Shell companies

Shell Companies and Money Laundering: How to Combat Them?

Shell companies are notorious for all the right reasons. These entities often called ghost companies are frequently used by fraudsters to launder black money. Shell companies are business entities without any actual premises, employees, or operational assets. They are created by registered agents to conceal ownership information from other businesses. This gives them the anonymity to hide ill-gained funds, avoid tax payments, and bypass AML regulations.

When it comes to developing B2B relationships, businesses should keep a vigilant eye on their partner entities. Verifying important details like corporate documents and addresses can save honest entities from associating unwanted ties with fraudulent companies. Business Verification, referred to as Know Your Business (KYB), and Anti Money Laundering practices help address this problem by taking down shell companies registered only on papers.

This blog describes how shell companies are used in money laundering, what role global authorities have played in preventing them, and how it can help enterprises in the long run.

Shell Companies

Global Efforts – Crackdown of Shell Companies

Global regulators and financial authorities have played an active role in the fight against fraudulent companies hiding their identity. In order to combat financial crime through shell companies, some efforts made by law enforcement departments are listed below:

Corporate Transparency Act (CTA) – USA

According to guidelines stated in the Corporate Transparency Act, businesses operating in the United States have to provide FinCEN – Financial Crimes Enforcement Network – with the information regarding the beneficial ownership of their company. This law was introduced in 2019 to prohibit all anonymous shell companies run by criminals for money laundering and illegal proceeds. The Transparency Act defines beneficial owners as someone:

  • Having a 25% or more share in the company’s revenue
  • Is responsible for controlling the business entity
  • Who Receives benefits from the business’ assets

Person with Significant Control (PSC) – UK

Authorities under the UK government define beneficial owners as PSC – a Person with Significant Control. As per the laws, a person is not allowed to run a business if they fail to record details about a company’s PSC during incorporation. Below are identifiers that help identify PSCs, according to the UK:

  • An individual with more than 25% of the company shares
  • A significant authority (more than 25% voting rights) in the company
  • An administrator having the right to appoint and remove executive officials

With the PSC reform in place, companies in the UK need to disclose “beneficial ownership” information which will help identify shell companies helping money mules launder dirty money. The PSC registry, having all the essential company information, stops fraudsters from obscuring their identity behind these illegitimate entities.

Combat Shell Companies with…

Business Verification

Business verification often termed as Know Your Business (KYB) is a corporate due diligence process which a business performs to verify other partner entities. It enables enterprises to devise policies and procedures to detect suspicious activities and prevent money laundering. With KYB checks, corporations can make sure they are conducting business with real and legitimate entities, and not another shell company. 

KYB verification for corporate entities also helps them comply with the CTA, and Anti Money Laundering directives by the EU. By cross-checking against business filings, networks, and financial statements of a company, an automated business verification allows an enterprise to stay AML compliant. 


Risk-based AML Program

Business entities are required to comply with recommendations of the FATF and other global regulations to prevent money laundering. An AML compliance program based on proper risk assessment for customers and partner entities can address the regulatory requirements. These programs help identify the risk associated with shell companies that are frequently involved in financial crime.  

What Should the Program Include?

When it comes to onboarding business associates, a company’s AML program should focus on Ultimate Beneficial Ownership (UBO), nature and amount of transactions and business activities. The compliance officer should connect data points to verify the stakeholders and transactional flow of the company.  

Red Flags

Below are some red flags which a risk-based AML program should consider when verifying corporate entities:

  • Is there any difficulty in obtaining ownership information about the company?
  • Do the company’s transactions align with its business profile?
  • Any payments listed without a proper purpose or date
  • Transactions involving large sums of money with other shell companies
  • The company performs frequent transfers to multiple beneficiaries 

Watch list Screening

Beneficiaries of shell companies are often placed on adverse media lists due to the amount of risk they pose to a business. This can cause a customer’s risk profile to change allowing firms to conduct additional screening of these users. Politically Exposed Persons (PEPs) list includes individuals with a higher AML risk. Ongoing monitoring of PEP status can help enterprises to identify and take down potential financial crime.  

Ongoing Transaction Monitoring

The red flags defined in the AML program can help corporations identify companies offering illicit services. Shell companies often involve unusual transaction patterns which could be detected through a transaction monitoring solution. Ongoing AML monitoring of corporate entities also helps identify high-risk companies which could possibly be involved in money laundering and other cybercrime.    

Address Verification

Verifying a corporation’s address can help businesses find out if it’s a shell company or not. Since these entities only exist on paper and do not have any physical premises or personnel, they are easy to spot. An address verification solution powered by artificial intelligence can quickly check for possible hidden information including addresses and corporation dates to identify ghost entities operating for illicit purposes. 

To Sum It Up …

Although shell companies are not always created with an ill intention, their ability to hide ownership identity makes them suspicious. Fraudsters exploit this aspect to their benefit for cleaning money acquired from illegitimate gains. While regulators across the globe continue to implement Anti Money Laundering laws, corporate entities are faced with compliance obligations. A robust mechanism for AML compliance to verify and monitor business associates can help enterprises achieve the all-important trust in a B2B relationship. 


Japanese FSA to Beef Up AML Systems from Fiscal 2021

Growth in South Asia has far exceeded that in any other country over the past few years and digitisation has been the major contributor to this growth. However, criminal actions have significantly increased too and unfortunately, Japan has been the major target. Banks and other financial institutions are the primary target of fraudsters for crimes like money laundering and terrorist financing. According to UNODC, two to five per cent of the global GDP is laundered every year. Over time, Japan has become a major contributor to this number due to the rapid digitisation and adoption of cryptocurrencies, e-wallets and online payments systems. This means better AML compliance in Japan is the utmost need of the hour. Now, the Financial Service Agency (FSA) in Japan has rolled out new and enhanced AML systems which will be in action in FY 2021. 

First things first. Take a look at what the laws have to say about ML/TF in Japan and what the new AML compliance program in Japan holds for banks and financial institutions. 

Risk-Based Approach for AML and CFT in Japan

Money laundering is completed in three stages and the complexity of identifying the origin of black money increases in every stage. The documentation for the risk-based approach in Japan reveals that banks and other financial institutions must take necessary steps to identify potential money laundering and terrorist financing activities. Furthermore, entities in the finance sector must implement effective measures to confront these activities. 


Given the rise in fincrime in Japan, the Financial Service Agency (FSA) has structured guidelines to identify, assess and mitigate the risk of ML/TF. Certain actions have made compulsory while some are suggested to keep the businesses in this sector secure. Let’s take a look at the required actions for risk identification and mitigation. 

Required Actions for Identifying Risk 

According to the FSA, the following actions are required by financial institutions for identifying ML/TF risks:

  • Evaluate the risks involved in products or services offered, type of transactions, countries, customer attributes, geographic areas of transactions, and any other relevant factors associated. 
  • During the comprehensive evaluation, consider outcomes from national risk assessment and simultaneously take geographic attributes of the business region, environment, etc. under consideration.
  • Risk assessment measures must not overlook the direct and indirect relationship between transactions, and high-risk countries and territories defined by FATF.
  • Evaluate the ML/TF risks before offering any new products or services. Moreover, transactions conducted with advanced technology shall be assessed as well. 
Key Findings

Risk Mitigation Measures for FIs in Japan

Under the risk-based approach, all financial institutions must verify the identities of customers and in case any risk is identified, effective measures must be taken to mitigate the risks. 

Customer Due Diligence (CDD) is a mandatory process that can not be overlooked. In case a bank or FI encounters a high-risk customer, Enhanced Due Diligence (EDD) checks must be performed before onboarding them. On the other hand, if low risks are identified with a customer, Simplified Due Diligence (SDD) would suffice. 

Suggested: High-Risk Transactions – How Can Enhanced Due Diligence (EDD) Help? 

Digital World and the New AML System in Japan 

The advent of technology has brought numerous conveniences and streamlined business operations. Enhanced technology is now being used for developing solutions that commensurate with the ever-growing fraudulent activities. Since criminals have become highly sophisticated in their job, financial institutions must develop better methodologies to fight them. The exact reason has encouraged regulatory authorities in Japan to structure a new AML system that uses man-made brainpower to identify, assess and mitigate the risk of money laundering and terrorist financing. The bigger question is, will financial institutions in Japan be able to follow the new system proficiently? 

Shufti Pro’s Ongoing AML for Better Compliance 

The above question leaves everyone in ambiguity because digital advancements in the KYC/AML systems requires a lot of skilled people who know everything about technology along with sound knowledge of the AML compliance program in Japan. The requirements sound pretty easy but when it comes to execution, authorities might face several surprises and obstacles. A better alternative is to employ existing AI-driven AML systems developed by companies who know all about the regulations and have the capacity to satisfy the emerging requirements. 


Shufti Pro’s ongoing AML system is an all-in-one solution that all companies in the Japanese finance sector can utilize. Regular monitoring of customers can help financial institutions in ensuring that they are not involved in any fraudulent activities. Optimise customer onboarding process, develop comprehensive risk profiles of end-users and prevent frauds.

Summing It Up…

Japan is taking all necessary steps to combat fincrime in the country. For the same reason, the FSA in Japan has put forward a new AML system. The initiative will employ artificial intelligence models to ensure higher levels of accuracy and better compliance with the guidelines suggested by FSA. The new system requires highly advanced technology that can screen all business prospects in the least possible time and the results are reliable too. However, developing such a product that can perform various risk assessment processes is not easy. So, an ongoing AML process that deploys thousands of artificial intelligence models can help. Fortunately, Shufti Pro offers this solution and all the financial entities can benefit from it. 

To know more about our Anti-Money Laundering compliance solution, get in touch with our experts. 

Facial Recognition

Facial Recognition in UAE to Protect Private and Government Sector

Continuous developments in the world of technology have led to many innovative solutions like facial recognition to protect different sectors in the world. Lately, there have been many reports indicating the rise in biometric frauds, and the UAE is no exception here. The digital revolution in the region has not only opened gates for domestic growth, but the rate of criminal activities is expected to increase too. Although the rate of biometric fraud was comparatively lower in UAE last year, predictions for 2021 are not very satisfying. New types of frauds are expected to emerge and dodging facial recognition is the new motive for cybercriminals. According to Shufti Pro’s Global Identity Fraud Report 2020, the global identity fraud rate increased by 3.36% and some new biometric fraud attempts were reported too.

Shufti Pro’s Global Identity

Given the rapid adoption of facial recognition technology in the UAE, it might give birth to various digital scams if not adopted wisely.

Digital Revolution in UAE and Facial Recognition

The digital revolution in the UAE and the Gulf region has increased opportunities for domestic growth. From FinTech to the retail sector, almost every industry is all set to enjoy digitisation. The process was slow but the pandemic has accelerated growth. Now, there’s news about the surprising turn of events in these two regions of the world. Diversification in businesses is essential, otherwise, it might lose any chances of growth in the future. 

One of these digital advancements includes the use of AI-driven facial recognition in various sectors for increasing the security of the private and government division. Not all, but many areas in UAE will be soon implementing facial verification systems for protecting people.

Sectors where Facial Recognition will be Employed

Here’s a list of some industries that have been touched by facial recognition according to The Gulf News.

Banking and Finance

The banking and finance sector has been using face recognition systems for a very long time now. UAE was far behind in technological advancements, but now, it has recognized the benefits of facial authentication. The finance industry will be the first of all sectors to use this technology for enhanced security and transaction monitoring. 

Suggested: Know your transactions (KYT) boosts your KYC efforts 


Healthcare fraud is on the rise this year and without any verification protocols, things will get out of hand. According to the National News UAE, Dh3.67bn has been lost in identity fraud by patients. Given the digital revolution in the state, the probability of such frauds is likely to increase this year. This ultimately leads healthcare professionals to verify identities to combat fraud. 

