KYC - know your customer compliance

KYC Compliance – Strengthening Fraud Prevention Across the Globe

Know Your Customer (KYC) 

The widespread availability of the internet has made our world more connected than ever. This, however, has made our information more vulnerable to fraud. The ever-climbing fraud statistics continue to trouble consumers and businesses as well as regulators across the globe. Yet traditional practices for Know Your Customer seem no longer effective. With the increasing scrutiny of regulatory bodies and global financial regulators, businesses need to come up with an effective Know Your Customer Compliance process. The KYC process involves the verification of the identity of individual customers for preventing fraud and money laundering activities.

Traditionally, banks and other businesses performed KYC manually. However, manual customer compliance and KYC procedures take longer and tend to frustrate customers. For banks too, manually verifying and vetting each customer can be costly and arduous. Herein, comes the role of SaaS KYC service providers. Providers of identity verification as a service, nowadays are using machine learning, advanced biometrics, and a combination of Artificial and Human Intelligence capabilities to verify end users. It is an all in one solution that is equipped to fully automate KYC procedures and customer compliance programs in companies. 

A comprehensive KYC and AML solution can effectively fulfill a business’s Know your customer compliance requirements. It not only makes the implementation of compliance obligations seamless but can also improve the onboarding process. Its KYC services include document, face, and address, consent verification along with global AML background checks, and video KYC solution.

Some of the major KYC and AML procedures that Shufti Pro offers include;

  • Document Verification
  • Face Verification
  • Address Verification
  • AML Background Checks
  • Consent verification
  • Video KYC solution

Document Verification

A simple and efficient way for banks, financial institutions, e-commerce stores, crypto exchanges, ICOs, and a number of other businesses is to verify customers through document verification. It encourages customer compliance and allows businesses to verify users through multiple documents including ID cards, passports, driver’s licenses, credit/debit cards, utility bills, and other customized documents that a business may need verification, for its users. 

The verification of the document(s) can be personalized for business, according to its need to verify its users. For example, an online retailer would want to verify the address of its customers to avoid shipping fraud and errors. Different features of a document that can be verified include Name, Date of Birth, Age, Date of Issue and Expiration, Document Number (MRZ code, passport number, etc.), Gender, Nationality, etc.

The process of document verification for a business is simple and easy. All they have to do is select the mode of verification (onsite or offsite) and document checks they want. The rest is taken care of by the verification software. The process of document verification involves;

  • The end-user or customer comes in for verification and selects the type of document he/she wants to be verified by. It is up to the company to provide multiple options for its customers for verification including ID card, passport driver’s license, or any other ID document.
  • The user then scans their document(s) or uploads a copy of it to verify their identity. 
  • The system verifies the user using hybrid AI and HI technology in 30-60 seconds.

Document Verification

Face Verification

Face verification nowadays is normally performed through a facial recognition software developed on AI-based protocols. Biometric facial authentication is usually performed by businesses that run a higher risk of attracting fraud and financial crimes like money laundering, bribery, and tax evasion. This may include but is not limited to, banks, insurance providers, investment firms, crypto exchanges, ICOs, and forex companies. All such businesses are highly regulated and require additional protection from fraudsters and criminals. 

Performing facial verification is simpler than document verification and only requires the end user to show their face in front of the web camera. Alternatively, they can also upload a picture to authenticate their identity. The choice to verify the user through image or video or both lies with the company availing KYC services. An end-user is verified in the following way in the face verification feature;

  • The end-user comes in for facial verification
  • They show a fake or photoshopped image for verification
  • The facial recognition system declines the verification since a fake image is being used for verification.

In another case,

  • The end-user comes in for verification
  • He/She will show their actual face or image for verification
  • The verification is approved as the software detects the presence of a real person, or does not detect any photoshopped elements in the image used for verification.

Online Facial Verification

Address Verification

E-commerce sites, online retail businesses, and banks often require address verification of customers in order to check if the person is using legitimate credentials to gain access to services. Address verification services allow for better and more convenient authentication of users around the globe. It is the fundamental solution for businesses to eliminate identity theft. Address verification further increases the accuracy in the shipping of orders allows companies to conveniently deliver merchandise to customers. 

Address verification is performed using a number of different documents including utility bills, bank statements, tax bills, ID cards, passports, etc. The system is also able to corroborate addresses using different documents. Therefore, if either of the documents is forged or stolen, the system will stop the verification. The address verification process is performed in the following way;

  • The user selects the document using which he/she wants to verify their address. It is up to the company if they want to provide their customers or users with various document options with which they want to verify their address.
  • Scan or upload the document for address verification.
  • The system will use data extraction protocols to verify the address of the user.

Address Verification

AML Screening

Banking and financial institutions are required to perform customer due diligence (CDD) for individual customers and clients. For higher-risk individuals, they are obligated to perform enhanced due diligence (EDD) to evaluate, assess, and eliminate the risk they pose to the institution. For more efficient risk assessment, the AML compliance program for screening each individual client is a must. 

With an AML screening system, banks can now easily screen new and existing clients through a foolproof system. The screening process flags PEPs and high-risk individuals from a vast database. It contains data from over 1000 sanction lists and 3000+ databases. Some of the lists through which end users are scanned include OFAC, FATF, DFAT Australia, FinCEN, CIA, FINMA, and numerous others. The databank is updated every 14 minutes to account for any updates in the lists. Banks and other financial institutions can choose to implement batch screening or ongoing screening for their clients. Batch screening screens individuals in bulk in one request whose basic name and DOB are already known. In ongoing screening businesses operating in a high-risk environment can issue an “on-alert” status to clients with a greater risk profile. 

AML compliance program is generally availed with KYC verifications and checks are run in the background. 

  • The system extracts a user’s Name and DOB from their credentials as they perform their identity checks.
  • The system will scan the person from global AML watchlists (FATF, OFAC, Terrorist Financing, FinCEN, DFAT, etc.)
  • If the individual is flagged in any list their verification will be declined and the company will be notified of a specific individual’s flagged status.
  • If they are cleared, their verification is approved.

AML Screening

Consent verification

It is one of the solutions unique to Shufti Pro alone. Consent verification uses the technology of facial recognition along with liveness detection to verify the remote presence of customers in real-time. The process is quick and easy. The identity of the user is verified through a live selfie along with a unique or predefined printed or hand-written consent note which implies that the person in question gives his consent for the online transaction, for example. Shufti Pro checks for the authenticity of the consent note or ID document. The rate of credit card chargebacks rises by 20% each year. Consent verification ensures ‘Know your customer’ compliance and helps with the quick onboarding of legitimate customers which as a result protects businesses from high-risk transactions, chargeback requests, and friendly frauds.

The end-user is verified in the following way in the consent verification feature;

  • End-users provide their consent with a consent note along with their live selfie
  • They are then asked to show their face to the camera holding client’s choice of the document (it can be an ID document or a handwritten consent note)
  • The verification is approved or declined based on the live-ness, the validity of the consent note, or predefined document template

Video KYC Solution 

There are a few processes businesses can use to verify their customers. One such process that Shufti pro offers is KYC through a video call. Video KYC is a process of remotely identifying the customers which overcome the hassle of verifying documents manually. Video KYC has been in the spotlight especially for the banking sector and related financial institutions. It offers a quick process of onboarding customers with minimum obstacles and low KYC costs. VideoID is considered one of the most significant developments in KYC since it uses an online video interview with a KYC expert for customer authentication. The KYC expert authenticates the documents while ensuring customer compliance and through AI-enabled facial recognition technology, does a liveness check in real-time to make certain that the person is who he says he is. Which, further, prevents businesses against spoof attacks, deep fakes, and synthetic identities.

