information collected from January 1st, 2022.

What Shufti Pro Offers

For businesses that fall under the CPRA and CCPA, it’s important to understand the importance of complying with the new regulations. In order to comply, they need to protect the personal information of their customers. Although it is a challenge to manage compliance costs, businesses with stringent identity verification measures can steer clear of regulatory fines.

Shufti Pro’s robust identity verification solution allows your business to avoid the hassle of a manual verification system and saves it from regulatory fines. The system deploys thousands of AI models to verify identities in less than a second with an accuracy of 98.67%. 

Want to know more about this solution? Get in touch with our experts!

fraud preventation

KYC Verification – Fraud Prevention in FinTech & the Payments Industry

The growth of the online payment industry and FinTech companies comes with a simultaneous increase in fraud and financial crime. According to a recent study, about 10% of the average spending in the online payments industry and FinTech is taken up by fraud prevention measures. This is because detecting and preventing payments fraud is significant to avoiding financial and reputational losses in any given firm. 

In order to ensure that their operations are fraud-free and they are compliant with international regulations, financial firms incorporate KYC verification solutions. Finding the balance between effective fraud prevention and cost management is one of the biggest challenges for businesses.

Risks Faced by Financial Institutions

Financial operations comprise numerous stages and each of them is a potential target for fraudsters. For this reason, businesses are now offered robust identity verification solutions that can be easily integrated as part of their online platforms. With these verification solutions, mobile and web platforms of eCommerce service providers can detect fake identities and fraudulent transactions. That being said, emerging technologies and the latest fraud techniques have made payment fraud detection more and more difficult for firms operating in the payments industry. 

Looking on the bright side, it’s not necessary that the solution to a complex and unpredictable problem must also be complicated. For instance, technology has also improved the system of verifying and screening identities against sanctions lists using numerous AI algorithms. This means that the detection and prevention of payments are not that problematic after all. Compared to the complex and time-consuming verification measures that were used previously, today’s solutions take mere seconds to verify identities using nothing more than a selfie from the customer. What’s important for businesses is to adopt a risk-based approach toward fraud prevention while taking into consideration the latest trends in fraudulent activity. Developing customer trends through transaction monitoring and background screening also requires a robust AML Screening solution.

KYC – Identity Verification

Unlike banks and financial institutions that constantly face the risks of fraudulent activities and bigger risks of money laundering, the payments industry is relatively less regulated. Banks are bound to implement procedures to verify the identity of their customers and analyse risks associated with their transactions. 

The Know Your Customer (KYC) measure is incorporated for the purpose of detecting fraudulent entities at the onboarding stage to prevent money laundering. The onboarding stage is the best for KYC because it eliminates the fraudulent entity before their account is created. For legitimate customers, the process doesn’t delay or create any problems for the rest of the operations throughout the customer journey.

Transaction Monitoring

KYC verification in itself is not enough when the aim is to protect financial institutions from crimes like money laundering and terrorist financing. As customers with legitimate identities can also be part of a money laundering scheme, it is equally important to perform ongoing transaction monitoring to analyse trends. By implementing AI-driven measures to mitigate the risks of financial crime, the payments industry and FinTech firms can prevent becoming the source of money laundering. 

A FinTech company can never know which online transaction involves money coming from illegitimate sources. For this purpose, they require robust AML screening measures to detect, flag, and report suspicious transactions. Furthermore, the increasing rate of online payments accounts for more and more transaction records with every passing second. To cope with this speed, businesses operating in the payments industry need to incorporate innovative solutions that can detect anomalies in real-time.

fraud preventation Infographic

Additional Authentication Measures 

Apart from transaction monitoring to analyse fraudulent transactions, FinTech companies also need measures to ensure that only their real customers have access to their online platforms. In the European Union, financial firms are required by law to incorporate sufficient customer authentication measures. Although these firms usually have set limits for the maximum amount that can be deposited into an account, it is also important to know who is accessing the customers’ accounts. With the help of additional authentication measures like 2 factor authentication, firms add a layer of security and are able to determine that their real customers are performing the particular transaction. 

Apart from 2-factor authentication, there are new and emerging fraud detection techniques that can allow firms to have better oversight of their customers’ transactions. Financial firms are urged by financial regulators to look out for deviations in normal transaction patterns, exceeding thresholds, unusual transactions from foreign sources, and discrepancies in IP addresses. 

How the Payments Industry can Be Fraud-Free

Most of the authentication techniques mentioned above are heavily dependent on the analysis of trends. This is because online transactions offer a variety of data points that can be used to analyse behavioural patterns and high-risk transactions. Organisations that consider fraud prevention measures as an extra activity that can be skipped are often under the weather with regulatory fines. When it comes to operations that involve money, it is always advisable to make security the top priority. 

When it comes to prominent FinTech firms, securing their operations with measures like encryption and tokenisation can work. However, smaller businesses do not afford these practices. Startups and SMEs should opt for measures that verify other aspects of their customers to be sure about their identity and their background. Address verification is one such technique that verifies the numbers and addresses given along with the credit card details to get better oversight of customers. For instance, businesses that use address verification can verify the zip code and street number from a billing address by matching it against the information provided for the owner’s credit card registration.

What Shufti Pro Offers

Considering the fast-paced growth of the Fintech sector and the payments industry, businesses have to re-evaluate and implement customer due diligence protocols according to the updated regulations. If you are a business operating in the Fintech industry, it all comes down to the following questions:

  • Are you complying with the country’s KYC/AML laws that you are serving? 
  • What customer due diligence protocols are you currently following? 
  • Is your screening process providing a higher customer acquisition rate or your drop-off is increasing? 
  • Is the process effective in all regions of the world? 


Shufti Pro’s identity verification solution allows your business to avoid the hassle of a manual verification system and saves it from regulatory fines. The system deploys thousands of AI models to verify identities in less than a second with an accuracy of 98.67%. 

 Want to know more about this solution? Get in touch with our experts!

japan new act

Japan’s Act on Personal Information Protection – What Businesses Must Do

New and emerging ways to bypass verification checks have allowed fraudulent entities to breach the sensitive personal data of clients in businesses and financial institutions. In June 2020, Japan amended its Act on the Protection of Personal Information (APPI) with a deadline of 1st April 2022 for businesses to adopt the new regulations. 

Prominent updates to the Act include a new process for sending and receiving personal information to and from third parties and businesses outside the country. Japan-based businesses now face a new challenge as new requirements are introduced that need to be fulfilled in case of data breaches.

The Act on the Protection of Personal Information (APPI)

Japan’s Act on the Protection of Personal Information (APPI) was first introduced in 2003 with the aim to protect the personal information of individuals (customers of businesses, banks, and other financial institutions) in the country. Since its introduction, the Act has seen two amendments in 2015 and 2020. Compliance with the APPI is monitored by the Personal Information Protection Commission, which is Japan’s primary regulatory body to investigate and enforce supervision, assessment, and mitigation of concerns that arise in businesses and financial institutions.

As per the APPI, personal data that can be processed or stored only with the consent of the individual are classified into two main types. The first is the basic personal information like name, date of birth, contact numbers, and personal identification codes. The second type of sensitive data is ‘special care required’ information, which includes medical records, information about race or inheritance, and criminal history. Although biometric data is not explicitly mentioned in any of the two types, it is likely that it will be included in the ‘special-care required’ information. Moreover, the APPI allows individuals to question the purpose of processing their personal information and also gives them the right to amend or delete it.

What’s in it for Businesses

Like the EU’s General Data Protection Regulation (GDPR) obliges businesses in the region to protect personal information, businesses operating within Japan are obliged to comply with the Act on the Protection of Personal Information no matter what their status or revenue is. Initially, the Act didn’t require businesses to protect or state the reason for collecting and processing personal information. However, the amendments made to the Act in 2015 added compliance requirements that subjected businesses of all sizes to protect their customers’ personal information. 

Furthermore, businesses operating outside Japan and are linked to the Japanese market are also obliged to comply with APPI. This implies that businesses operating overseas but gathering personal information from clients in Japan are also required to comply with the new regulations. That being said, government institutions, educational institutes, and the administrative sector are not obliged to adhere to these regulations. The amendments made to the APPI in 2020 further broadened the scope of businesses that fall under the rules. In simple terms, changes have been made to the rules that govern the transfer of personal information to third parties and the notifications in case of data breaches.

Transfering Personal Information to Third Parties

Up until 2020, businesses based in Japan were allowed to send personal data to third parties without the consent of the customer. The customer was provided the details of the transfer of their personal information. However, since 1st April, 2022, corporations are obliged to request the customer for permission to send their personal information to third parties. In cases where national security, public interests, or legal matters are involved, there can exceptions to the new regulations and personal information can be transferred. Businesses are allowed to proceed with the transfer of personal data without the consent of the customer only if they notify them before the transfer. Moreover, this condition is not applicable in the case where ‘special-care required’ personal data is in question.

Transfering Personal-Related Information to a Third Party

Personal Related Information (PRI) is a section that was added to APPI along with the other amendments made in 2020. The new category of personal information include the data that is related to the personal matters of the customer, including their transaction history, purchase history, or web browsing information. The PRI category doesn’t include basic personal information like the name or date of birth of the customer. Before the 2020 amendments to the APPI, the PPC was not authorised to regulate the transfer of personal information to third parties outside the boundaries of Japan. Now, the PPC has been provided authority to oversee these processes. Businesses must now provide proof that the foreign third party takes “equivalent action”, or has the same level of personal information protection as Japan. The third party must also be in Japan’s list of adequacy decisions provided by the PPC.

Similarly, the transfer of this kind of information to foreign entities requires businesses to notify customers about the destination before sending it. This includes the name of the country, the quality of the data protection measures in the country, and the additional measures that will be taken to secure the data.

How Businesses can Comply with the APPI

In a requirement similar to those of China’s Personal Information Protection Law (PIPL), Japan-based businesses are obliged to keep a record of the transfer of personal information to third parties. Businesses must ask for permission before sending their customer’s personal data to any third party unless the transfer is for a regulatory action, or when sending the data is the only available option to protect a person’s life or assets.

Up until the latest amendments were not made, the APPI followed a moderate sanctions regime against businesses that failed to comply. For instance, the maximum penalty for a business used to be ¥500,000 (approx. $3,900). After the amendments, businesses can now be penalised with up to ¥100 million (approx. $781,500). Moreover, those in charge of these businesses could face charges of one-year imprisonment and fines of up to ¥1 million (approx. $7,815).