Retail Sector 

For a more personalised and remarkable experience for the customers, the retail sector is also wondering about adding a facial recognition system. Due to the convenience brought by technology, customers can just scan their face for bill payments. Likewise, the retail staff can provide better services to their existing customers, thus increasing the chances of turning existing customers into loyal ones. 

Onsite Infographics-01

Security Department

Catching wanted criminals is becoming a tough challenge these days. For the same reason, the government has decided to use AI-based facial recognition in public transports. This will help them in arresting criminals on time. This will help them in securing the general public and preventing fraudsters from causing any trouble in the future. 

Border Controls 

Terrorist activities in different regions of the world have significantly increased over time. Human trafficking and other criminals activities are some of the major concerns but facial recognition for border controls can help the authorities in combating these challenges.    

Airport Clearance 

Ensuring that legitimate people are allowed to travel requires enhanced identity verification protocols. With face verification, none of the criminals can use forged, fake or stolen identities that means enhanced security in the state.

Identity Verification with Facial Recognition

Verifying identities is an obligation for the majority of the sectors. Certain recommendations from FATF and laws from regulatory authorities make compliance mandatory. For better compliance, robust identity verification checks are important and face verification software makes the process error-free. 

Challenges that UAE Authorities are Encountering 

As easy as it sounds, adding advanced technology in every area is not a piece of cake. There are several obstacles that have to be tackled for seamless integration, and authorities in the UAE are also facing some challenges. Let’s take a look at the major ones. 

Trust Issues 

Law enforcement agencies believe that facial recognition is far from perfect and not fully reliable for use. According to the raised concerns, face verification is biased and may not be able to identify different ethnicities. This is debatable though. If the UAE authorities use AI-powered face verification solutions, the chances of bias reduce. AI-based face verification solutions trained using real data are reliable and can deliver highly accurate results.

Increase in Cybercrime 

As said earlier, digitisation is not only helping for growth and advancement but it is also welcoming cybercrime into the region. Identity theft, account takeover fraud, synthetic identity fraud, and more fraudulent activities are likely to increase to dodge facial recognition. This concern, however, is argumentative because AI-based face recognition software is robust enough to identify almost any kind of criminal activity. 

Shufti Pro’s AI-Powered Facial Recognition System

Onsite Infographics-02

AI-driven facial recognition systems by Shufti Pro can help any sector in the UAE to combat crime or ensure the security of enterprises. The system requires a few seconds and guarantees 98.67% accurate verification results. From identity verification to compliance with the rigid KYC/AML laws, Shufti Pro’s facial recognition system can help you in achieving all the goals. 

The three-step facial recognition system has the following process:

  1. Clients enrol users with the help of face verification
  2. Registered customers login with a selfie. No other protocols needed. 
  3. Ongoing transaction authentication with KYC 

The system performs liveness detection checks, anti-spoof checks, facial authentication, and identity proofing measures to make sure fraudsters haven’t used any of their ill techniques to fool the system. Being GDPR compliant, Shufti Pro ensures data security and can help concerned authorities in tackling the aforementioned challenges. 

To Sum Up…

In a nutshell, UAE’s digital transformation has led to the adoption of an AI-powered facial recognition system to protect the private and government sector. Digitisation will not only lead to growth but criminal activities will experience a significant increase too. Retail, finance, security, airport clearance, and public transport are some of the areas where facial recognition will be employed. Apart from them, customer due diligence (CDD) measures will be utilizing facial recognition software as well for more accurate results. 

Eager to know more about AI-based face recognition systems in UAE? Talk to our experts and get all the information you need.

video kyc

Video KYC – Answer to Digital Revolution in the Gulf Region & UAE

The digital revolution in the Gulf region and UAE has been a hot topic these days. The economic developments in these regions are taking the digital turn. Artificial intelligence, financial technology and tech-based businesses are becoming popular in these regions. The idea is to diversify businesses in GCC countries and UAE from oil and gas to more advanced and sustainable economies. However, the rapid digitisation in these countries has led to the development of a legislative framework to control its success. The digital revolution as a lucrative source of domestic growth is not at all surprising for anyone. The internet penetration rate in the regions has exceeded 73% that has outpaced the global average of 50.8%. Furthermore, the e-commerce market accounted for 14.1% of sales globally. Analysts are predicting it to reach 22% by the end of 2023. 

It is fascinating to know about the big digital revolution but unfortunately, this is bringing a lot of challenges as well. Thankfully, Shufti Pro’s video KYC is an answer to all the emerging challenges in the Gulf region and UAE. 

Keep reading to find out what these challenges are and how we can help you. 


Pandemic Accelerated Digitisation 

Due to the coronavirus outbreak, every corner of the world has taken the virtual road. UAE and GCC countries were already adopting digitisation but the pandemic accelerated the trend. Entertainment streaming, online sales, virtual meetings and conferences are just a few to name. This pandemic-driven digitisation has brought several new trends in the region but the challenges associated with digitisation have increased too. 

Challenges in the Digital Revolution is the Gulf Region & UAE

Revolutionising the way businesses operate in these two regions is not a piece of cake. As easy as it sounds, numerous challenges are lined up and the GCC countries need an all-in-one solution to combat them.  

Increased Probability of Frauds 

Digital advancements in these regions are also opening gates for fraudsters. They have another area of the world to target and the rate of cybercrime is expected to increase. News revealed that UAE is the third most potential target for cybercriminals. Now that digitisation is at its peak, it is not wrong to say that fraud rates will increase and identity frauds will be repeatedly reported in 2021. 

Suggested: Global Identity Fraud Report 2020

KYC/AML Compliance in the GCC Countries 

All companies in the UAE and the Gulf region will employ digital solutions; therefore, identity verification will become compulsory for businesses. KYC and AML compliance has been defined and the Middle East being the member of FATF has certain obligations too. 

As per FATF recommendations, countries have to identify risks of financial crime and draft policies and procedures accordingly. Financial institutions have to design risk prevention methods to avoid any financial crimes like money laundering and terrorist financing. Customer due diligence, record-keeping, transaction monitoring, and AML screening are included in risk preventive measures. 

The rise in digital business operations requires all enterprises in the regions to verify the identities of all the customers before onboarding them. Digitisation is all set to bring convenience in the gulf region but it will also give fraudsters a chance to manipulate business entities. 


Lack of Skilled People for IDV Solutions

Since identity verification is mandatory for all the businesses, especially in the digital world, it requires trained and skilled people for performing such verifications. But why should any company opt for manual methods while digitising? Lack of skilled people may be a challenge but digital KYC solutions can help in fully adopting digitisation. 

How Can GCC Countries & UAE Overcome These Challenges?

Video interview KYC is an all-in-one solution that can help businesses in combating all the aforementioned challenges. Video KYC is a digital ID verification solution that requires remote registration from the end-user. The KYC expert gets in touch with the individual on a live video call and performs identity verification through a live interview. Moreover, the solution incorporates artificial intelligence that confirms the identity of the user through automated document verification checks, that too during the video call. 

Read more: Video KYC – Understanding the ‘what’ and ‘how’ [A short guide] 

Summing It Up

It all narrows down to one point that rapid digitisation in the Gulf region and UAE are bringing a revolution in the states. Furthermore, the COVID-19 outbreak has led to adopting digital solutions for businesses. However, the rate of criminal activities is likely to increase due to rapid digitisation. The advanced technology is not only helping businesses but fraudsters are all set to target businesses for their illegal gains. The digital revolution requires an advanced solution based on AI that can verify identities in minutes and the accuracy level is high too. 

Shufti Pro’s video KYC is an all-in-one solution that verifies identities in a few minutes and the remote verification has highly accurate results too. 



Covid Test Verification To Facilitate Tourism Worldwide

Due to the coronavirus pandemic, tourism has been adversely affected and the entire travel sector is now facing challenges. New travel restrictions have been imposed according to which airports have to perform COVID test verification before onboarding any passenger. The COVID test must be from specified laboratories and not older than the timeframe defined by the state. This is not just a restriction for departures but the new travel restriction is for arrivals too. Why did this happen? Well, news from resources reveals that new variants of the virus were identified in different states and these variants are more lethal to humans than the parent virus. Therefore, travel was initially banned but later, this new rule was imposed. Considering these rules, Shufti Pro has introduced Digital COVID Pass for automated Covid test verification. Let’s take a look at the ‘what’ and ‘how’ of Digital COVID Pass. 


Significance of Digital COVID Pass

Digital COVID Pass has been designed to perform COVID test verification without any human intervention. Take a look at some of the amazing benefits of digital COVID test verification. 

No Integration or Installation

First and foremost, you do not have to install any API or software for Digital COVID Pass. It is a simple yet unique solution that uses thousands of AI models to extract information from the COVID test and verify if the reports are acceptable or not. In the blink of an eye, you can validate Covid report and that too without any integration or installation. 

Real-Time Verification

Within seconds, you are verifying reports, providing passengers with a state-of-the-art experience and ensuring safety too. Furthermore, we maintain our traditional accuracy level i.e. 98.67%. All in all, you are not just digitally verifying reports, you are adding automation along with the highest level of accuracy. 

Error-free COVID Test Verification

Manual methods need human attention which is prone to errors. Extracting information from the Covid test and validating it consumes a lot of time and effort. To avoid any errors, automated COVID test verification is what can help. From data extraction to verifying it against data from laboratories, automation will make the entire process free from errors. 

Digital COVID Pass – The Process

Shufti Pro’s Digital COVID Pass is based upon enhanced AI models. These models can extract data from codes given in the report and the documents are verified for forgery or any other issue. Then, the extracted data is cross-checked with the information provided by the specified lab. We also ensure that the report is not older than the defined time and from labs that are authorised by governments.. 

Digital Covid

Who Needs Digital COVID Pass?

This began with the new travel restriction, but COVID test verification is now mandatory for the majority of industries. Keep reading to find out the sectors that need Covid test verification and how Digital COVID Pass can help in facilitating tourism across the globe. 


Airports top the list and all states have been guided to perform Covid test verification for all the passengers. Be it arrivals or departures, all the passengers have to submit a negative COVID test report. However, fake Covid tests are increasing hassles for airport authorities. Ultimately, an automated solution like Digital COVID Pass is the need of the hour. 


Next is arenas – highly crowded places where the virus can easily spread. So, arenas must make sure that all people in the place are healthy. With manual COVID test verification, it seems like a tough job because anyone with a few symptoms can show forged reports for the sake of enjoyment. Tourists love to visit such places and what could be the result if their reports are not verified or wrongly verified? Digital COVID Pass, on the other hand, will never let you down. The state-of-the-art service will ensure all Covid negative people enter the place. 


Travelling for official purposes is allowed in almost every state; therefore, the need for Covid test verification at conferences becomes essential. A better option for conferences is to install touchless kiosks at security checkpoints. The touchless method will help in avoiding physical contact, verifying identities, and Covid test verification will be a bonus. 

Suggested: Securing Public Facilities with Touchless ID Verification Kiosks 


Malls are an all-in-one place for people. They can shop and enjoy at the same time but due to the coronavirus outbreak, people have to stay at home. With the help of Covid test verification, malls can ensure safety and health of all the visitors. What could be better than having an automated solution for the purpose? 

Large-Scale Events

Apart from the tourism perspective, large-scale events like The Olympics also have to ensure that anyone who is attending the event is Covid-free. Manually achieving the goal demands time and a lot of effort. The cumbersome process can increase the drop-off rate as well. Fortunately, you have Digital COVID Pass to save the day. 

