5 AI-Powered Products to Boost Digital Experiences Post Covid

If there’s one thing financial institutions understood within the first year of global shutdowns amid the COVID-19 pandemic, it is that legacy technologies and manual processes no longer suffice. Where investing in customer-oriented digital experiences was an afterthought prior to the pandemic, it has become a necessity for survival today. In fact, 65% of American experts report that the customer’s digital experience has become more important to their organization because of COVID-19. While the definition of digital experience varies from business to business, it typically involves a combination of secure, rapid services and frictionless interactions between a platform and its consumers, particularly through mobile devices.


Five Technologies to Embrace For a Customer-focused Digital Experience

To meet customer demands and comply with stringent regulatory requirements in one go, financial institutions are increasingly deploying Regulatory Technologies (RegTech). Typically, banks, investment firms, brokerage companies, stock exchanges, and cryptocurrency providers among others are mandated to comply with stringent Know Your Customer (KYC) obligations to eliminate identity frauds and resulting financial crimes. However, since the KYC process takes place during the initial stage of onboarding, it needs to be seamless and rapid. Listed below are the five technologies that organizations can deploy to impart frictionless and streamlined digital experiences. 

1- OCR Technology 

Financial institutions process huge amounts of customer data on a daily basis. For instance, clients are required to provide Personally Identifiable Information (PII) during the initial stage of account opening in banks for the purpose of ID verification. This, in turn, leads to ever-increasing piles of documents, errors in data collection, and a time-consuming ID verification process for the customers and businesses alike. 

Alternatively, an OCR software powered by Artificial Intelligence provides a streamlined solution for data collection. With the help of this technology, end-users are provided with the ability to bypass the manual data entry process. Instead, they are simply required to display their ID document to a webcam or mobile screen to have their data collected through an automated process.  Shufti Pro’s OCR software completes data extraction and processing within seconds while providing an accuracy rate of 98.67%. Additionally, it provides global coverage for 150+ languages and 3000+ ID document types. 

2- NFC Verification 

Smartphone penetration is at its peak. With 3.4 million smartphones in use today, nearly 2 billion are NFC-enabled by default. This number highlights how users are more inclined towards the adoption of self-verification services – a trend that financial institutions can use to their advantage for rendering enhanced digital experiences. 

To stay up-to-date with changing trends, build better rapport with customers, ​​and enhance security mechanisms, NFC ID verification proves to be a viable solution. Apart from its tendency to make contactless payments convenient for both businesses and consumers, NFC technology assists in verifying identities in seconds with the highest level of accuracy. From the customer’s side, all that’s required is to scan their identity documents, which are embedded with a microchip, against an NFC-enabled device such as their smartphone. The chip contains authentic PII of the document holder. Within a few seconds, the end-user is verified and can continue their operations in a friction-free manner. 

3- Video Interview KYC

Another strategy of streamlining the online KYC process for customers is through the video-based KYC method. This video-based customer identification process is simply the digital version of the traditional KYC with added speed and convenience. 

This is because in the video-based KYC process, the customer is provided with the assistance of a KYC expert during a live video call. Within this video call, the ID document of the customer is verified in real-time with instant delivery of results. From ID verification to customer onboarding, the entire KYC process is accomplished remotely in a rapid and streamlined manner.

4- Digital COVID Certificate Verification

Given the current state of the global health crisis, nearly all businesses have been mandated by governments to verify the Covid vaccine status of customers. While this step is necessary for the safe renewal of business operations, the process needs to be streamlined for customer ease. 

The Digital COVID Certificate Verification solution by Shufti Pro provides businesses with the chance to ramp up customer experience by automating the manual Covid certificate verification process. The digital COVID certificate verification solution is designed to kick-start automated COVID-19 vaccine certificate verification at airports, cinemas, shopping malls or public transport terminals, making it easy for customers to avoid long queues with minimal human intervention. 

5- Facial Biometric Authentication 

You might already be aware that biometric data is unique to each person and hence cannot be replicated.  But, besides its ability to eliminate ID fraud, biometric technology is also used to simplify online and offline processes such as transaction authentication and AML/KYC verification. Facial Biometric Authentication service allows customers the ease of getting verified in real-time through a simple selfie scan. By enhancing the sign-in process through selfie login, customers can be onboarded within seconds from the comforts of their home. Additionally, it also eliminates the need for customers to memorize passwords, hence leading to a smooth online experience. 

Summing it Up 

The COVID-19 pandemic highlighted the importance of digital services for businesses. In order to bridge the gap between customer experiences online and regulatory compliance, businesses need to invest in RegTech solutions. These solutions are not only cost-effective for organizations, but also streamline processes for customers, including ID verification and remote onboarding. Owing to automation, digital services can be readily facilitated according to the needs of each customer. 

Ready to enhance your customer’s experience online? Try our 7-day free trial or talk to experts right away! 


New KYC Regime for the UK, US, and Australia – What’s in it for Financial Institutions?

Financial institutions are known for getting their reputation maligned due to crimes like identity theft and money laundering, which often lead them into unfavorable situations. To counter financial crimes and identity fraud, Know Your Customer (KYC) measures are implemented by banks and investment companies along with Anti-money laundering (AML) protocols. In recent times, these KYC processes have undergone ceaseless enhancements to level the playing field with new and evolving methods of fraudulent activities.

The Covid-19 situation has compelled banks to considerably depend on digital platforms in order to continue their operations. This further increases the importance of KYC solutions, as online transactions are more prone to being targeted by fraudsters. A study found that around 18 million individuals became victims of digital payment scams in 2020. This clearly indicates that the present KYC systems were not so efficient in eliminating fraudulent entities and required substantial improvement to cope with these challenges.


The Deloitte Regulatory Outlook 2021 suggests that financial crimes like money laundering have increased as a result of the unstable situation across the globe. 

Diversified techniques used by cybercriminals make it difficult for financial institutions to keep track of their transactions. For instance, invisible identities on the internet and the reduced use of cash in digital business platforms have accounted for an increase in the cases of illegal money transfers through cryptocurrencies.

New Challenges in the KYC Landscape

According to a recent study, the challenges that came forth with the pandemic are here to stay, as banks and businesses now seek to prioritize the delivery of mobile-based services for additional convenience. With most customers willing to perform their banking operations through digital means, the loopholes in the financial landscape are ostensibly revealed. As indicated in a Deloitte report, inefficient KYC and AML processes in financial institutions have led to further developments in KYC solutions and regulations. As it turns out, banks and other financial institutions either do not implement sufficient KYC practices, or the regions they cover in the AML screening process are limited.

The paper suggests that KYC services must cover a wider range of financial institutions and increase the number of covered jurisdictions in AML screening. A risk-based approach is suggested for banks as they are required to conduct customer due diligence and adhere to the respective compliance guidelines. Moreover, financial institutes were noticed to be incorporating 1st generation processes such as screening through customer names and rules-based profiling. 

These outdated solutions are not equipped with artificial intelligence and are therefore not capable of detecting today’s financial scams. In addition to this, organizations looking to cut down on the costs for KYC/AML solutions are observed to be depending on open-source data for screening purposes. To improve this cluttered paradigm of financial operations, several regulatory bodies have contributed to improving the KYC landscape.


Updated Laws and Regulations in 2021

2021 saw several major updates in KYC regulations, including updates to the UK’s Sanctions and Money Laundering Act 2018. This Act enforces the implementation of anti-money laundering measures throughout the country while enforcing efforts for improving the UK’s national security to cope with international standards. Furthermore, the 6th AMLD (Anti-money Laundering Directive) was enforced earlier than planned pertaining to the spike in fraudulent activities during the pandemic. In this directive, KYC and AML laws were further tightened as 22 offenses were listed and the transaction threshold was narrowed down. Stressing mainly on RegTech companies, the sixth AMLD announced upto four years of imprisonment for the crimes of money laundering and terrorist financing.

The 6AMLD wasn’t the only directive enforced as a result of the pandemic, as AUSTRAC (Australian Transactions Reports and Analysis Center) assisted businesses and financial institutions with alternative compliance solutions. AUSTRAC encouraged organizations around the country to incorporate KYC solutions using scanned copies of ID documents to verify identities. Section 4.15 of this law allows alternative verification of identity through references from healthcare professionals or employers.

Apart from these regulatory bodies, FINCEN also stepped forward and made amendments to the Bank Secrecy Act (BSA). These amendments are aimed at eliminating the surging threats of illicit financing and increasing the effect of AML laws in the country. The most significant additions to the BSA were requirements for enhanced due diligence (EDD) and beneficial ownership (UBOs). 

According to a Deloitte report, the CSSF (Commission de Surveillance du Secteur Financier) added to the EBA’s (European Banking Authority) Guidelines 

on customer due diligence and risk factors, including new sectoral guidelines as well as details of terror financing risk factors.

What’s in it for Financial Institutions

Considering the negative outcomes resulting from the pandemic and mass digitization, the stringent financial regulations are sufficiently justified, as improved risk management and efficiency of KYC systems have evidently become the need of the hour for financial institutions. In order to level the playing field with the surfacing financial crimes and identity theft, compliance with the updated KYC regulations has become an urgent necessity. Organizations must establish firm grounds for data collection and privacy in order to protect customers’ transactions and personal information from getting into the wrong hands.

Banks and investment companies are required to identify the loopholes and vulnerabilities in their system for the prevention of identity theft through data breaches. Moreover, outdated technology must be replaced with machine learning algorithms for improved data analysis and wider coverage of global watchlists. The KYC/AML framework of financial institutions is essentially a firewall against fraud, which makes it more than just a verification measure. If left unchecked, financial criminals are capable of causing monetary damages as well as staining the reputation of organizations. 

Key Takeaways

KYC and AML compliance is of utmost importance in financial institutions when it comes to eliminating the risks of crimes like money laundering and terrorist financing. After continuous technological advancements, automated KYC solutions now allow seamless customer onboarding and enable financial organizations to meet compliance regulations. Shufti Pro offers AI-driven KYC services with support for more than 150 languages in 195 countries.

Get in touch with our experts to learn more about KYC processes.


Two-Factor Authentication – A Firewall Against Social Engineering Attacks

Businesses and financial institutions around the globe often report concerns of financial crimes being initiated by the exploitation and manipulation of sensitive information. As per recent trends, a significant spike in fraudulent transactions and account openings was indicated, a majority of which were sourced by social engineering. With criminal entities using sophisticated techniques for gaining access to confidential information, firms are showing an increase in susceptibility to cybercrime.

Taking full advantage of the COVID-19 situation and remote business operations, cybercrimes in 2021 topped the charts with a total of 5,258 data breaches. Social engineering attacks are seen targeting the loopholes and technical vulnerabilities in digital platforms of businesses and financial institutions to extract confidential data for use in illicit activities. Social engineering cyber crimes such as phishing attacks in the form of Business Email Compromise (BECs) and spear-phishing are almost 80% effective in breaching sensitive data and causing financial losses to businesses.

