Know your business protection against shell companies

Know Your Business – What Does it Mean & How can it Protect Your Company?

Businesses that offer their services to other businesses, instead of individual consumers, have to be more vigilant in their customer onboarding processes. According to a survey, B2B merchants say 19% of all online purchase inquiries are attempts at online fraud. So, it has become important, in the current regulatory landscape, to secure your own interest before engaging with another business. According to the Australia Competition and Consumer Commission’s Targeting Scams reports that $91.4 million was lost to B2B invoice fraud in Australia last year. 

For this, Know Your Business practices come in handy as they help a company to verify the corporate information of their potential clients and personal information of the higher management handling the operations of that client company. Business verification for KYC or Customer Due diligence is essential to identify the ultimate beneficial ownership (UBO) structure.

What does Know Your Business Mean?

A typical Know Your Business practice enables corporate organizations to determine whether they are dealing with authentic business entities or shell companies that are just present on the paper. AML Checks for business and proper document verification is demanded by regulators, especially in developed countries when dealing with foreign entities. Guidelines such as Electronic Identity Verification (eIDV) and 4th AML directive from the European Union are some of the examples that dictate Know Your Business (KYB) laws to corporate entities.

On the other side of the pond, in the US, Customer Due Diligence measures are being dictated to be the norm to determine the true ownership of a business entity. Several KYC service providers offer different business verification services in order to collect business verification data. Some Identity verification services such as Shufti Pro can perform business verification in seconds with the help of its document verification services, identity verification of the top management through official identity documents and Anti Money Laundering Checks.

Similar to Know Your Customer (KYC), KYB service providers verify businesses by obtaining official commercial register data using APIs. By employing the registration number and jurisdiction code of a business, an efficient digital KYB service can collect confirmable information for the business.

From KYC to KYB

The Bank Secrecy Act (BSA), introduced in 1970, is the United States’ most important anti-money laundering regulation. Banks and other financial institutions must meet the compliance obligations it involves.  BSA gave birth to KYC and AML solutions to make sure that businesses verify the identities of their customers and have valid money laundering checks. From verifying customers, the need to verify businesses emerged. The fifth AMLD  has centralized the data of beneficiary owner data. This centralization brought ease to the table for KYC and KYB.  Businesses must know the other business they are dealing with. According to Repair Driver News, $6.7 million worth of business loans were allegedly obtained fraudulently by a California auto body shop owner. In another survey, Payment fraud represents 60% of B2B fraud losses in the last five years. The reason why it is very crucial in this era to know the company you are concluding business with is because if it is blacklisted, it can cause trouble for your business as well. So the company verification process is vital to know the business one is dealing with.  

How KYB protect Your Business Interests?

Based on Artificial Intelligence, Shufti Pro can determine not only the true identity of a verifying individual but can also check for the financial risk attached to that person with AML Compliance solutions. With Anti Money Laundering services from Shufti Pro, you can check the involvement or presence of any top official of your partnering company in any watchlist or financial risk database. Shufti Pro banks on its huge databank to perform Customer Due Diligence on behalf of its customers. Shufti Pro can perform AML Background checks in real-time from 1000+ Watchlists and 3000+ databases.

Know Your Customer services might be the main objective of any identity verification service such as Shufti Pro, but the same set of services can be used to check the authenticity of any corporate entity. These KYB services are greatly helpful for financial institutions handling funds of large customer base and corporate entities. Banks, brokerage firms and dealers of several investment institutions have to be especially vigilant against every business entity that wants to partner with them.

Automated ID verification for identifying B2B frauds 

Performing Know Your Business procedures can be hectic and might require specialized manual resources, but automated business verification solutions can come in handy. Automating verification processes is a powerful step towards fighting B2B frauds. On one hand, conducting business online brings in a greater volume of online scams but on the other hand, automating business verification practices provides robust solutions that can prevent possible fraud attempts worth millions of dollars. They are not only the perfect form of Regtech but they enable businesses to be secure from multi-million dollar fines that a regulator will easily slap on such institutions if found in breach of their regulations.

