The Urgency for Know Your Customer’s Customer (KYCC) in Businesses

The Urgency for Know Your Customer’s Customer (KYCC) in Businesses

Learn more

It is not just the financial services sector that is required to comply with anti-money laundering regulations. Businesses too are now required to implement certain regulatory measures to curb money laundering. A term that has recently been coined for such requirements is Know Your Customer’s Customer or KYCC. With increasing rules and regulations now being put forth by global regulatory authorities, banks and other businesses will now need to implement sound measures for Know Your Customer’s Customer.

Let’s get some background as to why KYCC is important. Entities like dummy or shell corporations are used for a number of purposes. Those motives need not be illegal every time; they can also be used to limit the liability of a company or for privacy purposes. But under a common perception, they are used for illicit purposes like money laundering, embezzling, or tax evasion. This is due to the fact that shell corporations tend to have lesser legal compliance requirements.

As regulatory bodies like FATF or FINMA tighten the laws to combat money laundering, the leniency afforded to shell corporations diminishes. Heavy fines and penalties are being set for corporations and financial institutes all over to implement strong compliance procedures. There is an added pressure to implement a robust process of AML around the world. KYCC or Know Your Customer’s Customer also falls under such rules and regulations.

Regulatory authorities have made it mandatory for businesses to have proper KYC and AML check systems. Combating Financing of Terrorism CFT which involves investigating, analyzing, deterring, and preventing funding for activities intended to achieve terrorism. KYC services back these regulations to stop money laundering in the first place. 

Laws in most countries now require businesses to properly identify their customers. Moreover, they also require that a bank must make sure that their customer’s activities are legitimate and do not have any risk for money laundering associated with them.

How does KYCC help in Achieving Compliance   Regulations?

The complexity of financial transactions and the increasing advancement in technology make the whole process of maintaining and monitoring the financial system a challenging task. Keeping a track of one’s customers alone can be an onerous task on its own. Add to it the responsibility to monitor and KYCC, your workload just got unimaginably tedious and complicated. However, the risk of letting your business fall into the pit of money laundering or other financial crimes is an even worse fate. The global financial regulators are no longer willing to let corruption and tax evasion fester. This makes it inevitable for the financial services sector to implement faster digital verification systems to speed up the process. KYC documents can be used to collect the needed data to verify a customer.

KYCC in businesses enables them to achieve an added level of security for their compliance measures. It allows banks to assess whether their customer’s customer is legitimate and every stakeholder in their business has genuine practices. As every country strengthens its laws on money laundering, it is becoming a necessity for banks and other companies to establish the lawfulness of their customer’s customer’s activities.

Moreover, obeying compliance requirements is not the only plus point of KYCC or know your customer’s customer. It also allows a financial institute to manage its external risk and to build proper protection against money laundering and other illicit activities. Not building such compliance measures can have serious and dire consequences for a business. Noncompliance and detection of fraud or financial crimes in a company’s activities can involve heavy fines, sanctions and not to mention the loss of perfectly good credit to the business’s name.

Implementing KYCC Measures in Your Business

The first step in doing so is to implement a customer identification process. An effective customer identification program can enable the bank or corporation to make sure their clients have an authentic identity. This can be done through online identity verification. IDV allows banks to verify their client’s customers in a seamless and fast manner.

Most banks do not want their identification procedures to be long. Nor do they want to process and monitor large amounts of data. For this very reason, a lot of KYC service providers are rendering electronic identity verifications and AML checks for businesses including banks and financial institutes.

ID verification of customers is performed through document verifications, that allows them to digitally scan their documents for corroboration of their details. KYC verification service providers like Shufti Pro have a document verification service that scans a user’s documents, and the details within it, in seconds. This is performed through OCR or Optical Character Recognition.

Business verification has never been easier and efficient. Through digital identity verification solutions, banks can now establish the best methods to fulfill compliance and regulation procedures. Before now, companies have relied on manual or outdated verification procedures that are painfully slow and cumbersome.

Know Your Business KYB  is the due diligence review of the business and industry against Money Laundering techniques. It allows you to develop policies and assess suspicious activities or transactions. Corporate businesses can determine whether the business they are dealing with is legit or just a shell company that is present on papers through KYB checks. 

In the UK, these regulations are defined by Electronic Identity Verification (eIDV) and 4th AML Directive by the European Union. These directives dictate the KYB regulations to corporate entities. In the US, Customer Due Diligence (CDD) measures are being imposed to determine the true ownership of a business. 

Online identity verification is used to validate identity. This technology mitigates the risk of online scams and identity theft. There are many challenges faced by businesses for identity verification. This software helps restrict the access of unauthorized persons. This technology can be used to provide intelligent access within the premises of offices. So business needs to have the best identity verification solution for seamless processing. 

Importance of KYCC in businesses

All financial institutions are obligated to have appropriate procedures and processes to comply with regulatory compliance. KYCC can help businesses in the following ways:

Seamless KYB onboarding

AI-based KYCC solutions can help financial institutions to streamline their business onboarding processes. These solutions can make the entire business onboarding process simpler, and quicker, reducing the onboarding costs altogether.

Ongoing business verification

Remediating businesses can help analyze corporate client files on a regular basis to assess risks and changes within the company’s infrastructure, executives, and beneficial owners. It also includes ongoing AML monitoring for businesses.

Access to global business registries

Some KYCC solutions provide easy access to updated company information for business verification through global business registries which in return makes the compliance process easy. 

Frictionless API integration

API integrated KYCC solution collects data from various reliable sources, all businesses have to do is enter their required details to access the information. This API integration eliminates the complexity of onboarding and monitoring corporate clients.

Remote Identification

Businesses nowadays are looking for cost-effective, remote, and automated software to perform necessary business regulatory checks. KYCC verification solutions are designed to minimize extra compliance costs and time. 

Shufti Pro’s KYCC services are top of the line that makes business verification easier for banks and other companies. Its customer identification process is fast and easily integrated into any given organization’s interface. Additionally, Shufti Pro also provides AML background checks as well that can screen a person’s name against global watchlists. This can allow companies to keep track of not only their customers but their customer’s customer’s financial status.

KYC Compliance – Strengthening Fraud Prevention Across the Globe

KYC Compliance – Strengthening Fraud Prevention Across the Globe

Learn more

Know Your Customer (KYC) 

The widespread availability of the internet has made our world more connected than ever. This, however, has made our information more vulnerable to fraud. The ever-climbing fraud statistics continue to trouble consumers and businesses as well as regulators across the globe. Yet traditional practices for Know Your Customer seem no longer effective. With the increasing scrutiny of regulatory bodies and global financial regulators, businesses need to come up with an effective Know Your Customer Compliance process. The KYC process involves the verification of the identity of individual customers for preventing fraud and money laundering activities.

Traditionally, banks and other businesses performed KYC manually. However, manual customer compliance and KYC procedures take longer and tend to frustrate customers. For banks too, manually verifying and vetting each customer can be costly and arduous. Herein, comes the role of SaaS KYC service providers. Providers of identity verification as a service, nowadays are using machine learning, advanced biometrics, and a combination of Artificial and Human Intelligence capabilities to verify end users. It is an all in one solution that is equipped to fully automate KYC procedures and customer compliance programs in companies. 

A comprehensive KYC and AML solution can effectively fulfill a business’s Know your customer compliance requirements. It not only makes the implementation of compliance obligations seamless but can also improve the onboarding process. Its KYC services include document, face, and address, consent verification along with global AML background checks, and video KYC solution.

Some of the major KYC and AML procedures that Shufti Pro offers include;

  • Document Verification
  • Face Verification
  • Address Verification
  • AML Background Checks
  • Consent verification
  • Video KYC solution

Document Verification

A simple and efficient way for banks, financial institutions, e-commerce stores, crypto exchanges, ICOs, and a number of other businesses is to verify customers through document verification. It encourages customer compliance and allows businesses to verify users through multiple documents including ID cards, passports, driver’s licenses, credit/debit cards, utility bills, and other customized documents that a business may need verification, for its users. 

The verification of the document(s) can be personalized for business, according to its need to verify its users. For example, an online retailer would want to verify the address of its customers to avoid shipping fraud and errors. Different features of a document that can be verified include Name, Date of Birth, Age, Date of Issue and Expiration, Document Number (MRZ code, passport number, etc.), Gender, Nationality, etc.

The process of document verification for a business is simple and easy. All they have to do is select the mode of verification (onsite or offsite) and document checks they want. The rest is taken care of by the verification software. The process of document verification involves;

  • The end-user or customer comes in for verification and selects the type of document he/she wants to be verified by. It is up to the company to provide multiple options for its customers for verification including ID card, passport driver’s license, or any other ID document.
  • The user then scans their document(s) or uploads a copy of it to verify their identity. 
  • The system verifies the user using hybrid AI and HI technology in 30-60 seconds.