Key Takeaways

Considering the latest changes to the data protection law of Japan, it is clear that the safekeeping of customers’ personal information is quite important for Japanese businesses. Being one of the most successful economies in the world, the country makes significant efforts to maximise the measures to protect sensitive data. On the corporate level, businesses must also take steps to ensure compliance with the updated API.

To do so, businesses need to incorporate AI-driven verification solutions into their system. Shufti Pro’s robust identity verification solution can be easily embedded within an online business platforms all the features that help them comply with regulatory obligations while ensuring that the customer’s data is safe.

Here are the key benefits of Shufti Pro’s ID verification services:

  1. Verifies the real identity of the customers in less than a second
  2. Generate results with 98.76% accuracy
  3. Screens customers against 1700+ global watchlists and PEP lists
  4. Helps comply with regulatory obligations and secures businesses from sanctions

Want to learn more about ID verification services for businesses?

Blog know your patient

Know Your Patient – Eliminating Fraud and Crime in the Healthcare Sector

The digital transformation has reached the healthcare sector with new remote onboarding options for patients. As the digital age creates new opportunities across various industries, there is also an increased risk of fraud and data breaches. A recent HIPAA Journal has reported that there were more data breaches in 2021 compared to any year since 2009. 

It’s not just the breach of patients’ sensitive data that causes problems for the healthcare sector – as subsequent actions like medical fraud and purchase of drugs using someone else’s prescriptions cause serious damage to the institution. Approximately 80 million individuals have been reported to have become victims of data breaches.

Fraud in the Healthcare Sector

Impersonating legitimate patients by stealing or forging identity documents is relatively easier for fraudsters when there is an absence of verification measures like Know Your Patient. Whether it is onboarding new patients or adhering to regulatory obligations by authorities like HIPAA and NHS, medical institutions need to implement these verification measures. KYC (Know Your Customer) is a necessary identity verification measure implemented by banks and financial institutions to prevent becoming victims of fraud and money laundering.

The spike in insurance fraud and prescription fraud in hospitals calls for the mass adoption of Know Your Patient (KYP) to verify their identity and their age. Online identity verification solutions assist medical institutions as well as pharmacies to secure the onboarding of patients and provide them security by protecting their personal information, prescriptions, and test results. Not only that, a robust KYP solution can significantly improve the efficiency of patient authentication.

The Importance of KYP (Know Your Patient) 

Technological advancements have contributed to the development of online platforms for medical institutions where both patients and medical staff, including doctors, can conveniently manage their information and tasks. 

Identity Verification

In light of the increasing fraud rates in the health sector, regulators have ramped up efforts to require online platforms of medical institutions and drug stores to incorporate measures for the verification of patients’ identities. This security measure is beneficial in reducing the number of minors that get addicted to drugs just because they are allowed to purchase them without verification. Furthermore, medication is a sensitive matter that requires extra care, and in case of the wrong dosage or medication, the consequences can be fatal.

According to the Royal Pharmaceutical Society, the lack of age verification measures in pharmacies has enabled minors to purchase drugs using fake prescriptions. The pharmacies simply assume the age of the person by judging that “the child is capable and competent to understand the importance of the medicines they are collecting” and that they are “confident the child will not misuse or tamper with the medicine.” Instead of countering this problem with a robust solution, online platforms of pharmacies have opted for simple web-based forms that the customer has to fill and get approval from the person in charge.

Secure Patient Onboarding

By incorporating a robust KYP solution, pharmacies and medical institutions can prevent minors and fraudsters from getting access to prescribed drugs. Another option to ensure that only legitimate patients are able to purchase medicine is through video KYC, which allows pharmacies to get a better idea about the age of the patient. In most online health platforms, patient onboarding is still a manual process that is not very convenient for either of the parties. As online systems are designed to cut down on the errors made due to human intervention, KYP solutions can further increase the efficiency of hospital systems. As a result, medical institutions can improve their system by reducing the time spent on rejected insurance claims. 

With today’s robust KYP solutions, patient information can be verified through their ID documents as well as insurance cards, passports, or driver’s licenses. It takes mere seconds to verify the patient and significantly reduces the time taken to onboard patients. In case the medical institution fails to protect the sensitive personal information of patients, they risk getting their reputation stained. The safekeeping and continuous updating of patient records are mandatory for every medical institution as it allows them to provide better services to the patients. When the information of patients is not secure, cyber attackers like malicious hackers can breach the system and make changes that can prove quite harmful to the patient’s health.

Blog know your patient Infographic

How to Implement a KYP Solution

The healthcare sector can eliminate fraudulent entities and address the issue of convenience by incorporating a Know Your Patient process that follows a few basic steps. It begins by requiring a scanned copy of the patient’s government-issued identity document, which can be their ID card, passport, or driver’s license. The patient has to simply send the scan via the medical institution’s identity verification platform, followed by a selfie which the system uses to verify their identity using biometrics. The selfie is matched against the photo of the patient on their ID document. The system also verifies whether the ID document provided by the patient is original by matching numerous templates with the help of machine learning algorithms. 

Similarly, the age requirement for the prescribed drugs is verified accordingly against the patient’s actual age as per their ID documents. This helps the medical institute to detect fraudulent activities and prevent data breaches.

The above mentioned key steps are considered significant to secure the healthcare industry, assisting companies to protect patient data integrity and helping to maintain trustworthiness in the market. It’s viable for medical institutions, yet it fails to integrate such tech-driven solutions which makes them vulnerable to crimes.

What Shufti Pro Offers

Securing the healthcare industry is becoming a global concern and the sector is in dire need of integrating automated identity verification solutions. This will assist them in onboarding legit patients and fighting medical fraud including patient identity theft, false insurance claims and much more. Know Your Patient verification regulations are considered critical for safeguarding the medicare industry’s integrity. 

Shufti Pro’s Know Your Patient (KYP) verification service is the ideal solution to counter identity fraud in the health industry. Shufti Pro’s identity verification solution removes the friction and increases transparency, making the onboarding process seamless. Powered with thousands of AI models, ID verification services help to curb the risk of criminal attempts and assist to stay put with the ever-evolving regulatory regime.

Want to know more about our KYP solution for the health industry?


Prevailing Financial Crimes and AML Regulation in Argentina – How Shufti Pro Can Help

Argentina has faced many significant challenges due to its geographical location, including the flow of black money from drug trafficking to corruption. Political and public corruption continued to become the critical source of money laundering, including the domestically generated proceeds of crimes originating from Venezuela. Additionally, the Tri-Border Area (TBA), which links Argentina with Paraguay and Brazil, is considered one of the most critical points for trillion dollars in money laundering, terrorist financing, drug trafficking, and various other financial crimes. Moreover, financial watchdogs have also suspected various TBA’s money laundering businesses of having links with Hizballah, which is an organised crime group.

Therefore, in past years, the country has made prominent changes in its anti-money laundering and counter-terrorist financing regulations. Many significant enhancements were made and many new laws were legislated. However, Argentina is among the 39 FATF member countries. According to the FATF’s review in 2010, the country is continuously working to improve their AML control systems to meet requirements. However, in 2014 another report was published in which the regulatory body stated that Argentina managed to meet its requirements. 

Insight into the Financial Sector of Argentina

Argentina’s Financial sector is very small as compared to the jurisdiction at the same level of development. However, Banks and the Sustainability Guarantee Fund (FGS) dominate the country’s financial sector, while the Nonbank Financial Institutions (NBFIs), insurance companies and mutual funds play a less significant role. Thus, developing confidence and trustworthiness in macroeconomics is considered essential to enhancing financial markets.

Additionally, the continuous high inflation and a sharp widening of the spread between the official exchange rates and the public rates in recent months has put the private sector in an uncertain direction, which is making it quite hard for authorities to assess financial risks in the country. Furthermore, the government initiatives to broaden the role in the allocation of funds will also be more likely to increase the distortions and may decrease the chance of developing confidence in the financial sector. 

The banking sector also appears adaptable to an emerging range of shocks, reflecting liquidity buffers, a strong grip over their assets and large capital. This effort shows the recovery in the financial firm’s profitability over the recent years resulting from strong service income to sizable financial margins. Additionally, a stress test has also been conducted that showed that the banks are capable of resisting any kind of changes, yet are prone to credit and concentration risk. Nonetheless, banks also do experience heaps of challenges. The emergence of new regulatory obligations, particularly the ability to develop risk assessment systems, will be at some level complex and can create uncertainties about measuring the critical economic variables. 

Therefore, Banco Central de la República Argentina (BCRA) can take competitive benefits of the Basel framework to agree on a capitalizing plan for banks, which will enable them to adopt a risk-focused approach to dividend payments. Furthermore, the recent programs required by the BCRA, if retained and extended, will surely put the banking sector under stress.


Argentina’s Law Enforcement Authorities Challenging to Fight Against Money Laundering

Argentina has been losing fights with money launderers and organised crime groups. The increasing number of cases is badly impacting the country’s economy and most of all. It has been affecting the justice system making it incapable to put criminals behind the bars. Additionally, despite the fact that the number of drugs seized by the law enforcement authorities grows every year, along with arresting corrupt entities, the lack of anti-money laundering and know your customer regulations and inefficiencies of the government departments are allowing money launderers and terrorist groups to continue their illicit activities. Since 2006, the Financial Information Unit has filed 837 reports regarding financial crimes and suspicious activities.

Anti-Money Laundering (AML) Regulatory Framework

The Financial Information Unit (UIF) is a regulatory body that works within the National Department of Finance, that is accountable for analysing and transitioning the information in order to prevent money laundering and terrorist financing in the country. However, the financial watchdog is also responsible for whether the banks, insurance companies, and non-financial businesses are compliant with the regulation and if in case of being non-compliant they also have the right to enforce laws and regulations.

The businesses are also obliged to make efforts to determine and report suspicious activities and money laundering cases to the UIF. If the financial watchdog decides that the report is valid and considers it a crime, then the businesses can file a case against such entities.

The UIF has also the power of requesting reports, background screening information and documents from the banks and other businesses if they become flagged as being involved in money laundering or assisting criminals to use Argentina’s legal financial systems to launder their illicit earnings. Additionally, the financial watchdog is also capable of directly reaching the Attorney General’s Office to get orders to suspend suspicious activities or transactions, freeze illegal assets and seize critical documents that can be used to investigate the proceeds of money laundering and terrorist financing.