Summing It Up

In a nutshell, Covid test verification is the need of the hour and all the public facilities, especially the travel and tourism sector have been strictly guided to perform Covid test verification. Other than the travel industry, arenas, conferences, malls, large-scale events, and other public places have to verify COVID tests. Currently, all the authorities are using manual COVID test verification methods, but that is not an efficient choice. Shufti Pro’s Digital COVID Pass is an AI-powered solution that can validate Covid tests in no time and guarantees highest levels of accuracy too. 

Talk to our experts and know more about Digital COVID Pass. 


Crypto 2021: The Rapidly Emerging Context of Virtual Currencies

Cryptocurrency is in the limelight since the advent of Bitcoin in 2009. Investors like Tesla Inc. are constantly driving the virtual currency to new heights after it announced a purchase of $1.5 billion worth of crypto coins last month. Many people are tapping into the market because of Bitcoin’s ability to generate a greater return on investments. While it is turning heads everywhere, new restrictions to regulate the use of digital assets remains a trending topic. The idea behind the new restrictions is to prevent money laundering and other related cybercrime through cryptocurrency.      

Why is Cryptocurrency so Popular?

In the current COVID-struck era, cashless payments have become inevitable which makes virtual currencies even more popular. In 2017, the crypto market saw substantial growth when the price of bitcoin capped a staggering $19,000. The reason behind this enormous increase is it’s constantly increasing popularity among consumers and companies alike. 

Cryptocurrency is extremely volatile because investors are always speculating stock values. This makes popular currencies like bitcoin grow substantially as investors bet the price of virtual assets, resulting in a surge or potential downfall. By the end of May 2020, the total revenue generated by the market was almost $265.545 billion. Today, there exist 2000+ types of cryptocurrencies with more being developed each day. 

Bitcoin Soars Sky-high after Tesla Investment

Recently, the electric cars manufacturing company, Tesla, invested a good sum in Bitcoin assets. The virtual currency’s value grew up to $48,000 after it increased at a steady rate of 7.9%. In a statement, Tesla also announced to accept Bitcoin payments for purchasing their cars, empowering the virtual currency to a great extent. Since bitcoin is quite volatile in nature, it still remains a challenge for people to think about its short-term value to greater investment. 

buy crypto

Regulatory Changes in Crypto

The cryptocurrency, because of its anonymous nature, is a channel for money launderers to carry out their illicit motives. Due to the same reason, financial authorities around the globe are concerned about regulating the services offered by Virtual Asset Service Providers (VASPs). Although FATF’s Travel Rule and the 5AMLD by the European Union list guidelines on moderating digital currencies, countries need to come with their own laws to ensure transparency in virtual asset exchanges.    

The Digital Currency Bill 2021

The Indian government will introduce a bill to regulate the use of cryptocurrency and other digital assets in its ongoing budget session this year. The bill aims at restricting the use of all privately owned virtual currency assets issued by third-party service providers. This step is taken to address the inadequacy in maintaining assets of customers and providing them with the level of transparency they need. 

However, to fill the gap, India is introducing its own central bank digital assets so that the market for digital assets doesn’t eventually die. This will allow the state government to keep a check on digital currencies and their cash flow to prevent money laundering.  

cryptocurrency bill

Singapore’s Bill on Cryptocurrency 

The government of Singapore has introduced an update on its Payment Services Act which came out in 2020. The new changes suggest that organizations and service providers of cryptocurrencies would have to acquire a licence to carry out their operations. The set of expanded rules by the Monetary Authority of Singapore (MAS) is applicable to virtual payment providers operating within the state or from other countries. 

  • The bill aims at protecting service providers of Digital Payment Tokens (DPTs) who are exploited by money launderers to hide their funds.
  • The Monetary Authority of Singapore can now regulate entities and service providers offering cryptocurrency exchanges.

What’s the Future of Virtual Currency?

Cryptocurrency’s ability to drive investor’s appetite will continue to expand as long as it keeps offering exponential returns. After Elon Musk approved the Bitcoin for purchasing Tesla, its value grew multi-fold. The volatility offered by Bitcoin and other virtual currencies creates a sense of excitement and threat at the same time.

Fraudsters use crypto platforms as a safe haven to hide their identity and carry out illicit money laundering. More than $4 billion were lost in cryptocurrency scams in 2019, and the situation has become even worse in recent years. To address this problem, countries have come up with their own official virtual currencies. But meeting the global AML obligations still remains a challenge in peer-to-peer exchanges.

Digital currency service providers can follow KYC compliance practices during customer onboarding to acquire the necessary information needed to verify them. This could not only allow third-party VASPs to continue offering their services with confidence but also make virtual currencies a safe bet.  

Get in touch with our experts to know more about AML compliance.

Complete Guide

KYC | Complete Guide to KYC Compliance & KYC Regulations 2021

Introduction to KYC or Know your customer

Know your customer or KYC history dates back to 2001 in the USA as a part of the Patriot Act in the wake of 9/11. Before the 2000s, KYC practices were directed at preventing money laundering but after 9/11 everything changed. Furthermore, everyday companies are exposed to operational, legal, and reputational risks due to online scams and frauds, consequential losses of which are beyond comparison. Therefore, regulatory authorities developed KYC or Know your customer processes to avoid frauds and the practices of money laundering.

Financial institutions usually perform KYC processes before opening customer accounts. Money laundering is becoming increasingly widespread, bad actors are always finding more innovative ways to disguise and conceal their illegal sources of money. Illegal sources may include and are not limited to drug trafficking, terrorist financing, tax evasion, corruption, smuggling, etc. Therefore Know Your customer procedures are readily accepted by businesses across the globe as a measure towards customer identification and anti-money laundering. The guidelines are issued by regulatory authorities unique to every country, territory, and/or jurisdiction.

What is KYC compliance?

KYC compliance is important for financial institutions to ensure the identity of their customers. So when onboarding new customers let’s say for example for bank account opening. KYC checks for customer identification and verification are performed to meet KYC compliance. Banks hold the rights to refuse customer’s requests for account opening, in case their KYC verification fails or shows negative results. KYC compliance has a significant role in today’s changing financial landscape to combat against the crimes of money laundering and terrorist financing.

As the world is digitizing at a rapid pace, manual KYC checks are making it difficult for financial companies to meet KYC compliance, since manual KYC checks are becoming challenging when it comes to securing customer and business interest through accurate KYC verification.

Therefore. Online KYC verification is taking a turn for the better and for effectively meeting global compliance and regulations.

How can KYC protect global businesses?

Knowing your customer is considered important because it tells you about the customers you are doing business with. It allows the financial sector to carry out extensive customer due diligence to verify their identities to prevent identity theft, money laundering, and fraud. Know your customer compliance protects businesses against unanticipated reputational damages due to external breaches from sneaking into systems. The regulations of money laundering and terrorist financing are becoming stricter by the day in a lot of countries around the world.

Robust KYC verification processes perform a thorough analysis of entities undergoing identification including anyone wishing to connect with a business in any way or form. An in-depth customer due diligence is performed for identification, screening against blacklists to identify money laundering suspicions, checking UBOs (ultimate beneficial owners) in case of KYB (Know your business), collecting customer information, and checking against PEP’s (Politically exposed persons) global lists for additional security.

Since online KYC verification assesses the risk level associated with every individual, individuals with high levels of risks go through additional identity checks such as checking against adverse media and extensive corporate analysis for risk profiling. Risk profiles are continuously updated due to the changing security landscape. Following ‘Know your customer’ regulations are obligatory for financial institutions around the globe. Regulatory authorities have placed penalties in case of not following the set of rules and regulations pertaining specifically to ‘know your customer’ and Anti-money laundering norms. Yet, companies every year pay billions of dollars in penalties because they fail to comply with KYC and AML compliance checks, and that are just monetary damages, minus the reputational damages to corporations.

Why KYC important

Benefits of performing automated KYC processes

KYC processes ensure transactional transparency between customers and financial institutions. Some of the most important benefits of performing KYC processes are as follows:

  • ‘Know your customer’ processes establish institutional credibility among customers and across industries
  • On one side it protects customer’s sensitive data from going into the wrong hands, and on the other side, it saves businesses from facing reputational and legal damages due to breaches and cases of identity theft
  • Keeps investor’s interest secure at all costs
  • As mentioned earlier, the main focus of KYC is to prevent financial crimes such as money laundering, tax evasion, corruption, and terrorist financing
  • Preventing fraudsters from conducting fraudulent ICOs is also one of the KYC benefits
  • Manual KYC costs are pretty high, automating know your customer procedures using identity verification solutions is a step in the right direction
  • Replacing manual ‘Know your customer’ with online KYC verification is time and cost-effective
  • Automation and digitization is reducing manual labor, consequently eliminating errors
  • Helping companies stay compliant with the rapidly changing and expanding regulation landscape
  • KYC procedures for swifter customer onboarding
  • Automated KYC can help with frictionless verification processes regardless of geographical boundaries

Components of KYC

There are three main types of customer due diligence or KYC processes, which are performed based on the level of risks associated with every individual. Say for example an individual exposed to PEPs may require an in-depth screening as compared to normal account holders with minimum levels of transactions.

Simplified Customer Due Diligence or CDD

Know your Customer checks are performed on initial customer onboarding stages. It usually assesses the potential risks posed by customers. This level of due diligence does not require an in-depth screening. It is a basic process because individuals are not categorised as high or medium risk profiles.

Standard Due Diligence or SDD

Standard Due Diligence SDD is carried out in the case of public authorities or famous entities. These are categorised as low or medium risk customers. Every country and jurisdiction has its own set of standards, outlining when to perform standard due diligence procedures.

What is Enhanced Due Diligence or EDD

Unlike customer due diligence and standard due diligence, high-risk individuals go through extensive screening to check the involvement in money laundering, terrorist financing, and corruption. Business ultimate beneficial owners are identified, along with sources of income, and screened against PEPs and global sanction lists to eliminate risks of financial crimes.

Apart from that, additional background checks are also performed, as needed. Enhanced due diligence also exposes the nature of the business and the purpose of bigger transactions through ‘know your customer’ remediation. Due diligence is an important step that companies take to get rid of risk by performing extra checks in return keeping businesses safe from bad actors and money laundering activities.

Global Industries using KYC services

KYC procedures are empowering businesses to fulfill their AML compliance and eliminate fraud across industries. It also offers frictionless customer experience during customer onboarding as they are performed thoroughly by KYC experts.

Use cases of KYC

What is KYC in Banking?

This is one of the most significant use cases of KYC. Financial institutions that provide account opening services rely greatly on digital KYC in banking services to obstruct financial crimes such as money laundering and identity theft. Also, in the case of remote payments robust ‘know your customer’ procedures help with customer identification and verification to ensure the authenticity of individuals sending and receiving the money. Through KYC, customers have to prove their identity either through document verification or live video KYC, which proves to be an efficient process for fraud prevention.

Not just banks, insurance companies also rely on KYC solutions as they offer online registration to prospective policyholders. ‘Know your customer’ processes for insurance companies allows them to know that the customers undergoing insurance are authentic and are who they say they are. Then there are brokerage firms, mortgage companies, and various loan companies that use KYC solutions for adding an additional layer of security to their revenues and operations.

You may be interested in Video KYC – Ultimate Solution for Financial Institutions

KYC For Gaming and Gambling Industry

The online gambling industry is rapidly growing and is expected to reach over $94 billion U.S. dollars by the year 2024. One of the reasons for this unanticipated growth is uninterrupted digitization. This continual digitization is bringing convenience to businesses and customers alike.

Over 4.4 billion people around the globe use the internet for interacting with the online world in one way or the other. Online gambling and gaming industries are mandated to verify the identity of their customers including age verification and address verification for risk profiling. The whole idea of KYC for online gambling and gaming sites is to prevent it from bad actors including frauds and restricting minors from approaching age-restricted platforms or items. It provides a secure player environment, builds trust among customers, and helps online companies to stay compliant, eliminating non-compliance fines.