Document Verification

Face Verification

Face verification nowadays is normally performed through a facial recognition software developed on AI-based protocols. Biometric facial authentication is usually performed by businesses that run a higher risk of attracting fraud and financial crimes like money laundering, bribery, and tax evasion. This may include but is not limited to, banks, insurance providers, investment firms, crypto exchanges, ICOs, and forex companies. All such businesses are highly regulated and require additional protection from fraudsters and criminals. 

Performing facial verification is simpler than document verification and only requires the end user to show their face in front of the web camera. Alternatively, they can also upload a picture to authenticate their identity. The choice to verify the user through image or video or both lies with the company availing KYC services. An end-user is verified in the following way in the face verification feature;

  • The end-user comes in for facial verification
  • They show a fake or photoshopped image for verification
  • The facial recognition system declines the verification since a fake image is being used for verification.

In another case,

  • The end-user comes in for verification
  • He/She will show their actual face or image for verification
  • The verification is approved as the software detects the presence of a real person, or does not detect any photoshopped elements in the image used for verification.

Online Facial Verification

Address Verification

E-commerce sites, online retail businesses, and banks often require address verification of customers in order to check if the person is using legitimate credentials to gain access to services. Address verification services allow for better and more convenient authentication of users around the globe. It is the fundamental solution for businesses to eliminate identity theft. Address verification further increases the accuracy in the shipping of orders allows companies to conveniently deliver merchandise to customers. 

Address verification is performed using a number of different documents including utility bills, bank statements, tax bills, ID cards, passports, etc. The system is also able to corroborate addresses using different documents. Therefore, if either of the documents is forged or stolen, the system will stop the verification. The address verification process is performed in the following way;

  • The user selects the document using which he/she wants to verify their address. It is up to the company if they want to provide their customers or users with various document options with which they want to verify their address.
  • Scan or upload the document for address verification.
  • The system will use data extraction protocols to verify the address of the user.

Address Verification

AML Screening

Banking and financial institutions are required to perform customer due diligence (CDD) for individual customers and clients. For higher-risk individuals, they are obligated to perform enhanced due diligence (EDD) to evaluate, assess, and eliminate the risk they pose to the institution. For more efficient risk assessment, the AML compliance program for screening each individual client is a must. 

With an AML screening system, banks can now easily screen new and existing clients through a foolproof system. The screening process flags PEPs and high-risk individuals from a vast database. It contains data from over 1000 sanction lists and 3000+ databases. Some of the lists through which end users are scanned include OFAC, FATF, DFAT Australia, FinCEN, CIA, FINMA, and numerous others. The databank is updated every 14 minutes to account for any updates in the lists. Banks and other financial institutions can choose to implement batch screening or ongoing screening for their clients. Batch screening screens individuals in bulk in one request whose basic name and DOB are already known. In ongoing screening businesses operating in a high-risk environment can issue an “on-alert” status to clients with a greater risk profile. 

AML compliance program is generally availed with KYC verifications and checks are run in the background. 

  • The system extracts a user’s Name and DOB from their credentials as they perform their identity checks.
  • The system will scan the person from global AML watchlists (FATF, OFAC, Terrorist Financing, FinCEN, DFAT, etc.)
  • If the individual is flagged in any list their verification will be declined and the company will be notified of a specific individual’s flagged status.
  • If they are cleared, their verification is approved.

AML Screening

Consent verification

It is one of the solutions unique to Shufti Pro alone. Consent verification uses the technology of facial recognition along with liveness detection to verify the remote presence of customers in real-time. The process is quick and easy. The identity of the user is verified through a live selfie along with a unique or predefined printed or hand-written consent note which implies that the person in question gives his consent for the online transaction, for example. Shufti Pro checks for the authenticity of the consent note or ID document. The rate of credit card chargebacks rises by 20% each year. Consent verification ensures ‘Know your customer’ compliance and helps with the quick onboarding of legitimate customers which as a result protects businesses from high-risk transactions, chargeback requests, and friendly frauds.

The end-user is verified in the following way in the consent verification feature;

  • End-users provide their consent with a consent note along with their live selfie
  • They are then asked to show their face to the camera holding client’s choice of the document (it can be an ID document or a handwritten consent note)
  • The verification is approved or declined based on the live-ness, the validity of the consent note, or predefined document template

Video KYC Solution 

There are a few processes businesses can use to verify their customers. One such process that Shufti pro offers is KYC through a video call. Video KYC is a process of remotely identifying the customers which overcome the hassle of verifying documents manually. Video KYC has been in the spotlight especially for the banking sector and related financial institutions. It offers a quick process of onboarding customers with minimum obstacles and low KYC costs. VideoID is considered one of the most significant developments in KYC since it uses an online video interview with a KYC expert for customer authentication. The KYC expert authenticates the documents while ensuring customer compliance and through AI-enabled facial recognition technology, does a liveness check in real-time to make certain that the person is who he says he is. Which, further, prevents businesses against spoof attacks, deep fakes, and synthetic identities.

The steps involved in the Video Customer Identification Process are as follows:

  • Customers register themselves on the client’s platform
  • The client schedules a live video call with one of their KYC experts
  • Customers are asked to show the identity document live during the call
  • Shufti pro analyses the information and the legitimizing of the individual using AI-techniques 
  • Verification results are delivered to the client 

Requirements for Each KYC Procedure

The documents required from each end user for a KYC verification depends on the company availing the KYC services. Each company has its own requirements of customer compliance and verification of its users. However, certain standard documents are used by most businesses to verify their users. These documents include ID cards, passports, driver’s licences and credit/debit cards. The company can choose to provide different options for verification for its users or set a standard document through which the person can be verified. 

Documents for address verification include, but are not limited to, utility bills, bank statements, tax bills, rent agreement, employer letter, insurance agreement and other standard ID documents. The AML checks require the full name and date of birth of an individual that can be extracted – or entered – during the KYC process. Whereas, video KYC requires the remote presence of an individual. 

It must be noted that the requirement for each verification is set by the company availing the identity verification services. They may ask for only one or multiple documents for verification from each user according to the needs of their industry and the regulations they are obligated to adhere to. 

Industries that Adhere to KYC Compliance

Know your customer compliance applies to a vast range of industries. Different businesses need to adhere to KYC requirements of their region as well as the region(s) they operate in. Some of the many industries and businesses that require KYC procedures include, but are not limited to;

Kyc Compliance

  • Banking, Financial Services and Insurance (BFSI) Industry
  • E-commerce businesses
  • Foreign Exchange Brokering Services
  • Cryptocurrency Exchanges or Companies dealing with or operating on cryptocurrency (ICOs, Bitcoin wallets etc.)
  • Freelancing platforms
  • Telecommunication Services
  • Travel and Hospitality Services
  • Peer-to-Peer Marketing
  • Online Gaming and Gambling 
  • Healthcare Industry
  • Real Estate Sector

Standard KYC Compliance Procedures Around the Globe

Every jurisdiction around the globe has its own set of regulations and requirements for businesses to operate safely. Different countries and regulatory authorities set their own standards according to their legislative structure. However, standard KYC requirements are fixed for most regions across the world. Most know your customer Compliance Procedures are centred around: 

  • Digital Identity Verification.
  • Electronic identity Verification or e-IDV, that verifies individuals through different government or independent databases.
  • Address verification through different documents

Any specific distinction in the process of KYC exists based on;

  1. Use case – The use case for each business involves in what capacity a business might need KYC, how it would apply KYC procedures.
  2. Regulatory Requirements – regulatory requirements differ based on the type of industry, the level of risk an individual or business may pose and the region in which an enterprise operates in. For example, in a few countries including Germany, Spain, Switzerland and Austria the regulations require businesses to verify users through video conferencing 
  3. Type of Business – the risk associated with a business also comes with the industry it operates in and its nature. For instance, financial service firms are bound by more legal obligations than perhaps an online retail store.

Kyc Procedures

The identity solution from Shufti Pro offers universal language support, along with the ability to verify over 3000 documents. This allows us to verify users from over 230 countries around the world. Our AML databank includes names of Politically Exposed Persons (PEPs) from over 1000 + sanction lists and 3000 + databases. It is currently catering to a diverse set of clientele ranging from financial services to online retail businesses to crypto companies. With the ability to verify users in under a minute, Shufti Pro can fulfil a business’s KYC compliance requirements with increased efficiency.

