Blog

KYC Verification Process – 3 Steps to Know Your Customer Compliance

James Efron
December 03, 2019
7 minutes read
4406

Do you know the three components of KYC?

The entire identity verification procedure encompasses a lot, however, the most important ones are:

Customer Identification Program (CIP)
Customer due diligence
Ongoing monitoring

This blog post highlights the importance of the KYC process followed by 3 steps to the KYC verification process.

Introduction

In this modern era, fraudsters and criminal groups have come up with enormous resourceful ways to fulfill their malicious purposes. It is a common practice of such criminal groups to misuse the systems of legitimate entities such as banks and other financial institutions, credit unions, e-commerce, etc in order to avail free services, commit frauds and convert ill-gotten gains into ‘clean money’. However, financial institutions mostly rely on the system of controls which aimed at collecting knowledge about customers. This is also known as ‘Know Your Customer (KYC)’.

Similarly, another major issue is that businesses are knowingly or unknowingly used for money laundering activities which at the end turn out not to be compliant with global and local AML regulations. This dirty money is then used for terrorist financing, drug-related financing, and other criminal activities. The businesses that do not comply with the obligations of regulatory authorities are subjected to harsh penalties. AML compliance is, therefore, compulsory for businesses to consider at first hand.

Importance of KYC

KYC plays a vital role in the establishment of a reliable financial system. Criminal entities are well aware of the loopholes in their systems and exploit those loopholes to their benefit. There is a dire need for dynamic security measures to ensure productive risk prevention.

Proactive security measures ensures complete elimination of any sort of fraud on an immediate basis. For instance, data breaches, identity theft, account takeover frauds, and money laundering and terrorist financing.

A large number of fraudulent activities take place as a result of unauthorized access to online platforms. To combat this, banks and online businesses are required to perform KYC for each customer during the onboarding process. It not only serves the purpose of fraud prevention but also meets the regulatory obligations of KYC compliance.

With the news of Panama Paper leaks, the global KYC regulations have become more stringent. FinCEN that is the US regulatory authority, declared amendments in regulations to combat money laundering and extended the scope of customer identity verification. These changes were proposed as a result of loopholes that were residing in the framework of financial institutions.

KYC Verification Process Steps

Just like the way traditional banking institutions were used to verify an identity, online KYC verification is performed. KYC verification process steps include;

Collection of Information

The first step in KYC verification involves the collection of personal information from an online user. The user is supposed to enter all the personal details at the time of account registration.

Ask the user to Upload an Evidence

After collecting information, in the second step, ask the user to upload a supporting piece of evidence as an identity proof. This helps the system verify that the user-entered information is not fake and holds authentic data.

Verification of information

Once the user uploads a document as proof, the document template is identified and examined against several checks. It is to ensure the uploaded document is not tampered or photoshopped. Once it’s validated, the data is extracted. There can be two ways to fetch the data from documents:

Data extraction through OCR in which the system automatically extracts the data from the identity document and check the authenticity of the information.
Data extraction without OCR in which the user manually enters the information and the IDV solution checks the user-entered information against the one present on the identity document.

Check out the KYC Verification Process demo:

Customer Identification Program

In the KYC procedure, the Customer Identification Program (CIP) is the initial step. The identification of high-risk customers should be done beforehand to mitigate the risks. The mandate of CIP is to ensure that the entity performing a financial transaction is verified. This is necessary to curb money laundering, terrorist financing and other illegal criminal activities that disrupt the overall financial system.

In CIP, financial institutions are supposed to collect the user information to open a bank account. This information includes;

Name
Address
DoB
Identification number

After collecting this information, it is verified against supporting shreds of evidence that could be in the form of biometric verification or document verification. In addition to this, CIP includes risk assessment of customers and business accounts. This helps financial institutions build parameters against which each customer will be given a risk rating. KYC procedures, therefore, are predefined that contribute to the prevention of the frauds. At this point, businesses decide CDD and EDD procedures.