Read: The Urgency for Know Your Customer’s Customer (KYCC) in Businesses

Business Verification Service – Is it Worth Your Time?

Most of the banks have already tasted the slow agonizing pain of KYC verification for their customer onboarding, transaction authentication, and remote banking services. This is the reason why most of the large financial institutions that are in dire need of Know Your Business services or who want to determine the ultimate beneficial ownership (UBO) structure of the corporations they are dealing with, find it hard to trust a KYC service provider. But with Shufti Pro and its Artificial Intelligence (AI) based identity verification services, it becomes easier to perform business verifications in seconds. With Optical Character Recognition (OCR) and Global Business Verification, Shufti Pro becomes an ultimate resource for businesses for real-time identification and verification. Shufti Pro is available in 230 countries of the world with support available for 150 official languages. It has the ability to determine the true identity of a person with the help of authentic identity documents that include ID Cards, passports, and driving licenses.

With machine learning algorithms any attempt of forging identity documents or even ownership structure can easily be detected by Shufti Pro. Fake credentials or personal information provided about the top management, a common practice in the case of Shell companies with complex management structures, can also be easily traced by Shufti Pro. Nationality verification and Geolocation services of Shufti Pro enables companies to determine the true country of origin for international clients and whether a certain company has been incorporated at a certain tax haven or not.

So in order to collect reliable business verification data and perform impeccable business verification, try KYC and AML Compliance solutions from ShuftiPro. You can even sign up for 15 days of free trial at first in order to check the service standards by this global identity verification service

Find more relevant resources:

Know your Business

Business verification

A lawsuit is filed against LifeLabs for a data breach incident

A lawsuit is filed against LifeLabs for a data breach incident

As reported earlier, the Canadian laboratory testing company, LifeLabs was hit with a cyber-attack which resulted in a data breach of 15 million customers. Following the incident, the lawsuit is filed against the company.

On October 28, 2019, LifeLabs reported the data breach to the government partners, however, waited until December 17, to announce publically. The accessed data included some sensitive information, customers’ name, emails, addresses, login credentials, dob, health card numbers, and lab test results.

LifeLabs paid an undisclosed amount to the cyber-criminals who accessed the data with a promise that they won’t disclose any information publically. Nevertheless, the lawyers Peter Waldmann and Andrew Stein filed the statement against LifeLabs in Ontario Superior Court accusing them of contract breach and negligence, on December 27. Moreover, the statement indicated the violation of consumer protection laws and their customers’ privacy. 

The lawsuit was filed on the behalf of plaintiffs also included the lead plaintiff Christopher Sparling. He alleged in the statement that LifeLabs violated their own privacy policy since they failed to implement and follow the adequate cybersecurity measures and checks to detect the potential risks and threats to Customers’ data and swiftly respond them within time.

In addition, the statement also accused LifeLabs to store the customers’ information on unsecured servers and networks without any encryption protocol and they neglected the need to hire cybersecurity professionals for network security management.

While the lawyers are seeking more than $1.13 billion in compensation for the breach victims to make up for the mental anguish, damage to credit reputation and the wasted time that had to undergo, the plaintiffs are looking for additional moral and punitive damages.

After the public announcement of the breach, LifeLabs set up a toll-free helpline on December 18 and received more than 5000 calls from concerned customers. 

CCPA: A Real Roller Coaster for Business Entities

CCPA: A Real Roller Coaster for Business Entities

One huge change in 2020 is the new data privacy law called the California Consumer Privacy Act or CCPA, which is effective from January 1st, 2020. Its results are expected to have impacts far beyond California State.

The CCPA is considered as Calfornia’s equivalent of Europe’s General Data Protection Regulation (GDPR). Signed by Governor of California in 2018, the CCPA grants California residents new online privacy and consumer protection. Even if you aren’t a resident of the Golden State, it may affect you.

What is CCPA and What it’s going to do?