Dubai KYC consortium to enhance UAE bank profits

Dubai KYC consortium to enhance UAE bank profits

Learn more

According to Moody’s Investors Service, the recently formed Know Your Customer (KYC) consortium is a significant development for the United Arab Emirates (UAE) banks. They believe Blockchain-powered technologies will facilitate a swift and secure transfer of authentic customer data and documents which will establish enhanced compliance with global KYC regulations and minimize the risk of identity theft.

The National also referred to this in their tweet:

Additional qualified financial institutions and licensing authorities will be able to join the KYC platform once it opens up this quarter. Dubai Economy, Emirates NBD, Emirates Islamic, HSBC, RAKBANK, Abu Dhabi Commercial Bank and Commercial Bank of Dubai will be among the key members of the consortium. 

According to the Assistant Vice President of Moody’s, Mik Kabeya, the creation of this consortium is credit positive for UAE banks and it supports asset quality and profitability. Moody’s believes that non-compliance with KYC regulations, especially for anti-money laundering and terrorist financing, can have legal implications and result in huge sanctions for banks. The reputation of financial institutions can also be damaged significantly.

In addition, miscalculation of banks’ collection and mismanagement of KYC data will also be prevented through the platform. The future vision for the consortium-run ecosystem is to serve the greater good by refining the ease of conducting business as well as overall regulatory compliance in the United Arab Emirates. The consortium’s operations will be monitored by Smart Dubai and the UAE Central Bank. 

Kabeya expects that the platform will assist in credit risk management due to the availability of improved data for client underwriting and debt collection. He stated, 

“The consortium will support the franchises and profitability of UAE banks by improving customer service through shorter turnaround times for customer onboarding, including opening a bank account.” 

Furthermore, it is believed that the financial cost of paper-based KYC data acquisition will also be reduced.

KYC Alliance between Dubai Economy and six banks

KYC Alliance between Dubai Economy and six banks

Learn more

As reported by Gulf News, Dubai Economy along with Emirates NBD, Emirates Islamic, HSBC, RAKBANK, Abu Dhabi Commercial Bank (ADCB) and Commercial Bank of Dubai (CBD), has formed a coalition for the exchange of verified KYC (Know Your Customer) data between banks and licensing authorities in the United Arab Emirates. It is believed that customer onboarding and sharing of client data and documents will be eased and facilitated through this new KYC alliance.

The Deputy Director-General of Dubai Economy stated that the launch of Dubai’s first KYC Blockchain platform will attract a greater number of investors to the market. A digital ‘Instant Bank Account’ facility will be provided which will ensure a faster and improved onboarding experience. The KYC platform is expected to be functional by the first quarter of 2020, after which it will be open for qualified financial institutions and licensing bodies.

Michael Gassner also discussed the implications of this alliance on Twitter

The main purpose of the alliance is to serve a greater cause by upgrading business functioning as well as complying with the regulatory policies in the United Arab Emirates. Smart Dubai in coalition with the UAE Central Bank will play a key part in monitoring and regulating the alliance operations. 

Authentic and valid KYC data will concurrently be shared with financial institutions following the launch of the KYC blockchain platform. This will speed up the bank account opening process for new companies as well as reduce the troublesome requirements of KYC for existing companies. 

A lawsuit is filed against LifeLabs for a data breach incident

A lawsuit is filed against LifeLabs for a data breach incident

Learn more

As reported earlier, the Canadian laboratory testing company, LifeLabs was hit with a cyber-attack which resulted in a data breach of 15 million customers. Following the incident, the lawsuit is filed against the company.

On October 28, 2019, LifeLabs reported the data breach to the government partners, however, waited until December 17, to announce publically. The accessed data included some sensitive information, customers’ name, emails, addresses, login credentials, dob, health card numbers, and lab test results.

LifeLabs paid an undisclosed amount to the cyber-criminals who accessed the data with a promise that they won’t disclose any information publically. Nevertheless, the lawyers Peter Waldmann and Andrew Stein filed the statement against LifeLabs in Ontario Superior Court accusing them of contract breach and negligence, on December 27. Moreover, the statement indicated the violation of consumer protection laws and their customers’ privacy. 

The lawsuit was filed on the behalf of plaintiffs also included the lead plaintiff Christopher Sparling. He alleged in the statement that LifeLabs violated their own privacy policy since they failed to implement and follow the adequate cybersecurity measures and checks to detect the potential risks and threats to Customers’ data and swiftly respond them within time.

In addition, the statement also accused LifeLabs to store the customers’ information on unsecured servers and networks without any encryption protocol and they neglected the need to hire cybersecurity professionals for network security management.

While the lawyers are seeking more than $1.13 billion in compensation for the breach victims to make up for the mental anguish, damage to credit reputation and the wasted time that had to undergo, the plaintiffs are looking for additional moral and punitive damages.

After the public announcement of the breach, LifeLabs set up a toll-free helpline on December 18 and received more than 5000 calls from concerned customers. 

Bank of England fines Citigroup £44m Over Poor Financial Information

Bank of England fines Citigroup £44m Over Poor Financial Information

Learn more

The Bank of England has fined the UK branch of the US bank, Citigroup, a record £44m because the bank submitted incomplete and fallacious regulatory information to the Bank between 2014 and 2018.

According to the Bank of England, Citigroup didn’t come up to the expected standards between the above mentioned years and the problems were ‘serious and widespread in nature and the bank hadn’t presented an authentic picture of its monetary position. 

The Bank’s Prudential Regulatory Authority (PRA) fined the Citibank, which is responsible for monitoring the financial stability of about 1500 banks, building societies, credit unions, large investment firms and insurers in the UK. This is the biggest fine ever imposed by the Bank of England. 

According to the PRA, the bank’s systems were incompetent and Citi didn’t have enough people working for the regulatory accuracy, there was no proper documentation and that Citi’s failure and governance fell significantly below the standards expected’. The errors and oversights included ‘six substantive matters’, which is the reason for notable errors.

Citibank is a New-York based bank and is the third biggest bank in the US which has $2tn in assets and operations in 100 countries. It is considered as a global systematically important bank’

According to the PRA, 

“The pervasiveness of the errors and misstatements identified in the firm’s returns raised fundamental concerns about the effectiveness of Citi’s UK regulatory reporting control framework.”

Citibank would have faced a fine of £62.7m but since the bank cooperated with the PRA, it was given a 30% discount. It should be pointed out that Citi has better liquidity and capital requirements than the Bank demands at all times. 

Sam Woods, deputy governor for prudential regulation and chief executive of the PRA said,

“Accurate regulatory returns from firms are vital for the PRA in fulfilling our role. Citi failed to deliver accurate returns and failed to meet the standards of governance and oversight of regulatory reporting which we expect of a systemically important bank.”

Citibank has been extremely compliant with the PRA and the spokeswoman for Citi said, 

“Citi has fully remediated the past regulatory reporting issues identified by the PRA and settled this matter at the earliest possible opportunity.” 

Digital KYC to Trace and Tackle High-Risk Customers

Digital KYC to Trace and Tackle High-Risk Customers

Learn more

Customers are the assets and building blocks of any business. Customers are responsible for taking businesses to the next level or destroying it to rubble. That is why it very crucial to know who you are dealing with. Know your customer is the procedure to identify and verify customers to check if they are real and not fraudsters or indulged in any illicit activity that can cause a threat to business. It is a process to check the background of customers and analyze the risk factors associated with them. 

The fundamental idea behind the introduction of KYC in organizations was to find a way that can protect the organizations from fraudsters and criminals and doesn’t involve penalizing the innocents at the same time. The KYC process is a standard procedure to verify the customers at the time of onboarding. However, with strict regulations coming into the light, KYC isn’t limited to the verification of the customers, instead, it is now to continuously analyze the customer behavior to look out for suspicious activities and illicit transactions. It is used for the following purposes:

  • To curb fraud schemes
  • To mitigate scam scandals
  • To put a halt on money laundering
  • To hinder illicit fraud transfer and
  • To identify high-risk customers by enhanced due diligence 

Need for KYC to Identify High-Risk Customers:

The KYC laws were introduced as the section of the Patriot Act passed in 2001 after the incident of 9/11 to deter terrorist activities and criminal funding. The section of this act concerned with the financial transactions inserted some new policies in addition to those of “The Bank of Secrecy Act of 1970.” These requirements regulated the banks and other financial institutions. As per the Patriot Act, the organizations dealing with finance are required to meet three main requirements in order to comply with KYC regulations:

  • Customer Identification Program (CIP)
  • Customer Due Diligence (CDD)
  • Enhanced Due Diligence (EDD)

High-Risk Customer Identification Program (CIP)

The customer identification program is a significant component of the KYC process in which the organizations are obliged to ask customers to provide their identification information. It is to verify the identity of the customer who wishes to carry out a financial transaction with a particular bank. The CIP requirement was made compulsory in 2003 for the financial institutions to develop and incorporate customer identification programs into their secrecy policies to meet anti-money laundering (AML) compliance. 