Furthermore, the Central Bank of the Republic of Argentina (BCRA) and the National Securities Commission (CNV) also hold a minimum level of authority to enforce anti-money laundering regulations. Aside from the FIU, BCRA is among the most significant bodies in the country that is working to enhance the AML and CFT  regulations. Under the light of Law 25.246, the authority has taken critical initiatives to make the in house controls more rigid and keeps an eye over the banking sector whether they are compliant or not. 

Despite the challenges the government departments and financial regulators have faced, Argentina has successfully made significant progress in strengthening the anti-money laundering and counter-terrorist financing framework. In this regard, the government has also developed a separate department known as National Committee for Combating Money Laundering and Terrorist Financing to govern Argentina’s money laundering and terrorist financing approaches, including forming national risk assessments (NRAs).

AML Non-Compliance Fines and Penalties

According to the anti-money laundering and counter-terrorist financing regulations, its regulatory obligation as well as the social responsibility of financial institutions and other businesses to stay put with laws. In addition to this, they can also make additional efforts to help regulatory authorities to curb money laundering and terrorist financing activities in the country.

However, in case any business or individual entity is found non-compliant with the regulation, and is suspected to be involved in carrying out money laundering or terrorist financing can face imprisonment of two to ten years and a fine of two to tens times the amount of the illicit transaction made to launder money. Additionally, if the bogus transaction doesn’t exceed the threshold of AR$300,00, the fine and imprisonment may get reduced by the court.

How Shufti Pro Can Help

Shufti Pro’s all-in-all AML screening service is powered by thousands of AI models along with all essential features that can help financial businesses to stay put with the regulatory obligations while ensuring that suspicious activities never get undetected. Banks opting for robust ID verification services can reduce the risk of getting sanctioned or experiencing hefty fines for being non-compliant.

Following are the key benefits of Shufti Pro’s AML screening services;

  1. Determines the real identity of the customers in less than a second
  2. Generate results with 98.76% accuracy
  3. Screenings the customers against 1700+ global watch lists
  4. Helps to stay put with the regulatory obligations and secures businesses from sanctions

Want to learn more about KYC/AML services for financial businesses?

effectiveness of the uk

Effectiveness of the UK’s Economic Crime Bill in Combating Financial Crime

The Russian invasion of Ukraine has resulted in a surge in financial crimes in the UK as Russian oligarchs look for safe havens to launder their illegally-obtained funds. The lack of stringent measures to tackle money laundering made the UK a perfect place for those with close ties to Vladimir Putin to stash their dirty money.

The UK’s new Economic Crime Bill has been formulated at a fast pace and is aimed at creating a transparent system of foreign ownership of property. The bill was initially assumed to improve the sanctions regime in the UK, which has been long overdue. 

The UK’s Financial Crime Situation

A long list of Russian oligarchs like Roman Abramovich, Alexey Miller, and Gennady Timchenko have used London as a safe haven for their large amounts of wealth. The UK’s financial system enabled these oligarchs to purchase multi-million pounds worth of properties throughout central London. A study by Transparency International shows that Russian billionaires own over £1.5 billion worth of real estate in the UK.

As the UK government realised that more needs to be done to fill in the loopholes, it started making efforts to introduce the Economic Crime Bill. However, the question remains as to whether the Economic Crime Bill will put an end to money laundering in the country. Looking back at the previous efforts made to clamp down on financial crime, it is clear that the progress was not satisfactory. 

For instance, in 2016, former Prime Minister David Cameron stated at an anti-corruption summit that the government would pass a bill to reveal offshore companies and assets of corrupt politicians. However, this bill was never introduced. In 2018, the Sanctions and Anti-Money Laundering Act was passed to allow the UK to issue its own sanctions after Brexit. The Act was formulated to identify, investigate, and prevent financial crimes like money laundering and terrorist financing. It would thereby implement the international AML standards set by the Financial Action Task Force (FATF).

The next year, the Treasury Committee found that the UK still lacked the necessary measures to effectively tackle financial crimes. It was not until Russia’s invasion of Ukraine that the UK government finally began taking serious steps toward the Economic Crime Bill.

The Reality of the Economic Crime Bill

The Russian invasion of Ukraine created an urgency in the UK as it did in other safe havens throughout the world. As the UK’s regulatory regime was rather lenient in addressing sanctioned entities, it raised even more concerns about dirty money being laundered in the country. As a result, the Economic Crime Act was finally passed in March, which showed that the UK government is really rushing to make efforts against money laundering.

effectiveness of the uk Infographic

The Economic Crime Bill makes necessary amendments to sanctions regulations and eliminates the loopholes that previously put the country in a tough spot. It also updates the rules for wealth orders to ensure transparency in financial operations. The most important aspect of the bill is the transparency it brings for offshore companies that own UK property. These features of the bill demonstrate clearly why the House of Commons rushed the bill to be introduced as quickly as possible. 

Another major concern that needed to be addressed by the implementation of the Economic Crime Bill is the establishment of companies within the UK by foreign entities like Russian oligarchs. The bill will also make necessary amendments along with other efforts to enhance transparency in the corporate sector, simultaneously changing the position of the Companies House, the UK’s register of businesses.

Why the Implementation of the Bill is Critical

The fast-paced adoption of crypto and the lack of regulations add to the concerts of money laundering. In 2021, cybercriminals laundered $8.6 billion worth of crypto, which was a 30% rise from 2020. Reports also suggest that Russian oligarchs have invested their dirty money in crypto assets to steer clear of global sanctions. With the Economic Crime Bill, the government needs to address three crucial points. 

First, it needs to increase the funding for law enforcement agencies. Then, it needs to establish a monitoring mechanism for those who supervise anti-money laundering (AML) compliance programs in financial firms. If there are corrupt entities within the organizations that are operating for the purpose of tracking dirty money, it won’t do any good. Lastly, the UK government needs to allow prosecutions of large firms and banks for corruption. It is surprising that this is still not a possibility in the UK in 2022.

The Government recently published a Whitepaper on Corporate Transparency and registered reforms that will change the role of the Companies House. The House that simply received information will now be responsible for the safekeeping and reliability of sensitive data. Although the government’s efforts to introduce the bill were hindered by numerous setbacks and criticism, the anti-fraud minister Lord Agnew resigned after the bill was passed. He claimed that the government’s stance towards combating fraud did not align with the bright future of the passed bill.

Key Takeaways

To sum it up, it is clear that the UK’s provisions regarding the new Economic Crime Bill are a serious test in case of sanctions evasion. It is up to each business and financial institution to protect itself from regulatory action as a result of being involved in money laundering. Financial institutions should incorporate robust solutions that allow them to detect and report suspicious transactions and activities to the relevant authorities. 

The real concern for any business or financial institution is the variety of risks it faces from a wide array of clients from different backgrounds. Moreover, new and evolving methods of fraud and money laundering are only adding to the difficulties. In the absence of sophisticated fraud detection mechanisms, financial institutions are always close to getting their reputation stained by money laundering schemes. 

Shufti Pro is a UK-based IDV provider that offers a robust AI-powered AML screening solution for real estate businesses enabling them to remain compliant with industry-specific regulations. Businesses can effortlessly identify suspicious and high-risk customers by cross-checking them against 1700+ watchlists to stay compliant with global due diligence standards. 

Find out how businesses can comply with global regulations with KYC/AML solutions!


An Insight into AML Compliance in the Financial Sector [2022 Update]

The increasing global attention towards anti-money laundering (AML) and countering the financing of terrorism (CFT) has urged financial regulators to impose stringent restrictions on businesses. Anti-money laundering (AML) requirements are imposed on the financial sector to prevent money launderers from concealing the origins of their ill-gotten funds and businesses from facing compliance penalties.

International financial watchdogs like the Financial Action Task Force (FATF) and groups like the International Consortium of Investigative Journalists (ICIJ) are targeting financial crime throughout the world to find a common solution. Banks and other financial institutions are obliged by law to implement AML measures to avoid aiding money laundering activities.

Trends in Anti-Money Laundering Regulations

The US Department of Justice has recently been active when it comes to making efforts for anti-money laundering and civil forfeiture. A new panel is set to discuss the emerging AML enforcement trends and the most common safe havens for financial criminals that look to launder their proceeds of crime. Moreover, it will also discuss the role of Administration’s Strategy on Countering Corruption and the the implications for financial institutions. Another new trend in the AML landscape is the introduction of new regulations for digital assets. 

Financial regulators are struggling to develop rules for constantly developing technologies of blockchain and the transactions for digital assets and cryptocurrencies. The regulatory developments like sanctions for crypto transactions are being discussed by the Department of Justice. On January 1, 2021, Congress passed an extensive AML Act that is an important part of the BSA/AML legislation. However, experts believe that its potential implementation will be altered by regulators and stakeholders in the real world. 

AML in the Banking Sector

AML compliance regulations require banks and financial institutions to verify their customers’ identities and perform background screening to analyse the associated risk. The institutions are also required to submit a record of suspicious transactions along with details of why they are suspicious. The AML holding period obliges customers to deposit a particular amount in their account for a specific time. In the US, this time is five trading days. This period allows banks and insurance firms to identify the risks and perform the correct type of due diligence process – customer due diligence for low to medium risk cases, and enhanced due diligence for high-risk cases. 

Money laundering, or concealing the origins of ill-gotten funds, involves methods to bypass regulatory checks and gaining legitimate funds. The illicit funds are chaneled through the legitimate financial system of a bank to make it appear as the real source. Money launderers usually deposit their money in smaller amounts to avoid being caught by regulatory checks as the limit for a single transaction is pre-defined.

Channeling dirty money through various transactions in increments allows financial criminals to defraud the bank and consequently stain its reputation. This is made possible due to the lack of robust AML Screening checks that monitor the past account activity of the customer and check for their presence in global sanctions lists and PEP lists. The lack of AML screening not only leads to increasing cases of money laundering, but there is also the concern of criminals using the ‘cleaned’ money for financing terrorism, organised crime and drug traficking.


How the Banking Sector Can be Secured

The most important institutions in the finance sector are banks, as they are responsible for handling numerous transactions every day. Banks face the constant threat of becoming the victims of financial criminals that try to find the loopholes within the institution’s system to fulfil their illicit motives. Furthermore, technological advancements in the form of FinTech solutions and the surge in online payments has created a demand for improved measures for the protection of customers’ personal information. 

