Dubai KYC consortium to enhance UAE bank profits

Dubai KYC consortium to enhance UAE bank profits

According to Moody’s Investors Service, the recently formed Know Your Customer (KYC) consortium is a significant development for the United Arab Emirates (UAE) banks. They believe Blockchain-powered technologies will facilitate a swift and secure transfer of authentic customer data and documents which will establish enhanced compliance with global KYC regulations and minimize the risk of identity theft.

The National also referred to this in their tweet:

Additional qualified financial institutions and licensing authorities will be able to join the KYC platform once it opens up this quarter. Dubai Economy, Emirates NBD, Emirates Islamic, HSBC, RAKBANK, Abu Dhabi Commercial Bank and Commercial Bank of Dubai will be among the key members of the consortium. 

According to the Assistant Vice President of Moody’s, Mik Kabeya, the creation of this consortium is credit positive for UAE banks and it supports asset quality and profitability. Moody’s believes that non-compliance with KYC regulations, especially for anti-money laundering and terrorist financing, can have legal implications and result in huge sanctions for banks. The reputation of financial institutions can also be damaged significantly.

In addition, miscalculation of banks’ collection and mismanagement of KYC data will also be prevented through the platform. The future vision for the consortium-run ecosystem is to serve the greater good by refining the ease of conducting business as well as overall regulatory compliance in the United Arab Emirates. The consortium’s operations will be monitored by Smart Dubai and the UAE Central Bank. 

Kabeya expects that the platform will assist in credit risk management due to the availability of improved data for client underwriting and debt collection. He stated, 

“The consortium will support the franchises and profitability of UAE banks by improving customer service through shorter turnaround times for customer onboarding, including opening a bank account.” 

Furthermore, it is believed that the financial cost of paper-based KYC data acquisition will also be reduced.

KYC Alliance between Dubai Economy and six banks

KYC Alliance between Dubai Economy and six banks

As reported by Gulf News, Dubai Economy along with Emirates NBD, Emirates Islamic, HSBC, RAKBANK, Abu Dhabi Commercial Bank (ADCB) and Commercial Bank of Dubai (CBD), has formed a coalition for the exchange of verified KYC (Know Your Customer) data between banks and licensing authorities in the United Arab Emirates. It is believed that customer onboarding and sharing of client data and documents will be eased and facilitated through this new KYC alliance.

The Deputy Director-General of Dubai Economy stated that the launch of Dubai’s first KYC Blockchain platform will attract a greater number of investors to the market. A digital ‘Instant Bank Account’ facility will be provided which will ensure a faster and improved onboarding experience. The KYC platform is expected to be functional by the first quarter of 2020, after which it will be open for qualified financial institutions and licensing bodies.

Michael Gassner also discussed the implications of this alliance on Twitter

The main purpose of the alliance is to serve a greater cause by upgrading business functioning as well as complying with the regulatory policies in the United Arab Emirates. Smart Dubai in coalition with the UAE Central Bank will play a key part in monitoring and regulating the alliance operations. 

Authentic and valid KYC data will concurrently be shared with financial institutions following the launch of the KYC blockchain platform. This will speed up the bank account opening process for new companies as well as reduce the troublesome requirements of KYC for existing companies. 

A lawsuit is filed against LifeLabs for a data breach incident

A lawsuit is filed against LifeLabs for a data breach incident

As reported earlier, the Canadian laboratory testing company, LifeLabs was hit with a cyber-attack which resulted in a data breach of 15 million customers. Following the incident, the lawsuit is filed against the company.

On October 28, 2019, LifeLabs reported the data breach to the government partners, however, waited until December 17, to announce publically. The accessed data included some sensitive information, customers’ name, emails, addresses, login credentials, dob, health card numbers, and lab test results.

LifeLabs paid an undisclosed amount to the cyber-criminals who accessed the data with a promise that they won’t disclose any information publically. Nevertheless, the lawyers Peter Waldmann and Andrew Stein filed the statement against LifeLabs in Ontario Superior Court accusing them of contract breach and negligence, on December 27. Moreover, the statement indicated the violation of consumer protection laws and their customers’ privacy. 

The lawsuit was filed on the behalf of plaintiffs also included the lead plaintiff Christopher Sparling. He alleged in the statement that LifeLabs violated their own privacy policy since they failed to implement and follow the adequate cybersecurity measures and checks to detect the potential risks and threats to Customers’ data and swiftly respond them within time.

In addition, the statement also accused LifeLabs to store the customers’ information on unsecured servers and networks without any encryption protocol and they neglected the need to hire cybersecurity professionals for network security management.

While the lawyers are seeking more than $1.13 billion in compensation for the breach victims to make up for the mental anguish, damage to credit reputation and the wasted time that had to undergo, the plaintiffs are looking for additional moral and punitive damages.

After the public announcement of the breach, LifeLabs set up a toll-free helpline on December 18 and received more than 5000 calls from concerned customers. 