Every institution has its own CIP processes depending on the size and type of the institute. That’s why they may require different documents for verification. Generally, driving license and passports the most commonly required document by the banks. Regardless, some other documents may include: 

  • Utility bills
  • Financial references or statements 
  • Information from a consumer reporting agency or public database

No matter what document or information of the individuals and business is asked, it is to check their authenticity that they are not fake or fall in any prohibited lists so that fake customers and customers at high-risk can be filtered. 

High-Risk Customers Due Diligence

Customer due diligence covers multiple aspects of customer verification and identification. For secure onboarding of clients, it is essential to identify the future risks that can arise due to some customers – the reason why customer due diligence is conducted. While performing due diligence, the significant goal is to analyze customer behavior and predict the type of transaction pattern that the customer is most likely to follow. In an evolving regulatory climate, mobile identity verification can be of great help. It helps organizations in identifying suspicious behavior and assigning a risk rating to customers to identify the customers that can be threatening for organizations and how often their accounts will be monitored. 

The regulatory agencies have set no particular standards or methodologies for conducting customer due diligence leaving the institutions with an open choice to follow their own tools and devices. Many organizations demand a lot of information during the process including banking references, previous financial statements, salary slips, occupation, source of funds, etc. The purpose of this information is to analyze the background and behavior of the customer to predict future risks that may be linked to the customer. 

All this hassle because FinCEN has strictly imposed this requirement on the financial institutes to immediately report any threatening or suspicious activity. And you can’t do it efficiently unless you know your customer behavior and history.

now more about Digital KYC services

Enhanced Due Diligence (EDD) for High-Risk Customers:

Enhanced due diligence (EDD) is an advanced and more comprehensive set of KYC procedures for high-risk customers, exhibiting irregular transaction behavior or ambiguous sources of origin. The customers classified under the high-risk category after the Customer Due Diligence (CDD) process are more likely prone to money laundering and illegal funding of terrorists and criminals. They need to be monitored continuously. Considering the trend of such illicit transactions, the USA Patriot Act strictly dictates the institutions that they

 “shall establish appropriate, specific, and, where necessary, enhanced due diligence policies, procedures, and controls that are reasonably designed to detect and report instances of money laundering through those accounts.”

The EDD process includes verifying ultimate beneficial ownership information (UBO) and identifying politically exposed persons (PEPs). Monitoring the transactions is also one of the fundamentals of the EDD process.

High-risk Customers-Venomous for the Business:

High-risk customers are identified from the customer provided by using digital identity verification solutions. Such customers are monitored perpetually for the potential suspicious activities in their accounts so that no forgery can take place like money laundering, account takeover, identity theft, etc. Such customers can be a poisonous threat to business until they exist in the system. Various AI-powered Saas products offer inputs that are useful for the monitoring systems of the business to filter such AML high-risk customers that pose a threat of money laundering. Such a risk management framework will business in assessing customer risk. 

Digital KYC Checks- From Weeks to Seconds:

It is a documented fact that customers are the assets of any organization. Digital KYC is what the institutions need in this era of technology. Based on the principles of automation, the eKYC process can simultaneously execute multiple steps. It reduces the keystroke time, cost and human effort. The process that could take hours and days for an individual can be cut down to seconds with the help of AI-powered solutions and tools. With the use of intelligent KYC verification, the businesses can onboard a more secure clientele and that too with real-time verification, coping up with the regulatory complexities at the same time.

With the world moving into the digital sphere, customer convenience is even more important for any business. The manual KYC process is quite a time consuming and costly process. Clients get exhausted as it takes weeks or even months to onboard a customer. This cumbersome procedure even ends up losing customers as they move to other platforms during this time taking procedure. It is evident now that digital KYC doesn’t only help to identify any customer but helps to filter out customers that have some traits putting them as high-risk customers so that businesses are vigilant while dealing with them. Also, due to the digital revolution, the concept of global onboarding is becoming common which requires more fast and convenient verification and onboarding process. 

Perks of Using Digital KYC Solution:

To end up negative customer experience digital identity verification solution has achieved a milestone. Following are some of the benefits that come up with using the digital identity verification solutions for KYC:

  • Demit Frauds and Scams

Using digital KYC can decrease the risk of frauds like identity theft, credit card fraud, and onboarding high-risk clients. 

  • Increase Security

It’s more important than ever to verify the identities of customers due to an increased risk of terrorist funding and money laundering and other cybercrimes. 

  • Ensure Accuracy

Digital KYC solutions provide a seamless experience where there are lesser chances of errors and omissions. 

  • Provide Better Customer Experience

Digital KYC provides a better customer experience as it takes no time for the whole authentication process. 

In a nutshell, digital KYC clubbed with artificial intelligence is crucial to identify and tackle with high-risk customers that can bring along various dangers for businesses. Business can end up paying hefty fines due to such customers or owners end up losing their businesses. Digital KYC simplifies identity verification for an online business that plays a vital role in this area. In an evolving regulatory climate, mobile identity verification can be of great help. In the coming years, it will continue to morph with surprising speed.

Know more about Digital KYC

Westpac CEO Brian Hertzer Resigns Amid Money-Laundering Scandal

Westpac CEO Brian Hertzer Resigns Amid Money-Laundering Scandal

Learn more

The chief executive of Westpac Banking Corporation, Brian Hartzer, has resigned and the chairman Lindsay Maxsted is stepping down early following the money-laundering scandal which allegedly involves financial transactions to child exploitation activities in the Philippines. 

Hartzer will be given $2.69m for the next 12 months while serving out his notice period, the bank has announced in a statement to ASX on Tuesday morning. In addition to that, Hartzer will also lose a short-term bonus this year and will lose any long-term bonus that hasn’t already been given. 

Ever since the news broke out last Wednesday, pressure had been mounting on Hartzer and Maxsted to quit. Westpac is being accused by the Australian financial intelligence agency, AUSTRAC, for 23m breaches of money-laundering and counter-terrorism finance laws over $11 billion in transactions.  

The most damaging allegations include Westpac’s failure to properly monitor transactions which included transactions to the Philippines and other places in South East Asia, which were allegedly linked to child exploitation. 

After the allegations by Austrac, investigations were sparked from the federal police, the corporate regulator and the prudential regulator. There was also an announcement of potential class action and possible ratings downgrade from Moody’s which pushed the share price of Westpac down. 

Last week Hartzer said he would ‘fix’ the problem as the CEO of Westpac but now he will be done next Monday and chief financial officer Peter King will become the acting CEO. Hartzer said, 

“As CEO I accept that I am ultimately accountable for everything that happens at the bank. And it is clear that we have fallen well short of what the community expects of us, and we expect of ourselves.”

Maxsted has been on the Westpac board since 2008 and became chairman in 2011 will ‘bring forward his retirement as chairman to the first half of 2020”. It was announced by the bank that the bonuses of the executives will be withheld amidst the scandal.  

How AI is Transforming the Banking Sector

How AI is Transforming the Banking Sector

Learn more

Artificial Intelligence has extensive applications across several domains: from banking to health, to travel, to finance. It continues to gain traction across industries that rely heavily on data which virtually encompasses all industries. The IHS Markit’s “Artificial Intelligence in Banking” report declares that the global cost for artificial intelligence is expected to reach $300 billion by 2030. AI in banking sector is no exception and it is providing remarkable benefits to banking. 

A study by PricewaterhouseCooper shows that 52% of the financial services industry is making considerable investments in artificial intelligence. 72% of business decision-makers assume that AI will be the business advantage of the future. Machine learning has become an important fixture in banking, leading to infinite possibilities as it continues to grow and advance.

How is AI Contributing to the Banking Sector 

There are a number of ways artificial intelligence is revolutionizing the banking practices. Fraud detection, seamless customer support, mobile banking, risk management are some of the fields in which AI is contributing in. 

Fraud Detection 

For financial institutions like banks, security is one of the topmost priorities as banks are under constant threat of frauds and hacks.  Through AI, decreasing rates of false positives, preventing fraud attempts and lessening manual reviews of potential payment frauds is achieved. According to a recent survey, ‘AI Innovation Playbook’ published by PYMNTS in collaboration with Brighterion, 80% of fraud specialists who employ AI-based platforms believe the AI technology helps reduce payment frauds and prevent fraud attempts. 63.6% of financial institutions that utilize AI believe that it is capable of preventing fraud before it happens. This shows the scope of AI for the mitigation of payment frauds. Payment frauds are reduced through AI’s ability to interpret trend-based insights through supervised machine learning, which is then joined with completely new knowledge achieved through unsupervised machine learning. Through the combination of both types of machine learning, it is determined whether a transaction is fraudulent or not. 