KYC in Gaming Industry

KYC For Travel Industry

The travel industry has seen remarkable changes due to technological advancements. Technology is making things easier for global industries including travel. Travel agencies now improve their customer experience through powerful KYC and AML practices. Since technology has maximized the risk of online frauds, ‘know your customer’ for identity verification is eliminating these risks to a greater extent.

Over the course of a few years, the travel industry is a favorite sector for cybercriminals to target. In 2018, a travel booking site Orbitz lost sensitive customer data including credit card details to a security breach. These stolen payment details are then used for identity theft and sold on the black market, bought by other cybercriminals, used for the purpose of account takeovers. Therefore, KYC for identity verification including biometric technology can prevent these crimes from happening.

KYC For Travel Industry

KYC For Crypto Exchanges

The technology is also revolutionising the crypto industry. Cryptocurrencies like Bitcoin are easily available for people to buy from crypto exchanges. But various financial crimes such as money laundering are being actively carried out through cryptocurrency due to its complex infrastructures as it makes the sources untraceable. According to financial crime reports, around $2 trillion is laundered every year.

Therefore, the need for KYC verification continues to grow along with the growth of the crypto industry. Virtual currencies have always seemed to be involved in some kind of scandals so, for the cryptocurrency industry to work, KYC crypto for customer identity verification is stressed upon by regulatory authorities to eliminate not only money laundering but fraudulent ICOs from taking place.

Other use cases of KYC are and not limited to:

What is eKYC?

Now that more and more businesses have evolved to a digital platform, simple KYC is evolving into electronic KYC thus forming e-KYC. Financial institutions or otherwise are required to identify and authenticate their customers to avoid any risks posed by false identities. When their customers lack any real identification, or when they are not authenticated, makes it difficult for businesses to execute due diligence accordingly.

The reason why a lot of companies are moving towards e-KYC for convenient onboarding processes and in return profitable customers. As online transactions increase due to the ever-increasing presence of online businesses, it has become crucial to assure the legality of online customers. This is where e-KYC comes in, it allows companies to verify an individual’s identity through digital verification mechanisms.

Document verification

Includes the verification of government-issued KYC documents identity cards, passports, or even health insurance. Financial institutions can refer to these assets when verifying the identity of prospective customers.

Video verification

One of the ways to prevent online frauds and possible impersonations during e-KYC is to perform video verification. India is considered as one of the first countries to embrace video identification. Video KYC is a face to face communication process through a live video with a compliance specialist for customer identification. It is not only a verification process but helps companies reduce the high costs of physically visiting the customers or vice versa. Video verification is basically an online version of the traditional one-on-one meetings.

Facial recognition and liveness detection

Many financial institutions make use of biometric authentication and liveness detection for fraud prevention. In facial recognition, the face of the person is matched against one or more faces to ascertain the existence of the match, to begin with. This technology is growingly becoming a part of everyday life. On the other hand, liveness detection is the technology that recognizes whether the face in front of the camera belongs to the person it was supposed to in order to avert face spoofing or identity theft. It ensures the remote presence of the users at the time of verification through micro-expression analysis and 3D-depth perception in order to combat face spoof attacks.

What is Mobile KYC?

Now that we know what is KYC, and enhanced KYC. It’s time to discuss Mobile KYC. Mobile KYC allows businesses and customers to authenticate identities using smartphones. Everyone owns a smartphone these days, the features of having a front camera and 4G internet connection makes the whole verification experience smoother. Mobile KYC services increase customer outreach with more credibility. It is revolutionizing the banking sector and eCommerce sector. In this day and age, everyone is buying and selling stuff straight from their mobile phones, therefore, identity verification through mobile for customer authentication is an effective way forward.

The ease of the digital world brings with it various online crimes thus identifying customers with just a few clicks is convenient and advantageous. In today’s digitized world, customers are carrying out their banking operations including transactions using their mobile devices. Regulations around the globe are changing due to technological advances, financial institutions are bound to follow the guidelines for AML, and are required to follow ‘Know your customer’ checks for remote customer identification. The reason why mobile KYC is coming in handy for banks to authentic transactions, and account opening.

KYC onboarding process

Oftentimes, onboarding new customers can be complex for global industries. But identity verification and verifying their transaction history and patterns is important in order to comply with Anti-money laundering regulations and customer due diligence. Having said that, KYC checks for customer verification are not only limited to early onboarding stages but also performed after regular intervals for remediation purposes. Since the KYC process is becoming intense, companies are spending a thousand dollars on manual ‘Know your customer’ processes which are inaccurate, inefficient, and expensive. Therefore, automated KYC onboarding is gaining attention. The following steps are included in the customer KYC onboarding process:

  1. Customer Identification Program

    The first step involved in the KYC onboarding process is the customer identification program, here personal information of the client is collected.

  2. End-User Submits Government-Issued Document(s)

    After the user has filled in the form with his or her personal information, the next step is to upload their identity document for verification purposes

  3. Data Extraction Using OCR

    After uploading the required document, the data on the ID document is extracted using OCR technology for processing and verification.

  4. AML Screening

    AML screening is performed to identify high-risk entities and which as a result prevents them from entering the system.

  5. Transaction Monitoring

    Ongoing financial transaction monitoring is done to identify suspicious transactions and patterns of money flow.

Know Your Customer onboarding process

What is the importance of kyc process

Performing effective KYC checks reduces the threats of identity theft, financial crimes such as money laundering, corruption, tax evasion, and terrorism financing. Complete risk assessment helps in understanding clients, their behaviors, and transaction patterns. The KYC verification process collects customer information to verify their identity which consequently stops crimes from taking place in the future. KYC verification processes in financial institutions ensure that their customers are not involved in money laundering related crimes.

KYC process steps include Customer Identification, due diligence, and enhanced customer due diligence; helping the financial sector to avoid severe reputational damages and hefty financial charges imposed by regulators for non-compliance. For the banking sector, it is extremely important to perform an in-depth background screening to mitigate fraudulent activities.

  • Fraudulent activities are minimized by thoroughly following ‘know your customer’ regulations
  • Institutions can collect sufficient proof of individual identity for verification
  • Financial organizations can ensure that their services are not abused in any way through identity theft
  • Prevents money laundering, and other monetary fraudulent transactions

KYC regulations around the world

Every jurisdiction has its own laws to comply with since they have their government-issued identity cards, driver license, passports, credit/ debit cards, and utility bills. Industries such as financial, online gaming, and gambling sites have greater KYC regulations and AML compliance obligations and may have their own devoted regulatory authorities for that matter. Countries use governmental agencies to oversee compliance regulations. For example, Portugal uses three separate regulatory authorities for its banking, securities, and gaming sector.

The Financial Action Task Force (FATF)

FATF is a global intergovernmental organization committed to fighting against money laundering and terrorist financing crimes. It has 36 member states spread across its jurisdictions. FATF has been putting forth the global standards for anti-money laundering compliance by monitoring customers under AML and CTF guidance. FATF has made it mandatory for financial institutions to perform thorough ‘know your customer’ procedures, risk assessment, screening against global sanctions, and due diligence processes before onboarding customers and businesses. 

You may be interested in: 40 recommendations of FATF – Shaping the future of your business

Some major KYC regulations:

  • The European Union’s Anti-Money Laundering Directives – 5AMLD and 6AMLD
  • The Financial Conduct Authority (FCA) in the UK
  • The Bank secrecy act in the USA
  • Hong Kong Monetary Authority (HKMA) and the Monetary Authority of Singapore (MAS) for Asia
  • AUSTRAC in Australia

KYC Regulations in the US

Financial Crime Enforcement Network (FinCEN) has proposed a regulatory framework and according to the law, 

  • KYC checks are mandatory for customer onboarding 
  • Customers should be given a risk rating 
  • EDD must be performed for high-risk customers
  • Non-compliacne will result in hefty penalties 

KYC Regulations in the UK

After Brexit, the United Kingdom is following the Sanctions and Money Laundering Act of 2018. As per the law, the UK will follow the United Nations sanctions to meet international policy objectives and national security. All enterprises are guided to maintain updated anti-money laundering and counter terrorist financing (AML/CFT) measures. Lastly, the Act of 2018 has suggested the entities to perform due diligence checks on all the entities to maintain domestic security and comply with the international security standards. 

Recommended: A Comprehensive Guide to AML and KYC Compliance in the UK

KYC Regulations in the EU

The European Union will be complying with the sixth anti-money laundering directive (6AMLD). Here are the key points of 6AMLD:

  • 22 predicate offences have been described in the directive 
  • The directive has reduced transaction threshold for all the EU states
  • Three points have been discussed to consider aggression
  • Economic sanctions have increased up to 5 million
  • 6AMLD focuses on the RegTech companies

KYC Regulations in Australia 

The Australian Transactions Reports and Analysis Center (AUSTRAC) has also amended the KYC/AML regulations when the pandemic struck the world. It has provided alternatives to ensure better compliance with the identity verification protocols suggested. According to AUSTRAC, electronic copies of government-issued ID documents can be used and alternative proof of identity can be used for verification. In case any of the aforementioned alternatives do not work, video KYC must be performed for identity verification. 

KYC and AML Compliance Checklist

Collecting customer personal information through the customer identification program (CIP) is an important part of KYC checklists:

  • The full legal name of the customer
  • Customer’s digital photo to match with the ID document
  • Scanned ID documents such as identity cards, passports, and others
  • POA or proof of address from the utility bills, or bank statements
  • Ultimate beneficial owners (where needed) along with other identities checks
  • Screening against global blacklists such as PEP lists, sanctions, and other watchlists to identify the involvement in money laundering
KYC and AML Compliance Checklist

Automating manual customer onboarding processes in banking

Manual ‘know your customer’ processes in banking are prone to errors, slow, complicated, and risky. Along with that, they bring problems during client onboarding because manually filling forms and answering questions are time-consuming. Whereas, automated KYC in the banking sector specifically reduces manual tasks and allows financial institutions to be more accurate and time-efficient, helping them to evaluate customer risk more effectively.

Modern technology combined with regulatory compliance is preferred. Therefore, automated KYC authentication is significant for financial institutions and other global industries. Moreover, it reduces paperwork, storage space, and costs of manual KYC. Too much documentation is prone to corruption whereas streamlined and automated KYC processes can eliminate such activities. Also, with digital KYC customers can avail banking and other services instantly.

What is KYC remediation?

Since ‘know your customer’ is becoming a topmost concern for industries, maintaining customer files, while getting rid of inaccurate and outdated information on an on-going basis is also becoming a priority. Therefore, KYC remediation is a process of updating customer KYC files to meet regulatory compliance. Moreover, KYC remediation gives businesses an opportunity to conduct a risk assessment to minimize business risks and to understand customers better.

How Shufti Pro can help global businesses?

Shufti Pro’s digital KYC solution is helping companies to minimize the complications that come with onboarding and monitoring customers and businesses, in the fastest and simplest way possible. Shufti Pro’s AML screening protects businesses from money laundering activities and identifies entities involved in financial crime to meet AML and KYC compliance within financial institutions.

  • Faster customer onboarding while reducing drop off rates
  • Enhanced customer due diligence to ensure the authenticity of individual through ID documents and face recognition
  • Ongoing monitoring for AML compliance, databases and lists are updated on a continuous basis, to remove any ambiguity in identification processes
  • Automated KYC solutions including age verification, address verification, facial biometric authentication, video KYC, and OCR for business can easily be integrated with already existing company systems for ease of use
  • The automated system is secure without the involvement of third parties

Shufti Pro uses the applications of Artificial Intelligence and human intelligence. It provides universal language support and verification services in more than 230 countries and jurisdictions.

Promo banner

What is KYC?