Know Your Customer (KYC)

Know Your Customer (KYC) verification is a process implemented by banks and financial institutions to verify their customers’ identities during onboarding. KYC is not only mandatory for all banks and financial institutions dealing with monetary transactions, but is the first and basic step of any AML compliance program. KYC verification involved the collection of the customers’ identity documents and verifying their legitimacy. Banks are obliged to verify whether their customers’ personal information matches their data in government records, which gives them proof of their identity. KYC solutions now verify identities using technologies like biometrics in the form of facial recognition and OCR technology in document verification.

Customer due diligence is the basic process incorporated by banks to collect the background information from a customer’s profile and analyse the risk of money laundering and terrorist financing. The core purpose of the due diligence process is for the bank to completely know who they are dealing with. Risk assessment is not possible without screening the customers against global sanctions lists and lists of politically exposed persons (PEPs) along with government records of criminal activity.

AML – Transaction Monitoring

The type and background of the customers of a bank or financial institution can never be predicted. Similarly, there are different type and amount of transactions to and from different sources. A customer who has an account in a particular bank can transfer or get money from another customer of another bank. This wide array of possibilities in transactions and sources puts banks in a difficult position when it comes to identifying suspicious transactions. Banks are required to analyse and keep record of the transactions made by their customers. In case where a bank doesn’t monitor transactions and ends up assisting payments made to sanctioned entities, they can face huge penalties.

It’s not just the fines that have adverse effects on the bank, but the stains on their reputation are often permanent and lead them to bankruptcy. For this reason, banks and financial are urged to monitor the transactions and their sources to ensure that they are not becoming a source in a money laundering plot. This means they are obliged to check the background and origins of funds in case of transactions that exceed the $10,000 threshold.

What Shufti Pro Offers

Identifying and eliminating the sources of financial crime that lead to money laundering and terrorist financing requires financial firms to incorporate robust AML Screening solutions. Global regulatory authorities have time and again warned banks and other financial institutions to ensure AML compliance to prevent financial crimes, avoid regulatory penalties , and the subsequent reputational damages. 

Shufti Pro’s robust AML screening involves the verification of a potential customer by screening them against global sanctions lists compiled by regulatory authorities such as the FATF, FinCEN, FINTRAC, and AUSTRAC. It involves authenticating the user information against 1700+ watchlists and Politically Exposed Person (PEP) lists in less than a second with an accuracy of 98.67%. As a result, fraudulent customers are detected and AML compliance is ensured.

Want to learn more about AML compliance for the financial sector?


KYC/AML Compliance – Eliminating Financial Crime in Challenger Banks

Challenger banks have emerged in the financial services paradigm by bringing digital innovations and offering seamless customer onboarding. While the Covid-19 pandemic had adverse effects on numerous industries and businesses, it also contributed to the global adoption of online financial services. 

Challenger banks have benefited the most from this uptake of online services and adopted a more customer-centric approach. As customers’ convenience is the top priority in any kind of financial service, today’s banks and FinTech companies have come up with new solutions. However, online financial services and challenger banks are not free of threats.

Innovation in Financial Services and Challenger Banks 

The fast-paced adoption of online financial services has brought not only legitimate customers but also criminals who aim to manipulate challenger banks and FinTech companies to get away with their illicit activities. In order to secure customers’ interests when they make online transactions, challenger banks must incorporate AML Screening solutions within their systems. AML Screening not only allows these market disruptors to analyse risks but also allows them to avoid compliance penalties.

It’s no surprise that the banking sector offers a certain level of security to its customers as it has a closed and centralised system. However, the industry doesn’t allow start-ups to establish themselves very easily as previously established banks have a stronghold. The digital shift throughout the world has opened up doors for startups and challenger banks. In the UK, the emergence of challenger banks like Atom Bank, Monzo, Revolut, and Starling has given way to innovations in the financial sector.

Atom Bank is one of the pioneers in the financial sector’s digital revolution. It was founded in 2014 and officially became part of the market in 2016. The UK-based challenger bank introduced a system where customers got to carry out their financial operations through mobile applications without having to go to physical branches. By mid-2018, the startup had made £149 million in a single funding round, showing that investors are confident and trust Atom bank’s services. The bank has now collected a total of £1 billion in deposits, establishing itself as one of the fastest-growing startups in the country.

Simultaneously, the ‘mobile-first’ bank Monzo introduced for its customers a transparent debit service that offers intelligent notifications and instant balance updates to give more financial management control in the hands of the customers. Starling Bank is another such startup that capitalised on its smartphone-friendly customers to create financial services that bring together the personal and business accounts of the customer. It also provides access to services from third-party providers for the purpose of insurance, pensions, and investments.

The Vulnerabilities of Challenger Banks

Challenger banks face financial crime risks just like the traditional banks and financial institutions, but in this case, the risks arise due to the anonymity and speed of digital transactions. Financial criminals looking to launder the proceeds of crime capitalise on anonymous systems through the online financial system to hide their identity as well as bypass AML measures. The rise in the adoption of online services and challenger banks further augments the threats of money laundering and terrorist financing. 

The administration of these banks is left with no choice but to implement a robust AML/CFT mechanism to ensure regulatory compliance. However, they must also find ways to maintain the convenience provided to their customers to reach new business milestones. Considering these conditions, challenger banks and FinTech firms definitely need to develop systems and incorporate solutions to verify the identities of their customers and analyse the risks associated with them.


This implies that challenger banks must follow the steps taken by traditional financial institutions and incorporate systems for customer due diligence (CDD) and in high-risk cases, enhanced due diligence (EDD).

The FCA’s Take On Challenger Banks

The UK’s Financial Conduct Authority (FCA) has identified that challenger banks lack the necessary measures required to combat financial crimes like money laundering and terrorist financing. The FCA has issued a warning to challenger banks saying that they should stop bypassing the necessary measures to avoid financial crime to cut down on costs. The regulatory authority states that the currently implemented processes leave the door open for customers to create accounts easily without having to go through verification checks.

Lack of Risk Analysis Measures

After a study, the FCA identified major challenger banks that lack proper measures for risk analysis of their customers’ transactions and other account activity. Risk analysis measures are the basic tool to ensure that the bank knows its customers’ background and to prevent financial crimes like money laudnering. Besides, customer due diligence is a legal requirement for banks and businesses that are under the UK’s AML regulations. The FCA state that 

“without a customer risk assessment, a firm can’t ensure that due diligence measures and ongoing monitoring are effective and proportionate to the risks posed by its individual customers.”

Lack of Enhanced Due Diligence

The FCA further mentioned that even though challenger banks are an essential and growing part of the UK’s financial system, they cannot compromise the protection of customers’ personal data by avoiding robust verification measures. For this purpose, challenger banks must improve their financial crime systems to prevent reputational damage and compliance penalties.

It was also mentioned in the FCA’s study that challenger banks lack the measures to accurately identify high-risk customers that are onboarded and use their system to launder the proceeds of crime. The FCA believes that there should be robust due diligence measures to analyse the risks associated with the customers at the onboarding stage to eliminate the chances of financial crime. Furthermore, the FCA pointed out that even though challenger banks are reporting an increasing number of suspicious activities to regulators, the details and quality of these reports are often compromised. For instance, some of the reports just provide the record of a number of transactions but do not explain why they are suspicious.

What Shufti Pro Offers

The FinTech industry and challenger banks are growing at a fast pace and are proving to be a safe haven for financial criminals. To combat money laundering and terror financing, challenger banks have to follow certain laws from FinCEN, FCA and other regulatory authorities.

With Shufti Pro’s KYC verification solution, banks and financial institutions can deploy a robust identity verification platform along with an AML Screening solution that checks PEP and sanctions lists to analyse the risks associated with potential customers. Shufti Pro AML compliance solution deploys thousands of AI models that can verify the identities and check backgrounds in seconds with 98.67% accuracy. You can onboard legitimate customers, comply with regulations and keep your challenger bank secure from fines. 

To know more about AML Compliance, talk to our experts right away!

securing crypto firms

KYC and Blockchain – The Foundation of a Secure Crypto Landscape

Blockchain technology has demonstrated fast-paced growth throughout the world and now faces the challenge of financial compliance due to the anonymity it provides. Although blockchain technology has not entered the mainstream in terms of adoption, its use has grown in the past years. The decentralised structure of blockchain attracts investors to secure their money through cryptocurrencies and other digital assets. 

As cryptocurrencies are not issued by central banks, investors are provided additional privacy. However, this anonymity does give way to financial criminals who look for ways to launder their ill-gotten funds. For this reason, the protection of crypto users’ data has become more significant.

Protection of Blockchain Data

The blockchain industry in general faces compliance challenges because of its decentralised structure. The system of decentralised ledgers that was designed to keep user data private has created a potential safe haven for money launderers in the crypto space. In light of the rising instances of financial crime in the crypto sector, world governments are raising questions regarding the anonymity of the decentralised system. 

The EU and the US have stated that there needs to be more regulation and oversight on the industry. To achieve that, one of the most important aspect is Know Your Customer (KYC) compliance. The importance of KYC standards has repeatedly been stressed by global financial regulators to bring the crypto sector under the same umbrella as banks and other financial institutions. 

In the cases where KYC verification has already been applied, it has made customers realise the loopholes and privacy concerns in blockchain central trading platforms. That being said, industry experts still believe that if blockchain technology is used in the right way along with KYC, the privacy concerns can be resolved.

securing crypto firms Infographic

KYC and Blockchain to Prevent Financial Crime

The real aim to ensure KYC compliance in any type of financial institutions is to secure it from financial crimes. In the case of cryptocurrencies and other digital assets like Non-fungible Tokens, this can be achieved by ensuring that the blockchain itself is KYC compliant. Not only will this build trust among crypto customers, but it will also eliminate the chances of fines due to money laundering. 

Once customers begin to understand that their crypto data is protected, the chances of blockchain becoming a mainstream technology will also increase. Several crypto trading firms have already adopted the concept of KYC verification as it has proven to eliminate financial crime in banks and investment firms for years. 

Why KYC is Important

The US Financial Crimes Enforcement Network (FinCEN) and other global financial regulators like the Financial Action Task Force (FATF) have made it mandatory for financial institutions to incorporate KYC measures within their systems. KYC requirements from regulatory authorities include the monitoring of customers’ transactions and report suspicious activities. Along with KYC verification, financial institutions are also required to implement anti-money laundering (AML) measures to conduct background screening of customers.