The steps involved in the Video Customer Identification Process are as follows:

  • Customers register themselves on the client’s platform
  • The client schedules a live video call with one of their KYC experts
  • Customers are asked to show the identity document live during the call
  • Shufti pro analyses the information and the legitimizing of the individual using AI-techniques 
  • Verification results are delivered to the client 

Requirements for Each KYC Procedure

The documents required from each end user for a KYC verification depends on the company availing the KYC services. Each company has its own requirements of customer compliance and verification of its users. However, certain standard documents are used by most businesses to verify their users. These documents include ID cards, passports, driver’s licences and credit/debit cards. The company can choose to provide different options for verification for its users or set a standard document through which the person can be verified. 

Documents for address verification include, but are not limited to, utility bills, bank statements, tax bills, rent agreement, employer letter, insurance agreement and other standard ID documents. The AML checks require the full name and date of birth of an individual that can be extracted – or entered – during the KYC process. Whereas, video KYC requires the remote presence of an individual. 

It must be noted that the requirement for each verification is set by the company availing the identity verification services. They may ask for only one or multiple documents for verification from each user according to the needs of their industry and the regulations they are obligated to adhere to. 

Industries that Adhere to KYC Compliance

Know your customer compliance applies to a vast range of industries. Different businesses need to adhere to KYC requirements of their region as well as the region(s) they operate in. Some of the many industries and businesses that require KYC procedures include, but are not limited to;

Kyc Compliance

  • Banking, Financial Services and Insurance (BFSI) Industry
  • E-commerce businesses
  • Foreign Exchange Brokering Services
  • Cryptocurrency Exchanges or Companies dealing with or operating on cryptocurrency (ICOs, Bitcoin wallets etc.)
  • Freelancing platforms
  • Telecommunication Services
  • Travel and Hospitality Services
  • Peer-to-Peer Marketing
  • Online Gaming and Gambling 
  • Healthcare Industry
  • Real Estate Sector

Standard KYC Compliance Procedures Around the Globe

Every jurisdiction around the globe has its own set of regulations and requirements for businesses to operate safely. Different countries and regulatory authorities set their own standards according to their legislative structure. However, standard KYC requirements are fixed for most regions across the world. Most know your customer Compliance Procedures are centred around: 

  • Digital Identity Verification.
  • Electronic identity Verification or e-IDV, that verifies individuals through different government or independent databases.
  • Address verification through different documents

Any specific distinction in the process of KYC exists based on;

  1. Use case – The use case for each business involves in what capacity a business might need KYC, how it would apply KYC procedures.
  2. Regulatory Requirements – regulatory requirements differ based on the type of industry, the level of risk an individual or business may pose and the region in which an enterprise operates in. For example, in a few countries including Germany, Spain, Switzerland and Austria the regulations require businesses to verify users through video conferencing 
  3. Type of Business – the risk associated with a business also comes with the industry it operates in and its nature. For instance, financial service firms are bound by more legal obligations than perhaps an online retail store.

Kyc Procedures

The identity solution from Shufti Pro offers universal language support, along with the ability to verify over 3000 documents. This allows us to verify users from over 230 countries around the world. Our AML databank includes names of Politically Exposed Persons (PEPs) from over 1000 + sanction lists and 3000 + databases. It is currently catering to a diverse set of clientele ranging from financial services to online retail businesses to crypto companies. With the ability to verify users in under a minute, Shufti Pro can fulfil a business’s KYC compliance requirements with increased efficiency.

KYC Verification Process three Steps to Know Your Customer Compliance

KYC Verification Process – 3 Steps to Know Your Customer Compliance

Do you know the three components of KYC?

The entire identity verification procedure encompasses a lot, however, the most important ones are:

  • Customer Identification Program (CIP)
  • Customer due diligence
  • Ongoing monitoring 

This blog post highlights the importance of the KYC process followed by 3 steps to the KYC verification process.

Introduction

In this modern era, fraudsters and criminal groups have come up with enormous resourceful ways to fulfill their malicious purposes. It is a common practice of such criminal groups to misuse the systems of legitimate entities such as banks and other financial institutions, credit unions, e-commerce, etc in order to avail free services, commit frauds and convert ill-gotten gains into ‘clean money’. However, financial institutions mostly rely on the system of controls which aimed at collecting knowledge about customers. This is also known as ‘Know Your Customer (KYC)’. 

Similarly, another major issue is that businesses are knowingly or unknowingly used for money laundering activities which at the end turn out not to be compliant with global and local AML regulations. This dirty money is then used for terrorist financing, drug-related financing, and other criminal activities. The businesses that do not comply with the obligations of regulatory authorities are subjected to harsh penalties. AML compliance is, therefore, compulsory for businesses to consider at first hand.

Proactive security measures ensures complete elimination of any sort of fraud on an immediate basis. For instance, data breaches, identity theft, account takeover frauds, and money laundering and terrorist financing. 

A large number of fraudulent activities take place as a result of unauthorized access to online platforms. To combat this, banks and online businesses are required to perform KYC for each customer during the onboarding process. It not only serves the purpose of fraud prevention but also meets the regulatory obligations of KYC compliance.

With the news of Panama Paper leaks, the global KYC regulations have become more stringent. FinCEN that is the US regulatory authority, declared amendments in regulations to combat money laundering and extended the scope of customer identity verification. These changes were proposed as a result of loopholes that were residing in the framework of financial institutions. 

Impact of regulatory changes in financial sector

KYC Verification Process Steps

Just like the way traditional banking institutions were used to verify an identity, online KYC verification is performed. KYC verification process steps include;

Collection of Information

The first step in KYC verification involves the collection of personal information from an online user. The user is supposed to enter all the personal details at the time of account registration.

Ask the user to Upload an Evidence

After collecting information, in the second step, ask the user to upload a supporting piece of evidence as an identity proof. This helps the system verify that the user-entered information is not fake and holds authentic data.

Verification of information

Once the user uploads a document as proof, the document template is identified and examined against several checks. It is to ensure the uploaded document is not tampered or photoshopped. Once it’s validated, the data is extracted. There can be two ways to fetch the data from documents:

  1. Data extraction through OCR in which the system automatically extracts the data from the identity document and check the authenticity of the information.
  2. Data extraction without OCR in which the user manually enters the information and the IDV solution checks the user-entered information against the one present on the identity document. 

Check out the KYC Verification Process demo:

Customer Identification Program

In the KYC procedure, the Customer Identification Program (CIP) is the initial step. The identification of high-risk customers should be done beforehand to mitigate the risks. The mandate of CIP is to ensure that the entity performing a financial transaction is verified. This is necessary to curb money laundering, terrorist financing and other illegal criminal activities that disrupt the overall financial system. 

In CIP, financial institutions are supposed to collect the user information to open a bank account. This information includes;

  • Name
  • Address
  • DoB 
  • Identification number

After collecting this information, it is verified against supporting shreds of evidence that could be in the form of biometric verification or document verification. In addition to this, CIP includes risk assessment of customers and business accounts. This helps financial institutions build parameters against which each customer will be given a risk rating. KYC procedures, therefore, are predefined that contribute to the prevention of the frauds. At this point, businesses decide CDD and EDD procedures.

Customer Due Diligence

This is a process in which a customer’s information is screened against KYC protocols. In KYC compliance, this is the second step in which basic customer information is collected online in real-time. In CDD, the information collected includes;

  • Name
  • Address
  • Age
  • Date of birth

All this information is used to verify the onboarding customer. After this, the customer is assigned a rating as per credentials after the AML screening procedures and financial credibility. In case, if the customer ID is found in watchlists or PEP records, the risk is considered high and further Enhanced Due Diligence process is performed. 

CDD concludes that how much a customer profile is a risk for an institution. In private and offshore banking, CDD is supposed to be done more deeply to inspect any suspicious identities in the system. CDD should be a scalable method that could ultimately reveal the involvement of money laundering and terrorist funding in the financial system by identifying the identities. 

AML Screening

KYC compliance does not end here. One time customer verification does not conclude the inevitable credibility of that identity. Instead, a continuous identity screening should be performed in an institution to deter the risks of fraud from even the authorized entities. The ongoing financial transaction monitoring is important to identify suspicious transactions and unusual money flow in the financial system. 