Bank of England fines Citigroup £44m Over Poor Financial Information

Bank of England fines Citigroup £44m Over Poor Financial Information

The Bank of England has fined the UK branch of the US bank, Citigroup, a record £44m because the bank submitted incomplete and fallacious regulatory information to the Bank between 2014 and 2018.

According to the Bank of England, Citigroup didn’t come up to the expected standards between the above mentioned years and the problems were ‘serious and widespread in nature and the bank hadn’t presented an authentic picture of its monetary position. 

The Bank’s Prudential Regulatory Authority (PRA) fined the Citibank, which is responsible for monitoring the financial stability of about 1500 banks, building societies, credit unions, large investment firms and insurers in the UK. This is the biggest fine ever imposed by the Bank of England. 

According to the PRA, the bank’s systems were incompetent and Citi didn’t have enough people working for the regulatory accuracy, there was no proper documentation and that Citi’s failure and governance fell significantly below the standards expected’. The errors and oversights included ‘six substantive matters’, which is the reason for notable errors.

Citibank is a New-York based bank and is the third biggest bank in the US which has $2tn in assets and operations in 100 countries. It is considered as a global systematically important bank’

According to the PRA, 

“The pervasiveness of the errors and misstatements identified in the firm’s returns raised fundamental concerns about the effectiveness of Citi’s UK regulatory reporting control framework.”

Citibank would have faced a fine of £62.7m but since the bank cooperated with the PRA, it was given a 30% discount. It should be pointed out that Citi has better liquidity and capital requirements than the Bank demands at all times. 

Sam Woods, deputy governor for prudential regulation and chief executive of the PRA said,

“Accurate regulatory returns from firms are vital for the PRA in fulfilling our role. Citi failed to deliver accurate returns and failed to meet the standards of governance and oversight of regulatory reporting which we expect of a systemically important bank.”

Citibank has been extremely compliant with the PRA and the spokeswoman for Citi said, 

“Citi has fully remediated the past regulatory reporting issues identified by the PRA and settled this matter at the earliest possible opportunity.” 

Digital KYC to Trace and Tackle High-Risk Customers

Digital KYC to Trace and Tackle High-Risk Customers

Customers are the assets and building blocks of any business. Customers are responsible for taking businesses to the next level or destroying it to rubble. That is why it very crucial to know who you are dealing with. Know your customer is the procedure to identify and verify customers to check if they are real and not fraudsters or indulged in any illicit activity that can cause a threat to business. It is a process to check the background of customers and analyze the risk factors associated with them. 

The fundamental idea behind the introduction of KYC in organizations was to find a way that can protect the organizations from fraudsters and criminals and doesn’t involve penalizing the innocents at the same time. The KYC process is a standard procedure to verify the customers at the time of onboarding. However, with strict regulations coming into the light, KYC isn’t limited to the verification of the customers, instead, it is now to continuously analyze the customer behavior to look out for suspicious activities and illicit transactions. It is used for the following purposes:

  • To curb fraud schemes
  • To mitigate scam scandals
  • To put a halt on money laundering
  • To hinder illicit fraud transfer and
  • To identify high-risk customers by enhanced due diligence 

Need for KYC to Identify High-Risk Customers:

The KYC laws were introduced as the section of the Patriot Act passed in 2001 after the incident of 9/11 to deter terrorist activities and criminal funding. The section of this act concerned with the financial transactions inserted some new policies in addition to those of “The Bank of Secrecy Act of 1970.” These requirements regulated the banks and other financial institutions. As per the Patriot Act, the organizations dealing with finance are required to meet three main requirements in order to comply with KYC regulations:

  • Customer Identification Program (CIP)
  • Customer Due Diligence (CDD)
  • Enhanced Due Diligence (EDD)

High-Risk Customer Identification Program (CIP)

The customer identification program is a significant component of the KYC process in which the organizations are obliged to ask customers to provide their identification information. It is to verify the identity of the customer who wishes to carry out a financial transaction with a particular bank. The CIP requirement was made compulsory in 2003 for the financial institutions to develop and incorporate customer identification programs into their secrecy policies to meet anti-money laundering (AML) compliance. 

Every institution has its own CIP processes depending on the size and type of the institute. That’s why they may require different documents for verification. Generally, driving license and passports the most commonly required document by the banks. Regardless, some other documents may include: 

  • Utility bills
  • Financial references or statements 
  • Information from a consumer reporting agency or public database

No matter what document or information of the individuals and business is asked, it is to check their authenticity that they are not fake or fall in any prohibited lists so that fake customers and customers at high-risk can be filtered. 