This Act is going to give residents of California the right; to know what personal data is being collected on them and for what purpose is their data is used, who the data is sold to or shared with. They will also have the right to request that their data is not sold to third parties and could be deleted if requested. Furthermore, it also gives citizens the right to access their data collected online.

You may already have come across the impacts of CCPA in the form of the new privacy policy on different websites as they prepare for the implementation of this law. Even though the consumers will not notice a major difference daily, it has a great impact on businesses. The law completely changes how companies will treat customer data.

Even if your business doesn’t have a physical presence in California but you conduct business with residents of the state, then the CCPA may affect you too. While the CCPA is California’s state law, customers and businesses all across the united states will likely benefit.

Most businesses won’t want to deal with the extra overhead of applying to different privacy rules; one for California and one for the rest of the country. Just like the GDPR isn’t directly applicable to non-European countries, it paves the way for new data protection regulations across the globe. CCPA it’s self is inspired by GDPR and will now likely serve as an inspiration for other such laws.

Businesses Affected by CCPA

CCPA will affect the businesses selling products or rendering services to the residents of California. If your company buys or sells data on at least 50000 California residents each year, you are obliged to disclose to those residents what you are going to do with their data and they also have the right to not sell their data.

Moreover, companies generating revenue equivalent to, or more than $25 million or get 50% or more of their annual revenue by selling customer information are affected by the CCPA.

Firms that need to Comply with CCPA

Businesses operating online and collecting any sort of customer data needs to comply with CCPA. Following are some businesses that must comply with CCPA regulations:

Identity Verification Services

As identity verification requires sensitive identification data on customers, the verification services are most vulnerable to data breaches and need to place stringent checks on how to protect customers’ data. CCPA requires that all identity verification services implement their privacy policies amid Califonia Consumer Privacy Act.

Social Media Platforms

Being an important part of customers’ online journey, social media is a preferable platform for targeting the audience of interest. Different social media sites are used to advertise products and services and data available on social media platforms, even though mostly unstructured, contains sensitive information. Mostly personal data from social media platforms are bought and sold without prior user consent and which is why CCPA is going to affect social media platforms.

Are Businesses Ready for California’s New Consumer Protection Act?

As with GDPR, no one’s certain about what it means to be compliant with CCPA. With the start of a new decade, the law is in effect and it looks like consumers, businesses and even the regulatory authorities in California are not ready. Draft regulations for enforcing the act is still to be finalized at the state level.

Despite a lot of concerns before it’s official adoptions last year, GDPR went smoothly at least swifter then what was expected but the CCPA is likely to be a greater compliance challenge. Being the United States’ first data privacy law that gives customers control over their data, the CCPA is expected to create a lot of uncertainties.

Most online companies view the CCPA as being in their long term interest as it’s the first step towards data privacy. The companies, however, are not quite sure whether the law is comprehensive enough to cover all the data protection aspects and deal with all the challenges faced by firms and customers online.

Anyhow, California’s Attorney General says that even though widespread enforcement of CCPA isn’t likely until July, companies shouldn’t consider the first six months as a grace period. He further said, “We are going to help companies understand our interpretation of the law.”

Seeing the hesitations and all the uncertainty built around the implementation of CCPA, businesses consider it to be a real roller coaster ride for both the regulators and the firms that aim to comply with CCPA.   

DC is the Latest State to Sue Juul over Targeting Minors

DC is the Latest State to Sue Juul over Targeting Minors

The District of Columbia is now the latest state to sue c-cigarette maker, Juul Labs, saying the company’s online ads and promotions illegally targeted minors. 

The District of Columbia is following other states in suing e-cigarette maker Juul Labs, saying Juul deceived consumers about the potent nicotine levels carried in its flavored pods. The lawsuit also alleges that Juul failed to satisfactorily verify customers’ ages before selling e-cigarettes through its website. 

The lawsuit was announced Tuesday by the Attorney General of Washington DC, Karl Racine, alleging that Juul’s viral marketing contributed to a sudden increase in underage vaping by teens in Washington and across the US. 