For this, a risk mitigation strategy is defined that includes parameters against which monitoring needs to be performed. These indications include;

  • Transaction above the specified threshold
  • A large number of frequent transactions
  • Unusual/suspicious activities

Read more about ‘Indications of Money Laundering’:  Guide to Anti-money Laundering and Countering of Terrorist financing

Corporate KYC

Know Your Business or ‘KYB’ is a process that ensures verification of corporate entities or businesses you are dealing with. This is as important as KYC compliance. Business verification includes verification of Ultimate Beneficial Owners (UBOs), third-party businesses, and other corporate entities. KYB deters the risks associated with fraudulent business entities. Not only this, as per regulatory requirements and regulations about UBOs verification, KYB has become more than necessary to build a clean customer base as well as business relationships. 

It all adds up to

An efficient KYC solution is the need of every businesses sector. To comply with the changing KYC and AML requirements, organisations need a KYC solution that adequately follows all steps of KYC compliance. Shufti Pro is a one-stop solution for enterprises to cater to your KYC practices. We offer real-time KYC services with the global support of 3000+ documents and 150+ languages. Incorporating data protection standards, Shufti Pro is secure and reliable for quick customer onboarding.

Have more questions on how Shufti Pro can help you? Share your concerns with our team and get a solution as per your business needs!

AML KYC how changed the landscape of global regimes

AML/KYC 2020 – how 2019 changed the landscape of global regimes?

Copy pasting your 2019 AML/KYC compliance strategy to 2020 plan will not do the job. Businesses need to change their AML/KYC compliance strategy to comply with the latest regulations. 

Anti Money Laundering (AML) and Know Your Customer (KYC) regimes evolved during 2019 on a global scale. Regulatory authorities like FATF, FinCEN, FINTRAC, and the EU government took some rigid steps to make KYC and AML compliance a global phenomenon

Regulatory and supervisory authorities are bringing all the industries under the radar to make AML/KYC compliance inevitable for reporting entities. The Danske Bank and Swedbank scandal made the global financial sector learn the lesson and to take compliance seriously.  Also, the heavy fines charged from non-complaint online businesses like gaming, cryptocurrencies, etc. initiated the trend of AML/KYC compliance among these industries. 

Below is a brief review of some major changes that occurred in KYC and AML regimes around the globe in 2019. 

Fifth AML Directive (AMLD 5) of the EU to be implemented in 2020

EU introduced the fifth AML directive in 2019 which is all set to change the AML compliance in the EU. The businesses are required to comply with this law by January 2020. 

AMLD 5 introduced the amendments for financial institutions, prepaid cards, credit institutions, real estate, legal sector, and virtual currencies, etc. The new directive requires the reporting entities to practice enhanced due diligence. 

The identity verification threshold on remote transactions of prepaid cards was reduced to EUR 50. Also, AMLD5 called for a reduction in the threshold of anonymous prepaid cards – from €250 to €150. Now the prepaid card providers will have to practice customer due diligence on every customer making a transaction or depositing more than €150 in his prepaid card account. This will help the authorities control the anonymous use of prepaid cards for illegal fund transfers. 

Virtual currencies need to apply customer due diligence just like traditional financial institutions. So thorough KYC and AML screening of customers is inevitable for businesses. 

FATF digital ID Systems Guidance

 

FATF took the Regtech initiative back in 2017 by showing a positive attitude towards technological advancements in the financial industry and regulatory framework. 

FAFT issued a guidance paper for digital ID systems. The guidance paper is open to suggestions from the stakeholders. The stakeholders of this guidance are the regulatory and supervisory authorities, businesses and government agencies. 

The guidance provides a brief insight into the process, components and technical standards of digital ID systems. It referred to NIFT Digital ID Guidelines and EU’s EIDAS Regulations

As FATF is a global authority and has several member countries from every corner of the world it is projected to make a huge change in global AML/KYC compliance practices of businesses. 

FATF recommendations for the legal sector, virtual assets

 

In June 2019, FATF gave revised recommendations for the legal sector and virtual assets. Now, these sectors in the member countries of FATF are required to practice thorough AML and KYC screening on their customers. Legal professionals are guided to verify the identity of the Ultimate Beneficiary Owners (UBOs) of the businesses they work with. 

Also, businesses dealing with virtual assets (cryptocurrencies,etc.) are required to perform AML/KYC screening on their customers just like the financial institutions. 

FATF also drafted the recommendations for art dealers, weapon dealers, and precious metal dealers to exercise regulatory compliance. These regulations are drafted to bridge any loopholes in the regulatory framework. 

Global authorities becoming more stringent towards real estate

 

Global regulatory authorities are becoming stringent towards real-estate. This sector is commonly used for money laundering. Canada, Singapore, UK, and Germany are some countries that imposed owner verification regulations on real-estate in the past years. In 2018, (AML) legislation was introduced according to which foreign owners were supposed to identify themselves. The purpose of this bill was to find out who is the owner of a particular real estate property. By 2021, the registry will be made public. 

AMLD 6

 

The AMLD 6 was also proposed in 2019. Sixth Anti-Money Laundering Directive (AMLD6) highlights a stringent framework to combat money laundering and terrorist financing. It extends the scope of criminal liabilities and entities with an updated list of predicate offenses. AMLD6 came up with tougher penalties and widens the criminal liability to legal persons. 

AUSTRAC all set to regulate MSBs

 

AUSTRAC launched a campaign against the unregistered money services businesses (MSBs). It requires the MSBs to register with AUSTRAC and to follow the AML/KYC regulations carved for them. Money transfer businesses that will not register with AUSTRAC will be liable for a fine of $420,000, seven years jail or both. 

These new regulations are implemented to mitigate money laundering and terrorist financing in the financial infrastructure. The MSBs are exploited by financial criminals due to a lack of customer due diligence practices in this sector.

Other than AUSTRAC, FATF and FINTRAC also adopted a risk-based approach towards MSBs. 

The U.S treasury international financial institutions initiative

 

The U.S expanded its counter-terrorism powers and now targets the international financial institutions around the world that aid the terrorist groups working in the U.S. Also it added three Korean groups, namely, Bluenoroff, Lazarus Group, and Andriel into sanctions lists. 

The UK expanding the scope of MLA-2017

 

The UK also amended its KYC and AML regulations and expanded the scope to an international level. The Money laundering Act (MLA-2017) of the UK was amended. The UK-based businesses will practice the MLA rules in their international affiliates operating in non-EEA states. 

To wrap up, 2019 was a phenomenal year for KYC/AML regulations where the authorities not only worked on enhancing the AML regulations but also on improving the compliance habit of liable entities.  

The fraud and planned crime cases in the past few years made the regulatory authorities to draft more focused and detailed KYC/AML regulations to mitigate money laundering, terrorist financing, and crimes related to identity theft. One fake or stolen identity if used wrongfully could initiate a chain of crime that could affect a lot of stakeholders. 

The changes that happened in 2019, made regulatory compliance inevitable for businesses. Many future-oriented businesses are using KYC/AML screening solutions to practice global compliance. Because there are just two ways out of this situation, either it is compliance that leads to fraud-free growth or non-compliance that leads to hefty non-compliance penalties and fraud losses. 

AML Technology Eradicating the Perils of Money Laundering

AML Technology Eradicating the Perils of Money Laundering

In the past few years, we have seen a substantial increase in the number of legislations regarding how legal entities especially financial institutions combat financial crimes like terrorist funding, money laundering, and identity theft. A report estimates that in 2009, criminal proceeds amounted to 3.6% of global GDP, with 2.7%  (or USD 1.6 trillion) being laundered. Businesses are in dire need of KYC and AML compliance to fight back all such frauds. Business owners are deploying various measures against scams but the AML compliance program is effective out of all. 