However, anonymous transactions in cryptocurrencies enable financial criminals to get away with their illicit activities. Although the decentralised structure of blockchain provides legitimate crypto investors the privacy the need, KYC verification requires the sharing of personal information so that crypto firms can secure their interests. As of today, the majority of crypto transactions are not subject to KYC or AML measures. While the crypto sector grows at a reasonable rate, the lack of regulation and checks can have a negative impact on its growth.

The rate at which crypto is being used to launder money is alarming, especially during the Russia-Ukraine conflict when Russian oligarchs are looking for ways to hide the origins of their ill-gotten funds. For this reason, governments around the world are developing regulations to oversee crypto transactions in a more detailed way. The common ways crypto investors use to purchase crypto are through crypto ATMs and peer-to-peer exchanges, where there is a lack of KYC requirements. This allows anyone with enough money to purchase crypto, including money launderers looking to legitimise their illicit funds.

Looking on the bright side, regulations to oversee the crypto sector are constantly evolving in Europe and the US. FinCEN has urged crypto exchanges to follow KYC standards and implement AML measures to ensure compliance with international standards. Compared to the US, the EU’s KYC requirements are not that stringent. Although the EU also requires compliance procedures to be implemented, firms that offer only crypto trading services are not subject to any particular legislation.

How KYC and Blockchain Can Be Used Together

While crypto investors and traders have prioritized privacy over everything, criminal minds have capitalised on the anonymity for their own benefit. Crypto buyers want to keep their personal data private from service providers and government, but the real protection comes with KYC compliance. Although KYC checks in blockchain systems may initially seem to be unnecessary, they can potentially improve the protection of crypto data by a significant margin. Besides, identity verification is the most basic security check in any kind of financial operation. Legitimate customers who have previously carried out transactions through the traditional banking system are familiar with the use of KYC and AML measures for fraud prevention. The combined use of KYC and blockchain can increase the rate of adoption by easing the integration into existing financial systems. Moreover, it will also encourage crypto firms that have previously not adopted these checks to use them and secure their customers’ interests. On the other hand, blockchain and KYC can together improve the system of identifying and eliminating deviations in trends and suspicious activities. 

What Shufti Pro Offers

Although the currently available KYC solutions are technology advanced, there are other aspects to consider before combining them with blockchain technology. In any case, the benefits of both blockchain and KYC compliment each other to improve the security of crypto transactions. Protection of customers’ data is essential for crypto firms in order to comply with regulations like the General Data Protection Regulation (GDPR) of the EU.

Proof of ownership and digital signatures in blockchain ensure that crypto users’ data remains unbreachable, which allows SaaS providers to enhance online identity verification solutions and cyber security protocols.

Shufti Pro’s state-of-the-art online identity verification services are an ideal solution for every business providing digital services. AI-backed ID verification services enable companies to determine the identities of customers before getting them onboard with 98.67% accuracy in less than a second.

Want to know more about the identity verification solution?

prevailing crimes

Fighting Prevailing Crimes in Gaming Industry with Shufti Pro’s Anti-Money Laundering Screening Solution

Modern gaming is the most recent evolution of this industry that has become the attraction of global gamers. The gaming market is one of the largest industries in the world, with more than 2.5 billion players. In 2019, players spent over $152 billion on games, with estimates that this figure will rise to nearly $200 billion in 2022. However, new products, payment methods, and technologies have made the business more vulnerable to criminal abuse than ever before. Remote gaming’s rise, fueled by the COVID-19 epidemic over the last year, has increased the risk of financial crimes in gaming businesses. while also drawing authorities’ attention to social responsibility. 

One of the most vulnerable areas for money laundering is in-game currencies. They can gain currency in a game by completing levels or selling products on the site, but it can also be bought with real money in many circumstances. Criminals might utilize illicit earnings and stolen information to download games and create bogus accounts. Therefore, the industry is becoming subject to anti-money laundering and know your player regulations, the global regulatory authorities are now paying more attention to making the digital ecosystem secure while also drawing gaming service providers’ attention to social responsibility. 

Emerging Financial Crime Risks in the Gaming Industry

The global gaming and gambling industry is shifting towards digital platforms as a result of global digitization, from the world’s most opulent casinos to high-street betting shops. Although remote gambling also known as iGaming is not a new concept in the market, it has existed for many years with little to no regulatory oversight. Therefore, online gaming and gambling platforms are providing services like sports betting, bingo, and other number games with more typical casino offers, rather than merely blog-like websites with virtual casino slot machines and table games. From the comfort of one’s own home, customers can be onboard into private lounges by hosts. However, cutting-edge gaming technology, whereas making operation seamless yet has emerged with heaps of drawbacks. The nature of remote gaming, at its most fundamental level, makes it more difficult to play along with hard for businesses to restrict criminals.

 Although not all financial crime is the result of a grand scheme orchestrated by an organized crime group, it becomes more difficult to understand how customers fund their gaming activities. In addition to this, it gets also quite hard to determine whether there are any potential proceeds of crime involved when gamers do not have to physically present in betting shops or land-based casinos.

Furthermore, in order to stay up with market trends, many operators now accept payments via innovative ways such as prepaid cards, giving customers more options for concealing their cash’ source. Although the gaming and gambling industry is still hesitant to embrace virtual currencies. In this regard, the Gambling Commission of Great Britain has highlighted several incidents of clients declaring crypto-asset investments during the source of funds checks. This type of transaction raises the risk of money laundering, increasing the likelihood of operators breaking AML requirements.

Similarly, the European Central Bank has also signified the importance of digital currencies in assisting criminals to carry out money laundering activities. Furthermore, cyber-attacks and software manipulation are common on iGaming websites. The threat of phishing and credential stuffing attacks is also on rise. Additionally, minors are also getting vulnerable to gaming fraud and crimes, anyone less than the age of 18 who has access to a smart device and an internet connection can sign up for an iGaming site, and many of them manage to avoid due diligence or further verification. Individuals with addiction issues frequently struggle to break free from these platforms, and some resort to illicit activities to fuel their addiction.

Hackers Hit Popular Video Game, Stealing More than $600 Million in Cryptocurrency

Hackers stole $625 million in bitcoin from popular video game Axie Infinity, according to the game company’s management on Tuesday, marking one of the greatest crypto-thefts to date amid escalating instances of such crime.

According to the firm, the heist occurred last Wednesday when hackers gained access to a portion of Ronin, the game’s underlying blockchain. The flaw was only found Tuesday, according to Sky Mavis developers, who manage both Axie Infinity and Ronin.

“There has been a security breach on the Ronin Network,” the company said in a post in its newsletter. “We are working directly with various government agencies to ensure the criminals get brought to justice.”

Online Gaming Company Fined €386,000 for AML Failings

Online Amusement Solution Limited, a gaming service provider, was fined more than EUR 386,00 by the Financial Intelligence Analysis Unit (FIAU) for failing to adhere to anti-money laundering rules. According to the FIAU, the gaming company was also fined as the company failed to report suspicious activities and also didn’t incorporate monitoring politically exposed people on its gambling sites.

The FIAU stated that it was evident that Online Amusement Solution Limited was not monitoring or investigating players’ transactions efficiently. The absence of automated triggers meant that the company was unable to identify any instances where an industry-wide threshold of €2,000 was reached.

stat of gaming industry

Gaming Industry Regulations 

The gaming industry is struggling to fight money laundering and terrorist financing. Thus, the regulations in some jurisdictions including European Member States like the UK, France and Germany have come up with various regulations to secure their gaming industry. For instance, in the UK the Gambling Commission has set some new standards to make digital gaming and gambling activities safer and fairer. According to the new regulations, the gaming service operators must authenticate the gamers’ age along with their source of money. Thus, the gaming operators are ordered to use AI-based identity verification or biometric authentication solutions for customer identification. Additionally, the country will continue to practice these standards in accordance with the Sixth Anti-Money Laundering Directive Requirements.

In Germany, the legal regulatory framework for controlling gambling businesses is known as the Interstate Treaty for Gambling. However, this framework may have distinctive traits for each of the 16 different federal states. Thus, sports betting and other gaming service providers have demonstrated that they are willing to provide transparent and secure services according to the country’s anti-money laundering regulations. In the light of Germany’s AML Act, businesses need to determine the true identities of gamers and ensure minors don’t get on board. Video verification is also essential in order to stay put with the online gaming regulations.

How Shufti Pro Can Help

Overcoming the risk of financial crimes particularly money laundering, identity theft, terrorist financing and much more is affecting the gaming industry and putting its repute at stake. However, new emerging technologies like AI are enhancing customer identity verification as well as AML screening solutions, ensuring that gaming services remain secure.

Shufti Pro’s all-in-all AML screening service can be an ideal solution to outlaw the cheating problems in online gaming. The system is powered by thousands of AI algorithms that can render 98.67% accurate and real-time verification results in less than a second, hence it is a perfect fit for the fast-moving e-gaming industry.

Want to know more about AML/KYC services for the gaming industry?

enhanced due delignce

Enhanced Due Diligence – How to Identify and Deal with High-Risk Customers

Business relationships always come with associated risks that require carefully implemented measures to deal with. Businesses and financial institutions are obliged by AML/CFT regulations to incorporate customer due diligence in order to comply with international standards. Based on the risk associated with a potential customer, firms have to follow the due diligence procedure that enables them to combat financial crimes like money laundering and terrorist financing.

In order to determine whether their customers are legitimate entities, the compulsory process is customer due diligence, which involves the verification of the customer’s identity. However, this basic process doesn’t remain effective when high-risk entities are involved.

The Need for Enhanced Due Diligence

The most advanced measure to mitigate the risks of financial crime, enhanced due diligence, involves a complex mechanism to run detailed background checks on customers. When a potential customer is assumed to be a high-risk entity, enhanced due diligence can verify their presence in national or global sanctions lists. With KYC/AML requirements from financial regulators becoming more stringent, businesses can rely on robust measures like enhanced due diligence to curb money laundering.

Enhanced due diligence (EDD) generally comprises a sequence of checks that are implemented in potential cases of money laundering and terrorist financing. The process involves requiring detailed and confidential information about the customer and in the case of business entities, the complete information about their ultimate beneficial owners (UBOs). Moreover, the process also requires the potential customer or business to state the reason behind the business relationship and provide proof of previous transactions. 

How is EDD Different from CDD

Depending on the risk assessment measures deployed by a company and the most common types of clients it has, the requirement for due diligence varies. That being said, knowing whether a potential customer is a high-risk entity itself requires going through the customer due diligence phase. After their identity is verified, they can be categorised into low, medium, or high-risk entities. Once the enhanced due diligence (EDD) process begins, every detail of the customer is verified, including the origins of their money, the reasons for their transactions, and legitimate records from financial institutions including registration forms.