The lawsuit follows other similar lawsuits filed by California, North Carolina, and New York. Other states are also investigating Juul which is currently dominating the US vaping market. The company also faces other charges from the FDA, Congress and other federal regulators. 

Due to numerous lawsuits and intense pressure, Juul has discontinued its advertising in the US and stopped sales of all but two of its flavors. In addition to this, the company suspended all their social media accounts and tightened age verification for their online sales.  

A spokesman of Juul said that the products of the company are only intended for adults and Juul is committed to combating underage vaping. 

 

 

Digital KYC to Trace and Tackle High-Risk Customers

Digital KYC to Trace and Tackle High-Risk Customers

Customers are the assets and building blocks of any business. Customers are responsible for taking businesses to the next level or destroying it to rubble. That is why it very crucial to know who you are dealing with. Know your customer is the procedure to identify and verify customers to check if they are real and not fraudsters or indulged in any illicit activity that can cause a threat to business. It is a process to check the background of customers and analyze the risk factors associated with them. 

The fundamental idea behind the introduction of KYC in organizations was to find a way that can protect the organizations from fraudsters and criminals and doesn’t involve penalizing the innocents at the same time. The KYC process is a standard procedure to verify the customers at the time of onboarding. However, with strict regulations coming into the light, KYC isn’t limited to the verification of the customers, instead, it is now to continuously analyze the customer behavior to look out for suspicious activities and illicit transactions. It is used for the following purposes:

  • To curb fraud schemes
  • To mitigate scam scandals
  • To put a halt on money laundering
  • To hinder illicit fraud transfer and
  • To identify high-risk customers by enhanced due diligence 

Need for KYC to Identify High-Risk Customers:

The KYC laws were introduced as the section of the Patriot Act passed in 2001 after the incident of 9/11 to deter terrorist activities and criminal funding. The section of this act concerned with the financial transactions inserted some new policies in addition to those of “The Bank of Secrecy Act of 1970.” These requirements regulated the banks and other financial institutions. As per the Patriot Act, the organizations dealing with finance are required to meet three main requirements in order to comply with KYC regulations:

  • Customer Identification Program (CIP)
  • Customer Due Diligence (CDD)
  • Enhanced Due Diligence (EDD)

High-Risk Customer Identification Program (CIP)

The customer identification program is a significant component of the KYC process in which the organizations are obliged to ask customers to provide their identification information. It is to verify the identity of the customer who wishes to carry out a financial transaction with a particular bank. The CIP requirement was made compulsory in 2003 for the financial institutions to develop and incorporate customer identification programs into their secrecy policies to meet anti-money laundering (AML) compliance. 

Every institution has its own CIP processes depending on the size and type of the institute. That’s why they may require different documents for verification. Generally, driving license and passports the most commonly required document by the banks. Regardless, some other documents may include: 

  • Utility bills
  • Financial references or statements 
  • Information from a consumer reporting agency or public database

No matter what document or information of the individuals and business is asked, it is to check their authenticity that they are not fake or fall in any prohibited lists so that fake customers and customers at high-risk can be filtered. 

High-Risk Customers Due Diligence

Customer due diligence covers multiple aspects of customer verification and identification. For secure onboarding of clients, it is essential to identify the future risks that can arise due to some customers – the reason why customer due diligence is conducted. While performing due diligence, the significant goal is to analyze customer behavior and predict the type of transaction pattern that the customer is most likely to follow. In an evolving regulatory climate, mobile identity verification can be of great help. It helps organizations in identifying suspicious behavior and assigning a risk rating to customers to identify the customers that can be threatening for organizations and how often their accounts will be monitored. 

The regulatory agencies have set no particular standards or methodologies for conducting customer due diligence leaving the institutions with an open choice to follow their own tools and devices. Many organizations demand a lot of information during the process including banking references, previous financial statements, salary slips, occupation, source of funds, etc. The purpose of this information is to analyze the background and behavior of the customer to predict future risks that may be linked to the customer. 