AML compliance program is basically a methodology that defines the role that governs how a company monitors accounts, detects and reports financial crimes to relevant authorities. AML screening tackles with the intrinsic money laundering risks the company faces or can face in the future. The role of legislation is crucial in order to know how the AML compliance program should work. Customer screening for anti-money laundering is for completing due diligence to prevent and deter money laundering, terrorist financing, and other financial crimes and frauds. 

Why AML Compliance?

AML( Anti Money Laundering) practices have been used for businesses around the globe and all regions require the businesses to perform due diligence on their customers in one way or the other. AML compliance is not as difficult for organizations to follow as it seems. An investment of a few thousand dollars can obviously demit the loss of millions in penalties that businesses will have to pay eventually. 

To detect suspicious transactions and analyzing customer data, Anti-money laundering AML screening has been employed by financial institutes and other businesses. To filter customer data and classify it according to the level of suspicious and inspect it for errors is done by AML systems. Any sudden and substantial increase in funds or a large withdrawal of cash includes such anomalies.  AML checks are not for money laundering but also put a tight reign on frauds like tax evasion, terrorist financing, etc. AML compliance has a system to report money laundering activities to relevant authorities evaluating the client’s risk profile. 

Artificial Intelligence Enhancing AML Checks:

 

Artificial intelligence (AI) has the potential to transform financial institutions (FIs), disrupting every aspect of financial services, from the customer experience to financial crime. AI technology can be utilized by FIs in a number of ways, with anti-money laundering (AML) one of the main areas of focus. FIs can employ AI to analyze large amounts of data, to filter out false alerts and identify complex criminal conduct. It can identify connections and patterns that are too complex to be picked up by straightforward, rule-based monitoring or the human eye.

FIs are awakening to the potential of AI, both internally and externally, and beginning to embrace it. According to the Digital Banking Report, 35 percent of financial organizations have deployed at least one machine learning solution. Artificial intelligence has the ability to completely transform how banks perform AML and Know Your Customer (KYC) compliance. Additionally, for this need of anti-money laundering, artificial intelligence systems are capable to mine a great volume of data to prevent risk, which simplifies the process of identification of high-risk clients.

 AI is crucial when performing repetitive tasks, saving a lot of valuable time, resources and efforts that can be refocused on other tasks. AI technology including natural language processing NLP and machine learning ML can create automation in process of AML screening.

How is AML Compliance impacting Businesses?

 

AML compliance can intelligently extract risk-related facts from a huge volume of data making the process of identity verification a lot more smooth and risk-free. It has the ability to track the alterations in regulations around the globe. It fights against financial crimes by identifying gaps in customer information by financial institutions and provide Know Your Customer ( KYC) alerts. Here are ways in which  AI has revolutionized AML screening to help the client onboarding process easy, resulting in bringing higher revenue and lower fraud risk to the business:

 

  • Enhanced Due Diligence:

 

Artificial intelligence can automate AML screening that helps automate the creation and updating of the client risk profile to match this against the classification process i.e high, medium or low risk that ensures continuous compliance throughout the client life cycle. Moreover, it assists the process of identity verification easier for enhanced due diligence.

 

  • Improved Client On-Boarding:

 

When applied to workflow automation, AI along with AML  has the ability to transform the generation of documents, reports, audit trails and alerts/notifications.

 

  • Risk Assessment :

 

AML compliance can help mitigate risk as whenever a client is highlighted with a suspicious activity system can block resulting in the removal of any sort of risk. It gives a full understanding of the different tiers of risks a customer presents and how to mitigate them

 

  • Detection of Suspicious Activity:

 

Any suspicious activity can be detected and immediately reported to the concerned department without putting yourself in trouble. The goal here is to have systems in place for prompt detection of activities associated with money laundering. For instance, suspicious activity can be:

  •  Increase in cash deposits of or business without any obvious reasons.
  •  Providing very little information when applying for a bank account.

 

  • Managing Regulatory Compliance and Change:

 

AML screening ability to counter patterns in a vast range of text enables it to make an understanding of all changing regulatory environment. Furthermore,  to analyze and classify documents to extract useful information such as client identities, products, and procedures that can be affected by regulatory changes. It can be instrumental in helping banks and other financial institutions to fight back financial frauds. 

 

  • AML Screening and Investigation:

 

A recent Dow Jones-sponsored ACAMS survey revealed the most challenging for bank compliance is of false positive. Underpinning the alert generation method with AML may end up in fewer false positives. whereas they’re a major part of the AML compliance method, alerts don’t seem to be enough to support an efficient and thorough investigation method. What’s needed is that the linking of high-quality information to the alert (via interpretation associate degreed link analysis) to supply a correct, graphical illustration of the legal entity structure. AML beside AI will facilitate to leverage antecedently performed steps within the alert investigation method to formulate a suggested next steps approach.

Read more about how AML regulations can help prevent financial crimes:

AMLD5- Closing the loopholes of AML:

 

Consider new technologies and improve transparency AMLD5 is here to fulfill the EU’s next-generation AML requirements:

The goals of 5AMLD are as follows:
  • Impact on  financial intelligence units and facilitate increasing transparency on who really owns companies and trusts by establishing beneficial ownership registers
  • Prevent risk associated with the use of virtual currencies for terrorist financing and limit the use of prepaid cards
  • To secure the financial transaction to and from the high-risk third parties. 
  • The access of financial intelligence units to information including bank account registers must be enhanced. 
  • Ensure centralized national bank and payment account registers or central data retrieval systems in all member states.
Global Economies are joining forces with FATF against money laundering

Global Economies are joining forces with FATF against money laundering

Financial Action Task Force (FATF) has been very keen on eliminating financial crime (money laundering, terrorist financing) at a global level. The regulatory authority recommended some major changes in  AML (Anti Money Laundering) practices and screened the AML practices of some of its members (direct or indirect) and also, added new countries in its member’s list. 

FATF is one of the most influential global financial regulators. It has 39 complete members and several members under its affiliates (APG, CFATF, EAG, etc.) around the globe working on a thorough implementation of AML regulations. FATF is always keen on eliminating money laundering from all the countries and territories. Numerous industries including financial and non-financial sectors are added to the scope of reporting entities of FATF recommendations. 

In a wake to ensure global compliance, FATF is always in search of loopholes in AML and CFT (Counter Financial terrorism)  regulations and compliance practices of the member countries. Regular screening of AML practices of its member countries is a part of its operations. 

In 2019 as well, FATF took some vital steps to expanded the scope of its regulations to a global level and to cover the gaps between global AML regulations

Saudi Arabia Became the First Arab Member of FATF

 

FATF expands the scope of its regulations to a global level by adding new members. Becoming a member of FATF requires the country to fully comply with FATF recommendations making it almost impossible for criminals to exploit it. 

Saudi Arabia is setting standards for the Arab and Middle eastern countries by becoming a member of FATF. the country was practicing the global AML and CFT regulations for the last four years. Also, in March 2019, it was about to be blacklisted by FATF, but missed it closely and now becomes full member of FATF.  

Financial institutions and businesses offering any types of financial services will be liable to comply with global AML regulations. This means the latest AML recommendations of FATF regarding cryptocurrencies and the legal sector will also be imposed on the reporting entities in Saudi Arabia. This initiative of Saudi Arabia will bring more business into the country as it is identified as a safe country by fully complying with the 40 recommendations of FATF. Meanwhile, the businesses in the country will be under the strict scrutiny of the regulatory authorities. 

It is high time that businesses in Saudi Arabia should identify the crucial need to practice complete AML compliance.

Pakistan in the Greylist 

 

FATF keeps an eye on its member countries by screening their efforts to eliminate money laundering and terrorist financing. Pakistan is a member of the Asia Pacific Group on Money Laundering (APG) and was under the scrutiny of FATF since 2018. The reason behind this scrutiny is the terrorist attacks in India. It was claimed by the Indian authorities that the terrorist activity was executed by a terrorist group in Pakistan. Also, the Panama Papers placed a question mark on the AML and CFT practices of Pakistan. The regulatory authorities in Pakistan are required to take proactive measures recommended by FATF to be removed from the grey list. 