A staggering 6.95 million web pages were created in 2020 for phishing, with the IT and the financial sectors being among the commonly targeted industries. Greece and Romania experienced a rise in social engineering attacks, but the top countries where these scams are prevalent are Russia, the US, and the British Virgin Isles. Moreover, fraudulent bank account openings in European countries saw an increase of 1.4% in the last year.


Adverse Effects of Social Engineering on Businesses

Company addresses and uniquely identifiable information of legitimate businesses are used in socially engineered attacks to make the emails appear important. Since slight alterations in characters are often ignored in business communication via email, these phishing attacks are usually successful in getting access to sensitive data. These advanced criminal tactics result in decreased productivity for businesses, as well as financial losses through fraudulent transactions. Apart from dealing with these problems, businesses have to invest additional amounts for recovery from damages. Although businesses usually recover from the monetary losses due to social engineering attacks and even pay the recovery costs, the permanent stain on their reputation adversely affects businesses for years to come. 

Companies struggle to rebuild the lost trust of their customers and partners once a cyberattack disrupts their business. That being said, getting new customers also becomes significantly difficult for businesses that become part of the headlines for having become the victims of data breaches. For these reasons, businesses now strive to improve their security measures through two-factor authentication instead of focusing solely on providing services. Business meetings, transaction details, collaborations, and internal communications are sensitive records that fraudsters aim to access through socially engineered cyberattacks. When companies invest in recovering from data losses, there are not only additional financial implications but also significant productivity gaps.


Compliance Penalties Adding to Financial Losses

The already prominent issue of financial losses due to social engineering was further augmented with the COVID pandemic, where remote business operations empowered fraudsters with techniques to overcome verification measures. The lack of digital identity verification solutions has resulted in the intrusion of fraudulent entities in businesses, which consequently leads them to financial losses and compliance penalties. The same is the case with phishing attacks, where firms have to pay KYC/AML compliance fines as a result of data breaches and monetary losses. The 2021 LinkedIn data breach not only affected businesses due to exposed information but also sparked new social engineering attacks. With over one billion records sold on the Darkweb, cybercriminals were handed data to carry out new spear-phishing attacks. 

Speaking of the overall increase in cybercrimes, statistics show that more or less 4000 cybercrimes are committed every day. Furthermore, new techniques of social engineering like Whaling target the upper tier of business employees, effectively manipulating millions of the company’s valuable funds. When it comes to recovery costs, there are additional amounts of AML compliance fines, which add up to a global cost of over $213 billion. It takes companies weeks and months to identify social engineering attacks, and in most cases, they learn about it when it’s already too late.


Prevention of Social Engineering Attacks

Business Email Compromise (BEC) is the most commonly used type of phishing attack, with losses adding up to $1.8 billion in 2020. These attacks compromise business and vendor emails to rake in money, and are reported to convert the illegally obtained funds to cryptocurrency to avoid getting traced. In order to combat these damaging cyberattacks, businesses implement two-step verification measures for authorizing access to business account information and other sensitive credentials. 

In this scenario, the ‘prevention is better than cure’ strategy can come in handy. Instead of paying incident response teams after they become victims of a phishing scam, businesses must initially secure their communication mediums by incorporating two-factor verification. Ultimately, the battle against financial fraud can only be won when businesses also empower their digital platforms with technology-driven authentication solutions and level the playing field.

How Two-Factor Authentication Solves the Problem 

With the losses due to financial crime soaring up to $60 million in 2020, staying one step ahead of cybercriminals has become essential for businesses. Two-factor authentication is a solution to secure business communications through emails and other platforms in order to protect confidential information from data breaches. 2FA enables businesses to eliminate fraud and overcome social engineering attacks by incorporating an additional requirement of a one-time code. These authentication solutions enable businesses to detect fraudulent activity beforehand and protect their financial assets as well as their reputation from being damaged.

This auto-generated random code, usually comprising four characters, is sent via registered email or SMS, allowing only the legitimate personnel to log in. Security departments in organizations must be encouraged to enable 2FA for all internal and external business communication, including emails and the particular applications being used within the workplace. In the cases where credentials are obtained by cybercriminals through phishing, smishing, or whaling, the additional code requirement stops them in their tracks.

The Bottom Line

To wrap it up, the looming threats of social engineering attacks targeting technological weak links in digital business platforms call for improvements in security measures. Cybercriminals getting access to intelligent techniques for automation and hacking have resulted in the loss of sensitive data, causing businesses to shut down. Shufti Pro offers two-factor authentication for the protection of business accounts and keeps company information from getting into the wrong hands.

Learn more about the applications of two-factor authentication in business!

How E-KYC is Overcoming the Hurdles of Financial Inclusion

The challenges associated with the global pandemic have risen at a bewildering speed and yet there are more than 1.1 billion people in the world without identity proof as stated by the World Bank. Subsequently, individuals are unable to access essential services such as healthcare facilities, social protection, and finance. One may assume that these concerns are much ado about nothing, but that is not the case. These issues have increased attention and awareness regarding financial instability across the globe. They highlight the need for dramatic advances in financial institutions to look towards solutions such as financial inclusion. 

Presently, financial leaders have an excellent opportunity to shift towards more viable, feasible, direct, and socially acceptable ways. Doing so not only provides flexibility in unpredictable times but also shows that financial leaders value the world over profits. 

Addressing the Digital Gap in Financial Inclusion

Addressing financial inclusion without discussing the digital barriers is a meaningless contribution. The most significant obstacle to financial inclusion is the lack of digital identification. Businesses must provide full access to financial services, no matter the challenges. All businesses must incorporate digital identity verification services so that the users who are “the base of the pyramid” are provided with frictionless services in the method they prefer. Mostly because technological advancements have paved the way to eradicating the gap in financial inclusion by diminishing the cost, mileage, and speed of providing monetary services. 

The Challenges of Financial Inclusion

Online monetary services have an extraordinary likelihood of amplifying the delivery of financial services to broader society. According to the International Telecommunication Union report, there are four billion internet users, which means approximately 3.9 billion people are not online. Hence, it insinuates that there is enormous leverage in settling financial affairs digitally. Online financing can increase the annual GDP by up to 6% by the end of 2025. 

Offshore Banking

An offshore banking service protects businesses from unsound banking systems, just like having banking insurance. It also shields established businesses from upheaval by bankrupt governments. Businesses can also be sure to stay away from frivolous lawsuits while having an overseas investment account. Furthermore, holding multiple currencies in offshore bank accounts streamlines the administration of cash. 

Establishing an offshore bank account without E-KYC is as complex as the traditional onboarding process. Customers cannot open an offshore bank account or use financial services unless they have undergone Know Your Customer (KYC) verification.


Insurance products and services are another aspect of financial inclusion that is the right of every individual, whether poor or rich. However, in the past, these products and services were available only with face-to-face verification. As a result, consumers could not transact their convenience, and their hectic lifestyles were further disrupted when wanting to purchase, update or cancel one’s insurance. Furthermore, customers had to rely on methods such as video calls and documents sent in the post for KYC verification

Suggested Read: KYC For Insurance – Fraud Prevention with Digital KYC 

These processes drain the energy of the customers as well as the energy of the insurance providers. Additionally, customers have to wait in long queues for documents which consume ample time. The service providers then undergo heaps of paperwork for every customer, delaying the onboarding process. Hence, it is a significant problem for both parties. The business can lose a potential customer due to the monotonous transaction experience. 

Credit Card Providers

The complicated nature of credit card onboarding makes it a strenuous and extensive task for financial inclusion. The documentation, verification, and other delegations make information run back and forth between the customer and the service provider. Credit card providers undertake the entire process without any revenue generated and these stringent processes may cause the customer to run away deprived of valuable services. 

The absence of automation in the identification process is because of the use of paper-based documents. Credit card issuers rely on documented KYC verification as compliance regulation, which results in a disoriented onboarding process. Subsequently, changing AML and KYC regulations have thrown a curveball at credit card providers, resulting in millions of losses. 

Frauds are directly proportional to credit card issuance. The Federal Trade Commission report states that approximately 1.4 million cases occurred in 2018, stemming from a sum of USD 1.4 billion. Frauds are prevalent due to the lack of a safe and secure verification system, principally. The most adopted technique of fraudsters is “card-not-present” fraud. 

Loan Services

Manual paper-based loan applications devise a lot of redundant work for lenders. These processes decrease performance and customer experience. Loan lenders are bound to perform KYC verification and run AML checks to ensure their customers do not violate AML/KYC laws. The trail of paperwork and verification further reduces the chances of providing quality financial inclusion. They are additionally prone to human errors and loan fraud.

Fraudsters easily manipulate loan providers by maneuvering their identities. The thieves only need a social security number and editing of their government-issued identity documents to acquire large amounts of loans. Loan lenders are unable to detect the loan until they demand loans and they get no response in return. These unethical violations are criminal offenses that destroy the financial and brand reputation of lenders. 

Multiple Problems, One Solution 

There is a massive increase in acquiring Electronic Know Your Customer (e-KYC) verification solutions, furnishing ease for the financial sectors. Shufti Pro’s digital identity verification has not only eased the process of customer onboarding but also helped businesses comply with stringent AML and KYC regulations. Moreover, it has created a suitable atmosphere to overcome fraud and scams that have prevailed for decades. The digital onboarding process in an offshore bank account is the solution to attract new and faithful customers. Hence, financial service providers have been able to develop strategies to combat fraudsters through eKYC. 

Shufti Pro’s eKYC is the optimum solution to defeat the challenges of financial inclusion. It presents the provision of financial inclusion as a unique process, and all the relevant information is synchronized. Moreover, it is catering to the necessities of the digital world via online biometric and document verification. All an online customer has to do is upload their identity documents issued by the government along with a selfie and ta-da! Customers are verified in less than a second. 

It All Boils Down To

E-KYC sets realistic expectations for individuals and businesses while it aims to provide financial inclusion to the vulnerable population. These vital financial services set goals for profit while maintaining higher personal standards. Other than these solutions, governments need to make uniform legislation and conduct active investigations to reconcile law enforcement. 

Is your business addressing financial inclusion via e-KYC? If not, contact us! 


HKMA’s Risk Assessment Guidelines for AML/CFT Compliance in the Banking Sector

In the past few years, global regulatory authorities have been laying new grounds for Anti-Money Laundering (AML) compliance and Counter-Financing of Terrorism (CFT). The primary goal of these authorities is to make use of the latest technological advancements in data analytics for developing solutions to counter crimes like money laundering and terrorist financing.

The Hong Kong Monetary Authority (HKMA) is one of the regulatory bodies making prominent efforts to improve AML/CFT technologies for preventing monetary fraud. In November 2021, HKMA plans to initiate sessions with the aim to use technological innovations to strengthen AML/CFT policies and practices. Along with real-world AML/CFT use cases, the first experiment of HKMA is set to work on Natural Language Processing (NLP).