All this hassle because FinCEN has strictly imposed this requirement on the financial institutes to immediately report any threatening or suspicious activity. And you can’t do it efficiently unless you know your customer behavior and history.

now more about Digital KYC services

Enhanced Due Diligence (EDD) for High-Risk Customers:

Enhanced due diligence (EDD) is an advanced and more comprehensive set of KYC procedures for high-risk customers, exhibiting irregular transaction behavior or ambiguous sources of origin. The customers classified under the high-risk category after the Customer Due Diligence (CDD) process are more likely prone to money laundering and illegal funding of terrorists and criminals. They need to be monitored continuously. Considering the trend of such illicit transactions, the USA Patriot Act strictly dictates the institutions that they

 “shall establish appropriate, specific, and, where necessary, enhanced due diligence policies, procedures, and controls that are reasonably designed to detect and report instances of money laundering through those accounts.”

The EDD process includes verifying ultimate beneficial ownership information (UBO) and identifying politically exposed persons (PEPs). Monitoring the transactions is also one of the fundamentals of the EDD process.

High-risk Customers-Venomous for the Business:

High-risk customers are identified from the customer provided by using digital identity verification solutions. Such customers are monitored perpetually for the potential suspicious activities in their accounts so that no forgery can take place like money laundering, account takeover, identity theft, etc. Such customers can be a poisonous threat to business until they exist in the system. Various AI-powered Saas products offer inputs that are useful for the monitoring systems of the business to filter such AML high-risk customers that pose a threat of money laundering. Such a risk management framework will business in assessing customer risk. 

Digital KYC Checks- From Weeks to Seconds:

It is a documented fact that customers are the assets of any organization. Digital KYC is what the institutions need in this era of technology. Based on the principles of automation, the eKYC process can simultaneously execute multiple steps. It reduces the keystroke time, cost and human effort. The process that could take hours and days for an individual can be cut down to seconds with the help of AI-powered solutions and tools. With the use of intelligent KYC verification, the businesses can onboard a more secure clientele and that too with real-time verification, coping up with the regulatory complexities at the same time.

With the world moving into the digital sphere, customer convenience is even more important for any business. The manual KYC process is quite a time consuming and costly process. Clients get exhausted as it takes weeks or even months to onboard a customer. This cumbersome procedure even ends up losing customers as they move to other platforms during this time taking procedure. It is evident now that digital KYC doesn’t only help to identify any customer but helps to filter out customers that have some traits putting them as high-risk customers so that businesses are vigilant while dealing with them. Also, due to the digital revolution, the concept of global onboarding is becoming common which requires more fast and convenient verification and onboarding process. 

Perks of Using Digital KYC Solution:

To end up negative customer experience digital identity verification solution has achieved a milestone. Following are some of the benefits that come up with using the digital identity verification solutions for KYC:

  • Demit Frauds and Scams

Using digital KYC can decrease the risk of frauds like identity theft, credit card fraud, and onboarding high-risk clients. 

  • Increase Security

It’s more important than ever to verify the identities of customers due to an increased risk of terrorist funding and money laundering and other cybercrimes. 

  • Ensure Accuracy

Digital KYC solutions provide a seamless experience where there are lesser chances of errors and omissions. 

  • Provide Better Customer Experience

Digital KYC provides a better customer experience as it takes no time for the whole authentication process. 

In a nutshell, digital KYC clubbed with artificial intelligence is crucial to identify and tackle with high-risk customers that can bring along various dangers for businesses. Business can end up paying hefty fines due to such customers or owners end up losing their businesses. Digital KYC simplifies identity verification for an online business that plays a vital role in this area. In an evolving regulatory climate, mobile identity verification can be of great help. In the coming years, it will continue to morph with surprising speed.

Know more about Digital KYC

Why CDD is significant for both Know Your Customer and Know your Business verification?

Customer Due Diligence: From KYC to KYB

Why CDD is significant for both Know Your Customer and Know your Business verification?