In 2019, FATF made an analysis of the AML practices of regulatory institutions in Pakistan.  The decision has to come regarding, whether Pakistan will be added to the blacklist or not. 

It shows that FATF does not ignore any kind of non-compliance by its member states. In order to maintain the good image of their country, the member states are always in a wake to adopt stringent practices to enforce AML compliance in the business sector (financial and non-financial). Because becoming a member of FATF of just the first step, the countries have to go through regular screening of FATF and need to maintain a crime-free financial infrastructure in the country. 

So, the businesses in full member countries and indirect-member countries are in dire need of practicing complete AML compliance. As non-compliance will lead to dangerous consequences like huge fines and loss of credit rating, loss of credibility, etc. 

Changes in FATF Regulations

 

FATF gives recommendations whenever it finds a loophole in global AML and CFT regulations. In 2019, the authority gave some major recommendations to its member countries. 

FATF recommended AML compliance for the cryptocurrency and legal sector in 2019. The legal sector is required to screen the Ultimate Beneficiary Owners (UBOs) of the entities they represent. 

Also, the cryptocurrency businesses are required to practice AML and KYC compliance just like the financial sector. 

The reason behind these new recommendations is the increase in fraud in these sectors. Cryptocurrency is widely exploited by financial criminals at a global level. According to a report, $1.1 billion of cryptocurrency was stolen in 2018. On the other hand, the legal sector is also exploited by money launderers to incorporate their black money into the business proceeds of shell companies. That is why the legal professionals are required to verify the identity of UBOs of business entities they are serving.

FATF also recommends the art dealers and precious metal dealers to practice KYC screening on their customers and to report transactions above the predetermined threshold. 

Why Do Businesses need to Practice AML Compliance?

 

 

The businesses in the financial and non-financial sectors are covered in the scope of AML recommendations of FATF. Operating in countries that are full or indirect members of FATF, the businesses are obliged to practice thorough compliance with global AML regulations. Harmful consequences follow the non-compliance practices of businesses. 

Non-compliance could result in fines, loss of credibility, credit rating and market value, and in some cases complete shutdown of the non-compliant entity. For instance, take the case of the Danske Bank’s Estonia branch which was closed due to a huge money-laundering scandal. Also, the bank faced several lawsuits and huge penalty. 

The recent efforts of FATF show that the entity will leave no rock unturned to eliminate money laundering at a global level. So, it means that businesses have no other option but to take proactive measures against financial crime. Running real-time KYC and AML screening on the customers before onboarding them eliminates the risk at the very beginning. It enhances the credibility and credit rating of a company along with proactive fraud prevention. Such steps will help businesses in gaining a competitive edge. Hence, such proactive measures create a win-win situation for businesses.

DoorDash

DoorDash Falls in the pit of Data Breach – Affects 4.9 Million Users

Security breaches are increasing in number with every passing day. This keeps on happening. It would seem like every company should be taking their data security very seriously. After all, a data breach typically costs millions of dollars and tarnishes the company’s reputation.

According to Bitdefender, six in every ten businesses have experienced a data breach at some point during the last three years. Infosec professionals are acutely aware of the risks their organizations face with more than 58% worried about the organization in the face of a global cyberattack. In fact, the rest 49% confessed that they were losing sleep over it.

  • Human error can be a cause of 90% of data breaches
  • According to research half of the businesses around the world suffered a data breach
  • Data breach experience makes them more employable according to chief information security officer (CISO)

DoorDash Suffers Major Data Breach:

DoorDash a food delivery company confirmed a huge data breach a few days back, almost 5 months after it occurred. It was almost a year that users started complaining about their accounts being compromised inexplicably.  The company confessed that 4.9 million customers, delivery workers, and merchants had their information stolen by hackers.

The breach took place on May 4 but users who made accounts after April 5, 2018 were safe by this breach. Users who joined the platform before April 5, 2018 had their name, email and delivery addresses, order history, phone numbers and hashed and salted passwords stolen. Both delivery workers and merchants had the last four digits of their bank account numbers stolen. The cherry on top is that around 100,000 delivery workers also had their driver’s license information stolen in the breach. Doordash was unable to explain the breach at that time but later said that the incident occurred through a third-party service.

The Damage a Data Breach Can Do

A data breach can drastically affect an organization’s reputation and financial bottom line.  No one has forgotten about devastating data breaches of Yahoo which reported two major data breaches of user account data to hackers during the second half of 2016. Initially believed to have affected over 1 billion user accounts, Yahoo! later affirmed in October 2017 that all 3 billion of its user accounts were impacted.  Other organisations such as Equifax and Target have also been a victim of a data breach. Today, many people associate those companies with a data breach only instead of their actual business operations. So a data breach can make business loss not only their reputation but also identity. 

Different Types of Data Breaches and the Sources:

 

Different sources define different types of data breaches. Here, I group them by the root cause:

  • Cyber attacks:

 Hackers use malware, phishing, social engineering, skimming and related techniques to gain access to protected information.

  • Theft or loss of devices

Laptops, smartphones, thumb drives, and other data storage media can be lost, stolen or disposed of improperly. If they contain protected information and it ends up in the wrong hands, that’s a data breach.

  • Employee data theft or data leak

 Employees, especially those who are leaving soon, might deliberately access protected information without authorization with malicious intent. This can be major reason for the data leak. 

  • Human errors

Mistakes happen, and people are negligent. Employees may accidentally send proprietary data to the wrong person, upload it to public shares or misconfigure servers where it is stored. Not having any good method for ID verification can also make company data to fall prey to cybercriminals. 

Tips to Prevent Data Breaches:

 

To prevent loss of millions and the company’s reputation due to data breaches, following preventive measure should be taken:

Limited Access to Valuable data

 

Previously data access was given to all the employees. Companies are learning the hard way now and limiting access to crucial data. This narrows the pool of employees who might click on the harmful link. Only those who actually need access will be given, this is the common-sense solution companies probably should have been doing all along. 

Know Third-party vendors

 

Every company does business with a wide array of third-party vendors. It’s more important than ever to know who these people are. What if the guy who delivers office supplies just got out of prison? It’s something to think about. So always adhere to KYC regulations not only for your clients but also for third party businesses you are going to take services from. Verify who you are dealing with. In addition, be sure to provide limited access to the types of documents these vendors can view.

Though precautions like this can be a hassle for the IT department, the alternative could be a multi-million-dollar data breach.  Demand transparency for those companies that are allowed to view your important data. Make sure they are complying with privacy laws; don’t just assume. Ask for background checks for third-party vendors who must enter your company on a regular basis. 

Conduct Employee Security Awareness

 

Studies revealed that employees are the weakest in the data security chain In spite of training, employees open suspicious emails every day that have the potential to download viruses. One class of training is never enough. Regular classes should be conducted to safeguard important data once a month or more frequently.

Update Software Regularly

 

Regularly update all your software applications and operating system. Professional recommendation is to install patches whenever possible otherwise network is vulnerable. Microsoft has launched a product in this regard which is known as  Baseline Security Analyzer that can check and ensure all programs are patched and updated.

AML Rules for Virtual Currency and Legal Sector FATF 2019

AML Rules for Virtual Currency and Legal Sector – FATF 2019

Financial Action Task Force (FATF) is an inter-governmental regulatory authority. It was founded in 1989 to combat money laundering. In 2001 the authority also added terrorist financing in its regulatory framework. FATF works on through implementation of global AML regulations in its member countries and to research the money laundering and terrorist financing trends in the world. FATF also gives regulatory suggestions based on its research. 

Money laundering and terrorist financing are becoming a threat to global economies. Billions of dollars are laundered annually around the globe. The cases like Swedbank and Danske bank proved that no business is too big to fail when it comes to money laundering. Regulatory authorities are introducing more rigid regulations to control crime. Real-time AML screening solutions are used by global businesses to cater to the risk coming from their diverse clientele and to insure thorough compliance. 