The following points depict why AI is one of the most used tools to combat payment fraud: 

  • With the advancements in technology, payment fraud attacks are increasing in complexity. These attacks normally have a digital footprint or sequence which makes them undetectable using predictive models alone. AI plays its role to mitigate these kinds of attacks and provide a security layer to the bank. 
  • Through the use of AI, payment fraud can be detected swiftly even on a large scale. This is how AI provides an immediate advantage to banks in battling the many risks and methods of fraud. 

Through AI’s predictive analytics and machine learning, anomalies in large-scale data sets can be found in seconds.

Cost Reduction 

Along with the number of other advantages of AI in the banking sector, cost reduction is a big one. It is estimated that by 2023, $447 billion will be saved in costs through the use of artificial intelligence. By utilizing AI, banks can cut costs in three key areas: 

  • Cycle Time

A huge amount of time is spent in digitizing, identifying and onboarding document templates. Through the automation of the digitization process, banks can reduce the total time spent on this circle. This results in highly improved cycle times and the benefit of redeploying employees to more important projects. 

  • Error Rate 

Errors are costly yet unavoidable. A recent survey by Netwrix shows that human error is one of the leading causes of financial data breaches. Through automation in banking systems, errors are lessened to a remarkable degree without an increase in cost. AI systems are much better at handling unstructured data which leads to lower error rates. 

  • Solution Costs

Costs of document digitization are huge. Based on the data from IBM, the traditional onboarding process can cost hundreds of millions of dollars. AI tools that are 80% automated and results in 90% accuracy are utilized so that banks are capable of reducing the costs of these onboarding processes. Approximately 30 to 40 percent of the original cost spent on the onboarding process can be saved. The AI-powered onboarding process also results in lessened error rates and greater use of employee labor. 

Enhanced Regulatory Compliance

Banks are always under intense pressure from regulatory bodies to enforce the most recent regulations. These regulations are there to protect the banks and customers from fraudulent activities while at the same time, reducing financial crimes like money laundering, tax evasion, and terrorism financing. AI in banking also helps ensure that banks are compliant with the most recent regulations. AI relies on cognitive fraud analytics that watches customer behaviors, track transactions, recognize dubious activities and assess the data of different compliance systems. 

Businesses can remain up to date with compliance rules and regulations through the use of AI. AI systems can read compliance requirements and detect any changes in the requirements through deep learning and natural language processing. Through this, banks can remain on top of ever-evolving regulatory requirements and align their own regulations with them. Through technologies like analytics, deep learning, and machine learning, banks can remain compliant with regulations. 

Seamless Customer Experience

Customer experience affects every business in the world, including the banking industry. Customer experience directly affects the way people perceive an organization. Especially in the case of banks, people want access to their money 24/7 and they want swift and easy transaction as well. This is where AI chatbots and voice assistants play their role. Chatbots don’t follow any timezone which helps users access them anytime, anywhere in the world. 

The most important feature of these chatbots is that they are constantly learning through previous customer interactions which in turn helps enhance them and their customer service. An example of chatbots in banking is the virtual assistant of Bank of America, Erica. Erica constantly sends notifications to their clients, updates users about their credit scores and helps them pay bills and make transactions automatically. 

Apart from chatbots, banks are also employing humanoids. Pepper, which is a humanoid developed by SoftBank, is one such example. Through the use of AI, customer experience is enhanced which in turn increases revenue. 

Risk Management

When it comes to customer onboarding or granting credit cards to clients, there is always a risk factor associated with it. To mitigate it, a thorough check of the potential customer is needed to authenticate the client. Through the use of AI, Know Your Customer (KYC) checks are done in real-time to identify the clients. Thus, AI offers the chance to save banks millions of dollars due to fraudulent or poor credit applications. Through the use of biometric technology which includes fingerprints, facial recognition scans, iris scans, voice recognition, etc., banks can implement a supplementary layer of security which in turn helps mitigate risks. 

Mobile Banking

Mobile banking is also another application of artificial technology in banking. AI in mobile banking has remarkably revolutionized the concept of banking and customer experience. The core features of mobile banking are 24/7 availability anywhere in the world as well as providing more opportunities for the bank staff to concentrate on more complex issues. According to a survey by the National Business Research Institute, 32% of financial institutions are already using AI tools like predictive analytics, voice recognition, and recommendation engines to provide a more personalized touch to the customers. 

The impact of artificial intelligence and machine learning in the banking sector runs deep. As we continue to become comfortable with the existing AI applications, it will continue to enhance and grow savvier. The banking industry is seeing a number of innovations due to artificial intelligence and machine learning and in the upcoming years, these innovations will continue to progress.

Amazon Challenges Pentagon’s $10 Billion Contract To Microsoft

Amazon Challenges Pentagon’s $10 Billion Contract To Microsoft

Learn more

Amazon said on Thursday, that it is going to challenge a $10 billion contract awarded to Microsoft last month by Pentagon. Amazon called the decision-making process prejudiced and tainted by “political influence.” 

The Department of Defense had been considering a number of bids for a cloud computing project, “Joint Enterprise Defense Infrastructure” or JEDI initiative. The project, that has been delayed for a long period of time, is supposed to update the computing infrastructure of the Pentagon. Most of the agency’s technology relies on systems from the 1980s and 1990s. 

A number of people had expected the contract would be awarded to Amazon Web Services, which commands about 48% of the cloud computing market share. Over the past year, President Donald Trump has increased his attacks on Jeff Bezos, CEO of Amazon. Weighing in on the contract, he said in July, that he had considered intervening in the award process. 

“Great companies are complaining about it,” Trump said at that time, mentioning that this contract was one of the “biggest” ever. “So we’re going to take a look at it. We’ll take a very strong look at it.”

Last Friday on November 8, Amazon officially filed a notice to protest the decision and it is being filed in the US Court of Federal Claims. A spokesperson for Amazon Web Services said in a statement to HuffPost, 

“AWS is uniquely experienced and qualified to provide the critical technology the U.S. military needs and remains committed to supporting the DoD’s modernization efforts. We also believe it’s critical for our country that the government and its elected leaders administer procurements objectively and in a manner that is free from political influence. Numerous aspects of the JEDI evaluation process contained clear deficiencies, errors and unmistakable bias and it’s important that these matters be examined and rectified.”

Pentagon has more than 500 separate cloud systems throughout the military and through JEDI, it is intended to unify all the systems under one umbrella. This will help Pentagon keep up with the developments n the civilian computing industry. 

Difference between KYC and AML

Difference between KYC and AML

Learn more

The growing Fintech industry leads to an increased demand for KYC and AML compliance requirements. Financial institutions face high-risk frauds through the customers and financial transactions. KYC and AML compliance programs build a systematic review of the secure financial system. Customer verification procedures, Know Your Customer and Anti-money Laundering screen customers against possible fraud risks.

The need for KYC and AML compliance has become mandatory to comply with the global and local regulations. The ones who fail to do so, are subjected to harsh regulatory penalties.  To avoid fines, businesses should identify the underlying company standards and the need for KYC and AML compliance in the business framework. Before this, there should be clear understanding of how KYC and AML are different from each other.

Know Your Customer is defined as a process that verifies the identity of customers. Customers are required to provide personal information which includes name, address, contact information, id card, etc. This information is verified before they become part of a  business or company. The term KYC is commonly referred for financial institutions. This is because the finance industry is prone to high-risk frauds that vary from money laundering and terrorist financing to identity theft and data breaches. 

The scope of KYC enlarges and takes in all the Fintech companies that provide financial services to customers. Online businesses that are under threat of a large number of financial frauds also lie into this cluster. KYC compliance has become mandatory whose non-compliance can result in businesses in the hefty monetary and reputational loss.

KYC Incorporates CDD AND EDD

Know Your Customer demonstrates customer verification which ultimately refers to the processes of Customer Due Diligence (CDD). Financial institutions verify the information of clients to make sure that they are building a secure relationship with them. Financial middlemen are supposed to undergo a CDD process to authenticate customer traffic and ensure their incorruptibility. In CDD, ascertain the identity of customers and verify the name and address. After authenticating, identify the risks before making an entity part of the system.

Enhanced Due Diligence (EDD) on the other hand, gathers additional information from customers. EDD came into force with the declaration of the USA Patriot Act. The difference between CDD and EDD should be clear to map the business standards and needs accordingly. Periodic due diligence processes on the customer are highly beneficial to deter the risks that could be generated by an entity later. 