After the FATF issued a report this June pertaining to the application of machine learning and NLP to enhance AML/CFT solutions, the HKMA said, “In line with global efforts, the HKMA plans to take further steps to support AML/CFT innovation and help strengthen [banks’] implementation of the risk-based approach to AML/CFT”.

image copy

Risk Assessment Guidelines for the Banking Sector

The HKMA’s anti-money laundering webinar of September 16th sheds light on risk assessment guidelines for the banking sector and also highlighted the advantages of partnerships between public and private institutions. Among the significant aspects that came to light in the webinar were ways to understand the risks in financial institutions and risk-based approaches to eliminate money laundering and terrorist financing.

A money-laundering syndicate was arrested by Hong Kong police in August for moving HK$30 million in a period of 10 months, which indicates the urgency that calls for HKMA’s recent updates in policies. As things stand, the HKMA justifiably labels the banking sector as being vulnerable to financial crimes. Considering international trends, there is a clear indication of increased difficulty in detecting and tracking money laundering with the mass adoption of online banking services and fund transfers.

Suggested read: AML Non-Compliance Penalties Soaring Sky High in the First Half of 2021

Risk-based Approach 

Money laundering and terrorist financing are often seen to shake things up in banks and stain their reputation. The HKMA’s guideline encourages banks operating through digital platforms to implement AML solutions in order to formulate risk-based strategies. These measures include customer due diligence as well as ongoing monitoring of existing customers to report suspicious transactions for investigation. 

According to the HKMA’s guidelines, the use of AI-based AML solutions can significantly assist banks and other financial institutions by analyzing different types of financial data and activities. That being said, there is a certain amount of autonomy provided to the banking sector when it comes to choosing and implementing AML compliance solutions according to their systems. Shufti Pro’s AML Screening solution allows financial institutions to balance between risk-based strategies and efficiency while effectively analyzing the maximum number of datasets to eliminate money laundering.

Collaboration Between Financial Institutions

Another key aspect of the HKMA’s policy is the collaboration between banks and other financial institutions to improve the effectiveness of reporting suspicious activities. Banks working async enable improved tracking of money laundering and terrorist financing, as indicated by the interception of HK$3 billion by the ADCC in 2020. Furthermore, the recent COVID pandemic situation and the new risks it generated for the financial sector indicate the significance of collaboration and knowledge sharing when it comes to fraud prevention.

The HKMA report shows examples of financial institutions effectively collaborating with the stakeholders within their system. One of these institutions is the FMLIT (Fraud and Money Laundering Intelligence Taskforce), which provides feedback to external organizations to implement new techniques for the investigation of financial crimes like money laundering and terrorist financing.

Technological Innovations

The HKMA’s Fintech 2025 strategy has accounted for considerable progress in terms of AML RegTech adoption. For instance, the HKMA’s guidelines require banks to incorporate new, non-traditional datasets as well as digital footprints to keep track of transactions. Additionally, network analysis techniques are suggested to improve transaction monitoring and also assist in determining hidden linkages. Virtual banks are seen to work with the support of the HKMA by sharing their gathered information and assisting in calculating the upcoming risks.

The targeted mitigation of money laundering and terrorist financing risks is only possible with the unification of financial records and information from internal and external sources. Therefore, it doesn’t come as a surprise that financial institutions that use advanced technological solutions to gather external information show greater strength when identifying high-risk customers, collaborations, and transactions. The points put forth in HKMA’s guidance not only suggest the implementation of these strategies but also encourage steps to measure and analyze their effectiveness.

The Significance of On-going Monitoring

Where a majority of the Authorized Institutions (AIs) that come under the AMLO are seen to adhere to the AML regulations put forward by the HKMA, there are a number of institutions that have not integrated measures to monitor and analyze the effectiveness of the results. Consequently, the Hong Kong Monetary Authority has prompted financial institutions to instantly begin work on the development of systems to measure the performance of AML/CFT systems through the number of STRs (Suspicious Transaction Reports) as well as the impact on the banks’ reputation and customers. The HKMA AML guideline also highlights ongoing monitoring of the existing customers and employees of institutions. 

According to HKMA AML guidelines, the ongoing monitoring of transactions as well as resource allocation and business relationships are a significant factor in the AML/CFT solutions. While carrying out customer due diligence during account opening, financial institutions are encouraged to implement automated AML solutions for processing customer data and examine all the sources where the money was processed through. Shufti Pro’s AML services allow financial institutions to perform enhanced due diligence for high-risk customers in order to eliminate criminal entities from the monetary system. 

In a Nutshell…

The HKMA is a renowned international financial hub and the central stream of monetary processes. The Hong Kong Monetary Authority supervises the integrity and security of the financial system through AML/CFT regulations in compliance with international standards. 

Targeting mainly the banking sector, the HKMA laid the foundations for AML processes that are now followed globally, including customer due diligence, enhanced due diligence, transaction monitoring to overcome money laundering, and terrorist financing.

Want to know how your business can comply with AML/CFT regulations?

Shufti Pro Marks 4 Years of Streamlining KYC and AML for Global Businesses

October 2021 marks four complete years since the launch of Shufti Pro. As years begin to stack, the company continues to outperform with its award-winning identity verification portfolio, a trusted team of global experts, and unparalleled AI-powered features. With consumer convenience in mind, Shufti Pro was launched in 2017 while recognizing that most legacy identity verification solutions were full of friction in terms of both time and accuracy. By filling this gap, the global SaaS provider has won the trust of 500+ clients and successfully verified millions of identities, with instant detection of identity and financial frauds. 

In the past year alone, Shufti Pro witnessed a growth of 100% and expanded globally, with regional offices now open in Ukraine along with Sweden, Cyprus, the UK and UAE. Where the COVID-19 pandemic exposed numerous businesses to major security loopholes, Shufti Pro stayed one step ahead of the game and introduced innovative products to safeguard digital identities. 

“Being persistent and dedicated ever from the start and not letting obstacles get in our way allowed us to develop our company to become one of the major players in the world of identity verification & compliance” — CEO Shufti Pro, Victor Fredung. 

Celebrating Milestones

As we look back at the past year, here are some highlights of which team Shufti Pro is particularly proud of:

1. Covid Certificate Verification Solution

Not long after the COVID-19 pandemic struck, fake vaccines and forged covid certificates became an everyday phenomenon. Renowned apps such as Telegram among others were being used for the distribution of fake covid vaccine certificates, causing a steady rise in the global Covid-related crime rate. This posed a major threat to businesses, as Covid certificate verification has now been mandated by governments to curb the spread of the virus. But with fake vaccine certificates in the market, financial crimes and identity fraud seemed imminent. 

Playing its part in the safe renewal of businesses amidst the pandemic, Shufti Pro launched its AI-powered Digital Covid Certificate Verification service, which verifies the identity and vaccination status of individuals in one go. The solution requires no installation or integration and can be easily used at airports, shopping malls, and public transport terminals, among other areas, to enable Covid-free customer onboarding.  

2.  NFC and On-premises Identity Verification

Within the last year, Shufti Pro also launched two other identity verification services — NFC Verification and On-premises Identity Verification — to provide unmatched customer convenience. 

Given that 81% of smartphones today are NFC-enabled by default, identity verification with near-field technology renders a streamlined identity verification experience to both, the end-users and businesses. On the other hand, the On-premises Identity Verification service allows organizations to experience full control over their customer’s data with an in-house deployment of the identity verification solution.

Here’s what Shufti Pro’s CEO had to say about new product launches on the occasion of their anniversary

“Whenever we are launching new products, we do it based on two criteria: What does the client want and what does our market research say will be the next trend. Based on these criteria, we develop and launch the appropriate client/market fit … In 2021, we launched our On-premises deployment that allows clients to host the entire product of Shufti Pro within their system architecture, this allows clients to meet some of the more stringent regulatory requirements as well as to protect their customer’s data in a secure manner”.

3. Global Expansion Targets

In June 2021, Shufti Pro opened a new regional office in Kyiv, Ukraine, to safeguard Ukrainian organizations against the surging cases of money laundering, banking scams, and other financial malpractices. Commenting on the future plans of scaling Shufti Pro, Fredung states, “Our near-future goals include further international expansions where we have identified key-markets where we see tremendous potential going forward”. 

4. Native pages 

To deliver a consistent IDV experience to all markets, Shufti Pro has mitigated language barriers by providing the local audience of 100+ countries with native country pages. As a result, the services of Shufti Pro have become easily accessible for any business worldwide that seeks to comply with global AML/KYC regulations with 98.67% accuracy.  

5. Award-winning Streak

Since Shufti Pro leverages a hybrid identity verification model, one that involves the use of automation as well as human expertise, its IDV services are well-received worldwide. This is particularly because, despite human intervention, Shufti Pro’s services provide minimal verification response time. Due to its “under 30-second” verification processes and one of the highest accuracy rates in the IDV market, the company was named in the World’s 100 Most Innovative CyberTech Companies for financial services in 2021 and has won various awards. These include:  

  • Gold Stevie Award for “Company of the Year” at IBA (View More)
  • Bronze Stevie Award for “Financial Services – Small” at IBA (View More)
  • Best Digital KYC/Onboarding Application Europe 2021 at Global Banking & Finance Award 2021 (View More)
  • Best New Anti Fraud / Security Solutions Provider, Cyprus 2021 at the Global Banking and Finance Awards (View More)
  • “Product Leader 2020” and “Happiest Customers 2021” award by Crozdesk (View More)

6. Trusted by 500+ Clients 

Shufti Pro’s identity verification solutions are offered in 230+ countries and territories, for businesses in sectors such as Finance and Banking, Healthcare, Gaming, Travel, Cryptocurrency, FinTech, Education, Telecommunication, and 

Social Media among others. Owing to the consistent innovation, cutting-edge technology, and swift services, Shufti Pro acquired a customer satisfaction rate of 92% in May 2021.  

Here’s what the customers have to say about Shufti Pro’s KYC and AML solutions:

“Shufti Pro’s UX is very well-thought-out compared to some other platforms we tested.”Remy Tennant, founder of DateID. 

“Our clients and partners will accomplish streamlining digital customer onboarding, while complying with regulatory requirements”. Guillaume Blot, Chief Digital & Innovation Officer – Senior Vice-President at Sopra Banking Software.

“After observing the rapid evolution of the DeFi market, we decided that now it was the right time to develop a product that will serve as the only legitimate gateway for mass adoption. We are incredibly delighted to become partners with Shufti Pro – it brings us a step closer!”Slava Demchuk, the CEO of PureFi. 

What’s Next for Shufti Pro? 

Today, the global IDV provider leverages thousands of in-house AI models and a global team of over 100 professionals to provide state-of-the-art identity verification services to its customers. In the near future, Shufti Pro will be expanding its services to maximum segments of the market with an aim to make IDV seamless, cost-effective, 100% accurate and achievable within milliseconds. In the long run, the company seeks to continue building trust between businesses and customers and innovate in the space of identity verification & compliance.

Extending his gratitude towards his team, here’s what Fredung had to say on Shufti Pro’s 4th anniversary:

“I would like to give a warm thanks to each team member that have contributed to the Shufti Pro saga, we have all worked extremely hard over these 4 years developing what I would call the leading technology for customer onboarding”.