FATF Crackdown on Cryptocurrency

The virtual currency has become a global phenomenon and has a global market worth $300 billion. Numerous cryptocurrencies are launched increasing the competition and loopholes for money launderers and terrorist financiers. Facebook also announced launching its cryptocurrency “Libra”. Which received criticism from 3 major European central banks. 

The recommendations of FATF are based on the current global scenario of cryptocurrency. Cryptocurrency is globally exploited for money laundering due to a lack of regulations in this sector. Many cryptocurrencies are practicing in-house protocols like online AML screening solutions to deter frauds, but such practices are not centralized and leave loopholes within the industry. 

As per the wall street Journal, FATF gave the recommendations for cryptocurrency regulation in June 2019. According to the new regulations, member countries are guided to register and monitor the cryptocurrencies on a regular basis.

The cryptocurrency businesses, exchanges are required to perform necessary KYC and AML verification processes on their clients and investors before serving them. Also, the cryptocurrency exchange and facilitators are required to report the transactions above the minimum transaction threshold. In order to keep track of crypto transfers, the crypto businesses are required to transmit the customer data to other financial institutions whenever making a transaction above $1000. 

Industry and regulatory experts are working on developing a centralized system for transferring the data of customers. Also, FATF announced in June that it will conduct a 12-month review in June 2020 after analysis of member countries and concerned firms. 

FATF Recommended Risk-Based AML for Legal Sector

Legal Professionals are exposed to a unique kind of risk coming from serving money launderers and terrorist financiers. FATF recommended new AML practices in June 2019, especially for legal professionals to cater to the risk of serving money launderers lingering within the industry. 

The new AML recommendations of FATF are designed to address the risk faced by legal professionals and the firms that have legal professionals as clients. The new recommendations require the concerned parties to exercise more vigilant customer due diligence processes to mitigate the risk of serving criminals. 

The guidelines will help to mitigate the risk through ongoing screening of clients of legal professionals. The recommendations suggest that legal professionals must pay heed to the identification and verification of ultimate beneficiary owners of the entities that they serve. In case the legal professionals serve a shell company it will affect their credibility by serving the money launderers in legitimizing their black money. 

In-depth identity verification of clients will be the obligation of legal professionals. So it infers that the legal sector will have to face serious consequences in case of non-compliance. 

What Cryptocurrency and Legal Sector Can Do About New AML Regulations?

After the new recommendations of FATF virtual currency and the legal sector will need to amend their KYC and AML protocols. The businesses in both sectors will have to do in-depth identity verification and AML screening of their clients.

The new recommendations of FATF are designed to fill the loopholes in the global industries and to mitigate money laundering and terrorist financing at a global level. 

The virtual currency sector serves a global clientele and many legal professionals also have the same. AML & Kyc compliance will help them to mitigate the fraud coming from diverse clientele. Also, once a centralized process and protocols are designed for global compliance, businesses around the world will have a compact set of procedures to eliminate money laundering through joint efforts. 

Once the virtual currency and the legal sector have streamlined their KYC/AML protocols at a global level it will introduce more growth opportunities in these industries. As all the countries will have the same rules and regulations so fraudsters will have no loophole to exploit and collaboration among businesses will be seamless. 

Online KYC and AML screening solutions will help businesses in virtual currency and legal sectors to mitigate the risk in a feasible cost-effective way. It is not possible for the businesses to physically verify their global clients and to screen their Identity documents physically. Developing an in-house system for KYC and AML verification is costly and requires hefty resources so, outsourcing a KYC/AML screening solution is a feasible solution.

Why Financial Industry Needs KYC/AML Compliance?

Why Financial Industry Needs KYC/AML Compliance?

The largest concern of financial institutions is “risk management” due to a high rate of financial crime in the industry. Financial crime takes multiple facets in different sectors of financial industry. Money laundering is one major threat and most of the financial institutions cater to it by using an online KYC/AML verification solution. 

Money laundering and terrorist financing increased at a rapid pace in recent years. Global regulatory authorities are introducing new rigid KYC/AML regulations. Financial institutions are under the strict scrutiny of global financial watchdogs. Millions of dollars of fines are imposed on financial institutions in an event of non-compliance. For instance, FINRA fined $1.1. Million to J.P. Morgan Securities for failing to report 89 potential high-risk profiles after an internal investigation of its stakeholders (employees and advisors). 

The rise of FinTech not only injected more competition into the industry but also shared the financial risk of typical financial institutions. The advent of this industry made banks and other financial institutions to enhance their operations and to introduce digital solutions for their typical financial operations to retain their clients. 

This advanced approach has pros and cons for the financial industry. Financial institutions were able to overcome the competition but also introduced new risks in their business models – the risk of online frauds and crime. 

Common Frauds in the Financial Industry

Before listing the most common frauds it is necessary to understand the motive behind these frauds committed against financial institutions. 

Clients and investors of financial institutions are the most common source of fraud and a threat to financial institutions. The major motive of these criminals is to get financial gain or to commit a financial crime in an anonymous way. Often the criminals use stolen or fake identities to execute their crime. This is the reason why all KYC/AML regulations need financial institutions to run KYC/AML verification on their clients and stakeholders before serving them. 

Common frauds with financial institutions are mentioned below:

Money laundering and terrorist financing 

Money laundering is committed to hide the money trail or black money. Financial institutions are used by criminals to launder their black money in other countries and to finance terrorist groups. Banks are not allowed to extend services to money launderers, in case the banks are found to be involved in such illegal transactions they are fined as per AML regulations. 

Account takeover fraud

Account takeover fraud is also a very common fraud in the financial industry. The criminals take over the account of a legal customer using the stolen credential (passwords, PINs,etc.) and use it for accumulating money or to make a transaction through that account. This is the reason why financial institutions are investing in biometric verification for account access.

Phishing scams

A common cyber-attack on financial institutions is phishing scam which is executed through fake emails sent to the employees of financial institutions. These scams are executed to gain illegal access to the confidential data of an organization. Employee training and firewalls is a good practice to mitigate these scams. 

Fake identities

Criminals use fake identities to open accounts at financial institutions to conduct their illegal activities. The most common victims of identity thieves are the financial institutions because they serve well the money motive of criminals. Research of Insurance Information Institue found that 3 million identities were stolen in 2018 and 1.4 million of those stolen identities were fraud-related. 50% of those identities were stolen to conduct credit card fraud with banks and businesses.

Key Points of Global KYC/AML Regulations

  • Exercise identity verification on your customers before serving them
  • Customers should be screened for international sanction lists, terrorist lists, high-risk countries and PEPs (Politically exposed people)
  • On-going AML screening of clients
  • Proper record-keeping for the AML practices in the organization
  • Any transaction above the “minimum cash transaction threshold” must be reported to the concerned authorities
  • Proper training of employees and an integrated AML compliance program
  • Fines in case of non-compliance

Recent Global trends in KYC/AML

Global financial regimes evolved in 2019. Many changes occurred in KYC and AML Verification regulations around the globe. Countries are working on extending the scope of their KYC/AML regimes. 

Canadian regulatory authority FINTRAC has changed the KYC/AML regimes to align them with international KYC/AML regulations of FATF. Online KYC is possible as scanned copies of identity documents can be used for due diligence. Also, Money Services Businesses and virtual currency businesses are added to the reporting entities list. They will be liable for typical KYC and AML rules that apply to businesses involved in fiat transfers. 

The UK amended its Money Laundering Act (MLA-2017) and require the international affiliates and subsidiaries of UK-based businesses to exercise the EU AML regulations in non-EEA countries aswell. 

Five major Dutch banks are joining forces to develop a joint technological system to handle the due diligence data of their customers. Also, they plan to develop joint KYC/AML procedures by sharing the financial data of their clients, for better KYC and AML compliance. 