EDD regulations are more efficient because of the extra information and proof it gathers from the customer. Detailed documentation is done for the whole EDD process and regulators are provided with the gathered information. EDD information includes;

  • Geographical factors
  • Property and assets information
  • Transactions types 
  • Occupation information
  • Banking information 

AML procedures detect suspicious transactions happening in the financial system. Entities are investigated and thorough documentation takes place that reveals malevolent entity beforehand. Criminal activity is accelerated when laundered money is used. By breaking that cash flow, a large number of criminal operations can be terminated. For this, a company must first verify the identity but do not stick to it. Continuous transaction monitoring should be done to identify the risky entity before some ruinous situation takes place. 

Global and local regulators are all set up to evaluate the AML standards of businesses. Regulations are declared to which states are supposed to comply strictly. Otherwise, it could lead to heavy regulatory punishments. AML regulations intend to eliminate the incidences of money laundering and terrorist financing. Businesses across the world are evaluated with respect to in-house AML techniques and procedures. This is done to make sure that no individual is facilitated to launder money through some industry or business (knowingly or unknowingly). An overall assessment takes place by global regulators that evaluate the AML norms of countries and present amendments accordingly. 

AML Procedures

The AML framework keeps on updating with the pace of fraudulent activities. Rules and regulations change with time. Following are the steps that help businesses comply with the AML regulations and standards:

Step#1 Stay updated with the changing AML rules and regulations

On a continuous basis, keep on reviewing the company norms and improve them accordingly. 

Step#2 Know Your Customer

KYC is a part of AML compliance. It is necessary to know who you are facilitating with your services and how in return your customer will be. 

Step#3 Identify the external and internal risks

It is necessary for companies to identify the high-risks associated with the business.  Identify the vendors, third parties and customers. 

Elaboration: Difference between KYC and AML


Elaboration: Difference between KYC and AML


AML procedures contribute to avoiding money laundering and terrorist financing activities. KYC, on the other hand, is the process of gathering customer verification on the basis of gathered information. It is necessary to consider both simultaneously. A business that complies with both KYC and AML regimes is considered well-reputed and trustworthy. The reason is that the chances of fraud are reduced when a company takes in place stringent actions and steps for fraud prevention. 

Bill to Combat Money Laundering Makes Its Way Through The Senate

Bill to Combat Money Laundering Makes Its Way Through The Senate

Learn more

The US House of Representatives passed the Corporate Transparency Act of 2019 (HR 2513) on October 22, 2019. It is currently being reviewed by the Senate. 

The bill aims to reveal the true owners of “anonymous” shell companies to law enforcement agencies. It will have major implications for all the small businesses and their owners. The bill would require businesses, that didn’t fall under the Bank Secrecy Act, to report every transaction, however small, to the government. Moreover, the business owners would have to alert the authorities regarding any suspicious activity, while maintaining a comprehensive record of all sales.

United Nations finance expert, Eric LeCompte, said of the bill, 

“This legislation helps us stop human traffickers and corrupt public officials and protects development aid. Shell companies contribute to a trillion-dollar loss to the developing world every single year.”

This bill is part of an extensive effort to crack down on money laundering and terrorist financing in both the US and Europe. Passed by the House of Representatives on October 22, it is now being evaluated by the committee experts in the Senate. 

Customer Due Diligence: From KYC to KYB

Customer Due Diligence: From KYC to KYB

Learn more

Why CDD is significant for both Know Your Customer and Know your Business verification?

Banking is a profitable sector but is risky at the same time. Frauds, as well as compliance risks, are often complicated and intricate. The banks and financial institutes are spending a high amount of capital on KYC compliance, which surpassed $100 billion in the year 2019. Even with this much investment, global banks have been fined $321 billion since the global crisis in 2008. Further complicating these risks is the fact that financial crimes such as money laundering, terrorist financing, and cyber frauds are increasing.

On the other hand, regulatory authorities are striving hard to enforce measures that could lead to the eradication of financial crimes. One of the first regulations that were enacted amidst the Vietnam war back in the 1970s was BSA. US regulatory authorities issued the Bank Secrecy Act of 1970 (BSA).

The purpose of this law was to counter money laundering activities emerging from illicit drug trafficking. Under this provision, banks are obliged to report any customer activity that seems suspicious such as transaction above $10,000 to the Federal Financial Crimes Enforcement Network (FinCEN).

The regulations aimed to make it difficult for the drug cartels, terrorists, and other lucrative criminal enterprises to launder money by making their transactions more visible to law enforcement agencies.

Introduction of Customer Due Diligence as Know Your Customer (KYC) regulations


The Banking Act of 1970, laid the foundation for the Anti Money laundering (AML) regulations later in US patriot Act, 2001, after the tragic incident of 9/11. Customer due diligence (CDD) was declared necessary for the financial sector. The term coined for performing CDD is Know Your Customer or KYC.

The KYC regulations were fortified to restrain the flow of money to the terrorists. It requires financial institutes to verify the customer to ensure that they are, who they claim to be. These regulations led to the adoption of various approaches to comply with CDD and KYC laws. Since the US regulatory changes affect the landscapes of the global financial sectors, these regulatory changes were accepted by the banking sector worldwide.

Financial Sectors adopted several ID verification controls to respond to these regulations. These ID verification controls include:

  • Maintaining a thorough Customer Identification Program (CIP).
  • Verifying customers against the list released by Law enforcement agencies.
  • Predicting, customer’s behavior and criminal risks associated with a particular entity, based on the statistical data.
  • Ongoing screening of the transactional activities of suspected customers.

It continues to be the main line of defense for the financial sector against financial crimes, with minor amendments. For a simple person, this law appears comprehensive. However, in June 2016, a loophole was identified in KYC compliance regulations. 

The banks weren’t required to verify the identity of stakeholders and beneficiaries of the businesses they provide services. It was after Panama Papers Scandal the world realized that apparently, legitimate businesses could hide the identities of bad actors and perform illegal activities on their behalf. The regulatory authorities identified the risk and issued a fix as Know Your Business (KYB).

Tying up Loose Ends with KYC Verification


This fix made by regulatory authorities in the KYC checks includes the Customer Due Diligence for the financial institutes. Under the new provision, Financial institutes are now required to perform stringent verification checks. KYB regulations are aimed to identify the shell companies that are involved in money laundering and other illicit financial crimes. 

Firms are required to verify the person who owns the business legally as well as, the identity of stakeholders owning a minimum of 25% share in the business. European Commission also introduced the same legislation in its 4th AML Directive (4AMLD). This process of business verification was improved, with new regulatory changes in AMLD5 and AMLD6, which are aimed to make due diligence transparent.

However, KYB compliance is not easy to achieve as it seems. The major problem in KYB verification is the identification of shareholders in the businesses. Most of the time, no record of these entities is available and to make things worse, the disclosure requirements in each jurisdiction varies. This sometimes makes it impossible to identify the stakeholders in the business. It is a recipe for disaster, for the firms who want to stay in compliance.

Turning towards Technology for Solution 


Emerging from the ashes of the global financial crisis in 2008, the new regulatory technologies are helping to ease the burden of compliance by reducing the operational costs as well as mitigating the risks for financial crimes. At the crux of these technologies, is the use of new technologies such as Identity verification and KYC identification, to help financial institutes to monitor, comply and regulate. The RegTech solutions are already assisting financial institutes to meet KYC and AML regulations.

Businesses need to stay one step ahead of the fraudsters. With a comprehensive approach to global risk mitigation, businesses could easily prevent fraudulent activities and stay in compliance with regulatory authorities. 

RegTech industry is rendering efficient AI-based solutions for Business verification solutions that can eliminate the inefficiencies and risks involved in onboarding new customers. For instance, automation of official document checking process and verification against the government issued registries. 

The future of RegTech is expected to see great adoption in the financial sector in the future. Owing to the changes in regulatory compliance, performing KYC and KYB verification parallelly will enhance the customer due diligence process and businesses to stay compliant.

RegTech – FATF Guidance for Digital Identity Verification

RegTech – FATF Guidance for Digital Identity Verification

Learn more

Regulatory authorities have recognized the benefits of technology and its use for seamless regulatory compliance and scrutiny. Digital identity verification referred to as “digital ID systems” in the FATF guidelines, is a futuristic approach towards fraud prevention. FATF recently issued a guideline for digital ID systems, their use cases, the risks involved and the benefits of such solutions. 

FATF took this initiative back in 2017. It showed its positive attitude towards technological solutions for regulatory compliance that are aligned with the regulations of FATF. Since then FATF has been working on developing guidelines for such fintech and RegTech solutions, that will further make this industry fraud-free. As the guideline highlighted that risk prevails in the fintech industry as well and it can be mitigated through regulatory compliance. The FATF guideline on the digital ID systems is still under scrutiny and it requested suggestions for public stakeholders to leave no loophole for financial criminals. 