Banking is a profitable sector but is risky at the same time. Frauds, as well as compliance risks, are often complicated and intricate. The banks and financial institutes are spending a high amount of capital on KYC compliance, which surpassed $100 billion in the year 2019. Even with this much investment, global banks have been fined $321 billion since the global crisis in 2008. Further complicating these risks is the fact that financial crimes such as money laundering, terrorist financing, and cyber frauds are increasing.

On the other hand, regulatory authorities are striving hard to enforce measures that could lead to the eradication of financial crimes. One of the first regulations that were enacted amidst the Vietnam war back in the 1970s was BSA. US regulatory authorities issued the Bank Secrecy Act of 1970 (BSA).

The purpose of this law was to counter money laundering activities emerging from illicit drug trafficking. Under this provision, banks are obliged to report any customer activity that seems suspicious such as transaction above $10,000 to the Federal Financial Crimes Enforcement Network (FinCEN).

The regulations aimed to make it difficult for the drug cartels, terrorists, and other lucrative criminal enterprises to launder money by making their transactions more visible to law enforcement agencies.

Introduction of Customer Due Diligence as Know Your Customer (KYC) regulations

 

The Banking Act of 1970, laid the foundation for the Anti Money laundering (AML) regulations later in US patriot Act, 2001, after the tragic incident of 9/11. Customer due diligence (CDD) was declared necessary for the financial sector. The term coined for performing CDD is Know Your Customer or KYC.

The KYC regulations were fortified to restrain the flow of money to the terrorists. It requires financial institutes to verify the customer to ensure that they are, who they claim to be. These regulations led to the adoption of various approaches to comply with CDD and KYC laws. Since the US regulatory changes affect the landscapes of the global financial sectors, these regulatory changes were accepted by the banking sector worldwide.

Financial Sectors adopted several ID verification controls to respond to these regulations. These ID verification controls include:

  • Maintaining a thorough Customer Identification Program (CIP).
  • Verifying customers against the list released by Law enforcement agencies.
  • Predicting, customer’s behavior and criminal risks associated with a particular entity, based on the statistical data.
  • Ongoing screening of the transactional activities of suspected customers.

It continues to be the main line of defense for the financial sector against financial crimes, with minor amendments. For a simple person, this law appears comprehensive. However, in June 2016, a loophole was identified in KYC compliance regulations. 

The banks weren’t required to verify the identity of stakeholders and beneficiaries of the businesses they provide services. It was after Panama Papers Scandal the world realized that apparently, legitimate businesses could hide the identities of bad actors and perform illegal activities on their behalf. The regulatory authorities identified the risk and issued a fix as Know Your Business (KYB).

Tying up Loose Ends with KYC Verification

 

This fix made by regulatory authorities in the KYC checks includes the Customer Due Diligence for the financial institutes. Under the new provision, Financial institutes are now required to perform stringent verification checks. KYB regulations are aimed to identify the shell companies that are involved in money laundering and other illicit financial crimes. 

Firms are required to verify the person who owns the business legally as well as, the identity of stakeholders owning a minimum of 25% share in the business. European Commission also introduced the same legislation in its 4th AML Directive (4AMLD). This process of business verification was improved, with new regulatory changes in AMLD5 and AMLD6, which are aimed to make due diligence transparent.

However, KYB compliance is not easy to achieve as it seems. The major problem in KYB verification is the identification of shareholders in the businesses. Most of the time, no record of these entities is available and to make things worse, the disclosure requirements in each jurisdiction varies. This sometimes makes it impossible to identify the stakeholders in the business. It is a recipe for disaster, for the firms who want to stay in compliance.

Turning towards Technology for Solution 

 

Emerging from the ashes of the global financial crisis in 2008, the new regulatory technologies are helping to ease the burden of compliance by reducing the operational costs as well as mitigating the risks for financial crimes. At the crux of these technologies, is the use of new technologies such as Identity verification and KYC identification, to help financial institutes to monitor, comply and regulate. The RegTech solutions are already assisting financial institutes to meet KYC and AML regulations.