Kyc means Know Your Customer. In simple words, KYC processes ensure the legitimacy of customers by verifying their identity for risk assessment. It is considered a major part of customer due diligence processes to prevent fraud and financial crimes.

How can KYC protect global businesses?

Know your customer compliance protects businesses against unanticipated reputational damages due to external breaches from sneaking into systems.

What are the benefits of performing automated KYC processes?

KYC processes ensure transactional transparency between customers and financial institutions.

What are the components of KYC?

There are three main types of customer due diligence or KYC processes, which are performed based on the level of risks associated with every individual.

What is customer due diligence?

Know your Customer KYC checks are performed on initial customer onboarding stages. It usually assesses the potential risks posed by customers.

What is standard due diligence?

SDD is carried out in the case of public authorities or famous entities. These are categorised as low or medium risk customers. Every country and jurisdiction has its own set of standards, outlining when to perform standard due diligence procedures.

What is enhanced due diligence?

Unlike customer due diligence and standard due diligence, high-risk individuals go through extensive screening to check the involvement in money laundering, terrorist financing, and corruption.

What is KYC in banking?

Financial institutions that provide account opening services rely greatly on digital KYC in banking services to obstruct financial crimes such as money laundering and identity theft.

What is the importance of KYC in the gaming and gambling industry?

The whole idea of KYC for online gambling and gaming sites is to prevent it from bad actors including frauds and restricting minors from approaching age-restricted platforms or items. It provides a secure player environment, builds trust among customers, and helps online companies to stay compliant, eliminating non-compliance fines.

What is the importance of KYC in the travel industry?

Travel agencies now improve their customer experience through powerful KYC and AML practices. Since technology has maximized the risk of online frauds, KYC for identity verification is eliminating these risks to a greater extent.

Why is KYC required for crypto exchanges?

Virtual currencies have always seemed to be involved in some kind of scandals so, for the cryptocurrency industry to work, KYC crypto for customer identity verification is stressed upon by regulatory authorities to eliminate not only money laundering but fraudulent ICOs from taking place.

What is eKYC?

As online transactions increase due to the ever-increasing presence of online businesses, it has become crucial to assure the legality of online customers. This is where e-KYC comes in, it allows companies to verify an individual’s identity through digital verification mechanisms.

What is KYC document verification?

Includes the verification of government-issued KYC documents identity cards, passports, or even health insurance. Financial institutions can refer to these assets when verifying the identity of prospective customers.

What is Mobile KYC?

Mobile KYC allows businesses and customers to authenticate identities using smartphones. Everyone owns a smartphone these days, the features of having a front camera and 4G internet connection makes the whole verification experience smoother.

What is the KYC onboarding process important?

The KYC verification process collects customer information to verify their identity which consequently stops crimes from taking place in the future. KYC verification processes in financial institutions ensure that their customers are not involved in money laundering related crimes.

What is KYC remediation?

KYC remediation is a process of updating customer KYC files to meet regulatory compliance. Moreover, KYC remediation gives businesses an opportunity to conduct a risk assessment to minimize business risks and to understand customers better.


Digital COVID Pass: Automated COVID Report Verification

The worsening situation of the pandemic has forced authorities to impose restrictions on several sectors to control the spread of the virus; the travel industry is also among the restricted areas. Different regions of the world have banned travelling for leisure purposes and the United Kingdom is one of them. For customer onboarding, airports require negative Covid-19 reports and these reports are also verified to ensure that people are not using forged reports for fooling the checks. However, the procedures are manual as of today. From January 2021, the report verification measures came into action but manual verification requires at least an hour as per the BBC reports. 

Not just airports but other public facilities like restaurants, educational institutes, arenas, conferences, and large-scale events have to follow the new COVID report verification rule as well. Given the rise in digitisation during the pandemic, manual testing and verification of the reports is an inadequate option. What can be done then? Shufti Pro has come up with an efficient solution to streamline the COVID test verification and passenger onboarding process. Keep reading to learn how. 

How Does Covid Report Verification Work?

Resources have revealed that airports require Covid test reports of onboarding customers. Apart from airports, other public facilities like arenas and restaurants have been guided to perform COVID report verification. The customer/passenger can either ask the airport health facility to perform the test or get a report from government-authorized laboratories. However, reports from any lab are not acceptable and the pre-defined test threshold must be met. Ultimately, this leads to verification of the reports from local labs. This doesn’t mean that the laboratories are inefficient but there is a high probability that fraudsters will use forged reports for dodging authorities. 

Using a genuine report and changing a few details like name and date of the test is not a big deal. Furthermore, it is not at all a problem for imposters to design a high-quality report for the purpose. Hence, verification of the reports is crucial at the public facilities. To ensure that all legitimate report holders are being onboarded, experts check the barcode and ensure that the report is not forged. 

covid pass infographic

Cons of Manual Report Verification

Here are some of the consequences that airports are currently experiencing due to the manual procedure:

The spread of the Virus

First and foremost, manual verification means you have to make physical contact with documents. Ultimately, controlling the spread of coronavirus is a big problem. No matter how hard one tries to maintain distance or use sanitisers, there is always a chance of interacting with the virus somehow. So, why take the risk?

Time Consumption

It takes a lot of time to verify the code on every report. The codes vary from lab to lab; some labs use QR codes while some prefer MRZ codes. To decipher these codes, extra effort is required and manually performing the task means a lot of time. Customers have to wait for at least an hour to get the report verified. Think about tons of end-users every hour, every day, and some delayed processes can lead to increased drop-off rate. It is nearly impossible to cater to every customer in a limited time. 

Extra Effort 

Employees have to invest a lot of effort in extracting data from the document and then converting it into machine-readable language. Then, there is a lot of effort needed for verifying the authenticity of the document and the information mentioned in it. 

Cost of verification 

Next is the extra cost that the different sectors is incurring for performing these verifications. The industries are already suffering from the darkest time and extra cost for ensuring security as well as safety is not a viable option. 

Fortunately, we have a solution that can help all these facilities in verifying not just identities but also the Covid reports along with combating the aforementioned challenges. 

Digital COVID Pass – Automated Report Verification with Shufti Pro

While working on enhancing our AI-powered products, we came across a solution that can help in verifying not only identities but also the Covid reports. Our identity verification service can help all the authorities in ensuring that they haven’t onboarded any fraudster and nobody has shown false reports for onboarding as well. 

Digital COVID Pass – The Process

If you get our IDV service, the API with this report verification feature is installed in your system. Here’s how the process of our IDV service goes:

Document Verification

For identity verification, first, the user has to register on the merchant’s portal and the required information is shared with us. Then, we verify the government-issued ID documents of the user for authenticity. With the help of thousands of AI models, the document (in this case passport) is verified by authenticating the holograms, rainbow prints, etc.   

Facial Biometric Authentication

Next is the facial biometric authentication step. Live presence of the customer is ensured and a selfie is obtained to verify the picture on the government-issued ID documents. This also helps in identifying any spoof attacks and prevent fraudsters from making any trouble. 

Covid-19 Test Report Verification 

This is the interesting step in which the Covid test report is verified. According to the government guidelines, the report must not be older than the pre-defined threshold and from the laboratories listed by the government. First, our AI-based OCR will extract the code embedded in the report. This could be a QR code. 

Details like the name of the person and date of the test are hidden within the code, so it is impossible to fool the AI-powered checks. In case a Covid positive person has submitted a forged report, the information in the code can be deciphered and public facilities can avoid customer onboarding. The best part is, all these checks require only a minute or so for completion. Moreover, there is no need for human effort to verify one report. 

Who Needs Digital COVID Pass?

Not just the airports, but many other sectors have been guided to perform COVID report verification. Arenas, cinemas, large-scale events like the Olympics, cruise, conferences, restaurants, and other public places have to verify the Covid test results before allowing any person to enter the facility. 

covid pass infographic

SOPs and Enhanced ID Verification in Seconds 

The staff of public facilities have to maintain social distance and safeguard themself from the spread of the virus as well. Touchless identity verification kiosks are one of the inevitable options that can help the companies in complying with the ID verification regulations and follow the SOPs at the same time. 

The touchless identity verification kiosks are installed at security checkpoints and all the customers have to register remotely for the verification. The details provided during registration are generally used for identity verification. 

Upon reaching the facility, the government-issued ID document is verified. 

Then, biometric authentication checks are performed in which face recognition, palm recognition, and voice recognition is done. 

The API for COVID report verification will be installed in the kiosk and the customer has to show the report for verification. OCR extracts data in the QR code and within seconds, the authority will be notified if the person must be onboarded or not. 


To sum up, making public facilities and customers safe from the novel coronavirus is what we need now. The Covid positive cases are rapidly increasing and many sectors have been highlighted as a red zone these days. The travel and education sector and restaurants are guided to perform Covid report verification of all the customers. Travelling for recreational purposes is strictly forbidden and people with legal permits can travel. All travellers have been guided to submit a Covid negative report. Likewise, other public facilities have to ensure that COVID positive customers stay away from the place. With the help of Shufti Pro’s Digital COVID Pass, it will be easier for all the public facilities to comply with the new rules and ensure security. 

You can find out more about our IDV and report verification service from our experts. 

key takeaways form shuftipro

Key Takeaways from Shufti Pro’s Global Identity Fraud Report 2020

 After the rollercoaster year 2020, Shufti Pro hopes this year will be less distressing for everyone across the world. Due to the pandemic and rapid digitisation, cybercrime increased and a significantly higher number of frauds were reported. During identity verification, our team experienced a rise in different types of fraud. As per our data, identity fraud has increased by 3.36% globally. Given the increase in identity fraud statistics, we have published Shufti Pro Global Identity Fraud Report 2020. This report is an all-in-one guide for all business owners who want are keen to know the latest fraud insights and how they can secure their company from fraudulent activities in 2021. 

Our Global Identity Fraud Report 2020 has segregated all the information in sections. First, you will find out the frauds repeatedly reported by our tech team in 2020. Followed by this, you will find an industry-wise division of the frauds along with the numbers reported. Our Global Identity Fraud Report 2020 has also identified the holiday season fraud rate. Lastly, we have also made some predictions for 2021 that will help you in making a rational decision for your enterprise. To make sure you don’t miss out anything from the Global Identity Fraud Report 2020, here are the key takeaways to give you a brief overview of the report. 

Most Reported Frauds in 2020 

Our Global Identity Fraud Report 2020 covers the below-mentioned fraud types in detail. Here is an overview of the most reported frauds last year. 

Data Breaches

According to IBM reports, the majority of stolen identities are used for data breaches. A data breach is a cybercrime in which criminals gain illegal access to the company’s information and the acquired information is used for other crimes like ransomware. According to our identity fraud report, data breaches led to more identity frauds in 2020 than any other crime. 

Biometric Spoof Attacks

The global biometric fraud rate did not dramatically increase but their methods have become more sophisticated. Furthermore, biometric fraud has decreased globally but a few countries have experienced a significant rise in biometric fraud attempts. Nevertheless, these attempts are still not sophisticated enough to dodge AI-powered biometric authentication checks.  

Document Frauds

Identity document frauds remarkably increased in 2020 and tampered documents were widely used for surpassing identity verification checks. Synthetic identity fraud, fake documents, countered IDs, and stolen ID documents were repeatedly submitted to us for verification.

Global identity fraud report 2020

Industries with the Highest Ratio of Frauds in 2020 

Next section in our identity fraud report 2020 is the industry-wise division of fraud statistics. This section of the report provides you with a detailed view of the industries that experienced the highest ratio of frauds last year. Let’s take a look at three of these industries: 

Finance Sector 

The fundamental goal of fraudsters is to acquire money in any way possible. For the same reason, the finance sector is the primary target of all criminals. According to Statista, fraud losses in the UK’s online banking system have increased from GBP 66.7 to GBP 111.8 million in the last ten years. 