FATF Guideline Key Features

The following are the key features of FATF guidance on digital ID systems. It is expected that the final draft of guidance will be very much different from the current draft. 

Stakeholders of the Digital ID guidance

FATF developed guidelines to assist in regulatory compliance, supervision, examination, and cybersecurity authorities by government organizations involved in policymaking. Also, the private sector that delivers digital ID systems will have a lot to gain from the guidance. 

Last but not least, the businesses and organizations that use outsourced digital ID systems will also benefit from this guidance, as it will help them to choose the best Digital ID verification solution. 

Limitations of the guidance

The guidance draft issued by FATF doesn’t cover any information regarding some Customer Due Diligence (CDD) practices. The guidance doesn’t cover the CDD through digital ID for legal person verification, Ultimate Beneficiary Owner (UBO) screening, and nature of a business relationship. 

There is no doubt that digital ID verification can serve these above-mentioned purposes as well but for the time being FATF didn’t cover these in this guidance. 

Main components and participants of the digital Identity systems

The guidance mentioned three main components and participants that it seeks to be available in digital identity systems used by the entities. It includes the process of identity screening through digital ID systems, the ongoing screening and the technical aspects of the digital identity systems. 

Identity proofing and enrollment is the first component and it involves the collection and verification of customer data. A picture is shown on the 13th page of the guidance draft and it shows the process of collection of data from the official identity document (like ID card) and then screening of the information to verify the identity of a customer. The component one also includes the verification of a person through biometrics like face verification and liveness detection to ensure that the original person is providing the identity evidence.

Identification and identity lifecycle management is the second component and it includes the information regarding the stakeholders that need to be verified. The system should be designed to verify the identity of new customers and to verify the identity of already existing customers. It also mentioned that the digital identity system can be used every time a customer logs in to his/her account online or for every face to face interaction with the customers. Such verification should be performed on all the transactions and events mentioned in the FATF regulations regarding identity verification.

Portability of identity proof is the third component that allows the end-users to develop portable identities that will be issued for future verification. 


The guidance referred to NIFT Digital ID Guidelines and EU’s EIDAS Regulations and explained how Digital ID systems help in the effective implementation of CFT and AML regulations. 

Technical standards

The Digital ID systems that follow the guidelines of following international standard organizations are good to go as per the guideline:

  • various jurisdictions or supra-national jurisdictions (e.g. eIDAS Regulation by the European Union)
  • International Organization for Standardization (ISO), International Electrotechnical Commission (IEC), Faster Identity Online (FIDO) Alliance, and the OpenID Foundation (OIDF), and
  • International Telecommunications Union (ITU) and GSMA (for industry-specific). 

To wrap up, businesses are required to comply with KYC, AML and CDD recommendations of FATF in every corner of the world. Now FATF is making things easier for them by developing a guideline for digital ID systems. Just follow this guideline for choosing the best identity verification solution for your business.

Know Your Business: The Next Step in Identity Verification

Know Your Business: The Next Step in Identity Verification

Learn more

The complex regulatory environment and increased exposure to illegal activities indicate that business verification is in the best interest of regulated companies eyeing long term stability. According to the UNDOC, money laundering is estimated at 2-5% of global GDP, amounting to almost $2 trillion. Digital data breaches have also increased substantially over the recent past, with rising threats of virtual ID theft.  

In order to counter this, banks are spending more than $48 million on due diligence and KYB processes, with rising onboarding costs, as reported by the Thomsons Reuters’ survey. 

With the advancement in digital technologies and virtual data sets, KYB compliance and verification tools can help mark businesses that are involved in undercover activities and transactions. International requirements of both KYB and AML are increasingly reflecting the need to secure business transactions and prevent illicit financial flows from entering the formal sector. 

The Regulatory Approach to KYB

Businesses face strict regulations that require them to identity and verify customers before onboarding them. The 4th AML Directive, in particular, puts emphasis on stringent audit trails that help prevent fraud and financial crime. For this purpose, Digital Verification Services such as KYC and AML screening have proven to be significantly effective in improving compliance procedures. 

In a similar tune, regulatory requirements, such as the AMLD5 directive, now demand strict evaluation of both individual clients and commercial entities before carrying out business with them. This is to ensure that financial institutions and other businesses can avoid being connected to illegal transactions conducted by their clients. 

Money launderers often get under the cover of businesses and the EU is rolling our stricter regulations for customer due diligence to stamp out aggressors. For regulated companies, this translates into a legal compliance requirement for which the adoption of a duplicate screening process for suppliers, vendors and traders becomes important. Other regulations such as the GDPR, PSD2, and FinCEN also require companies to be aware of the Ultimate Beneficiary Owners (UBOs) of entities before beginning a relationship. 

According to new registration demands of the AML directive, all EU states are required to maintain national registers of beneficial ownership information on corporations and other legal entities. All companies and their owners now have to get their details registered, making it all the more easy to identify individuals involved in illegal activities through a business. Information of such regulated businesses will be made available to companies with a legal interest in business relationships.

KYB Process 

Similar to KYC, Know Your Business (KYB) is a Verification Solution that cross-checks business identity by extracting official commercial register data using APIs. Using a business’ registration number and jurisdiction code, an efficient digital KYB service can collect verifiable information for the business. 

Access to automated commercial registers through a data-powered business verification service make the due diligence process swift and free of errors, while saving valuable time and manpower. 

Business Search 


This includes background data on the company: registered address, current status, company type, UBOs, previous name, trademark registration. A financial summary of the company’s operational accounts is also provided by the authentication service, in order to better validate its authenticity. 

Business FIlings


In addition, business filings offer instant, verifiable information about company financials; access to financial statements, sources and links to downloadable reports (such as register reports, annual accounts and shareholder lists). 

Business Statements 


Business statements can help companies stay on top of changes in management and organisation of connecting businesses. A change in directors or beneficiary owners can also reflect an evolving business environment, indicating the need for followup information on business matters. 

Business Networks


Detailed information on corporate structure also provides insights into parent entities and lists of company subsidiaries (child, sister companies). Key factors under consideration are also based on the country in which the business is registered, the nature of business activities and the value of transactions it carries out. 

Find more resoures on business technology

Challenges in KYB


By far, one of the foremost challenges in KYB compliance lies in accessing beneficial ownership information, especially in jurisdictions that do not require companies to submit relevant documentation. A lack of shareholder information can make it harder to investigate money trails and business authenticity, leading to potential non-compliance costs. 

Timely availability of data, in the right format, is also another hindrance, especially as company structures and management change over time. Storage and interpretation of data is also subject to a number of factors, mainly centering on companies adopting a manual approach to due diligence processes. 

Moreover, companies that are currently implementing KYC processes have ample room for improvement in process efficiency, costing banks millions of dollars in lost time. It follows that digitization of KYB verification solutions will also be a tedious process of hit-and-trial before firms can grab its full potential. 

Business Verification: Moving Forward


When it comes to risky transactions, regulatory authorities are not ready to bend their rules. The 6th AML Directive is also ready to be implemented soon, which indicates little or no leniency for financial institutions or businesses in the coming future. Therefore, KYB is central to the efficiency and transparency of firms doing business. 

Data analytics software that aggregate and updates information about businesses assists stakeholders in keeping tabs on their operations and practices, as well as fulfilling due diligence requirements of KYB.

As a one-stop solution for business verification, Shufti Pro offers a cost-effective solution of due diligence review of companies. With an electronic identity verification (eIDV) service, the authentication process for business entities is made easier and more accurate. The integration of APIs and data-driven systems now allow easier extraction of data, as well as smoother coordination mechanisms for compliance review. 

Transparent B2B Relations 


As a pre-emptive measure, businesses can use KYB solutions as fraud covers in case of a breach. Using the right mix of technology and support, full coverage of business financials and organizational structure can be accessed in order to trace business activities. This also allows firms to maintain updated company databases for better workflows. 

Business reputation is also incumbent upon due diligence processes that are reliable and foolproof. As a consequence, identification and verification of the beneficial ownership of connecting entities is vital to solving verification challenges.

Effortless Regulatory Compliance


A user-friendly interface allows businesses to fulfill regulatory compliance needs without any friction. Potential losses and non-compliance penalties diminish productivity for firms willing to extend their business networks. Reputational damage is also a leading cause of business failure when it comes to carrying out business with suspicious entities. 

With a comprehensive approach to risk mitigation, online KYB authentication services provide strong risk-shields against such losses, securing long term benefits for all concerned parties. 