Businesses need to stay one step ahead of the fraudsters. With a comprehensive approach to global risk mitigation, businesses could easily prevent fraudulent activities and stay in compliance with regulatory authorities. 

RegTech industry is rendering efficient AI-based solutions for Business verification solutions that can eliminate the inefficiencies and risks involved in onboarding new customers. For instance, automation of official document checking process and verification against the government issued registries. 

The future of RegTech is expected to see great adoption in the financial sector in the future. Owing to the changes in regulatory compliance, performing KYC and KYB verification parallelly will enhance the customer due diligence process and businesses to stay compliant.

The Bank Secrecy Act

Know Your Business-Pillar of Strength To AML Regulations

Moving in the world of technology, where every industry is going digital, there has been very less transparency among the businesses. Collaborating with businesses and entities online leaves room for some suspicious activities – means you will have no idea about the identity of the person on the other end. For example, the business you are onboarding may be a shell company or funding the terrorist.

Know your business (KYB) – these three words always seem to pop up everywhere in the industrial sectors, especially in financial institutions. KYB has successfully evolved from Know your customer (KYC) process and has eventually become an important part of today’s regulatory firms. It plays a vital role in low-friction regtech platforms to serve all types of customers without getting involved in illegal activities and entities.

The Bank Secrecy Act (BSA) of 1979:

Back in 1970, when the Vietnam war was on the full swing, a deadly confrontation erupted regarding drug trafficking. As a result, the administration laid a strong foundation against the War of Drug. The Bank Secrecy Act of 1979 (BSA) was introduced as a part of this policy agenda to deter illegal fundings. The BSA requires all U.S. financial institutions to report certain types of customer activities to the regulatory firm – FinCEN, the federal Financial Crimes Enforcement Network. For instance, financial firms need to report about the transactions totaling $10,000 or above.

The intentions of these regulations were to hinder the cartels, drug smugglers and other productive criminal enterprises from moving money through the US. The BSA makes the transactions more visible to the federal law enforcement hence starving the actors from their profits.

From KYC to KYB

The BSA is itself a foundation for the anti-money laundering (AML) regulations also known as Know your customer (KYC) compliance. It was enumerated in the 2001 USA Patriot Act as a result of the 9/11 incident and came into effect in 2003 – adopted by a joint resolution of federal financial agencies. These regulations intend to curb the flow of money to terrorist factions and other money laundering crimes. To meet these regulations, the institutes are required to maintain a record of personally verifiable information of every customer.

It won’t be an understatement to say KYC was built upon the BSA, which enforces the financial firms to ensure the identity of their customers that they are who they claim to be. However, the BSA rules were somehow vague that were covered by KYC regulations with the introduction of the Customer Identification Program (CIP) and Customer Due Diligence (CDD).

While KYC compliance ensures the identity of the customers and keeps an eye on the risk factors associated with them, but unfortunately there is still a major loophole unsolved. That is the financial institutes weren’t required to identify or verify the stakeholders and beneficiaries of the businesses and entities they are serving. This means that legitimate firms could unknowingly shelter bad entities or shell companies while performing illegal and high-value transactions on their behalf. Doing so makes the financial firms equally responsible for the illicit transactions taking place right under their nose. 

This issue came into light through the scandal of Panama papers back in 2016 and as a result, KYB services were introduced for business verification.

Dive Deep into KYB

 

The officially titled “Customer Due Diligence Requirements for Financial Institutions” is what we consider as know your business checks or KYB. It can be taken as an extensive form of knowing your customer since it doesn’t only verify the name of the person to whom the business is registered. It also enforces the institutions to verify the identities of the chief executives and any other person who owns 25 percent or more of the business. 

KYB compliance covers an entire industry of consultants who facilitate various firms to ensure that their business customers are properly investigated and none of them are involved in illegal activities. Every financial institution, merchant acquirer or payment companies who deal with money transfers and transactions, is enforced to perform KYB check of the businesses with whom it does business.