Crypto Exchanges 

Cryptocurrencies will soon be a mode of payment in different regions of the world as predicted by experts. However, this sector is also not secure and in 2020, crypto exchanges reported a significant rise in criminal activities like crypto mining and money laundering. 

Insurance Sector 

The Insurance Fraud Bureau states that there was a 5% increase in false insurance claims in 2020. This sector was not safe from fraudulent activities either. Criminals used stolen identities and claimed health insurance, unemployment insurance, life insurance, and many other benefits. Due to the same reason, the RBI allowed video KYC to help fight insurance fraud. 

Predictions for 2021

Predictions for this year are not very exciting because identity frauds are expected to increase. Moreover, new types of fraudulent activities are expected to increase challenges for businesses. Here are some predictions that our Global Identity Fraud Report 2020 has discussed.

  • Synthetic identity fraud will increase 
  • Digital replay attacks are expected to rise 
  • Re-victimisation will be at its peak in 2021
  • Deepfakes will hinder biometrics 
  • Healthcare frauds will significantly increase 

Summing It Up

Shufti Pro’s Global Identity Fraud Report 2020 describes the identity fraud committed in 2020, the industries with the highest rate of fraud, and holiday season fraud statistics. The distressing year 2020 has finally ended and everybody is expecting 2021 to be good. Nevertheless, identity fraud will continue to increase this year as per our predictions.  

Fortunately, Shufti Pro’s identity verification services are there to help your business stay safe at all costs. Download our report and know everything about 2020 identity frauds and what to expect in 2021.

If you need any help with our products and services, our customer support is always available to help.


Covid Report Verification: New Restriction for Airports

The Covid-19 cases have drastically increased over time and as of February 6, 2021, 18,262 new cases were reported in the United Kingdom. The numbers are increasing every day and the bigger threat is the emerging variants of this virus. The first variant was identified in the UK and due to the same reason, travel restrictions have increased in different regions of the world. Italy, France, Greece, and Germany have also imposed strict regulations for all the passengers from the United Kingdom. For report verification, manual procedures have been adopted, however, they are incompetent in the digital world. Let’s take a deeper look at these new regulations and an automated solution that can help the travel sector.

A new and more lethal variant of the coronavirus B.1.1.7 was identified in the UK due to which more robust regulations have been imposed to keep the residents safe. According to the reports from the CDC, these new variants are increasing health hazards, so many countries are under strict lockdown. Among all other sectors, the travel industry has to bear with a lot of new regulations. Individuals who have been permitted by the law can travel from/to the UK.

The law enforcement agencies have passed regulations according to which every passenger has to submit Covid negative report upon arrival. The report should not be older than three days and without verification, no passenger will be allowed to stay in the country. Like the UK, many other countries have introduced the Covid report verification law.

Other Countries with New Travel Regulations

The following four countries have imposed the covid report verification system along with a few exceptions.


People from the UK can only enter Italy for official purposes or under absolute necessity and the “absolute necessity” must be declared in writing. Moreover, the covid negative test report must be submitted and arrivals have to take a rapid swab test or Covid test at the airport too. Lastly, passengers have to quarantine for 14 days irrespective of the test results.


Remote registration is mandatory and the information must be presented to the border authority. Arrivals who belong to high-risk countries must quarantine for 10 days. However, if the passenger takes the Covid test at the airport and it’s negative, the quarantine can end on day five.


Passenger Locator Form (PLF) must be completed at least 24 hours prior to the travel. In case someone does not fulfil the requirement will be subject to a 500 Euro fine or the Greek authorities will not permit the passenger’s entry into the country. A negative Covid test no older than 72 hours must be submitted. Upon arriving at the airport in Greece, passengers must take a Covid test. Self-isolation for 10 days is mandatory for everyone irrespective of the test result.


Only residents of France or people with essential reasons are allowed to travel. All UK travellers must present a negative Covid test report. This law is also applicable to children over 11 and the test must be carried out no more than three days before arrival. Furthermore, the UK arrivals must complete a sworn statement that clarifies that they are not suffering from any symptoms of the virus. Moreover, they must confirm in the statement that they haven’t been with anyone who has Covid symptoms in the preceding fortnight. Lastly, they must show a signed travel certificate that states the reason for travel.

How can Countries Comply with the Regulations?

The travel sector has to make sure none of the arrivals is allowed to enter the state without verification of the Covid test report. Non-compliance with these regulations can result in hefty fines for the authorities. To prevent these fines, airport authorities are performing manual Covid report verification. Unfortunately, that takes a lot of time and passengers have to wait for at least an hour for process completion, and the chances of errors are exceptionally high. The pitfalls of manual verification are making compliance with the new restriction a hassle for the travel sector.

Digital COVID Pass – AI-Powered COVID Test Verification

Fortunately, there is another way that can reduce the burden on airport staff and chances of errors as well. With the help of Digital COVID Pass verification, it will be easier for all the relevant authorities to authenticate reports within seconds. The real-time verification does not require human effort and the approximately 98.67% accuracy is ensured too. Shufti Pro has introduced a state of the art feature of identity verification service. Our system can now scan the Covid report and extract the data in the MRZ or QR code in the report with the help of AI-powered OCR. In case someone has submitted a forged report, it will be identified in no time and the travel sector can ensure higher levels of safety.

Shufti Pro’s AI-powered identity verification solution offers the Covid report verification feature too. Employing our IDV service will help you verify the identities of passengers and their Covid test results in a few seconds. Furthermore, real-time verification will provide 98.67% accurate results.

Summing It Up

All in all, the travel sector has to abide by a lot of rules and regulations due to the staggering numbers of coronavirus cases. New travel restrictions are in full swing and the industry is searching for better ways to comply with them. Due to the identification of coronavirus variants in the UK, airports have to verify the Covid negative reports of all the passengers. People cannot travel for recreational purposes. Moreover, arrivals from the UK in Italy, France, Germany, and Greece have to submit negative test results. Covid test will be performed at the airport and every passenger has to quarantine irrespective of the test results.

Get more information on the new travel restrictions from our experts.


KJM Age Restrictions Breaking New Grounds for Gaming Industry

Minor protection has become a challenge for everyone these days. Parents are worried about the type of content minors interact with, whereas companies are obliged to comply with rigid regulations for minor protection. The conventional age verification checks that ask for date of birth or checkbox method do not suffice for the modern world’s requirements. Minors can easily enter false information or check boxes for verifying their age. To make sure minors do not access any age-restricted products or services, regulatory authorities enforced online age verification laws and hefty penalties have been set for non-compliance. Nevertheless, minors can still access age-restricted products and create accounts on online gaming platforms. Considering the inefficiency of age verification checks on online platforms, the Kommission für Jugendmedienschutz (KJM) introduced more robust regulations and now, the German gaming platforms have to reconsider their age authentication system. 

According to the KJM restrictions,

  • Identification and authentication methods exclude minors and banned players. The application is based on the Interstate Treaty on Protection of Human Dignity and the Protection of Minors in Broadcasting and in Telemedia. 
  • The Treaty has suggested a monthly betting limit of EUR 1,000 and prohibited gamblers from taking loans from gambling operations. 
  • Online gaming platforms cannot add any addiction stimulus, for instance, fast repetitions. 
  • Gaming companies must consider social responsibility for the virtual environment. 
  • They must ensure that betting and lottery products are offered through different domains over the internet. 

What is Harmful to Youth As Per the Law?

According to the Youth Protection Act, the media content that is harmful to young ones includes,

  • Media representations that are violent and have a coarsening impact on minors 
  • Content that spreads racism or glorifies National Socialist ideology 
  • Glorification of war 
  • Content that questions the dignity of humans 

Cornerstones of KJM

As far as the KJM cornerstones are concerned, there are two interconnected steps for ensuring age verification of the user groups. 

One-time identity verification for checking legal age is mandatory. This will always be done through government-issued ID documents. This is necessary for avoiding counterfeit documents as much as possible.

Next is the authentication which ensures that only identified and age-restricted people can access closed user groups. It intends to make it difficult to pass on access authorization to any unauthorised vendors. 

Online Age Verification for Better Compliance with KJM Laws

The new age restrictions ask for more robust age verification checks. If online businesses follow the traditional methods for verifying age like checking a box that says “I’m 16 years or older,” it’ll get impossible for online gaming platforms to prevent minors from accessing restricted content. Now with so many rigid regulations all set to increase challenges for online businesses, it is important to add robust age verification checks that do not ask for date of birth only. 

Online age verification system verifies the identity of every customer through government-issued ID documents. The end-user submits the ID document that is verified. Then, the user has to submit a selfie as well. The selfie is cross-checked with the image on the ID document and live presence of the customer is verified. Furthermore, facial biometric authentication checks leave no chance for minors to fool identity verification checks. 


New Age Restrictions and Gaming Platforms 

After the new laws, gaming companies have to make sure minor exclusion and protection on their platform with the help of online age and identity verification checks. The KJM is the responsible regulatory authority for protecting minors in the online world in Germany. The authority has vetted and approved a list of age verification service providers and the gaming businesses must only use age verification checks from these approved vendors. 

Dr Marc Jan Eumann, the chairman of KJM says,

“With this year-end spurt, the number of age verification systems rated positively by KJM in 2020 rises to a total of 18. This record is a sign that the need for youth protection-compliant solutions for the German market as well as the perception of KJM is the first Contact person on this topic increases. I am pleased that KJM’s offer to offer providers legal certainty by reviewing their concepts has been so well received.”

Shufti Pro’s Age Verification Solution is KJM Compliant 

The German regulations for age verification are rigid for all gaming platforms in the region. Without stringent identity verification checks, it will be impossible for any of the operators in the industry to comply with the laws. The good news is Shufti Pro’s age verification solution has been approved by KJM. After examining our solution, the authority has come to a decision that the age verification solution is technically and legally intact. This makes us an inevitable option for your business. 

With the help of artificial intelligence models, we have ensured that minors cannot access your age-restricted products and services. Every online gaming platform needs age verification checks that do not require the standard checkboxes. Fortunately, our age verification solution is not only compliant but a robust barrier in minors’ way as well. You can avoid hefty penalties for non-compliance and also ensure that only adults are accessing your platform. 

Recommended: The Significance of Age Verification in the Digital Space 

Summing It Up

Minors have easy access to the internet and it is not a problem for them to surpass age verification checks with a false date of birth. Moreover, it has been reported repeatedly that minors use their parents’ credit or debit card for verification. To combat this issue, different regulatory authorities enforced age verification laws and all online businesses have to comply with them. Unfortunately, minors can still use their parent’s documents for verification. Considering the various issues, the Kommission für Jugendmedienschutz (KJM) has introduced better laws that aim to prevent minors from accessing age-restricted content. All online gaming platforms in Germany have to ensure compliance with the new laws and they have until the second half of 2021 to restructure the age verification checks.



5 Ways Facial Biometric Technology Elevates Customer Retention

Today, biometric technology is known for its ease of use and reliability. Facial biometrics have become an active expansion in many industries, generating $4.84 billion in 2020. With advances in technology over the past few years, facial recognition systems have become intelligent as they contribute their fair share in assisting online businesses for onboarding customers and law enforcement agencies to prevent crime. 

Customer retention is of utmost importance when it comes to enterprises or startups. Delivering a good experience to the customer builds that all-important trust and brand loyalty which help businesses in the long run. Facial biometric solutions provide users with an effortless method to carry out their tasks, and with confidence. 

Customer Retention for Enterprises

For businesses, a strong customer base is what drives the revenue and sales of a product or service. Understanding the needs and creating easy and effective solutions for your target market is the key innovator for success. One thing which early startups and enterprises should consider is that retaining previous customers is as important as acquiring new ones, since it takes up to 5 times as much effort in the previous case.