Streamline your identity verification needs right away by availing our 7-day free trial or talk to our experts for more information!

A Brief Overview of KYC Requirements for Foreign Exchanges in EMEA

The forex industry is recognizable for being a dynamic and profitable platform due to its high liquidity and trading volume. Even when the COVID pandemic was negatively affecting the overall market, the increased global volatility only resulted in a rise in forex trading volumes. However, forex trading isn’t risk-free and is often maligned due to criminal activities. In addition to the risk of money laundering and terrorist financing, the forex industry also faces losses due to compliance penalties. 

Various forex companies find it tough to achieve the balance between KYC compliance, fraud prevention, and generating sufficient revenue at the same time. With its ever-increasing trading volume, the forex industry is an obvious target of fraudsters looking to launder money and for other illicit activities. Considering this situation, KYC and AML restrictions are becoming more stringent to ensure the prevention of fraud in forex trading.


KYC Regulations for Foreign Exchanges

Forex trading is a dominant part of the global financial landscape, which justifies the numerous sets of regulations that apply to forex platforms across the globe. Depending on regions and types of forex platforms, the regulations primarily require the implementation of KYC services and customer due diligence protocols. Digital ID verification during customer onboarding allows forex companies to filter out fraudsters and eliminate fake identities from their system.

Forex companies, however, often shy away from incorporating KYC services assuming that their transactions and processes will be slowed down. With forex trading now being done through mobile devices, the previously implemented manual verification procedures can’t keep up anyway. Forex companies strive to provide the fastest solutions as customers are seen to do away with services that involve delays. Instead of the slow and inconvenient manual verification, Shufti Pro’s digital identity verification provides a robust solution that allows customer authentication within seconds.

AML Compliance for Foreign Exchanges 

AML (Anti-Money Laundering) regulations usually vary between regions and jurisdictions to include certain additional policies and procedures. To comply with AML guidelines, forex companies are encouraged to incorporate measures and introduce policies to prevent money laundering. These procedures include background screening against global watchlists to confirm past records of money laundering and AI-based systems for monitoring suspicious account activities and reporting them to the authorities. 

Customer due diligence (CDD) and enhanced due diligence (EDD) are processed to perform background checks depending on the level of risk. Shufti Pro analyses data from the UN, OFAC, Interpol, and HMT, and also screens against lists of PEPs (Politically Exposed Persons) to eliminate risks of fraud. Not just newly onboarded customers, but also existing customers of forex companies must be subject to ongoing monitoring and due diligence.


The constantly updating landscape of AML regulations in Europe is indicated by the 6 amendments in the EU Anti-Money Laundering Directive. The 4th AMLD included an additional requirement to verify the details of UBOs and lined up with the FATF’s regulations. It also revised the description for PEPs (Politically Exposed Persons), who are considered to be high-risk individuals since they are involved with government-related roles. 

Suggested read: The Changing Landscape of KYC/AML Regulations in 2021 

AMLD5 included legislation for digital currencies and publicized UBO registers. The 6th AMLD became part of the national laws in Europe in December 2020, and defined liability and sanctions for those involved in the standardized crime of money laundering. The Financial Action Task Force is a global sentinel that provides recommendations for Europe’s AML and KYC regulations. The FATF’s guidelines help forex companies ensure transparency and conduct customer due diligence.

Payments Services Directive (PSD2)

Payments Services Directive is also a regulation formulated to allow forex companies in Europe to incorporate the latest technologies in order to digitize payments. Digital records of transactions make for a relatively secure financial environment, where customers are required to go through two-factor authentication prior to making digital payments. However, transactions involving smaller amounts are not subject to these authentication checks.

General Data Protection Regulation (GDPR)

The General Data Protection Regulation is legislation for the protection of personal data in Europe. Compliance with GDPR requires companies operating through AML compliance measures to reconsider some of the aspects. For instance, customer due diligence, which is a definitive step in AML compliance, requires processing personal data. Companies must, therefore, define the purpose of data collection, as the GDPR only allows it in this case. The GDPR includes instructions for not only the safekeeping but also the deletion of data after its purpose is fulfilled. AML regulations overrule this aspect of the GDPR as forex companies are allowed to keep financial records for upto five years.

Middle East

Despite various efforts to implement KYC regulations in the Middle East’s forex landscape, the risks of financial crimes are still surging. Both local and international forex trading companies in the Middle East are highly regulated and involve requirements of personal data collection and storage. Identity verification of the customers is a key step in the process of customer due diligence. 

The Middle East requires a few additional checks due to differences in naming conventions and transliteration challenges making the KYC system and customer due diligence difficult. Western countries have a unified naming convention with a maximum of two given names and one family name. On the other hand, the Middle East has a naming convention that includes a series of names indicating the person’s lineage. That being said, there are even differences between the naming conventions of several Arab countries within the Middle East.


According to a World Bank report, a significant majority (81%) of the one billion people that face difficulties in proving their identity belong to Africa and South Asia. It doesn’t come as a surprise that African countries are often burdened by AML compliance fines due to the lack of satisfactory measures to verify identities, let alone customer due diligence. The challenges faced by forex companies in Africa easily outweigh those in the Middle East, as KYC compliance becomes difficult for forex companies when they encounter a number of utility bills sharing the same address information.

Key Takeaways

Know Your Customer requirements allow forex companies to verify UBOs and the intentional or unintentional involvement in criminal activities like money laundering and terrorist financing.

Shufti Pro offers AI-powered KYC/AML services for the forex industry, allowing forex companies to comply with AML guidelines and prevent financial crimes like money laundering. It verifies identities within 30 seconds and identifies high-risk entities through background screening against 1700+ watchlists.

Learn more about global KYC/AML compliance regulations for the forex industry!

Analyzing the UK and US Gambling Industry by Numbers

Businesses and people in the gambling sector are aware of the risks involved and what are their possible consequences. A few years back, gambling was illegal, but now countries are moving to make it legal as it is a booming industry and can contribute to the economy. It is closely related with the financial sector as the online payment gateways are used for funds transfer, this makes it vulnerable to money laundering and illegal funds transfer. According to BBC, Star Entertainment – Australian gambling giant alleged for money laundering. 

Post Covid-19 Landscape of Casinos 

Like other sectors, the gambling industry is also influenced by advanced technology trends and is now available on the internet. There has been a debate about regulations in the gambling industry. Experts think that the industry’s prosperity is subject to the regulations imposed on it. Recently, it has entered the class of big sectors, being called a billion-dollar industry.

  • The gross gambling revenue of Europe is forecasted to reach 29.3 billion in 2022. (Statista)
  • In 2020, online gaming witnessed a 393% increase in players, with the UK exhibiting  261.9% growth. (CNBC)
  • In the United Kingdom, online casinos accounted for £5.51 billion. (United Kingdom Gambling Commission)
  • During the fiscal period 2021-26, the online gambling market is forecasted to grow with the CAGR of 11.94%. (Mordor Intelligence)
  • In 2020, United States gambling revenue skidded 31% to USD 30 billion. (Statista)
  • During the pandemic, US casinos lost 27% of normal operating days. (American Gaming Association)
  • Around one half adults of New South Wales gamble. (Responsible Gambling)
  • The Australian authorities received 6000 gambling scam reports in the first quarter of 2020. (Forbes Advocate)
  • In 2022, the share of regulated gambling will be 80.1% in Australia. (European Gaming and Betting Association)

Leg-pullers for Online Gambling

Without a doubt, the online casino market is thriving. Nevertheless, it is also true that most gambling companies fail in the initial two years. Although, poor management, research and planning, inadequate structure, and scanty marketing are the reasons behind this. But in modern times, online frauds and scams have become the  most crucial leg-pullers for the online gambling sector. 

Hackers and cybercriminals use extended and sophisticated means to disrupt the online gambling environment. Let’s discuss what are the vulnerabilities in the digital betting industry.

Multiple Accounts Scam: Biased Gameplay

Fraudsters create multiple accounts over a betting platform using fake and synthetic credentials. This means that the information that is given to the website during account sign-up is completely fraudulent or a mixture of false and authentic user data. For acquiring authentic data, scammers often use phishing techniques

The intention behind this is to pocket wins for only one particular account. The other players do not get a fair chance of gaming and the service providing platform loses the reputation in this case.


Money Laundering: An Indictable Financial Crime

Everyone in the market knows what money laundering is and how it is done. Because of solid security measures implemented by financial institutions, money launderers have targeted other sectors, gambling being one of them.

As online casinos deal with money directly, it becomes easy for financial criminals to place, layer and extract their illegal funds. 

Chargeback Abuse: Fake Claims

Chargebacks are filed by customers where they restrain the (betting) payment by contacting the bank or the card issuer claiming that their card was used without their permission. Fraudsters claim fake chargebacks as it is difficult for gambling sites to fight against friendly frauds because it can damage their relationship with the card issuer.

Enhanced Due Diligence: A Robust  Solution for Eliminating Risks

Know Your Customer

Recently the UK and the US have tightened the rules for e-gambling platform providers. This is done considering the increasing cases of online scams and money laundering related activities in the gambling industry. The UK has mandated gambling sites to confirm the ID and age of the players before onboarding them.


Know Your Customer (KYC) is a method of identity verification of online users mostly used by financial businesses. It is a software-based online, automated and AI-powered process in which the users’ (or gamblers’) identity is verified by examining their government-issued identity documents. Below are the verifications performed in the KYC process.


  • Facial Recognition: Matching the gambler’s live captured selfie with the photo ID
  • Address Verification: Extracting and validating the residential address from legitimate documents
  • Age Confirmation: Calculating the age by drawing out DOB from ID documents and confirming that it falls under the specified range

Anti Money Laundering Screening

To counter money laundering or any other illegal transfer of funds, anti money laundering solutions can be used which screen the gambler names against the global watchlist, sanction lists and PEPs (Politically Exposed Persons). It filters the players by their risk profile, where the gambling platform can get to know about previous criminal history of players. Moreover, Enhanced Due Diligence is performed on high-risk customers

In the EDD process, transactions that exceed USD 5000 – USD 10,000 threshold go through transaction monitoring and background screening. In the banking sector, EDD has proved an effective method for combating identity frauds and money laundering. 

Gambling sites can comply with KYC laws set by global regulators through enhanced due diligence. It is a robust method and expedites the speed of the onboarding process. Once implemented, the players feel safer since there is a less likelihood of losing funds to criminals and money launderers 

Key Takeaways

Today’s tech-savvy fraudsters have found advanced ways of social engineering, making account taker over and identity theft easy. To address this dilemma, governments are planning to regulate the gambling sector. Additionally, rising AML penalties demand automated  AML/KYC solutions for compliance purposes.  AI-powered AML/KYC solutions that perform identity verification and AML screening in real-time can help gambling industry in combating frauds.

Want to know more about regulatory compliance of gambling sector?