Unlike customer due diligence (CDD), enhanced due diligence (EDD) asks for additional information from the client’s end, including banking details, and information about previous bank accounts. In the case of businesses, it requires information about the existing and previous board members and ultimate beneficial owners (UBOs). Only those companies that employ strategic risk assessment measures can determine when to apply enhanced due diligence. In case a company misunderstands a scenario, there are can legal complications. Ideally, the enhanced due diligence process is mandatory when a business or entity applies for a new service or product, varying on the type of the service or product. It is also important to conduct EDD when the company sees an increase in the red flags of risk in an ongoing business relationship.

In addition to that, the presence of the potential customer or business entity is checked for in the list of politically exposed persons (PEPs). The family, friends, or business partners are also identified in the PEP lists. In case the customer is a wealthy politician or a Russian oligarch, enhanced due diligence can find out about their involvement in money laundering and corruption cases. It’s not just the nature of work or the connections with political parties that are red flags of high-risk entities, but also the customers belonging to high-risk jurisdictions or those that are under the supervision of the Financial Action Task Force (FATF). Clients and businesses that have links to the arms trade and gambling sectors are a definite red flag as they are constantly on the lookout for opportunities to launder the proceeds of crime. 

The Importance of Enhanced Due Diligence

Even in the ideal cases, businesses and financial institutions are unable to identify all types of high-risk entities. This is because the typical examples of high-risk customers mentioned above are the easy ones – the real problem is identifying those with no obvious connections to political entities or high-risk jurisdictions. These customers, or in fact, criminals, need to be assessed carefully for smaller indicators of risk. In simple terms, the application of enhanced due diligence becomes essential to avoid being part of high-risk money laundering cases that lead companies into trouble. 

In 2019, the U.S. Securities and Exchange Commission issued an order accusing Credit Suisse Group AG of involvement in fraud and violation of AML controls. According to Bloomberg, Credit Suisse had to pay a total of $475 million to the SEC, the U.S. Department of Justice, and the U.K. Financial Conduct Authority as compensation. This case in particular demonstrates the importance of verifying the backgrounds of customers in financial firms to avoid assisting criminals in their illicit motives.

Suggested read: FCA Declares £147m Fine on Credit Suisse for Due Diligence Failings

Identifying the Risk Factors for Financial Institutions

As a preventive measure, businesses and financial institutions are required to analyse the risks associated with each customer and are required to report in case they come across suspicious transactions. Generally, there are 3 types of risk factors – those that arise from the customer’s side, those from areas or jurisdictions, and those from products and services. Customer risk indicators include cash-based businesses, links to PEPs, and foreign customers. Similarly, geographical risk factors arise when the business or entity is based in a location that is considered high-risk or is under supervision.

Products and services bring about the risks related to terms and conditions as well as transactions that are linked to illicit activities. Businesses need to assess risks in terms of transparency, complexity, and the type of product or services being offered. In case a transaction is linked to multiple entities from more than 1 jurisdiction, implementing enhanced due diligence is most important.

Key Takeaways

To sum it up, enhanced due diligence is the key to tackling high-risk customers and financial crimes. The process requires all major and minor details of the transaction to ensure accurate verification. Enhanced due diligence has numerous other benefits apart from robust identity verification checks. It makes businesses credible to other business entities and customers. 

Shufti Pro’s KYC and AML screening ensures that all the high-risk customers are identified on time so that you can keep your business secure. Furthermore, our KYC services are specially designed to streamline the customer onboarding process. 

For more information about enhanced due diligence for businesses, get in touch.

evoluation of kyc

E-KYC – The Next Step in the Evolution of KYC Verification

As the world shifts to digital applications, financial operations are being automated for added convenience. Customers are starting to demand quickness and ease of access to every type of product and service. eKYC is a way to automate the KYC process for improved customer experience. This has the potential to not only speed up the processes but also make them secure. 

For this reason, regulatory bodies are allowing the use of eKYC methods that ensure the protection of customers’ sensitive data. The standard Know Your Customer (KYC) process implemented by banks and other financial institutions involves steps to verify the identity of customers. 

eKYC – An Overview

KYC verification is a measure that allows businesses to not only mitigate the risks of financial crime but also comply with international standards. It also helps establish trust among businesses and their customers by eliminating the instances of fraud and money laundering. The process of verifying the identities of new customers is implemented during the onboarding stage, where the company has no background information about them. However, KYC does not stop after the onboarding – it is a continuous process throughout the customer’s journey with the company.

In recent times, there has been a fast-paced growth in terms of digitization across numerous industries. Banks and financial institutions have emerged as the top industry when it comes to shifting operations online, which is partly due to the restrictions brought forth by the Covid-19 pandemic. In simple terms, eKYC is also a more digitized and automated form of traditional KYC verification. It is a completely paperless, digital system that has the capability to verify customers remotely in a faster, more accurate way as compared to KYC verification.

A Digital Way of Verifying Customers’ Identities

With more and more banking and other financial processes being moved to digital systems, there is an increasing need for an online method of identity verification. As customers are provided the option of carrying out transactions and other banking operations online, they do not appreciate being called to a branch of a bank solely for the purpose of identity verification. Considering the updated demands of customers, institutions strive to provide their customers with the convenience of verifying their identities through online portals.

According to a study, the pandemic has contributed to taking companies seven years ahead in digital transformation. Although mass digitization in financial services was assumed to be difficult to achieve, technological advancements in the field of artificial intelligence have significantly taken financial institutions ahead of their time. But that is only applicable when they actually incorporate the right technological solutions to analyse the risks associated with their customers. Speaking of mass digitization, the leaderboard is topped by KYC verification, as AI-based systems have created a robust mechanism that runs numerous algorithms and analyses data at speeds that were not humanly possible.

It was with the help of these advanced technologies that eKYC became an automated process. As of now, eKYC is the fully automated version of KYC, which means there is no requirement to fill out manual forms or appear before a verification agent. Instead, customers are simply required to submit their personal details and upload a selfie. The system then carries out the process of KYC and AML screening to run a complete background check on the clients. That being said, all these developments and the global adoption of eKYC measures would not have been possible without regulations. Amid rising cases of fraud and financial crime during the pandemic, financial regulators began to accept and encourage the use of measures like Video KYC and biometric facial recognition to verify customers’ identities digitally.

How eKYC Improves Identity Verification

First things first, in any given industry and any given service, customer satisfaction begins with speed and quality. eKYC significantly improves the process of KYC by making it faster, which means the process that took days or even weeks is now a matter of seconds. Secondly, eKYC makes the verification process easy for the customer, making the customer experience much better. Normally, financial institutions try to offer their customers products and services through a seamless, easily accessible process. They also prioritise the protection of the customers’ personal information that could otherwise be used by fraudulent entities for their illicit motives. 

According to a survey, 89% of corporate customers have reported unpleasant experiences with KYC verification, and 13% of them even shifted to other banks. As a result of eKYC’s fast and easy verification, financial institutions can increase the conversion rates of customers. They can provide their customers with a secure platform that protects their sensitive information while complying with global regulations like AMLD and eIDAS.

The Steps in an eKYC Process

eKYC is a process that exceeds the capabilities of traditional KYC practices and can be implemented for ongoing customers as well. It is a single solution to cover all customer verification requirements including onboarding, customer due diligence, and ongoing monitoring.

Document Verification

The document verification stage of eKYC starts by requiring and verifying the scanned copies of customers’ identity documents through an automated process. Personal details of the customer are extracted from the scanned versions of ID documents using OCR technology. AI-based verification is done by matching the document templates with pre-defined, authentic document types.

Video KYC

Video KYC is a type of verification measure in the eKYC process that is designed to provide customers with an alternative way to get their identity verified. In Video KYC, customers’ identities are verified by matching their ID documents with their live video by a KYC expert. 

Ongoing Screening

It’s not just the onboarding stage that is risky in terms of fraud and financial crime. It is often seen that existing customers in financial institutions turn out to be bad actors. In order to avoid getting manipulated by fraudsters, financial institutions are advised to conduct ongoing monitoring of customers’ transactions and report suspicious activities to the relevant authorities. The process involves checking the presence of ongoing customers in global sanctions lists and PEP lists. 

What Shufti Pro Offers

To establish themselves as industry leaders, financial institutions have demonstrated an increased demand for Electronic Know Your Customer (e-KYC) verification solutions. Shufti Pro’s digital identity verification offers not only an easy to incorporate verification process of customer onboarding but also helps businesses comply with stringent AML and KYC regulations. Moreover, it allows businesses to eliminate fraud and scams that have prevailed for decades. Hence, financial service providers are now able to develop strategies to combat fraudsters through eKYC. 

Shufti Pro’s eKYC is the optimum solution to defeat the challenges of financial inclusion. It presents the provision of financial inclusion as a unique process, and all the relevant information is synchronized. Moreover, it is catering to the necessities of the digital world via online biometric and document verification. 

Want to learn more about our eKYC solution for your business?

seamless customer onboarding

NFC Verification for Seamless Customer Onboarding

As more than 80% of today’s smartphones have NFC technology, different industries are working towards developing digital solutions that make use of the NFC chip. NFC technology is making its way into more and more daily operations, including the KYC identity verification process in banks and financial institutions. 

These institutions strive to provide customers with the fastest and most secure verification processes so that they don’t change banks due to inconvenience. Today’s new identity document types are NFC chip-based and contain sensitive personal details that cannot be extracted or read without NFC-enabled devices.

NFC Verification – An Overview

Near Field Communication (NFC) is a touchless technology that allows objects to link with each other from a distance of up to 5 centimeters. The NFC-integrated circuit or chip embedded in identity cards contains the personal information specific to each individual. Then there are the devices that are NFC-enabled, meaning they are able to read the information from the NFC chip. NFC finds applications mainly in debit/credit cards provided by banks, payment terminals, and smartphones. 

The NFC chip works along with an antenna to act as a functional device in itself, which is known as an NFC tag. This enables the NFC chip to communicate with the NFC reading device in a smartphone through an electromagnetic field. In this way, NFC chips are used for wireless communication of data as the NFC reader in a smartphone is allowed access to the data within the chip along with instructions on how to use it.