The good thing about existing customers is that they are already familiar with a company’s products and have a certain inclination towards the services it offers. Investing in customer retention can provide better opportunities to understand their needs and provide tailored solutions, giving them lesser reasons to abandon the service.

5 Reasons why Facial Biometric Technology is Essential

Automated and Efficient Solutions

Manual verification of customers is a thing of the past. The process acquired ID information from the customer using cumbersome and tedious methods that took long waiting hours. Apart from that, human error was another rock in the path when it came to efficiency. Keeping a track of the verifications and managing them on time was another hassle. 

Now with intelligent solutions in place, companies don’t need to worry about delayed operations. Facial biometric technology automates the process of identifying users with the minimum possibility of error. It allows customers to interact with a business better and save valuable time, offering convenience as compared to earlier procedures. It also saves enterprise the cost and effort of investing in employees and experts for customer identification.      

Turning the Tables on Bad Actors 

Identity thieves don’t miss an opportunity, do they? By stealing the facial identity of legitimate users on the internet, they use it for their malicious purposes. Between 2019 and 2020, online identity theft was reported at almost 5.1%, which is still an alarming number for both businesses and customers alike. Fraudsters employ a lot of different ways to trick recognition systems into believing they are the right user. This makes it increasingly important for companies to eliminate fake identities using a robust defence mechanism. 

Even though criminals have become sophisticated by using deepfakes, photoshopped images, and replay attacks, artificial intelligence has helped facial biometrics to get even better. Intelligent solutions for face verification analyse fine details on a person’s face and then create a faceprint against it. The mapped image is then matched against a database of suspicious identities which helps in taking down facial spoof attacks. Online businesses can use a robust facial recognition solution to keep false identities off their platforms and develop a good market reputation, eventually retaining their customers.


Easy Integration and Security

These days, users prefer businesses which offer them convenient solutions under a safe haven. Facial biometric technology aligns best with the idea of customer security, which is directly linked with retention. Most companies simply integrate a facial recognition software with their existing security systems and don’t have to worry about it again. But how does it help the business? The company does not need to develop its own solution for facial biometric verification and save on those expenses. This way, enterprises can both offer a sense of security to their customers and cut on administrative costs.    

Contactless and Quick Onboarding

Today, when social distancing is a common practice, contactless solutions have become a necessity. Online businesses can use facial biometric technology to streamline their Know Your Customer (KYC) process to quickly onboard their customers. Facial recognition solutions verify a user in seconds without the need for a physical verification. These days, the job is done through smartphone cameras which are a good source of contactless facial verification. Apart from this, users need not worry about potential loopholes in fingerprint identification like dirty hands, etc. 

Read more: Speed Up Customer Onboarding with Online Facial Recognition

Accurate Verification of Identity

The success of a facial biometric solution greatly depends on the level of accuracy it provides. Thanks to advances like 3D facial recognition, customer identity can now be accurately verified in real-time. With new and improved solutions for facial recognition, online businesses can ensure that the person behind the camera is not holding a paper image of a face or performing a replay attack. With facial biometric technology, enterprises can onboard real and legitimate customers in a secure and trusted environment.

Shufti Pro Face Verification 

Today, online businesses face a constant threat of identity theft which directly affects the customer experience. Face verification by Shufti Pro offers enterprises an active defence against a wide array of facial spoof attacks including 3D masks, hyperfaces, eye-cut and paper-based photos. The solution takes into account mapping algorithms based on artificial intelligence to quickly verify a person’s identity.

Shufti Pro Face Verification comes with liveness detection and 3D depth sensing which analyses micro-expressions and skin texture to deliver accurate results. Face verification solution makes the onboarding process effortless and reliable, and helps online businesses retain their loyal customers by keeping fraudsters at bay.

Uk and Us Crypto

The UK, US & Singapore – A Spotlight on the Crypto Regulations

Non-compliance with anti-money laundering regulations has been an issue for the finance and crypto sector for a long time. The year 2020 was life-threatening but it became an opportunity for fraudsters to execute their malicious plans. Amid the Covid-19 pandemic, money laundering and terrorist financing significantly increased. Different reports have revealed staggering numbers and AML law violation has led to hefty penalties on banks, crypto exchanges, and other financial institutions. The UK and the US had the highest numbers of money laundering and AML non-compliance fines. On the other hand, Singapore made sure 2021 will keep penalties away from all the finance and crypto companies. These three states have taken necessary steps to prevent financial crimes, especially through cryptocurrencies. So, there have been certain amendments and some new laws have been enforced as well. 

The letter specifically states that banks can use stable coins and Independent Node Verification Networks (INVNs) for conducting payments. Stablecoins are a specific type of cryptocurrency that is tethered to other assets for reducing their price volatility. Banks in the US can now issue and exchange stablecoins. Storing, validating, and recording can be done through distributed ledger systems or INVNs (an electronic database where information is stored on several computers rather than one). 

Brian Brooks, the Acting Comptroller of Currency, has issued three letters ever since he took the reigns. He is emphasizing on making money transactions as convenient as possible with the use of technology. However, his third letter has warned banks about the additional risk that comes with crypto-based transactions. Financial institutions must make sure that incorporating such technologies for increasing the efficacy of transactions must not be at the cost of violating AML/CFT regulations

Tightened Sanctions by the Trump Administration 

In the last two months, the outgoing Trump administration has kept a high pace of designating sanctions against plenty of targets. One of them is the relisting of Cuba as a sponsor of terrorism on January 11. According to Mike Pompeo, the Secretary of State, Cuba has been repeatedly providing support to international terrorism acts. As a result, the ban on Cuba has been renewed for US economic aid, opposition to the World Bank and IMF, and arms and dual-use exports. After Cuba, the US has also banned the use of certain Chinese payment software along with increasing sanctions on Iran.  


The UK – FCA Bans Crypto-Based Transactions 

In October 2020, the Financial Conduct Authority (FCA) banned transactions in cryptocurrency. The efforts have come into effect in January 2021. The authority says that there will no longer be any crypto-related investments for retail consumers. Sales, marketing and distributions of any investments related to cryptocurrency have been banned. According to FCA, retail investors can save up to USD 70 million because this rule will ban all illegal crypto products. 

On the contrary, cryptocurrency exchanges are against this and they claim that FCA’s bans will result in the destruction of the crypto sector. Investors can move to different states to continue transactions in crypto where regulators cannot reach them. The explicit regulatory system is still a draft and regulatory authorities have announced rigid KYC law for cryptocurrency. 

HSBC’s Bans for Any Crypto Transactions

HSBC is the largest high street bank in the United Kingdom and one of the first banks to ban cryptocurrency transactions. All processes that involve cryptocurrencies like Bitcoin have been completely banned. An article in The Times newspaper revealed that HSBC has taken the initiative to mitigate the risk of money laundering and terrorist financing through cryptocurrencies. This means that consumers cannot use their credit or debit cards or any other bank facilities to deposit fiat funds in crypto wallets. Similarly, cryptos cannot be converted into fiat money and deposited in bank accounts.  

Singapore – Updates in the Payment Services Act

The Parliament of Singapore has planned to update the Payment Services Act and make the AML controls on cryptocurrencies more rigid. Followed by the amendment passed on January 4, 2021, every cryptocurrency service provider must obtain a license from the Monetary Authority of Singapore (MAS). Previously, only the service providers that possessed cryptocurrency or money were regulated. However, all cryptocurrency exchanges that facilitate transmission, exchange or storage have to acquire a license from the MAS. All entities must devise customer due diligence and transaction monitoring protocols for effective compliance with these amendments. 

The law-making bodies of Singapore are hoping that these new regulations will mitigate the risk of money laundering and terrorist financing with cryptocurrencies in the country. This will assist them in monitoring cross-border transactions where Singapore’s service provider is only the facilitator and not a sender or recipient. 

It All Narrows Down To…

Cryptocurrencies have been used for financial crimes, and their anonymous nature is one of the main reasons behind the unbelievable ML/TF numbers. Every year, two to five per cent of the global GDP is laundered as revealed by UNODC and Europol. Given the rise in fincrime, regulatory authorities around the world are in action to mitigate the risk in the future. In 2020, criminal activities significantly increased and led to the enforcement of new rules. The UK has banned all crypto-related transactions. On the contrary, the United States has accepted payments in cryptocurrencies. Similarly, Singapore has amended the Payment Services Act and every crypto exchange has to acquire a license from the MSA before facilitating any activities in cryptocurrency. An effective way of complying with the regulations has been suggested as well. Crypto exchanges must add more rigid customer due diligence and transaction monitoring protocols to ensure compliance. 

Get more information on transaction monitoring and AML compliance from our experts. 


FATF’s Travel Rule: A New Dawn of Regulations for Virtual Asset Services

Here at the start of 2021, there is much uncertainty regarding the coronavirus situation, whether it will surge or find its way out. Virtual payments are becoming more common than ever since social distancing has become a need of the hour. Although banks and financial firms have a regulatory infrastructure for digital payments and exchanges, the virtual currency market has a long way to go. 

Since blockchain is widely used in crypto exchanges, it is a potential target for fraudsters due to its anonymous nature. This calls for better rules and regulations which can make the virtual assets market a safer place to perform a business. The FATF’s Travel Rule emphasizes the importance of regulating data sharing standards in virtual currency exchanges.


Travel Rule Reinforcing AML/CFT Efforts

Growth in cryptocurrency has given rise to regulatory inconsistency, which creates a greenfield opportunity for money launderers to conduct financial crimes. Virtual assets are created with technologies like blockchain which offers users to transact anonymously over the internet. In a standard crypto transfer, the beneficiary’s identity remains confidential, while the VASP provides information like name and address etc. This does not guarantee whether the recipient is a real customer or a potential money launderer.

Before the change in FATF guidelines in July 2020, only banks were required to comply with the Travel Rule. The reciprocal exchange of information was already normal in banks and financial institutions operating under a central authority. After the new rule came into effect, virtual currency platforms are liable to the Financial Action Task Force. With the new rules for data collection in place, money laundering activities could be actively taken down by reducing the number of VASPs used for sending funds.

The purpose of the Travel Rule is to improve data sharing standards across cryptocurrency exchanges to prevent money laundering through virtual currency platforms. It is called so because the identifying information of both the originator and the beneficiary travel along with the transfers. The changes made to the regulation also helps in enhancing the audit trail when investigating large virtual transactions between e-wallets. Hence, the Travel Rule helps in complying with AML and CFT Standards. 

Compliance Challenges to Firms

The Travel Rule focuses primarily on the better sharing of information between two transacting parties. This is a challenge for VASPs operating in the crypto market due to the relative lack of regulations in the industry. FATF’s Travel Rule acts as the cornerstone of compliance obligation for virtual currency exchanges. 

Cryptocurrency transfers often lack proper means of collecting ownership information which makes them fall short of existing privacy laws. It creates the need for developing a reliable AML solution which could meet the expectations of global regulators like the European Union and FATF. 

Apart from maintaining an AML checklist, service providers of virtual assets need to take into account the time and cost required to administer and fulfil the Travel Rule obligations. This way, financial firms and VASPs can provide cost-effective transactions and stay compliant.   

A Landmark in Data Sharing Standards

The Travel Rule presents a new picture of data sharing between the sender and recipient. Online businesses already collect the personally identifiable information (PII) of their prospects through a Know Your Customer (KYC) process. The scenario is different in the case of most virtual currency transfers and information like the name, address, and ID number and the account number are required to validate the user’s identity. 

Now, with the Travel Rule, businesses providing virtual asset services are faced with two challenges; data collection and information sharing. Since its advent, the crypto industry has adopted the rule and devised a new set of customer onboarding procedures to validate exchanges. 