Age Verification for Social Media – Protecting the Younger Victims of Online Scams

With a significant majority of students diverting from their usual school routines due to the COVID-19 outbreak in the past year, more time was spent using the internet than revising courses. This was clearly a negative situation  as it resulted in the slowing down of childrens’ learning process, but that’s not all – the increased social media usage by children makes them vulnerable to scams involving personal details and financial data. 

Over half of the world’s population is using social media and some of the prominent platforms like Facebook, Instagram, and TikTok are of particular interest for the younger generation. The naivety of teenagers opens up various doors for scammers to take advantage of them through seemingly interesting advertisements and fake surveys that appear to be from legitimate sources. Similarly, fraudsters exploit the immaturity of children in online shopping platforms to gain access to sensitive payment details.

Digital services, products, and online shopping platforms offering a vast variety of items are all one-tap away in today’s tech-driven era. This ease of access means that individuals of all ages are interacting, performing uploads/downloads, and transacting through online platforms. 


Identity Theft on Social Media

Faking identities is a relatively simpler task while using social media platforms as no physical presence is required. According to The New York Times, 5% of the total Facebook accounts were fake as of December 2020 – that makes over 90 million accounts. Most of the social media scams are being operated through these fake accounts to represent a made-up business or organization. 

Fake details of business pages are used to fool individuals, particularly the younger ones, into believing that they are communicating with legitimate companies. Not only Facebook, but also Twitter, LinkedIn, and the commonly used dating sites are prone to identity theft and other numerous scams. Primarily, social media platforms used for businesses lack identity verification checks, but with the rising number of scams targeting minors, age verification is an essential measure to secure these apps.

Influencer Scams

The common perception when the word influencer is mentioned is of successful accounts that have millions of followers. Looking at the bigger picture, however, new types of influencer scams have emerged. Instead of promoting businesses or services, influencer scams are seen to promote fraud. Once influencer accounts on social media surpass a certain level of followers, they get incredible reach from users of all age groups. 

That being said, the root cause of these influencer scams is the lack of identity verification for business accounts on social media platforms. Considering this scenario, identity verification measures need to be implemented in social media platforms so that the creators of these fake influencer accounts are filtered out. This can help in restricting fraudsters from creating social media accounts, hence eliminating these scams altogether.


Financial Scams

Although financial scams are generally targeted at a wider range of age groups, teenagers are more prone to getting affected by them. Apart from credit card scams, several types of financial scams are being operated through social media platforms, where the younger individuals are made to believe that they will earn a certain amount in a short time. Fake businesses offer interesting investment opportunities through emails, texts, and advertisements.

A pyramid scheme uses a hierarchical network marketing system to pull in money, where the base of the pyramid is created by investments from new victims. The money is used to provide returns to earlier investors in the upper portion of the pyramid. Ponzi schemes are the most common type of pyramid scams that offer big returns for investments and steal money from individuals on social media. Young individuals in their late teens often become victims of these schemes in the hope of starting an independent life. These schemes are eventually revealed when there are no new investors and the scammers can’t pay back.

Offers on Expensive Items

Social media ads for prominent market brands of electronics and other running items are commonplace, and it’s usually obvious that they are fake. The prices at which the particular expensive items are advertised are hardly a fraction of their original price, making it clear that the ad is from an unreliable source. However, minors looking for low prices often act hastily and provide payment details to the scammers posting too good to be true ads.

Brands like Nike and Apple are hot favourites of children who anxiously wait for new products. Not just children, but fraudsters also keep an eye out for the new features in limited edition products to post their own fake offers on social media to get inside the heads of teens. These fraudsters know well enough that kids always wish to have the latest items in the market, and capitalize on the unsupervised usage of elders’ financial information by children. Without age verification solutions, teenagers pay for services without considering the actual prices, for which their parents have to ultimately pay.

Scholarships and Job Offers

One of the common concerns of young students is the money required for their higher education. Targeting this weak point of teenagers, scammers design fake scholarship schemes and job opportunities in order to rake in bank account details. What appears to be the fee for a particular job application is actually a scam, which results in monetary losses. Age verification solutions for social media platforms can provide a solution to put an end to these scams and secure the digital landscape.

Student loans also bring about opportunities for fraudsters to carry out illegal activities and make money. Older teens are targeted in these kinds of frauds where a fee is charged for potential elimination of debts. Imposters take the desired amount and then disappear leaving no traces. Parents also face a complicated situation when it comes to education and agree to pay fees when required, but the social media scams are seen to make the most of teenagers on platforms like facebook, where their activities are not being monitored.

Unfortunately, teenagers cannot be taught to handle fraudulent information as it comes in various forms and uses different mediums. The common solution to these scams is incorporating age verification solutions in social media platforms, and identity verification for businesses selling products or services through social media platforms.

Concluding Thoughts

The need for keeping sensitive information like addresses, passwords, social security numbers, and bank credentials cannot be stressed enough. However, Shufti Pro offers digital solutions that are easy to incorporate. Social media platforms can simply integrate the APIs to abide by the age verification laws.

Shufti Pro’s age verification service allows social media platforms to verify the age of end-users during account opening. Henceforth, minors can be prevented from accessing age-exclusive products/services. 

For further information regarding age verification solution, get in touch with our experts.


What 5 Businesses Have to Say About Shufti Pro’s Digital AML/KYC Services

Various industries throughout the world are being transformed through automation thanks to the ongoing digital revolution. Continuous updates in existing technologies and the development of advanced digital systems for business processes during the Covid-19 period have made AI a prominent tech buzzword. 

Not only have businesses managed to survive the tough challenges brought up by the pandemic, but the AI-driven solutions have also been the reason for improved productivity and accuracy in online operations. However, these automated processes are not risk-free unless fraud prevention measures are incorporated, including KYC, AML screening, and age verification.

Highly Regulated Industries Across the Globe

The regulation of industries is intended to allow secure business and services throughout the world. Some industries are prone to fall victim to scams due to their nature. The stakeholders of such organizations often face adverse consequences such as stolen identities, loss of funds, and reputational damage.

Financial Sector

The technological boom initiated competition between banks, insurance companies, and brokerage firms for automated, convenient financial solutions. Although FinTech has largely automated financial operations and made it easier to perform banking transactions, these technological advancements have also empowered fraudsters. In 2020, a staggering amount of 159.7 million pounds was lost due to online banking frauds. With the elevated customer expectations, businesses are facing the biggest challenges while finding the balance between automated financial services and securing online transactions.

According to the UNODC, almost 2-5% of the global GDP is being laundered through the financial system, which indicates the dire need for AML solutions. CDD (customer due diligence) and AML screening help banks and other financial institutions secure the onboarding of legitimate individuals, which in turn provides a guarantee of safe transactions to their customers. 

Paydoo, an online payment service provider, was having trouble meeting KYC compliance and turned to Shufti Pro for streamlining the identity verification procedure. The founder of Paydoo says, “Thanks to its flexible modular structure, Shufti Pro’s features are at the core of our state-of-the-art, proprietary, single-access merchant boarding system. It allows Paydoo to maintain full regulatory compliance by seamlessly identifying and screening our merchants, ensuring seamless and rapid onboarding.”

Blog info graphic-05


Among the common risks that fraudsters pose is crowdfunding, including debt and equity crowdfunding. One of the primary targets of these fraudsters are businesses, where they use various tricks to surpass the strict federal regulations. For instance, scammers create clone firms and operate through websites using registered company names and locations of real businesses. In this way, investors are fooled into believing that the company is legitimate, leading to huge losses. 78 million pounds were reportedly stolen in these kinds of clone firm scams in 2020.

In order to help businesses prevent becoming victims of such scams and losing customer trust, Shufti Pro offers Know Your Business (KYB) solutions to identify and analyze the risk of business entities before initiating collaborations or making investments. Apart from helping companies steer clear of fraud, Shufti Pro provides a convenient implementation of solutions in any type of company. As stated by the CEO of nOs, “nOS aims to provide simplicity in terms of development and interaction for decentralized applications and games. What we noticed with Shufti Pro is that they clearly employ the same philosophy of keeping things simple, for both developers and users alike. Shufti Pro’s APIs are easy to use, the platform support is great, and the back-end office is clear and visually pleasing.”

Gaming and Gambling

Gaming has emerged in the past decade as a dominant industry with improvements in graphics and the development of faster processors to handle loaded functionalities. However, online gaming is not scam-free, as every 1 in 5 gamers falls victim to fraud involving in-game purchases and identity theft. Shufti Pro’s Know Your Player solution is designed to identify players in online gaming to prevent scams. 

Similarly, the gambling sector is vulnerable to fraud due to the online platforms being used for the purpose of transactions and bidding. The absence of identity verification checks and AML screening solutions gives a free hand to scammers in spending their illegally obtained funds. Scammers find the gambling sector an easy target for crimes like money laundering because it’s convenient for them to invest money and make it appear legitimate without being tracked.

Suggested Read: Gambling Compliance or Data Protection? The Puzzle is Solved! 

Shufti Pro has helped many gaming platforms in combating crimes like identity theft and money laundering. As co-founder and CEO of Prophet says, “We are using Shufti Pro to fulfill our KYC requirements, including but not limited to age, identity, and document verification. The UK Gambling Commission is quite strict with regard to its KYC regulations and we have even seen new requirements being put into place this year. Thankfully, we were able to verify our users and their backgrounds instantaneously with Shufti Pro’s integration, creating a seamless user experience on our end, while allowing us to comply with all regulatory requirements.”

Trading and Exchange of Cryptocurrency

Scammers use sophisticated methods to target cryptocurrency exchanges and aim to bypass authorities in order to conceal the origin of their illegally obtained funds. Criminals use relatively unknown cryptocurrency exchanges for making their exchanges and transactions in order to keep their image clean. Shufti Pro helps cryptocurrency exchanges with digital KYC and AML solutions to verify the legitimacy of customers and their past transactions. 

As highlighted by the managing director of TitanFX, “Working with ShuftiPro has provided our company with plenty of useful resources. For our clients, our collaboration with ShuftiPro has provided them with a seamless verification process. As for the company, collaborating with ShuftiPro has greatly reduced the manual work required for customer verification and initial screening without losing high standards of AML/CTF procedures. Furthermore, ShuftiPro’s structured and easy-to-use information storage system makes ongoing work with customers much easier.”

Educational Sector

Surprisingly, educational institutes are also targeted by financial criminals to hide laundered money. Prominent universities that enroll students from countries around the world are more vulnerable to these kinds of crimes. That being said, there’s a high probability that students belong to high-risk jurisdictions. Therefore, the lack of verification measures to check the sources of that money makes it easy to launder money.

Shufti Pro helps overcome these issues in the educational sector, as a review from Shufti Pro’s client, BitTiger says, “Shufti Pro offers great identity verification services to meet the needs of BitTiger, for course enrollment. In order to protect the copyright of BitTiger’s educational content, we require students to verify their ID to register. Shufti Pro provided customized portals for different courses, which made it convenient for BitTiger to operate with the high volume of customers. ”

The Bottom Line

No matter what kind of industry is taken under consideration, compliance with KYC and AML regulations is mandatory. Keeping records of customers and other stakeholders empowers businesses while preventing fraud. Shufti Pro’s digital AML & KYC solutions allow companies to comply with all regulatory requirements while helping onboard your customers faster and more efficiently with more accurate results.