How NFC is Used in Identity Verification

Using this method of contactless communication, financial institutions can verify their customers’ identities quickly and accurately. ID cards issued by most world governments have Radio Frequency (RFID) chips with the personal details of the customer, including name, date of birth, address, and biometric details. NFC-enabled devices like smartphones are used to extract the RFID information from the chip on the identity document, allowing for easy and secure verification for both the customer and the institution.

Since every customer has both a smartphone and an ID document, NFC verification turns out to be the ideal way to get through the otherwise hectic process of identity verification. NFC verification proved to be quite useful during the Covid-19 pandemic as it offered a touchless mechanism to verify identities when the restrictions didn’t allow individuals to stand close to each other. With just a tap, an NFC-enabled device can read the data from the chip on an ID card, which is then extracted and verified by matching the information printed on the ID card. In this way, various industries like travel, healthcare, finance, and even the education sector benefit from NFC verification and eliminate the chances of fraud.

Is NFC the Ideal Way to Verify Identities?

Today’s easy-to-integrate APIs and SDKs allow financial institutions to install NFC enables reading systems into mobile and web applications. Banks and the payments industry have even come up with international mobile wallets known as soft cards. Major tech giants like Apple, Samsung, and Huawei are using NFC technology in smartphones to support soft cards and other NFC-enabled functionalities. Google wallets and Apple pay are among the services and products that use NFC technology to make payments convenient.

When it comes to identity verification, the systems incorporated by each business vary. This means that it’s up to the company to implement a system that can verify their customers’ identities simply by reading the NFC chip on their identity card. NFC verification by Shufti Pro works through a few simple steps to authenticate the identities of customers. First, the customer has to submit a photo of their ID document. A condition for this type of verification to work is that the customer’s ID card and smartphone must both be NFC-enabled. If that is the case, the user simply needs to tap their smartphone’s NFC reader against the NFC chip on their ID card. Followed by that, the NFC verification system automatically receives the customers’ personal information embedded in the chip and verifies it by matching it against the previously provided image of the ID card.

stat of nfc

That being said, like every other technological solution, NFC verification has its good and bad qualities.

Perks of NFC Verification

  1. Convenience: NFC verification simply requires a tap between an NFC device and an RFID chip to extract data and verify the customers’ identity in less than a second. It is also convenient because the majority of smart devices are NFC-enabled and customers do not need to go through lengthy verification processes.
  2. Fraud Prevention: As NFC chips are only machine-readable, any fraudster who tries to forge the printed details on an ID document can easily be identified when the RFID data is cross-checked against it. In this way, businesses and financial institutions can eliminate fraudulent entities.
  3. Secure Onboarding: As data is read and extracted directly by NFC devices from RFID chips, there is no chance of a data leak or manipulation. This allows for the secure onboarding of legitimate clients within a matter of seconds.

NFC Verification and KYC Compliance

As financial regulators oversee all processes of banks and other financial institutions, NFC verification must be carried out as per the local and international data protection regulations. There are general data protection laws like the European Union’s General Data Protection Regulation (GDPR), and there are also laws that regulate the IT field. The EU’S GDPR states that the personal information of customers must be protected at all costs no matter which technology is used to verify or store the information.

Furthermore, Article 25 states, “Data protection by design and by default”, which means that the distributors or products and services and those applications that process personal data must incorporate relevant systems for data protection into their systems during the design phase itself. They are also required to implement the data protection system in such a way that the confidentiality of the data is maintained at all times. In the ideal situation where a business or financial institution is GDPR compliant, customers do not need to take extra steps to protect their personal information.

What Shufti Pro Offers

Shufti Pro’s robust NFC verification service is an ideal solution for banks as well as digital financial service providers. It allows businesses to verify the real identities of the customers during onboarding and also authenticates the legitimacy of the transactions. With a market-leading accuracy of 98.67%, financial institutions can ensure seamless customer experience and improved security as well. 

Want to know more about NFC-based ID verification for your business?

china kyc:aml

AML and KYC Regulations in China – New Requirements to Secure Financial Industry

China’s financial system is undergoing a pivotal transformation. The country is limiting shareholdings on foreign ownership of securities, insurance and financial management institutions along with scrapping the entry barriers for such firms. The country has also taken an initiative called The Future of Financial Services in China and Beyond, which brings together both Chinese stakeholders and leading global financial institutions to examine how the ongoing transformation can be shaped to produce a resilient, effective, and open system that benefits both individual stakeholders along with future economic growth. 

Despite inefficiencies in security systems and regulations, there has been a significant rise in financial crimes. Therefore, there is a dire need of enhancing China’s financial system, or at least its banks. Due to an increase in the number of money laundering and terrorist financing through various means, the country is struggling to cope with the global watchdog’s requirements. Thus, to secure the financial industry, China’s government is making efforts to strengthen the AML/KYC regulations

China’s Financial Industry Overview 

Multiple departments have taken initiatives to tighten the AML/CTF regime following China’s fourth-round mutual review by the Financial Action Task Force  (FATF) on money laundering and terrorist financing activities. These efforts include the Standing Committee of the National People’s Congress amending the money laundering offence in Amendment XI to Criminal Law, the People’s Bank of China (PBOC’s) public consultation in December 2020, increased cooperation between the PBOC and the procuratorates, and a 368.2% increase in money laundering prosecutions in 2020 compared to 2019.

The PBOC began a public consultation on 30 December 2020, based on the structure established by the Measures for the Supervision and Administration of Anti-Money Laundering of Financial Institutions (Trial) (Doc No. YF [2014] 344, “2014 Measures”), which resulted in the Measures’ approval on 25 April 2021. 

Therefore, developmental financial institutions, consumer financing firms, loan companies, non-banking payment institutions, and many other types of financial service organizations are now included in the new Measures’ scope of eligible entities.

Many of the newly added organizations have already been complying with existing rules’ AML/CTF requirements. For example, the Administrative Measures on Anti-Money Laundering and Counter-Terrorist Financing of Banking Financial Institutions apply to developmental financial institutions and consumer finance companies, while the Administrative Measures on Anti-Money Laundering and Counter-Terrorist Financing of Internet Financial Institutions apply to online microfinance companies.

China’s Central Bank Fines Zhongtian Securities $216k for AML Breaches

China’s Central Bank has fined Zhongtain Securities Co. Ltd. 1.37 million yuan for AML compliance failure. Thus, the company become the first brokerage house to be fined by the CBC. according to the People’s Bank of China, Zhongtian was alleged for having inadequate customer identification systems along with old-dated suspicious transaction reporting measures along with failure to comply with the regulatory obligations.

In addition to this, the bank has also highlighted the company’s senior executives that were also fined. Thus, the Chinese regulatory authorities are increasingly conducting inspections of banks and financial service providers.  However, the crackdown initiative is aimed at preventing financial crime while majorly paying attention to enhancing the money laundering regulations. Furthermore, the central banks have also made clear that they will make ties with the government agencies and financial regulators to conduct a three-year crackdown on the money laundering activities in the country from 2022 to 2024. The regulators also agreed to use a national risk prevention system to fight money laundering, make compliance more rigid and improve the investigation protocols on financial crimes proceedings

China Strides Forwards with New KYC Rules to Rein Money laundering

By improving the Know Your Customer (KYC) requirements for financial institutions, China is taking initiatives against financial crimes such as money laundering and terrorism funding. As part of its broader programme to eradicate money laundering and terrorism financing from the region, China is strengthening the KYC and AML standards for financial institutions.

Financial institutions will now be expected to improve their due diligence procedures and identify the Ultimate beneficial Owners (UBOs) of accounts that are opened and maintained. All clients and other business entities must follow this procedure. Financial institutions must also have a continuous monitoring process for all transactions. This is mandatory to align financial operations with the People’s Bank of China (PBOC), China Securities Regulatory Commission, and China Banking and Insurance Regulatory Commission’s amended draft of the 2007 guidelines. The draft is not just being revised for banks and financial firms. Non-bank financial institutions will also be forced to follow the rules as well. The updated restrictions will also apply to third-party payment companies, distributors, agents, and online lending companies.

money laundering stat

China Raises Penalty, Broadens Scope of AML Laws

The People’s Bank of China (PBOC) has released a revised draft of the country’s anti-money laundering law, which broadens the present law’s reach. In addition, the document advises that fines for infractions be increased, as well as other improvements. A revamped version is urgently needed, according to the PBOC, because the current AML statute was last amended 14 years ago. The draught anti-money laundering legislation intends to accomplish three objectives:

  1. Curbing money laundering, terrorist financing and other illegal activities
  2. Safeguarding national security and financial order
  3. Addressing gaps and deficiencies of the current AML law

A narrow scope of money laundering predicate offences, a lack of AML standards for non-financial industries and persons, weaknesses in the Ultimate Beneficial Owner (UBO) system, and insufficient regulatory penalties are among the flaws in the present AML law.  The PBOC stated: “It is clear that anti-money laundering includes not only preventing money laundering crimes but also curbing illegal activities related to money laundering”. 

Non-banking payment businesses, online micro-lenders, asset management companies, and financial leasing organizations are all included in the new law’s scope. Non-financial institutions, including property developers, accountancy firms, and precious metal exchanges, are also covered by the anti-money laundering legislation. The penalties for individuals who do not comply with regulatory standards and do not undertake CDD have also been increased. The new punishment for the offence, which was formerly CNY 500,000, may go as high as CNY 2 million. Furthermore, firm directors, executives, senior managers, and other people found guilty of this offence will get a written warning, forfeiture of the illegal gains, and a monetary fine ranging from CNY 20,000 to CNY 200,000.

How Shufti Pro Can Help

Shufti Pro’s all-in-all identity verification and AML screening services are powered by thousands of AI models along with all essential features that can help financial businesses to stay put with the regulatory obligations while ensuring that legit customers get onboarded. Banks opting for robust ID verification services can reduce the risk of getting sanctioned or experiencing hefty fines for being non-compliant.

Following are the key benefits of Shufti Pro’s ID verification services;

  1. Determines the real identity of the customers in less than a second
  2. Generate results with 98.76% accuracy
  3. Screenings the customers against 1700+ global watch lists
  4. Helps to stay put with the regulatory obligations and secures businesses from sanctions

Want to learn more about KYC/AML services for financial businesses?


A Brief Insight into Safe Havens for Russian Oligarchs

The recent Russia-Ukraine conflict has sparked the West to impose sanctions targeting the Russian elite. Vladimir Putin’s stronghold gives a free hand to oligarchs, politicians, and wealthy businessmen to make unaccountable amounts of money. Unless they stick their noses in political affairs, they are allowed to keep their money wherever they want. 