FATF October 2019 Plenary – Here is What You Need to Know

FATF October 2019 Plenary – Here is What You Need to Know

Learn more

Financial Action Task Force (FATF) President Xiangmin Liu, chaired the first meeting from 16-18 October 2019 under the FATF Chinese Presidency. In this three day meeting, 800 delegates represented 205 jurisdictions. The international organizations which include the UN, IMF, World Bank, etc. discussed the current issues that are giving rise to financial crimes and presented solutions that possibly contribute to global security.  

FATF is an inter-governmental body that aims to set standards for effective implementation of the regulatory, legal and operational measures to combat money laundering and terrorist financing. FATF goals for the elimination of any criminal activity that disrupts the flow of the financial system. In the recent meeting, FATF highlights important issues discussed below: 


  • Associated Risks with Virtual Assets 


Money laundering and terrorist financing risks with virtual currency, “stablecoins” or similar assets are pondering. FATF focuses on countries and their norms to facilitate the virtual currency industry. According to FATF, it is necessary for the countries to take in place requirements while recognizing the risks associated with virtual assets. This sector should be properly supervised to eliminate the incidences that aid criminal activities. The countries which have already implemented measures should report back regarding the actions they took for evaluation purposes.

It is the duty of FATF to monitor the standards industry is following in its development processes and make sure that they are complying with the requirements defined by FATF. Emerging virtual assets such as “stablecoins” are supposed to introduce to a shift in the virtual currency ecosystem which could be a source to facilitate criminal activities most likely money laundering and terrorist financing. “Stablecoins” service providers are supposed to adhere to FATF standards strictly just like traditional financial service providers do. FATF is continuously monitoring the characteristics and is looking for further specifications these virtual assets hold and to be reported with updates these currencies come up with. 


  • Understanding Digital Identity Use


A swift shift towards the digital world, digital payments, and digital identity are worth notable. Every year, a large number of transactions through digital means take place and are growing by 12%. The digital identity roaming over the internet should be identified and verified. This is a vital step to perform as its negligence gives rise to criminal activities. Fake identities over the internet participate in money laundering and terrorist financing. This can be eliminated through customer identification to make sure that each person has its own real identity. 

FATF is going to release a draft for public consultation elaborating on the use of digital identity. The draft would give clear statements regarding the use, reliability, and standards of digital identification systems. FATF aims to eliminate the sources that are facilitating criminal activities.  


  • Follow-up Assessments


Mutual Evaluation of the Russian Federation and Turkey 


FATF plenary conducted a mutual evaluation of the Russian Federation and Turkey. It evaluated the effectiveness of AML/CFT compliance in both countries. Also, their compliance level with FATF requirements. 

In Russia, the FATF-EAG-MONEYVAL assessment was conducted whch showed that Russia has an in-depth understanding of the criminal activities and risks associated with them. It follows robust policies to combat risks of financial crimes like terrorist financing. However, it needs to work on the supervision standards of money laundering especilaly the money that is laundered abroad. 

In Turkey, plenary concluded that measures Turkey is taking in place to cater to money laundering and terrorist financing activities are stringent. However, it is in dire need of persuing financial crimes in line with the risk profile of the country. Also, there should be strict actions immediately to freeze the criminal liability at the spot which includes any detection of terrorist financing or money laundering or even weapon proliferation of the purpose of mass destruction. 

Plenary discussed AML/CFT regulations compliance of each country. After evaluation of both countries’ compliance with FATF requirements, mutual evaluation reports will officially publish in December 2019. 

Norway and Spain Follow-up Assessments


Since the mutual evaluations conducted in 2014, plenary discussed changes Norway and Spain entertained at their ends regarding money laundering and terrorist financing activities. 

Norway is on the go to strengthen its strategies for financial intelligence to understand the bad money flow through money laundering and terrorist financing, it has developed effective strategies to combat the risks of dirty money flow. Its improvements towards the ability to freeze suspicious criminal liabilities are also effective.

 Similarly, Spain is also active in ensuring the sources that facilitate criminal activities and measures they are taking to combat them. It has established an effective framework and mechanism to freeze the weapons proliferation supposed for mass destruction.

Denmark, Ireland and Singapore Mutual Evaluation


FATF plenary re-rated these countries on the basis of mutual evaluation. It came out that among these, Ireland moved to regular follow-up procedures from enhanced processes. FATF will be publishing the mutual evaluation report soon declaring fluctuations in technical compliances. Also, the rating with respect to measures taken to eliminate terrorist financing, money laundering and ability of weapon freezing having mass destruction intentions.

Brazil’s Mutual Evaluation Report


In the report of 2016, FATF conveyed concerns about Brazil’s continued failure with technical compliances to deter the risks of money laundering and terrorist financing. FATF declared that this would be the primary concern in the October FATF plenary. Now, evaluation resulted in positive results depicting the effective adoption of regulatory compliance by Brazil. Its substantial progress has proved to address most of the compliance requirements for the betterment of the financial system.

However, serious concerns remain regarding the international compliance standards of Brazil. This emerged as a result of limitation laid by a provisional injunction that was issued by a Brazilian Supreme Court judge. This limitation was on the use of financial intelligence for criminal investigations. FATF is active to get timely updates regarding this matter.


  • Jurisdictions Identification


Identifying Jurisdictions w.r.t AML/CFT Deficiencies


FATF concerned the identification of Juridictions with respect to strategies that they are taking in place for the elimination of terrorist financing and money laundering. FATF maintains public documents of June 2019 containing lists of jurisdictions that might pose potential risks to the international financial system. These contain amendments regarding the call for action and an action plan with FATF.

Ethiopia, Srilanka, and Tunisia with no Jurisdiction monitoring 


FATF is satisfied with the progress of Ethiopia, Srilanka, and Tunisia in addressing AML/CFT deficiencies. Now, these jurisdictions are out of the list of FATF monitoring. 

The FATF praised Ethiopia, Sri Lanka and Tunisia for the significant progress made in addressing the strategic AML/CFT deficiencies identified earlier by the FATF and included in their respective action plans.

These jurisdictions will not be subject to the FATF’s monitoring any long under its on-going global AML/CFT compliance process and will work with the FATF-Style Regional Body of which they are a member and continue to encourage their AML/CFT regimes.

New Jurisdiction Monitoring over Iceland, Mongolia, and Zimbabwe


FATF identified serious deficiencies in AML/CFT compliance programs of Iceland, Mongolia, and Zimbabwe. Each jurisdiction now has developed an action plan to comply with FATF requirements and FATF is looking forward to their plan. 

Pakistan and AML/CFT System


Since Pakistan committed to making high-level progress in June 2018 in regard to the requirements of FATF and APG, Pakistan has improved the AML/CFT regime’s compliance. However still, the progress is not up to the mark. Pakistan still lacks a proper understanding of terrorist financing risks. It is able to complete five out of 27 action plans. FATF urges Pakistan to complete the thorough action plan by February 2020. In case of any discrepancy, FATF will take action. This action could be a serious call to all jurisdictions to give special attention to the relationship with Pakistan’s financial institutions.

Iran and AML/CFT System


In June 2018, Iran committed with FATF regarding effective practices with respect to AML/CFT strategies to overcome the current deficiency and to act upon the implementation of the Action Plan. Iran significantly lacks proper identification of terrorist financing risks. FATF calls upon its members in June 2019 to conduct the supervisory examination in Iran’s subsidiaries and branches of financial institutions. Now if before the deadline i.e February 2020, Iran does not act upon the conventions of terrorist financing and Palermo, FATF will call for members and subject Iran with effective countermeasures. 

Iran will be in FATF public statements till it fully comes up with with the Action Plan. Until Iran takes a serious approach towards the implementation of countermeasures to eliminate terrorist financing, FATF will be highly concerned with the risks that can arise from Iran regions and pose this threat to the international financial system.


  • Promoting more Effective Supervision


In the plenary of FATF, one the major discussion involve identification of improvements that can better help in the supervision of AML/CFT regimes. FATF discussed the program and aims to outreach to improved strategies to national supervisors. The objective behind this effort is to let entities regulate their processes and focus more on the outcomes while taking in place a risk-based approach. 


  • New Practices for Legal Professionals


FATF focuses on the transparency of beneficial owners of the legal sector. It is important to prevent terrorist financing and money laundering through companies. However, jurisdictions find it challenging to implement the requirements in this field. Although mutual evaluations using a prolonged approach opens the ways for effective solutions. The collection of information through several sources contributes to effective approach towards the prevention of misuse of the legal sector. Facilitation of criminal activity through legal persons can be avoided. A large number of sources help in better addressing of problems and identifying their respective solutions. Using input from global databases can help in catering to criminal activities in a better way. 

More posts