Learn more about global KYC/AML screening solutions from the experts!


Overcoming the Challenges of Proliferation Financing with AML Screening Solutions

On September 23rd, the 2021 UK NRA (National Risk Assessment) was published as part of the government’s commitment to the Economic Crime Plan of 2019. Risks associated with proliferation financing, including the acquisition of nuclear technology and other such activities that are potential threats to national security are addressed in this publication.

Since the UK is a predominant global financial hub thanks to its impartiality towards investments and trading, the susceptibility to financial crimes like proliferation financing does not come as a surprise. Perpetrators involved in proliferation financing aim to profit from the UK’s prominent presence in the global financial system in order to fund CBRN (chemical, biological, radiological, and nuclear) programs.

Risks Associated with Proliferation Financing 

Proliferation financing directly threatens national security as the bad actors involved in the financing of development and transfer of nuclear weapons become part of the news. The most notable proliferation financing activities that surfaced in recent times were from Korea and Iran. Diving deeper into proliferation financing, it’s clear that the risks related to financial services are largely influenced by the export and transfer of proliferation-prone commodities.

There are several institutions around the globe making efforts for the purpose of observing proliferation financing activities and analyzing the hidden depths. Looking at the bigger picture, the impacts of proliferation financing are seen throughout the global financial system. The UN (United Nations) along with its member states looks to get better insights into the new ways and progression of proliferation financing over time. 

The Korean nuclear program is being addressed by the UN’s large-scale sanction measures, including specific schemes for the monitoring of relevant financial and transportation activities. As a result, restrictions are in place to limit North Korea’s access to finances that are potential contributors to CBRN programs. Another sanction scheme of the UN is specifically targeted at Iran’s nuclear and ballistic missile program.

When did FATF extend to Proliferation Financing?

The Financial Action Task Force (FATF) is the global quality center when it comes to implementing regulations for combating proliferation financing, money laundering, and terrorist financing. In 2008, the FATF extended its directive to monitor and prevent activities such as the proliferation of weapons. The UN’s regime pertaining to proliferation financing also complies with the UNSCR’s (UN Security Council Resolutions) requirements.


Additionally, the FATF has also sent out region-specific guidelines for different jurisdictions to make the implementation and compliance processes more convenient. The risk mitigation and multiplication of issues arising from proliferation financing are also addressed by the FATF in its publication of the typologies report. The measures suggested by the FATF are currently restricting and monitoring the potential proliferation of financing activities in Korea and Iran.

Since the FATF reinforced its counter-proliferation financing standards in 2018, UNSCR-specific laws now call for implementation and regular reporting of the measures taken to monitor instances of suspicious fund transfers and their possible usage in the manufacture or procurement of weapons. All financial institutions are required to implement measures in order to comply with AML/CFT regulations. Previously, proliferation financing was considered in a different risk assessment strategy, but the updated standards of 2018 introduced a unified strategy to counter money laundering, terrorist financing, and proliferation financing altogether.


Furthermore, October 2020 saw more updates to Recommendation 1 of the FATF, where the private sector and countries are all required to monitor and mitigate risks originating from proliferation financing. In addition to this, the regulations encourage reporting of non-implementation of measures for counter-proliferation financing, as the failure to monitor such activities makes the region more vulnerable.

The Aim of UK’s Counter-Proliferation Financing Regime

Being prominent in the global arms trade, the UK produces commodities for use in chemical and nuclear processes, making this part of Europe the most vulnerable to proliferation financing risks. This being the case, it’s not tough to guess that the UK is also a globally recognized country for its counter-proliferation financing regimes and is a major entity in the FATF’s efforts for that matter. 

As mentioned earlier, the first NRA on proliferation financing is a significant step forward in the UK’s reinforcement of counter-proliferation financing measures. The National Risk Assessment focuses on networks for the acquisition of items of multiple uses in nuclear or chemical weapons, especially in high-risk areas. 

Companies are set up to hide networks of proliferation crimes and the UK is one of the prime targets. Risks from the networks of proliferation financing entities are greater in the UK because of the convenience it provides for creating a company, which can then be used as a source to benefit from financial resources. Additionally, TCSPs (trust and company service providers) are also used by these companies to present themselves as reputable organizations and remain anonymous to a great extent.

The UK’s Regulatory Landscape 

Considering the aforementioned risks, the UK boasts a tough regulatory framework that can effectively overcome the threats from proliferation financing. In addition to AML compliance guidelines, the primary areas that are supervised include the compliance with UK’s own counter-proliferation regulations as well as the UN’s measures to combat proliferation and chemical weapons manufacture in Korea and Iran.

All companies and individual entities within the UK’s territory are obliged to comply with the FATF’s regulations, and the financial operations involving 

UK nationals based in other countries. Counter-proliferation has been among the most significant aspects for the UK as it has been actively working to diminish the funding, procurement, and transfer of proliferation-prone items.

The Integrated Review of 2021 has shed light on the UK’s prominent efforts to combat proliferation financing at the forefront. Not only the illegal funding of such activities within the UK but also the international efforts are monitored and mitigated through the UN’s regulations for counter-proliferation.


A sovereign sanctions scheme called The Democratic People’s Republic of Korea Sanctions (EU Exit) Regulations 2019 was introduced by the UK, which was aimed at restricting North Korea from operating through unlawful channels and promoting the steps taken towards prevention of proliferation financing. The regime also includes the regulations to dismantle banned Korean weapons, and encourage steps to ensure peace and security.


For Iran, the UK introduced two schemes that are aimed at different criminal activities in Iran. The first was The Iran Sanctions Nuclear EU Exit Regulations 2019, and the second was The Iran (Sanctions) (Human Rights) (EU Exit) Regulations 2019. These regimes fulfill compliance needs while restricting the development and transportation of nuclear weapons in Iran.

It All Boils Down To…

In addition to the UK updating its policies to counter proliferation financing, AML/CFT solutions are in place for the background screening of all entities involved in financial processes. International concerns are being addressed regarding the necessary actions for preventing proliferation crimes, with the FATF working on reducing the risks. 

Shufti Pro offers AI-powered AML solutions and screens identities against 1700+ global watchlists, including PEPs and sanctions. The verification is completed in less than 30 seconds with an accuracy of 98.67%.

Learn more about global AML/CFT screening solutions from the experts!


The Digital Black Market for Identity Data

The collection, purchase, or trade of customer data is big business. Unless organizations and individual entities take necessary precautions, that information may be at risk. Once this data is compromised, there’s a high possibility of losing rights to it forever. By gaining an understanding of how the black market for identity data works and steps businesses can take to reduce the chances, can prevent consumers from becoming a victim. 

Dark Web, Identity Theft, and How Criminals Profit

The cycle that initiates the black market for identity data begins through a ransomware attack, data breach or successful phishing attempt. So far in 2021, the number of data breaches have already surpassed last year’s total. The Identity Theft Research Center reported that 1,291 breaches had occurred till October 2021, compared to a total of 1,108 in 2020. The 17% rise indicates that higher numbers are on the way, making it more necessary than ever to safeguard identity data. 

What makes the situation more alarming is that such attacks are not a secluded phenomenon. Typically, they are executed to gain unauthorized access to Personally Identifiable Information (PII) which can then be sold to sites on the dark web that traffic for identity theft, firearm dealing, illegal software, and more. According to the International Monetary Fund, identities, credit card details and bank credentials are the second-most wanted “product” on the dark web, closely subsequent to contraband and pharmaceutical drugs. 

Listed below are a few price tags attached to data that is commonly sold on the dark web.


Global Overview

Following an in-depth analysis of 50 different dark web marketplaces, cybersecurity researchers came to the following conclusion:


Researchers also noted that the average price of stolen PII was above an average of $20 per document in Colombia, New Zealand, and Mexico. Furthermore, China, Singapore, Turkey, Canada, Israel, and Australia all had averages of either $14 or $15. 

Suggested: Top 10 Cybersecurity Trends for 2021 

Lifelong Consequences

The costs of data breaches do not stop once the relationship has been restored between a customer and a business. Instead, the stolen information lives on forever on the dark web, available to be traded, sold or otherwise exploited. Once identity data has been stolen, it is used for:

  • Forging fake digital identities, leading to synthetic identity fraud
  • Hacking email accounts
  • Rerouting mails to fraudulent addresses
  • Opening credit card accounts under the victim’s name
  • Shopping online under a forged identity
  • Applying for student loans, state benefits, car loans, and mortgages
  • Accessing online bank accounts through fake documents

While the news typically broadcasts how the dark web facilitates drugs, guns, and other illicit activity, the black market for identity details is too big to be overlooked. 

Use Case: Fingerprints for Sale

In 2019, two illegal marketplaces called Richlogs and Genesis were identified for selling “stolen fingerprints” of 60,000 online users, giving the holder complete access to the victim’s online presence or web activity. The PII being sold through Richlogs was providing the buyer all the necessary assets for assuming someone’s identity online — passwords, login credentials, and other cached data,  all of which help to perfectly impersonate someone’s online activity and bypass security checks. The fingerprint details were mainly acquired through malware attacks, which provided Genesis operators with account passwords and full browser history. After purchasing the digital identity for $5 to $200, the identity thief could log into that person’s account to illegally access funds, personal photographs, confidential or proprietary documents, or even submit official documents on their behalf to governmental agencies.

The Easy Way Out

The irony of identity fraud and financial crimes is that a majority of PII losses occur because companies leave the back door open for criminals due to weak internal security measures. While data breach or phishing attacks cannot be completely deflected, companies can catch identity thieves by employing automated identity verification solutions. 

These solutions are powered by AI technology and are put to use during the initial stage of customer onboarding. Once an identity thief attempts to log in to the victims, say, bank account or patient health portal, AI models accurately detect discrepancies in the information to detect fake or forged identities. On top of this, biometric facial recognition technologies can also be employed to enable remote identity verification through face scans. These strategies not only prevent identity fraud during the initial stages of account opening, but also allow companies to comply with mandatory KYC regulations.

Additionally, companies can also protect customer accounts from being hijacked by criminals by doubling up security protection through 2-factor authentication. This way, in case an account has been logged into by a criminal, the 2FA code sent to the victim’s mobile device becomes inaccessible. 

Key Takeaways

As the black market for identity data is booming, customers and companies alike are left with two options: either dismiss the idea of providing identity details online and forgo convenient digital services, or safeguard the data by employing advanced technologies. AI-based IDV solution is one viable option for preventing identity frauds, leading to the ultimate protection of millions of customer data online. Shufti Pro’s IDV solution verifies the identity of customers with an accuracy rate of 98.67% – one of the highest in the IDV market – that too within 30 seconds. 

Need to safeguard your platform from identity fraud? Try our 7-day free trial or talk to our experts right away!