However, the sanctions on Russia have begun to narrow down the safe havens for the Russian elite to hide their illicit gains. Even before the Russian evasion of Ukraine, these oligarchs have been hiding their funds in various countries throughout the world, like Switzerland, France, Italy, Germany, Spain, Monaco, the UAE, the UK and many more.

Where the Russians Stash their Assets

The Russians have used a variety of industries like real estate, art, luxury cars, and megayachts to invest their money and gain legitimate funds. Not only that, but they also hide behind shell companies, trusts, and LLPs so that their true identities are not revealed. According to the Atlantic Council, the Russian elites have a total of $250 billion stored in different regions across the world. Another research paper from the National Bureau of Economic Research states that 60% of Russia’s money is stashed in offshore safe-havens. Countries that have given these Russians a free hand to stash their illegally obtained funds are mostly in Europe and Asia, but the practice is common even in the US. 

In the current situation, the world has its eyes set on the relationship between different safe havens and Russian oligarchs. Most countries have joined hands with the West in imposing financial sanctions on Putin’s allies. In their efforts to bring down the wealthy Russians, countries are identifying and freezing their megayachts and real estate. However, looking at the bigger picture, there is still a lack of transparency as there are political entities involved.



The UK and the European Union have been directing efforts to seize the assets of Russian oligarchs. One of the actions that recently made the headlines was the freezing of the assets belonging to Roman Abramovich, the (soon to be former) owner of Chelsea FC. In another similar case, a $580 million yacht belonging to Russian billionaire entrepreneur Andrey Melnichenko was seized in Italy. That’s not all, as business tycoon Alisher Usmanov’s $600 million superyacht was captured by the French police. Moreover, a former KGB agent and high-ranking general Sergei Chemezov had his $140 million yacht seized in Spain.


Although Turkey spoke against the Russian invasion of Ukraine, it has taken an ambiguous approach when it comes to sanctions on Russia. According to the active member of NATO, imposing sanctions on Russia can result in further damage to its already unpredictable economy. For this reason, Turkey has not even restricted Russian planes from entering its airspace. Turkey’s foreign minister said that they will welcome Russian oligarchs in Turkey for the purpose of investments and tourism on the condition that their yachts stay away from Turkey’s waters. Considering Turkey’s stance, western powers can urge the country to close down the boundaries for Russian businessmen. 

The UAE 

The globally known financial hub, Dubai and the UAE’s capital, Abu Dhabi have always been safe havens for Russian oligarchs as they allow investments from all foreign sources without asking for the origins of their funds. Although the west has put pressure on the UAE due to its relaxed measures in the investment sector, the UAE remained silent. Even when the United Nations Security Council asked the UAE to condemn the Russian invasion of Ukraine, it remained silent and did not impose any sanctions. Considering this situation, it is safe to say that the UAE is on its way to becoming one of the world’s biggest safe havens for Russian oligarchs and corrupt politicians from all over the world. With UAE’s crypto firms getting requests to invest billions in virtual assets and investments in real estate also booming, the region is one of the favourite places of the Russian elite.


Just like the UAE, Maldives has also refused the call for sanctions and acts as a safe haven for wealthy Russian money launderers. A luxury yacht owned by Oleg Deripaska was recently seen at the coast of Mala, the capital of Maldives. Oleg Deripaska is the founder of the world’s second-biggest aluminium producer RUSAL. Apart from his yacht, there have been sightings of two more superyachts heading towards the Maldives right after the West threatened to free the assets of sanctioned Russian oligarchs.


Estonia is a country that has demonstrated efforts to counter money laundering and terrorist financing. However, the Danske Bank case significantly damaged the reputation of Estonia due to the biggest ever scandal in Europe. Between 2007 and 2016, the Estonia branch failed to stop a corruption case where €200 billion were laundered through the bank. Most of the funds originated from the accounts of Russian businessmen and oligarchs. The chief of the Estonian central bank recently addressed the Russian elite and informed them about its improved anti-money laundering measures. He said that the Russians should not try to launder money through Estonia. Moreover, Estonia is also making efforts to combat financial crimes in the cryptocurrency sector in order to steer clear of any scandal in the future.


When it comes to taking action against Russian oligarchs, Cyprus holds a position similar to Turkey and the UAE. This is demonstrated by the EU’s sanctions lists which never have less than five oligarchs that have ties to Cyprus. Recently, the country has initiated efforts to improve its measures against money launderers. Although the country has diplomatic and financial links with Russia and Ukraine, it has now said yes to cutting Russia off from SWIFT and has restricted Russian naval ships from accessing its ports for refueling.

What Shufti Pro Offers

With the eyes of global watchdogs on the Russian elite, there is an increased risk of money laundering and fraud in safe havens throughout the world. Banks, businesses, and investment firms need to prevent regulatory fines and reputational damages due to involvement with Russian sanctions evaders. To do so, financial institutions must incorporate identity verification measures to secure their business and onboard legitimate investors. Shufti Pro’s Know Your Customer solution seamlessly detects fraudulent entities and helps firms avoid getting sanctioned.

Shufti Pro’s investor verification service is the ideal solution for the investment industry that is struggling to comply with the new and upcoming sanctions to avoid losses. The AI-powered ID verification solution allows businesses to identify and verify the real identities of investors in less than a second with 98.67% accuracy.

Want to know more about our identity verification solution for your business?


AML Screening – Securing Alternative Payment Market and Overcoming Prevailing Risk of Crimes

Escalating demand for innovative, new, and robust alternative payment options across the world is transforming the financial services landscape. However, many emerging economies are providing bank account ownership at a very low rate. Yet, a high level of smartphone engagement is becoming the viable choice to replace fiat currency and plastic cards when it comes to making transactions.

Therefore, with digitization, the payment industry is also rapidly evolving, and people can use alternative payment methods other than traditional ways to make transactions. However, there are no signs of eradicating the use of mainstream payment approaches like fiat currency, debit cards, etc, yet the alternative means are soaring in popularity. In addition to this, the involvement of financial technology companies and tech giants is also becoming the major reason for the shift to alternative payment methods. By providing users with robust, secure, and more convenient payment services, the industry has successfully gained billions of customers across the globe.

The Rise of the Alternative Payment Industry 

It’s viable to attribute the rise of the alternative payment industry to coronavirus, but the truth is, new emerging technologies have been navigating the payment service providers towards convenient and reliable ways to exchange money for decades. 

Covid has been accelerating the changes to customers’ needs and payment options by removing the barrier of buying essentials from the physical stores and necessitating a major shift to digital platforms. According to Worldpay Report 2020, 32% of eCommerce payments in the UK were made through digital wallets like Amazon Pay, Paypal, Apple Pay, and Google Play. 

In addition to this, as the alternative payments industry is growing increasingly, financial institutions are rushing to ensure that their anti-money laundering control systems can cope. World over, the war against money laundering and terrorism financing is also becoming the top priority. Financial crimes pose a potential risk to the stability and reliability of the financial firms, increasing the volatility of capital flow, and affecting foreign investments. Various approaches are being used by the money launderers and organised crime groups are using alternative payment services including wire transfers, cryptocurrency investments, and much more. 

FCA Seizes £2m From QPay Over Links to $150m US Payment Fraud Case

The UK’s regulatory body, the Financial Conduct Authority (FCA) has seized millions of pounds from the QPay believed to be the proceeds of illicit crimes. FCA has also claimed that the money was linked to the criminal proceedings in the US concerning an alleged conspiracy to commit wire fraud in a $150 payment processing scheme. Therefore, the regulatory authorities ordered QPay to pay $2 million under the Proceeds of Crime Act in the Westminster Magistrates’ Court.

“Account forfeiture orders are an important means of intervening and capturing illegal money and this action is a good example of what can be done,” said Mark Steward, the executive director of enforcement and market oversight at the FCA. “The funds will now be used to assist the FCA and other authorities fight illegal activity,” he added.

The seized money was allegedly connected to the case in the US which involved the executives of Allied Pay, a payment service provider located in Los Angeles, a company that processed transactions for high-risk entities through bogus misrepresentation of clients. Thus, the criminals are accused of obtaining $150 million in payment card processing through more than 100 illegal merchants.

Turkey to Ban Cryptocurrency Payments to Avoid Financial Crime

The central bank of Turkey banned the use of cryptocurrency payments in 2021. This action was taken as a part of the country’s efforts to regulate the digital currencies which gained uncontrollable popularity in recent months. In addition to this, the Turkish government has also been closely monitoring cryptocurrency transactions and service providers for some time and found out that criminals and terrorists were using cryptocurrencies to fund illicit activities across the country.

“Their use in payments may cause irreparable damages for the parties to the transactions, and include elements that may undermine the confidence in methods and instruments used currently in payments,” the bank said.



PSD2 & Payment Services in the E.U.

Payment service directive 2 (PSD2) was introduced as a national law to mandate the payment industry to comply with the FCA regulations and standards. Therefore, the payment service businesses that are providing the facilities as a part of service packages or if the company receives funds from the client before passing it to other parties, such businesses are subject to the PSD2 requirements.

However, the payment service directive aims to promote innovation along with competition in the payment industry, while mandating businesses to enhance their security measures for digital payments and make efforts to secure the customers’ personally identifiable information particularly financial credentials. Furthermore, the businesses are also required to integrate robust and automated customer verification solutions, and transaction monitoring systems in order to track illicit activities and maintain effective communication standards for effective suspicious activity reporting.

Electronic Fund Transfer Act (EFTA)

Electronic Fund Transfer Act (EFTA) is legislated to secure financial services. The Act is imposed on all financial institutions and payment service providers that allow the customers to make transactions using smartphones, computers, or any other digital gadget. This regulation is particularly mandatory for banks and other financial firms, but a certain degree of provisions only apply to individual entities. EFTA also provides customer rights to a number of disclosures and error resolution procedures for unauthorised or illicit transactions.

What Shufti Pro Offers

Shufti Pro is a UK-based identity verification service provider which is an ideal option for the payment industry. Powered by thousands of AI models and PCI DSS compliant KYC/AML solution enables businesses to stay put with regulatory obligations along with screening customers against 1700+ global watch lists in less than a second with 98.67% accuracy. Additionally, Shufti Pro’s state-of-the-art solution also assists payment service providers to protect the data integrity in order to ensure that the international payments remain secure from exploitation while enabling customers to experience frictionless onboarding and transaction experience.

Want to know more about our AML screening services for the payment industry?

More posts