Businesses that Need Real-time KYC and AML Verification Solution

As per the global AML and KYC regulations, the financial institutions must perform KYC and AML compliance. Financial institutions need to practice in-depth KYC and AML compliance. The institutions that are liable for compliance under the KYC and AML regimes are banks, brokerage houses, insurance companies, forex exchanges, non-banks mortgage lenders, money transmitters, cryptocurrency facilitators, etc. 

How Online KYC and AML verification is Performed?

The API is integrated with the system of financial institutions. Every time a new user is onboard or end-user accesses its account the verification is performed. Real-time identity verification is performed through in-depth screening of ID document and face verification or biometric verification. Also, the documents and address are verified in real-time before onboarding a new client. Once the verification is completed the end-user is allowed access to the system of the financial institution. 

Incase of AML verification the information of the end-user is screened against regularly updated databases that consist of global sanction lists, watchlists, and PEP lists.

 Benefits of Online KYC and AML Verification Solution?

Financial institutions and businesses are willing about going KYC and AML complaints after looking at the rigid behavior of global watchdogs. It is important to investigate the advantages of every step taken. 

Fraud prevention

Online KYC and AML solutions help the financial institutions in preventing the risk that comes from a diverse clientele. Identity thieves and money launderers can be identified at the very first stage and help the businesses in serving only legitimate businesses. 

Regulatory compliance

Online KYC and AML verification software help the financial institutions in catering to regulatory compliance needs. Compliance prevents penalties and credibility loss that could be huge in some cases. For example, Swedbank was recently fined for non-compliance and lost its market value along with its credit rating. 

Customer on-boarding

Online KYC and AML verification solution help the financial institutions in on-boarding clients with good credibility. Fast verification helps in seamless onboarding and helps retain more happy clients. Customers are verified within 30 seconds, reducing the hassle of manual verification. 

To wrap up KYC and AML compliance is inevitable for global financial institutions. Real-time KYC and AML verification solutions are suitable for seamless compliance. 

KYC Compliance

KYC Compliance Will Become Your Competitive Edge

Businesses, particularly the financial services sector, have been observing Know Your Customer KYC Compliance rules for nearly as long as they have existed. It is a process by which banks, financial institutions, retailers, e-commerce merchants and any other business vulnerable to fraudulent activities. KYC regulations were made more stringent in the aftermath of the 2008 financial crisis wherein banks were found involved in breathtaking money laundering scandals. Ever since the crisis that had threatened the collapse of the world’s financial system, governments, nations and global regulatory authorities have worked hard to bring stricter and more effective policies and legislation to prevent financial crimes.

This scenario was exacerbated by the Panama Papers scandal in which a lot of significant world leaders and organisations were exposed. This and the fact that a lot of money laundering activities were discovered to be linked with terrorist financing. This has made regulators like FATF issue serious fines and sanctions to governments and financial institutions to give them enough of an impetus to improve their compliance structures. Businesses too have had to implement KYC verification in the wake of FACTA (Fair and Accurate Credit Transactions Act), which was introduced to protect consumers from credit card and identity fraud.

The Role of Technology in KYC Compliance

In order to implement effective anti-money laundering (AML) compliance procedures, technology has played an immensely effective role to enable banks and other businesses implement faster, more competent customer identification and due diligence procedures. It has also allowed them to improve their transaction monitoring and risk management systems.

Modern technologies including Artificial Intelligence (AI) and big data have allowed companies to completely automate their AML and KYC procedures. Before now banks have largely relied on manual verifications and due diligence processes. But as the regulatory requirements over the past few years have become more forceful, the need to have more effective solutions has given rise to the RegTech industry. Regulatory technology is focused on developing advanced tech solutions to aid compliance teams in financial institutions.

Why is KYC Compliance Important for Businesses

The first and foremost incentive for businesses, banks and financial institutions to implement effective KYC compliance is to avoid outrageous fines and sanctions from financial regulators. Using tech tools to aid compliance can enhance compliance structures and reducing costs significantly. Not only has digitising compliance procedures enabled the automation of client onboarding, but has also given businesses a significant competitive advantage.

By offering their customers better and more effective protection against fraud and financial crimes, businesses are able to build trust and, therefore, loyalty. When businesses are fined for non-compliance, they end up causing significant reputational damage to their position in the market. A structured KYC solution manages to counter this risk. Shufti Pro is a SaaS company that offers KYC as a service to a vast clientele base including financial services providers, e-retailers, crypto companies, foreign exchanges and many more.

Enhancing KYC Compliance Through AI

Shufti Pro is a comprehensive digital KYC solution available for businesses that fulfils their KYC obligations. Through its structured AML and KYC solution, businesses are able to establish the identity of their clients. Shufti Pro’s interface leverages state-of-the-art technologies. like AI, deep learning, facial biometrics, combined with human intelligence capabilities, allowing businesses to verify their customers in real time. Their services are spread out over multiple verification and screening procedures and are administered according to a business’s use case.

Identity Verification

The identity verification service is spread out over two basic authentication methods:

 

  • Document Verification: It is performed digitally when a user scans their ID, where it is checked for tampering and its authenticity through a standard format. Different credentials that are verified include name, DOB, document number, expiry and issuance dates and address. Shufti Pro is able to verify documents from over 230 countries and can extract data through OCR (Optical Character Recognition) within seconds.
  • Face Verification: The next level of identity verification is performed through facial biometrics. Shufti Pro’s facial recognition feature authenticates the physical features of a user through AI-based protocols. It validates the person’s identity on the basis of liveness detection, 3D depth perception and fuzzy logic. It can easily identify photoshopped images and prevents against spoof attacks.

 

AML Screening

Shufti Pro provides real-time AML background checks, allowing businesses to enhance their due diligence procedures. It offers financial institutions better management of risk profiles of its clients through a thorough screening process. The AML screening takes place by cross-referencing a client’s credentials – name and DOB – against global AML sanction lists, lists for Politically Exposed Persons (PEPs). Businesses can enable ongoing screening for their high-risk or complete clientele. These watchlists are updated every 14 minutes and can produce results within 5 seconds.

Shufti Pro’s KYC service enables businesses to establish an competent AML and KYC process, automating their client onboarding procedures effectively. They are able to perform KYC verifications in real-time, establishing an instant risk-assessment of higher-risk clients.

Recommended For You:

 

KYC Compliance

AML & KYC Compliance – 5 Ways AI is Supporting the Fight Against Financial Crimes

 

Reforming AML & KYC Compliance Structures for Financial Institutions

The capabilities of artificial intelligence (AI) are being pushed to unprecedented levels in the past few years. The banking and financial services sector has reaped extensive benefits from the transformation brought on about by AI in the landscape of IT solutions. The Anti Money Laundering (AML) and Know Your Customer or KYC compliance, in particular, has been made more dynamic and effective through AI-enabled systems. The financial sector produces huge amounts of data, which is what AI works best with. It can mine high volumes of data within seconds and produce risk-analysis of clients, that would otherwise take days or even weeks for the compliance staff to produce.

In the day and age of high connectivity, people expect their services to be fast and efficient. AI has proved to be monumentally adept at performing redundant tasks that require hundreds of man-hours. This has enabled the banking staff to focus their efforts towards more value-oriented tasks. With branches in AI including machine learning and natural language processing (NLP), financial institutes can transform their Client Lifecycle Management (CLM) by automating different procedures that require repetitive labour and are more prone to human error.

How has AI Transformed AML & KYC Compliance

Through NLP technology, AI can now process vast amounts of data provided in different languages which enhances the KYC process for banks. Different documents can be scanned through an automated system, which then reads and processes the information, allowing for a faster data entry process. Additionally, it can also go through external sources with increased efficiency. This allows banks to transform their entire client onboarding procedures to be faster and more dynamic.

The financial sector also has to adhere to a number of anti-money laundering (AML) regulations. AI is enabling financial institutions to implement systems that can perform a risk analysis of high-risk client profiles within seconds. By sifting through large volumes of data, machine learning algorithms are able to detect suspicious activity in client transactions, therefore identifying high-risk clients instantly. Other systems are able to track changes in the regulatory landscape around the world and provide prompt updates to the company. Banks now are also able to screen individual clients through global AML sanction lists through AML screening services provided by an AML and KYC solution provider like Shufti Pro.