The checks for KYB solutions include the verification of company registration, business license, identification of a business, and other executives of the business. The KYB compliance requirements may vary from address and date of birth to driving license, passports and bank statements. Moreover, these checks are also performed against sanction lists, PEPs, Adverse media, and disqualified directors. 

These authentication checks are carried out by the KYB solution providers depending on the nature of the business, transaction value, suspicious reports, and more importantly the country legislations.

The Role of 5th AML Directive

 

The regulatory regimes around the world are continuously changing with every passing day. Last year, two major regulatory directives were updated, the 2nd Payment Services Directive (PSD2) and the Fifth Anti-Money Laundering Directive (AMLD5). The PSD2 requires financial institutions to make certain data available to other institutions through the use of APIs (Application Programming Interfaces). Whereas, AMLD5 compels the financial businesses to keep tight reins on the personal information online.

The businesses from financial institutes to merchants, everyone is facing regulatory pressure to meet stringent verification requirements. To do so they deliberately need to adjust the processes to conduct due diligence. The 5th AML directive along with PSD2 and GDPR regulates organizations to verify the businesses – the KYB compliance.

AMLD5, in particular, holds liability for the EU states to collect all the legal documentation regarding the company in a central registry. Moreover, it is mandatory that this central registry must be available and accessible to all the obliged entities that are required to perform business verification. 

Enhanced Due Diligence

 

After the Panama Paper Scandal, verifying the business entities and the mainstream business structure is an integral part of AML compliance requirements, compelling enhanced due diligence (EDD). It obliges securing additional information about the business client, for instance, the nature of the business relationship, source of funds, transaction history and the enhanced monitoring of the business relationship.

KYB in Europe

 

In Europe, the 4th AML Directive is already in effect and by January 2020, AMLD5 will also be in action. The AML 4 requires the businesses to identify the obliged entities and take prudent measures to verify their identities. It facilitates the businesses to know about the UBOs in regards to trust, foundations, and legality of the entities to better understand the structure of the business and customers.

According to defined rules, the beneficial proprietor in the EU is any person who owns 25% of the corporate business. However, in the upcoming AMLD5, the proposal is lowered to 10%. 

KYB in the US

 

The Customer Due Diligence (CDD) Final Rule has been in effect since May 2018, in the US. This rule states as: 

“Beginning on the Applicability Date, covered financial institutions must identify and verify the identity of the beneficial proprietors of all legal entity customers (other than those that are excluded) at the time a new account is opened (other than accounts that are exempted)”

As per the regulations, the financial institutes include banks, dealers and brokers, mutual funds and futures commission merchants. However, different jurisdictions constitute different requirements. In fact, even one region may have different regulations to be applicable to the state members. For example, the US financial institutes, in addition to the Bank Secrecy Act (BSA), they are liable to OFAC (Office of Foreign Assets Control), FACTA (Foreign Account Tax Compliance Act) and SEC disclosure rules.

KYB Process –  From Weeks to Seconds 

 

Performing Business verification is quite difficult, time-consuming and costly. Most of the companies hide their true identities in order to surpass the money trial. Also, the shell company can obscure their true information in filling and different jurisdictions. The percentage of possession is mostly disguised through different paper trials which makes it difficult to identify. In fact, in some countries, there is no proper paper trial – means no documentation is required for setting up a business, hence no source to investigate for shareholders’ information – which is against the FATF, AML and CTF regulations.

Some of the companies are overcoming this problem by implementing KYB solutions just like KYC. However, manual verification is quite slow, error-prone and costly. To incorporate this con, the KYB solution providers are actively adopting automated ways to verify the businesses in real-time.

In this era of high competition and complex compliance requirements, there is a need for electronic ID verification of business. By automating the KYB process, the financial institutes can securely access the UBOs identifying information from the central registry and verify it. Moreover, meeting the KYB compliance can paramount the complex regulatory environment.