20 Facts and Statistics About the Global Finance Sector

The finance sector makes up around 20 to 25% of the global GDP. With the market capitalization reaching 7.4 trillion euros in the first half of 2021 from 5.6 trillion in 2016, imposters have laid eyes on this industry for their illicit gains. Keeping in view the rising number of financial crime numbers, global regulatory bodies are enforcing rigid laws and encouraging the banking and finance sector to employ automated solutions to combat FinCrime. This blog reveals 20 facts and statistics about the finance sector that you must know about. 

Finance Sector – The Global Picture 

A report reveals that the global financial services market is expected to reach USD 28,529.29 billion by the year 2025 at a Compound Annual Growth Rate (CAGR) of 6% from USD 22,515.17 billion in 2021. It is further stated that Western Europe has the biggest finance sector in the world with a 40% contribution to the global market, whereas the US ranks number two, accounting for 27% share. On the contrary, Africa has the smallest contribution to the global financial services market. Due to the Covid-19 pandemic, financial institutions have suffered huge losses, however, analysts are expecting revival of this industry by the year 2022. PwC reveals that the industry will soon face major technological disruption, for instance, paperless transactions will become the new norm in the coming years. On the flip side, the sector must be prepared to encounter new types of fraud too. Apart from all these forecasts, PwC further states that  Gen-Zers are likely to be major contributors to the finance sector’s growth in the years ahead. 

Online Banking Fraud 

Online banking fraud refers to the act of fraudulently sending or receiving funds from one’s digital account. Between 2010 and 2020, online banking fraud losses have reached USD 157.9 million in GBP last year. 

  • Physical goods account for 47% of the online payment fraud losses in 2021 (Juniper Research) 
  • Online payment fraud losses for merchants are expected to reach $206 billion by the end of 2025 (Juniper Research) 
  • 65% of the banking frauds reported in India were related to technology like unauthorised use of credit and debit cards online. (PwC) 
  • 31% increase in remote banking fraud was observed in the UK in 2020. (UK Finance) 
  • EUR 21.6 million worth of mobile banking frauds were reported last year in the United Kingdom. (UK Finance) 
  • There is a 7% increase in remote banking fraud in the first half of 2021 and fraud losses totalled £398.6 million. (UK Finance)

Credit-card Fraud

  • Card not present fraud is among the leading type of fraud and is on the rise in 2021. (Define Financial) 
  • Credit card fraud (debit, credit, charge and ATM-only cards) totalled £261.7 million in the first half of 2021. (UK Finance)
  • Card not present fraud resulted in £2 million loss in the H1 of 2021. (UK Finance) 
  • Counterfeit credit card fraud accounted for losses worth £2.6 million this year. (UK Finance) 

Account Takeover Fraud 

  • New account fraud rose by 24% in 2021 (John Marshall Bank)
  • Account takeover fraud accounted for £14.6 million worth losses in 2020 (UK Finance)
  • Authorised Push Payment (APP) fraud losses totalled for £355.3 million in  the first half of 2021 (UK Finance)
  • Credit card fraud (debit, credit, charge and ATM-only cards) totalled £261.7 million in the first half of 2021. (UK Finance)

Suggested: 40 Surprising Facts and Statistics About Money Laundering [2021 Update] 

Identity Theft 

Identity theft has long been a major problem for the global finance sector However, fraudsters have evolved strategically and now, they are employing advanced technology to execute their ill plans. Over time, ID theft cases have remarkably increased. 

  • 47% of the Americans were victims of financial identity theft in 2020. 
  • Identity theft cases in the United States cost $712.4 billion in 2020, a 42% increase from 2019.
  • 4.8 million identity theft and fraud reports were filed in 2020. (FTC)
  • $56 billion worth losses were recorded in 2020 due to identity scams and frauds. (Javelin)

Recommended: AML Non-Compliance Penalties Soaring Sky High in the First Half of 2021 

Any Solution to Tackle the Rising Cases of Financial Crimes?

Know Your Customer (KYC) and Anti-money Laundering (AML) screening are two viable solutions that the finance sector can employ to effectively tackle the rising FinCrime cases. 

Know Your Customer (KYC)

AI-backed KYC solutions allow financial entities to verify every customer’s identity before  onboarding them. Shufti Pro’s KYC service offers a market-leading accuracy rate of 98.6% and the entire process takes about 30 seconds to complete. The end-user uploads a government-issued identity document that undergoes multiple authenticity checks like MRZ authentication, tampering/forgery checks, and rainbow print verification. 

Anti-money Laundering (AML) Screening 

To make sure the finance sector keeps high-risk entities at bay, an automated AML screening solution is required. Shufti Pro’s state-of-the-art AML suite offers multiple options to the finance sector to combat crimes like money laundering and terror financing. In less than a minute, end-user’s identity is screened against 1700+ global watchlists including Politically Exposed Persons (PEPs) lists.  

Key Takeaways 

To sum up, perpetrators have figured out numerous  new strategies for their ill gains. Identity theft, account takeover fraud, credit card fraud, and synthetic identity fraud are some major concerns of the banking and finance sector. Furthermore, KYC/AML non-compliance penalties have significantly increased over the past few years. Henceforth, regulations for stricter customer due diligence protocols are now more rigid than ever. The finance industry can prevent bad actors and effectively comply with the evolving KYC and AML laws by employing AI-powered identity verification solutions. 

Want to know more about KYC/AML solutions? Get in touch with our experts. 


AML/CFT Regulations of Hong Kong: Paper Over Cracks?

On September 15, 2021, Hong Kong’s Securities and Futures Commission issued consultation conclusion on the proposed amendments on anti-money Laundering and counter-financing of terrorism guidelines. The amendment will align the AML/CFT policy of Hong Kong with the recommendations of the Financial Action Task Force.  This legislation came into effect on 30 September 2021, but the new guidelines for international correspondent payment will come into effect after a six-month transition period i.e. 30, March 2022.

Here we will cover an overview of updated anti-money laundering regulations of Hong Kong and how businesses can comply with them.

Institutional Risk Assessment

All financial institutions are obliged to adhere to anti-money regulations established by the Hong Kong Monetary Authority, which is responsible for overseeing the implementation of AML policies.

Financial institutions have to devise sufficient and appropriate anti-money laundering laws, procedures and policies. They are required to take into account the following:

  • Products or service they offer
  • Type of customers
  • Geographical region
  • Other factors advised in AML/CFT guidelines

At least once in every two years, financial service providers have to perform institutional risk case of any trigger or red flag that can become a risk to the business, they are required to perform the risk management process more than once. International financial businesses that have branches in various states or countries have to conduct a group-wide AML risk assessment to  help design an overall AML system.


Due Diligence for International Correspondent Relationships

Although the new legislation receives a wide endorsement, it also received  a number of comments and critical analysis on international correspondent relationship requirements. Replying to that, SFC provided clarity and loosened the strictness of the international correspondent banking, by rendering a smooth approach for international transactions with associated businesses. 

In accordance with this approach, financial institutions have been advised to have been advised to perform enhanced due diligence on customers and associated businesses by measuring their risk level aligning with the FATF standards.  As these requirements are relatively new, SFC has given a. six-month grace period to implement policies and procedures for new and existing corporate relationships. 


Risk Indicators for Institutional and Customer Risk Assessment

While conducting risk assessment at institutional or customer level, financial institutions are required to exercise comprehensive assessment procedures for the risk associated with customers and their corporate relationships. When specifying the overall risks that businesses are exposed to, financial institutions universally consider a wide range of factors that can influence the process. These include geographical risks, individual risks, transaction risks, and delivery channel risks. They refer to the methods of identifying money laundering threats, potential risks and vulnerabilities of mitigating the illicit flow of transactions

Standard and Enhanced Procedures of Risk-based Approach

The SFC’s scope of customer due diligence procedures for identity verification of low-risk customers is very limited. SFC advised financial institutions to reduce the cycle of reviewing the previous CDD records and ongoing monitoring of transactions below the specified threshold of low-risk customers. But for high-risk customers, Politically Exposed Persons (PEPs) and suspicious transactions, financial institutions have to implement the enhanced due diligence process.

Risk-based approach involves continuous ongoing monitoring of high-risk customers to mitigate risks. First, the risks are identified, then a risk assessment approach is built and the certain steps to address these risks are implemented.


Red Flags for Suspicious Transactions 

Financial institutions have to ask customers congruent questions, evaluate answers given by them and verify their records as part of the suspicious activity identification process. In case of any possible suspicious transaction, financial institutions are required to acknowledge it and perform further verification and screening processes. In the revised AML/CFT requirements, the SFC has eased suspicious transactions identification process by providing them with a list of causal explanatory indicators. 

Normally, customers or transactions originating from high-risk countries are referred to as red flags and in most cases, they are verified by enhanced due diligence where customer identity as well as business relations are analysed. Through anti-money laundering screening, they are also screened against global PEPs, watchlist and sanction lists.

Third-party Payments and Relations

Under this legislation, financial institutions are required to take all the necessary steps to combat money laundering and terrorist financing risks linked with third-party transactions. Moreover, they have to accept payments only from customers when they are in line with the AML/CFT requirements. Before processing third-party payments or accepting deposits, financial institutions have to ensure adequate verification, screening and due diligence procedures to mitigate the potential risks of financial crimes. 

Financial Institutions have to meet all the legal obligations (financial and non-financial) of regulatory authorities of Hong Kong. The law also addressed the businesses’ concerns about practically implementing AML/CFT policies and due diligence before processing any third-party payment. They are allowed to skip the due diligence processes only in special conditions, such as, when standard risk management procedures are applied and there is a minimal money laundering risk.

Person Purporting to Act on Behalf of Customer 

Businesses have to assess the AML/CFT risks associated with the person’s business relations and activities, it is confirmed whether the person is legally allowed to conduct the transaction or not. They have to make clear policies for identifying PPTA and list down all the requirements. 

What Shufti Pro Offers

Shufti Pro offers identity verification and anti-money laundering solutions that comply with global financial and data privacy regulations, including Hong Kong’s. It verifies the customers’ identity by analysing the ID documents and performs real-time facial recognition on photo ID and live clicked selfie. Shufti Pro performs identity verification with 98.67% accuracy and takes only 30 seconds to complete the process.

Want to know how can your business comply with the AML/CFT regulations?


The UK “Children’s Code” – Laying New Grounds for Age Verification

A 12-month grace period for compliance with a set of standards, introduced for protecting children online, expired in the UK on 2nd September 2021. The Age Appropriate Design Code, commonly known as the Children’s Code, was initially introduced on September 2, 2020. However, the UK’s Information Commissioner’s Office (ICO), which serves as the UK’s data protection watchdog, allowed the 1-year grace period to promote its compliance. 

For apps that offer digital services which are likely to be accessed by children, the new code means that a child’s “best interest” must be taken into account to avoid the risk of facing a fine worth ​​£17.5 million.

Let’s take a deeper dive into what the Children’s Code is, what it means for online businesses, and how businesses can comply with the new age verification code.