Here are some of the ways AI is helping to improve the AML/KYC Compliance process;

 

  • Developing Comprehensive Risk-Profiles of Clients

Artificial intelligence has been able to digitise the process of evaluating client profiles. These systems can now provide banks with different levels of risk profiles of clients depending on their history and credit score. The profiles can be classified as high, low or medium risk according to the client details. This has made the process of enhanced due diligence (EDD) more efficient for banks, allowing to screen out high-risk individuals.

  • Establishing Ultimate Beneficial Ownership

Under the recent AML and counter-terrorism financing directives, institutions like FATF have introduced UBO legislation, wherein financial institutes are required to establish the ultimate ownership of assets. Compliance departments are required to go through complex data in order to sift through shareholders, beneficial owners, directors and other associates linked to a business. AI has enabled the compliance staff to establish UBO for different clients through enhanced systems. It can read and process vast quantities of data wherein it is able to produce comprehensive risk profiles of clients. As AI technologies are progressing rapidly, these systems will continue to gain consequence over the coming years.

  • AML Screening

Financial institutes around the globe are increasing focus on screening clients through an AML screening process, thus improving the AML and KYC compliance process. Outdated systems have been known to produce an unusually high number of false positives, thus piling up unnecessary work for compliance managers. A KYC solution like Shufti Pro can provide real-time screening of clients through global AML watchlists through an AI-enabled system.

  • Faster Client Onboarding Process

As people are increasingly coming to rely on technology, and are getting used to services that are easily accessible, banks are trying to keep up with the tech revolution. By installing AI-powered systems, client onboarding procedures can be made more efficient as well as effective. Such systems have lent increased capability to banking systems and compliance processes, in particular. Advanced monitoring through AI and real-time screening and alerts can mould the onboarding of clients to be faster than ever before.

  • Keeping Up-to-Date With Compliance Regulations

Systems in AI like machine learning algorithms can detect patterns in data within seconds. The AML and KYC requirements around the world are constantly changing. Regulators dole out new laws and requirements every year in an effort to curb money laundering and financial crimes. This makes the tasks of a compliance team more complicated and dynamic. AI is able to analyse and detect patterns in data, thus keeping compliance requirements up to date.

With Shufti Pro as a KYC service provider, banks and financial institutes can revolutionise their AML and KYC compliance procedures. It provides digital KYC through document verification, facial biometric authentication and AML screening procedures. By implementing KYC as a service, banks do not have to invest separately in developing AI solutions from scratch.

Recommended For you:

 

icos and kyc compliance

ICOs and KYC Compliance

With the surge in digitalisation of payments and crowdfunding; the need to set proper standards for better and valid operations has lead to creation of terms like KYC compliance, especially under the new GDPR regulation.

Picture this, you’re watching TV and you come across a report on cryptocurrencies and they mention how Bitcoin and the blockchain technology behind it has created a whole new industry of cryptos. They talk about ICOs (Initial Coin Offerings) as the new way to fund your ideas and businesses. They also discuss how more and more businesses are using the blockchain to launch their own tokens/coins to fund their company. They also mention how individuals have used ICOs for crowdfunding their projects and ideas. This piques your interest and you search online about how ICOs work and how you can use it to fund your existing alternative energy business.  

Several months later and after employing many resources you finally get your token sale/ICO online. People like your idea of providing unique eco-friendly power solutions to the masses and also appreciate the fact that token holders will be eligible for various discounts. The token sale goes well and you are getting way more funding than you had expected. There are even talks that your coin will reach the exchanges in a couple of weeks. Life couldn’t be better and you more happier. Then one day you get a chargeback for a large sum of money, then you get another and another. You’re baffled as to how this could have happened. You investigate and find out that  the people who used the credit cards to buy the coins had actually used stolen cards and have provided false information. There is nothing you can do as you really have no solid proof of purchase. You realise that you have not taken any fraud prevention measures in the excitement and the fact that this is new technology; the securing part was overlooked.

You follow up with research regarding fraud in the crypto field and you realise that many ICOs had suffered from frauds. You come across KYC (Know Your Customer) process as a way to deter such fraudulent activity. As you go further you find that the Security and Exchanges Commission has also taken notice of this scamming activity. They are discussing KYC complaince related issues, policies that have been implemented within banks and financial institutions should also be in effect on ICOs. You also find that the opposite is also happening where a lot of fake ICOs are scamming people. You hear the SEC read out plausible ICO scam warning signs and asking people to trust those ICOs that have some sort of Know Your Customer service implemented. You shake your head in dismay, cursing yourself for missing out on such critical information and you start your search for a suitable identity verification service provider…

Is KYC Compliance that Important for an ICO?

The situation above, albeit a hypothetical one, is based on true incidents. Many ICOs as well as investors have suffered and millions of dollars worth of crypto scams have occurred.  The lack of proper policies and checks from governments and regulatory bodies has resulted in people exploiting these loopholes from both the ICO initiator and the investor side. Scams apart, the prospect of money laundering using cryptocurrency is on the rise. Any investor found guilty of money laundering, will put all entities involved under investigation including the ICO provider. Getting to the point under the AML (Anti-money laundering) policy a basic requirement is KYC. All banks and financial institutions have to comply and follow a proper Know Your Customer procedure.

Read More: AML & KYC Compliance: 5 Ways AI is Supporting the Fight Against Financial Crimes

Having mentioned the gravity of the situation that calls for the Know Your Customer solution, we’ll discuss what exactly it entails. Besides basic information such as — name, address, DOB, contact number, — it can also include occupation, sources of income, references, etc. The cherry on top is that there is a requirement of submitting documents to prove one’s identity as well as to verify that the rest of the provided information is correct. After seeing what this process covers, it is easy to understand why it is such an effective fraud prevention tool.

So How Can One Ensure KYC Compliance?

There are several ways to ensure compliance. If you have a product or service that makes it mandatory for a customer/client to walk-in to get registered or purchase the product/service. Then you can get all the documents and verifications done face to face. On the other hand if you have a system that provides online services or products similar to what we have in an ICO. Then the best bet would be to go for a third-party identity verification service provider. They take care of all your identity verification needs utilising the power of the Internet, the customer’s webcam or smartphone camera. The process is basically the same, the customer is asked to face the camera and then show the identity document in front of the camera. One by one he is asked to focus in on the picture, DOB, and ID number (if applicable). The software automatically checks for irregularities such as mismatch in picture and actual face. Also checks the documents for signs of tampering or forgery.

Great! But How to Choose the Right ID Verification Provider for KYC Compliance?

Good question. Most 3rd-party verifiers have an advanced AI at the backend that carries out all the checking. Then there are one’s that provide a hybrid system that includes the best of AI and the best of HI (Human Intelligence) in it. Once the AI verifies a candidate, people then reverify the result to check for any false positives. The Hybrid system is clearly better than just an AI based system. Also, speed is of the essence in this case, as nobody likes long complicated procedures and processes.  The verification speed should be in seconds not minutes and the process clearly defined and easy to understand. Another major factor to look out for is what other additional services are they offering. For example do they offer an online mode of verification besides an offline one? This allows you to give a certain degree of freedom to your customer if you wish to do so. Another extremely important thing to look for in a KYC service provider is are they up to date with the latest requirements in the industry? An example is the GDPR policy that is being implemented in the EU. If a company does not ensure compliance it could result in fines for both the service provider as well as the hiring company/organisation.

In Conclusion

Regardless of the business you run all aspects should be considered especially the worse case scenarios. A SWOT analysis is definite even if an idea or business seems fool proof it does not mean that is does not require a backup or in this case a fraud prevention software. With the updated regulations around the globe it has become necessary to adhere with KYC compliance especially if one deals with PII data and such.