Customer Due Diligence

This is a process in which a customer’s information is screened against KYC protocols. In KYC compliance, this is the second step in which basic customer information is collected online in real-time. In CDD, the information collected includes;

Name
Address
Age
Date of birth

All this information is used to verify the onboarding customer. After this, the customer is assigned a rating as per credentials after the AML screening procedures and financial credibility. In case, if the customer ID is found in watchlists or PEP records, the risk is considered high and further Enhanced Due Diligence process is performed.

CDD concludes that how much a customer profile is a risk for an institution. In private and offshore banking, CDD is supposed to be done more deeply to inspect any suspicious identities in the system. CDD should be a scalable method that could ultimately reveal the involvement of money laundering and terrorist funding in the financial system by identifying the identities.

AML Screening

KYC compliance does not end here. One time customer verification does not conclude the inevitable credibility of that identity. Instead, a continuous identity screening should be performed in an institution to deter the risks of fraud from even the authorized entities. The ongoing financial transaction monitoring is important to identify suspicious transactions and unusual money flow in the financial system.

For this, a risk mitigation strategy is defined that includes parameters against which monitoring needs to be performed. These indications include;

Transaction above the specified threshold
A large number of frequent transactions
Unusual/suspicious activities

Read more about ‘Indications of Money Laundering’: Guide to Anti-money Laundering and Countering of Terrorist financing

Corporate KYC

Know Your Business or ‘KYB’ is a process that ensures verification of corporate entities or businesses you are dealing with. This is as important as KYC compliance. Business verification includes verification of Ultimate Beneficial Owners (UBOs), third-party businesses, and other corporate entities. KYB deters the risks associated with fraudulent business entities. Not only this, as per regulatory requirements and regulations about UBOs verification, KYB has become more than necessary to build a clean customer base as well as business relationships.

It all adds up to

An efficient KYC solution is the need of every businesses sector. To comply with the changing KYC and AML requirements, organisations need a KYC solution that adequately follows all steps of KYC compliance. Shufti Pro is a one-stop solution for enterprises to cater to your KYC practices. We offer real-time KYC services with the global support of 3000+ documents and 150+ languages. Incorporating data protection standards, Shufti Pro is secure and reliable for quick customer onboarding.

Have more questions on how Shufti Pro can help you? Share your concerns with our team and get a solution as per your business needs!

Talk to us

Disclaimer: No warranty is herein provided that the information contained in this document is accurate, up-to-date, and/or complete. In no circumstance(s), does such information constitute legal or any other advice. Any person who intends to use, rely, pass-on, or re-publish the information contained herein in any way is solely responsible for the same. We suggest to verify the information and/or obtain expert advice independently if required.

Latest News

News
Data Security at Risk Due to the Fake Lending Apps
Importance of KYC
KYC Verification Process Steps
Customer Identification Program
Customer Due Diligence
AML Screening
Corporate KYC
It all adds up to
Gained network access, pictures, and contact information are at threat due to the fake lending apps that is now an increasing cause of stolen data. Government, as well as regulators, have cracked down on fake digital lending apps and have discovered Chinese nationals behind their operations. They are still working on to discover the amount of data stolen.

Data protection law is required to stop the apps to get away with tons of stolen data and personal information. This has led to a number of suicides as the app operators have blackmailed and harassed people. The borrowers were asked to repay the loan many times even after they have paid it. The operators of the app blackmailed the users by contacting their family or friends and posted stories and private information on social media.

These applications did not require KYC- Know Your Customer information from the users as the legitimate sites ask their customers of the proof identity. They just took basic contact information from the users, copies of their government-issued identity documents and then used their application to enable access to their smartphones. The data breach by this fake application has become one of the biggest data breach schemes.

Banks and police officials are working towards tracing the money that these applications have stolen through data breach, blackmailing and identity theft.

Co-convenor of Cashless Consumer states that “From these 1,000 apps, in the last ten days 118 apps have been removed and in total 450 apps are no longer available on the Play Store, but some of them operate from abroad. The legitimate apps authorised to lend in the database would be around 200 when it comes to the links between these apps and actors sitting abroad. So it is not a case of the data being transferred abroad but that it was collected abroad.”