The aim of the ICO’s Children’s Code is to assist online businesses in creating and maintaining a safe, age-appropriate platform that fairly processes children’s data according to the GDPR. The code essentially advocates age verification policies. It states that unless businesses can prove their platforms are not likely to be used by children, they are left with two options: either make their service compliant with the Children’s Code, or have robust age verification processes in place to identify young users

In addition to this, the Children’s Code forbids the use of “nudge” techniques that lure minors into giving up more information online than required. Listed below are key takeaways from the ICO’s age verification code for children.

The 15 Standards Issued by the U.K. Children’s Code

1- Best Interests of the Child

Organizations have been mandated to consider the needs of minors on their platform as a top priority. While best interests might vary from user to user, the Children’s Code gives a start warning that states “it is unlikely … that the commercial interests of an organisation will outweigh a child’s right to privacy.”

2- Data Protection Impact Assessments (DPIA)

A Data Protection Impact Assessment (DPI) needs to be integrated into the main design of a digital product or service. This assessment helps businesses identify the risks that children may face through the collection of personal data. Each organization must have a flexible and scalable DPIA in place, which should be published. 

3- Age-Appropriate Application

Online businesses need to keep in mind the varying needs of children at different ages and stages of development. This requires organizations to establish age profiles of end-users through any method deemed fit, such as opting for an age verification solution provider, employing self-declaration techniques, or using artificial intelligence models.

4- Transparency

Any information provided to the end-users must be clear, easily understandable, precise, and child-friendly. Such information should be concisely delivered at all points where data collection is activated. 

5- Detrimental Use of Data

This standard prohibits all organizations to not use a child’s personal data in ways that may be harmful to their wellbeing, or that go against global data protection standards. 

Suggested Read: Age Verification – Ultimate Online Protection for Minors

6- Policies and Community Standards

All terms and conditions, community standards, and implemented policies must be published by an organization. 

7- Default Settings

Organizations should place “high privacy” as a default setting, since a majority of young users simply accept any default settings that are provided. The Children’s Code states, “It is not enough to merely allow children to activate high privacy settings”.

8- Data Minimization

Digital service providers must collect and retain a minimum amount of Personally Identifiable Information (PII) during services where a child is actively engaged. Additionally, separate choices of different data categories being collected must be provided to the end-users. 

9- Data Sharing

According to this standard, a child’s personal information must not be shared with third parties, while disclosure can only include data sharing between the different parts of the same organization 

10- Geolocation

As part of the default settings, the geolocation option must be turned off.  An obvious sign must appear on the screen while the location of the end-user is being tracked. At the end of each session, the location tracking option must be switched off by default.  

11- Parental Controls

As an age verification technique, young end-users must be provided with age-appropriate information regarding parental monitoring. If an online platform allows parents to monitor their child’s activity online or keep a track of their location, the platform must show an obvious sign to the child during the time of active monitoring. 

12- Profiling

Profiling, often used a marketing technique, must be switched off by default and enabled only when adequate measures are in place to protect the child’s online wellbeing from any violent or harmful activity. 

13- Nudge Techniques

Organizations are advised to refrain from using nudge techniques, that are designed to encourage end-users to follow the provider’s choice of path. 

14- Connected Toys and Devices

Children’s toys and other digital devices linked to the internet must comply with the Children’s Code. 

15- Online Tools

Organizations must have in place “prominent and accessible tools” that facilitate children online in exercising their data protection rights, including streamlined processes of reporting. 

Why This Code is Necessary

Personally Identifiable Information and financial data of end-users sits at the heart of digital services today. From the second end-users open an app, their data starts being collected. But who are the end-users? Who is collecting the data? And where is the data being used? Monitoring this information is necessary under global data protection laws, particularly as malign actors often utilize digital platforms to commit financial crimes, that are frequently directed towards minors. Age verification provides the perfect solution for safeguarding children against such threats. The above-mentioned statutory code of practice can be easily implemented through the use of AI-powered age verification solutions, which seek to protect children from the digital world. 


Response to the Children’s Code

In the months following the introduction of ICO’s Children’s Code last year, there have been indications of some major platforms paying mind to the compliance deadline. For instance, TikTok launched a wide array of changes, including restrictions on sharing options for young end-users and automated disabling of notifications from the app past bedtime for those under 18. 

Google introduced a new polic​​y that allows minors and their parents to take down images from Google search results, while the “location history” service for children has been entirely deactivated, which previously kept a record of the users’ movements. YouTube, as well, updated its privacy policy, switching off autoplay on videos for users between 13-17, while Facebook has also made amendments, such as exemption of users under 18 from targeted advertising, stricter default sharing settings, and protection of users from “potentially suspicious accounts”. 

How Online Businesses in UK Can Adhere to the Children’s Code 

Age verification solution by Shufti Pro not only enables organizations to comply with the UK Children’s Code, but also streamlines customer onboarding while keeping intact global data protection standards. Here’s how the age verification works in four simple steps: 

  1. The end-user adds their name and date of birth in provided fields
  2. The end-user uploads an image of their official ID document
  3. The age verification solution uses OCR (Optical Character Recognition) technology to extract data through an automated process
  4. The end-user is either verified or denied access to the digital service on the basis of the provided age verification threshold

Shufti Pro’s artificially intelligent age verification solution is currently assisting 500+ online businesses comply with global age verification laws, including the GDPR (General Data Protection Regulation), FFDCA (Federal Food, Drug, and Cosmetic Act), COPPA (Children’s Online Privacy Protection Act) and the Gambling Act of the UK.  

Need a walkthrough of our age verification services? Avail our 7-day free trial or talk to our experts right away!


AML in Real Estate – Combating Property Scams at the Forefront

Real estate is deemed to be a profitable and safe business to invest in thanks to its ever-growing rate of inflation. However, there’s more to it than meets the eye, as real estate crimes have topped the table with a 300% increase since 2006. Considering the large amounts of money circulating through the real estate sector, opportunities for fraud never cease to exist.

Even though the coronavirus outbreak did not affect real estate as much as it damaged various other businesses, property and rental scams were still contributing to an overall problematic situation. According to the FBI, there were a staggering number of over 13,600 cases of real estate and rental fraud in 2020. As it turns out, real estate is ironically quite safe for money laundering and is, therefore, one of the most commonly used mediums for cleaning black money.

Types of Real Estate Frauds

Obtaining money illegally is the basic motive behind every crime, and the unprecedented scams of opportunists targeting the real estate sector are aimed launder money. Commercial real estate dealings require precise communication and presentation of property details, the history of owners, any changes made, etc. Considering these decisive factors, the business deal can either be a great investment or ultimately result in a huge loss.

There are often left out facts like minor details about the property that remain tucked away throughout the dealing process. This is sometimes due to the negligence on part of the seller, but it can also be real estate fraud. Scammers purposely hold back significant details about the property to fool business investors into believing that the particular deal will benefit them.

Suspicious Transactions 

Real estate transactions need careful monitoring in order to determine the sources used for money laundering. Some key characteristics that help identify suspicious activity and allow real estate businesses to analyse risk are connections to other crimes and links with top foreign officials or political parties. Other red flags include fraudulent investors reaching out to buy a particular property at odd times and with cash-only payments, where minimal information about their identity is exposed. Suspicious bank transactions are those that originate from offshore accounts or areas that are identified to be high-risk by the FATF. 

Manipulation of Records

An alternative method for real estate fraud is the intentional misplacement of property records in order to sell them at a higher value. The history of real estate is a key factor when identifying its true value and how it will be presented in the future. Past records help real estate agencies determine if the property was achieved through legal means or through illegally obtained funds. The property bought from money laundering or drug trafficking can put the real estate business in complicated situations. 

Failure to present the past records means the business or entity selling the property is trying to hide possible flaws and depriving the real estate company of the necessary information. Additionally, the history of possible crimes committed on the premises as well as the zone-based restrictions are also purposely subtracted by fraudsters while presenting property information.

Partnership Fraud

Business partnerships or the apparent grouping of investors to contribute in buying a certain property or investing in it often turn out to be scams. At the forefront, this activity doesn’t seem like fraud, but the contributing businesses being relatively unfamiliar with each other makes the deal vulnerable to fraud. In some scenarios, the main business entity in the partnership may take each partners’ share and additional fees without an actual investment plan, or even indulge businesses to invest in deals that are not favorable at all.

Money Laundering 

According to a recent report, over $2.3 billion were laundered through US  real estate, with Nigeria being among the countries sourcing the illegitimate funds. Money laundering is a common crime in real estate where fraudsters find it convenient to camouflage illegally obtained funds and make them appear legitimate. With property prices going up, opportunities for safe investments are created that allow money launderers to make the best of the derived assets.

Ill-gotten money is used to buy a property and then sold or rented to earn legitimate funds from real sources. Fraudsters looking to make money through real estate employ various methods to appear as legitimate entities, including hyped or degraded values, third parties pretending to be legal owners, and non-transparent financing schemes. Basic characteristics that indicate risks of money laundering in real estate are the geographical placement of the investing business and the location of the property in question.

Fake Real Estate Buyers

Apart from getting entangled with problematic transactions, real estate businesses also become victims of the tactics of fake real estate buyers. Fake buyers tend to show signs of urgency in order to finalize deals and make false offers for a property that they do not actually intend to buy. When the time comes to close the deal, they are nowhere to be seen. In most cases, this is not because the buyers don’t have a sufficient amount in their bank accounts, but because they are not willing to expose the source of their money. This being the case because the funds are obtained through illegal means and the factual purpose to invest in real estate is to launder money.


AML Screening 

Considering the aforementioned situation, implementing verification checks in real estate dealings is inevitable to put an end to crimes like money laundering. Just like financial institutions, real estate companies are structured to process large amounts of money, where loopholes can result in the company losing major assets. Since their processes are similar to banks, real estate businesses are also obliged to incorporate digital identity verification as well as AML screening solutions.

Conducting customer due diligence allows the real estate sector to eliminate fraud by ensuring transparency in business transactions. In addition to the damages resulting from crimes, AML policy violation fines also add to the burden. AML compliance allows real estate businesses to keep an eye on their customers by providing tools for screening against global watchlists. High-risk entities are required to undergo enhanced due diligence, where extensive background checks are performed to determine possible political connections.

Regulations to Counter Real Estate Scams

Updated AML regulations oblige real estate agencies and property agents to conduct customer due diligence, where all entities involved in property dealings and transactions including legal firms, real estate agents, and insurance firms. The FATF (Financial Action Task Force) has also formulated guidelines to free the real estate of money laundering and tax evasion. The regulations prominently shed light on the standards of customer due diligence. According to the guidelines, real estate dealers are required to implement strategies for client transaction monitoring.

How Shufti Pro Prevents Real Estate Frauds

Operations being carried out through digital platforms are prone to various challenges and also face the additional risks of cybercrime. This is true for real estate businesses that come under financial obligations. Here, Shufti Pro provides AI-based AML screening to eliminate fraud in the real estate sector while allowing property businesses to comply with AML guidelines. Shufti Pro identifies high-risk entities with background screening against 1700+ watchlists.

Learn more about global compliance regulations for the real estate sector!

More posts