Service providers offering encrypted data transfers offer reliable means of gathering user data. These systems work in light of Customer Due Diligence procedures which are essential for identifying the user. VASPs can combine these services with their platforms for better data acquisition and sharing, which aligns with the Travel Rule standards. 


How can Virtual Currency Providers Comply?

Keeping intact customer experience and meeting the regulatory obligations is an ideal solution for the Travel Rule. According to the FATF, below is a list of suggestions for a Travel Rule solution that could help meet requirements of the Recommendation 16:

  • The solution of a company should be easy to integrate with current AML/CFT programs
  • It should minimize the barriers to adoption and the overall regulatory impact
  • It should make sure that virtual assets exchanges are done in light of global regulatory standards
  • The framework should be developed with the idea that it can easily incorporate technology changes in the future, i.e., It should be scalable and maintainable.
  • It should be publicly available so that VASPs and emerging startups could benefit from it   

To Wrap it up

The Travel Rule is concerned with making crypto and wire transactions secure by targeting their anonymity. It emphasizes on making the information sharing process transparent between parties involved in a virtual currency transaction. Although KYC is an internal process of a business, the travel rule is the other side of the same coin. KYC plays a vital role in successfully complying with the Travel Rule. It provides VASPs with the required information from the users need to verify their identity. 

Shufti Pro’s KYC solution can help cryptocurrency businesses comply with FATF’s Travel Rule by effectively verifying user identities and sharing relevant information with them. Shufti Pro’s facial biometric and document verification backed with Artificial Intelligence can help VASPs to develop a transparent relation with their clients and ensure AML/CFT obligations. 

Have more questions on how Shufti Pro can help you? Share your concerns with our team and get a solution as per your business needs!

5 Ways how IDV Provides an Active Defence Against Fincrime

5 Ways how IDV Provides an Active Defence Against Fincrime

Identity theft, account takeovers, and data breaches… The world has seen enough cybercrime to open its eyes. A new type of revictimization fraud is on the rise in which the victim’s stolen data is sold over multiple platforms. Identity thieves use personally identifiable information (PII) to conduct crimes like money laundering and terror financing.  

Criminals are pulling ahead of advances in technology by banking on the same methods used to prevent them. Fincrime, also known as financial crime accounts for a staggering $42 billion reported in annual losses. Fraudsters carry out their ill motives by stealing personal data and creating synthetic identities. The new identities are then used to issue credit cards, false insurance policies, evade tax authorities and banks, and steal money from the victim’s bank account. Identity verification acts as a deterrent against fincrime by verifying the legitimacy of users’ identities. It takes into account digital document verification and biometric authentication to provide a foolproof defence against false and fake users.

1- Prevention of Illicit Cybercrime

There is a cyberattack every 39 seconds as revealed by the University of Maryland. Financial institutions are always on the verge of cybercrime. Since they involve a good deal of monetary influx, they are a sweet spot for fraudsters. Banks and online businesses are prone to chargeback fraud which is another case of identity theft. Online scammers give enterprises a good run for their money by initiating unauthorized transactions resulting in instances of friendly fraud. 

Criminals then clean the ill-gotten money to hide the original source of income through money laundering. Once the money enters the legal financial system and is free of suspicion, it is used to carry out other organised crime such as terrorist financing, corporate data breaches, drug and arms trafficking, etc. Identity verification can prevent financial businesses from onboarding bad actors with their platforms and prevent potential fincrime. 

2- Mitigating the Risk of Identity Theft

1 out of every 10 individuals on the internet is a victim of identity theft, and 21% of them are cases of revictimization. Cybercriminals employ several methods to hijack the identity of online users and use it for their own purpose. By targeting major industries like healthcare and finance, fraudsters make a good deal of money. Stolen patient information and credit card fraud are one of the major reasons accounting for identity theft these days.

Identity theft requires a problem-oriented solution which is digital identity verification. Today, since most of the financial crime is committed through online platforms, online protection tools are necessary to meet the current day standards. Identity verification is a procedure to validate the real identity of an online user and saves enterprises from onboarding potential criminals which would harm them in the long run.

5 Ways how IDV Provides an Active Defence Against Fincrime

3- Avoiding Costly Fines and Penalties

Global regulators charter different rules and regulations to protect banks and financial businesses. Even though these laws may be relevant to specific service providers, they align with the fundamental purpose of preventing fincrime. These set of regulations are often termed as AML/KYC compliance, which is used to ensure secure customer onboarding and prevention of financial crime.

Organizations which fail to comply with Know Your Customer (KYC) and Anti Money Laundering (AML) standards are subject to non-compliance penalties. According to a study, some banks which were fined for not meeting proper regulatory requirements are listed below:

  • The Goldman Sachs Bank in the U.S. was fined more than $4 billion for AML non-compliance.
  • The Financial Conduct Authority (FCA) imposed a penalty of £37.8 Million on Commerzbank in London due to a high-risk financial system.
  • Westpac Bank of Australia paid $1.3 billion in penalties imposed by the federal court due to AML breaches and not complying with FATF’s recommendations.

Identity verification can help financial institutions cut on costly penalties by ensuring AML/KYC procedures are performed the right way and on time. It also helps in the ongoing monitoring of customers which frequently perform high-risk transactions. Through identity verification, suspicious user behaviour can be timely reported to regulatory authorities like FinCEN and fincrime can be taken down.

5 Ways how IDV Provides an Active Defence Against Fincrime

4- Elevating Customer Experience

76% of customers are of the view that a business needs to understand their needs to deliver a good service. Providing products and services that best suit your customer needs is a good means of improving your sales and gaining market reputation. User experience is a driving force in a good customer-business relationship.

Enterprises can provide a safe and secure channel to their customers by using identity verification services which help elevate the overall communication and onboarding process. By using state-of-the-art technologies including face verification and document authentication, financial businesses verify their customers’ identity and keep fraudsters at bay.

5- Banking on Cost-effective Solutions

Efficiency in business operations is affected by a lot of factors including the turnaround time of a system and customer response. Gone are the days when users needed to take part in a manual verification procedure. Now, with digital ID verification services, customer identities are verified anywhere and anytime with automated systems accurately. This saves online businesses the cost and time of investing in a team of KYC experts.

Shufti Pro’s IDV Solution

Identity theft and costly penalties are both a growing concern for financial organizations in 2021. One of the main reasons include not having a proper mechanism to screen customers and investing in an effective AML compliance program.

Shufti Pro’s identity verification and AML screening solutions can streamline the customer onboarding process and significantly mitigate the risk of fincrime using automated solutions. Our identity verification encompasses a wide array of products including document verification, and facial biometric authentication. With the power of Shufti Pro’s AI-based IDV solutions, businesses can now verify their users in realtime and with confidence and put an end to financial crime.


Healthcare is the New Target of Criminals – What’s the Solution?

The healthcare sector has been facing many challenges due to coronavirus pandemic. Cybercrimes have significantly increased and this industry has become the primary target of fraudsters. Modern technology has brought several conveniences in the healthcare sector. However, criminals are also using advanced technology to fulfil their malicious intent. The rate of cybercrime rate has skyrocketed in 2020 and the predictions for 2021 are not very satisfying either. According to BBC, healthcare will be on the frontline of cybersecurity in 2021. Different reports have revealed that there is an approximately 50% increase in cyberattacks on the healthcare sector. Fraudsters will figure out better ways to execute their plans but there is a way that can help the health sector in combating them. 

Let’s take a look at some of the cybercrimes that have been reported repeatedly, a solution to combat these fraudulent activities, and the regulations to enhance the security of the sector. 


Ransomware in Healthcare

In a ransomware attack, the criminal injects a virus using three methods; phishing attack, clickbait, malvertising (user clicks on a malicious advertisement). The tactics, techniques, and procedures (TTP) keep evolving with time but the healthcare facility has to bear with the loss. By sending a phishing email or using another ransomware method, the fraudsters gain access to the facility’s database and acquire all the patient records. Many cases of healthcare ransomware were reported in 2020. One of them was the GBMC’s case.   

GBMC Healthcare Under Ransomware Attack

As reported on December 9, 2020, by Healthcare IT Security, GBMC healthcare in Maryland was under a ransomware attack on December 6, 2020. The malware was injected in the facility’s IT systems and the hospital claimed that they have been maintaining robust security measures to protect patients’ data. However, there were some procedures scheduled for Monday that had to be postponed.

Data Breach in Healthcare 

The average cost of a data breach in healthcare is $158 per record. The staggering numbers make Protected Healthcare Information (PHI) even more valuable than PII. A data breach is an incident in which fraudsters illegally acquire access to the company’s database and use the available information for other illegal activities like identity theft. Only at the end of 2020, the healthcare data breaches rose up to 45% and the healthcare sector overall accounts for 79% of the data breaches reported annually. The top 10 data breaches reported last year exposed millions of records and DCA alliance data breach won the race.

DCA Alliance Breach Exposed 1,000,000 Records

This data breach was reported in early December. DCA is a third-party vendor that supports over 320 affiliated facilities across 20 states. On October 11, some suspicious activity was reported that spurred an investigation. Upon inquiring, it was found out that hackers gained access on September 18 that lasted until October 13. The reports reveal that patient names, billing details, bank account numbers, and health insurance data may have been compromised.   

Medical Identity Theft 

Medical identity theft is a crime that occurs when fraudsters acquire information of patients and use it for claiming health insurance and other benefits. This fraud results in erroneous entries in the facility’s records and a list of fictitious medical records is created in the victim’s name. Data breaches and ransomware attacks generally result in identity theft and the staggering numbers are raising concerns for regulatory authorities now. 

Laws for Countering Crime in the Healthcare Sector 

Certain rules and regulations have been structured to ensure the security of all the stakeholders in the healthcare sector. Let’s take a look at some of the regulations that are assisting the health industry in securing facilities. 

NHS Good Practices Guidance 

NHS Good Practices Guidance provides guidelines about patient verification and their representatives for online services. This guideline provides three identity verification methods; vouching, vouching with confirmation, and identity documents, authorisation guidelines, details of the identity verification process, record keeping, etc.

HIPAA Act 1996 

The act has five rules as security measures of patients’ identity; privacy rule, transaction and set rule, security rule, employer identifier rule and enforcement rule. On December 10, 2020, the US Department of Health and Human Services (HHS) released changes to the HIPAA privacy rule. These changes emphasize on strengthening the access of individuals to their information, greater caregiver involvement, and improving access to PHI. 

How to Secure the Healthcare Sector?

Securing the healthcare sector is the utmost need of the hour and the industry requires robust identity verification measures to secure patients from medical identity theft. Know Your Patient verification is one solution for ensuring that every patient that requires your facility’s attention is legitimate. KYP is recommended by state laws and in case not employing this ID verification check, hefty penalties have been settled as well. According to the aforementioned regulations, the healthcare facilities must follow the patient identification protocols. With KYP, you can ensure:

  • Medical identity fraud prevention
  • Responsible selling of prescription drugs
  • Better compliance with regulations
  • Maintain updated patient records 

To protect your facility from data breaches, you need a secure data storage service like on-premises service. This does not store any patient’s information over third-party cloud storage and only the hospital or clinic’s personnel can access it. 


Summing It Up

All in all, healthcare has become the primary target of fraudsters and protecting healthcare service providers is the need of the hour. Ransomware, data breaches, phishing attacks, and identity theft are on the rise. Due to the pandemic, the rate of these frauds significantly increased. In 2021, the majority of predictions are threatening for all the hospitals, clinics, and pharmacies. Fraudsters will be using the COVID-19 pandemic in their phishing attacks, whereas other frauds will become more sophisticated. Hence, a robust solution that can fight fraudsters is what this sector needs and KYP is one of the best options. It verifies the identities of all the patients who reach out to you and ensures the legitimacy of patients as well.  

Get in touch with us and learn everything about Know Your Patient (KYP) verification today. 

More posts