High-Risk Customers Due Diligence

Customer due diligence covers multiple aspects of customer verification and identification. For secure onboarding of clients, it is essential to identify the future risks that can arise due to some customers – the reason why customer due diligence is conducted. While performing due diligence, the significant goal is to analyze customer behavior and predict the type of transaction pattern that the customer is most likely to follow. In an evolving regulatory climate, mobile identity verification can be of great help. It helps organizations in identifying suspicious behavior and assigning a risk rating to customers to identify the customers that can be threatening for organizations and how often their accounts will be monitored. 

The regulatory agencies have set no particular standards or methodologies for conducting customer due diligence leaving the institutions with an open choice to follow their own tools and devices. Many organizations demand a lot of information during the process including banking references, previous financial statements, salary slips, occupation, source of funds, etc. The purpose of this information is to analyze the background and behavior of the customer to predict future risks that may be linked to the customer. 

All this hassle because FinCEN has strictly imposed this requirement on the financial institutes to immediately report any threatening or suspicious activity. And you can’t do it efficiently unless you know your customer behavior and history.

Enhanced Due Diligence (EDD) for High-Risk Customers:

Enhanced due diligence (EDD) is an advanced and more comprehensive set of KYC procedures for high-risk customers, exhibiting irregular transaction behavior or ambiguous sources of origin. The customers classified under the high-risk category after the Customer Due Diligence (CDD) process are more likely prone to money laundering and illegal funding of terrorists and criminals. They need to be monitored continuously. Considering the trend of such illicit transactions, the USA Patriot Act strictly dictates the institutions that they

 “shall establish appropriate, specific, and, where necessary, enhanced due diligence policies, procedures, and controls that are reasonably designed to detect and report instances of money laundering through those accounts.”

The EDD process includes verifying ultimate beneficial ownership information (UBO) and identifying politically exposed persons (PEPs). Monitoring the transactions is also one of the fundamentals of the EDD process.

High-risk Customers-Venomous for the Business:

High-risk customers are identified from the customer provided by using digital identity verification solutions. Such customers are monitored perpetually for the potential suspicious activities in their accounts so that no forgery can take place like money laundering, account takeover, identity theft, etc. Such customers can be a poisonous threat to business until they exist in the system. Various AI-powered Saas products offer inputs that are useful for the monitoring systems of the business to filter such AML high-risk customers that pose a threat of money laundering. Such a risk management framework will business in assessing customer risk. 

Digital KYC Checks- From Weeks to Seconds:

It is a documented fact that customers are the assets of any organization. Digital KYC is what the institutions need in this era of technology. Based on the principles of automation, the eKYC process can simultaneously execute multiple steps. It reduces the keystroke time, cost and human effort. The process that could take hours and days for an individual can be cut down to seconds with the help of AI-powered solutions and tools. With the use of intelligent KYC verification, the businesses can onboard a more secure clientele and that too with real-time verification, coping up with the regulatory complexities at the same time.

With the world moving into the digital sphere, customer convenience is even more important for any business. The manual KYC process is quite a time consuming and costly process. Clients get exhausted as it takes weeks or even months to onboard a customer. This cumbersome procedure even ends up losing customers as they move to other platforms during this time taking procedure. It is evident now that digital KYC doesn’t only help to identify any customer but helps to filter out customers that have some traits putting them as high-risk customers so that businesses are vigilant while dealing with them. Also, due to the digital revolution, the concept of global onboarding is becoming common which requires more fast and convenient verification and onboarding process. 

Perks of Using Digital KYC Solution:

To end up negative customer experience digital identity verification solution has achieved a milestone. Following are some of the benefits that come up with using the digital identity verification solutions for KYC:

  • Demit Frauds and Scams

Using digital KYC can decrease the risk of frauds like identity theft, credit card fraud, and onboarding high-risk clients. 

  • Increase Security

It’s more important than ever to verify the identities of customers due to an increased risk of terrorist funding and money laundering and other cybercrimes. 

  • Ensure Accuracy

Digital KYC solutions provide a seamless experience where there are lesser chances of errors and omissions. 

  • Provide Better Customer Experience

Digital KYC provides a better customer experience as it takes no time for the whole authentication process. 

In a nutshell, digital KYC clubbed with artificial intelligence is crucial to identify and tackle with high-risk customers that can bring along various dangers for businesses. Business can end up paying hefty fines due to such customers or owners end up losing their businesses. Digital KYC simplifies identity verification for an online business that plays a vital role in this area. In an evolving regulatory climate, mobile identity verification can be of great help. In the coming years, it will continue to morph with surprising speed.

Westpac CEO Brian Hertzer Resigns Amid Money-Laundering Scandal

Westpac CEO Brian Hertzer Resigns Amid Money-Laundering Scandal

The chief executive of Westpac Banking Corporation, Brian Hartzer, has resigned and the chairman Lindsay Maxsted is stepping down early following the money-laundering scandal which allegedly involves financial transactions to child exploitation activities in the Philippines. 

Hartzer will be given $2.69m for the next 12 months while serving out his notice period, the bank has announced in a statement to ASX on Tuesday morning. In addition to that, Hartzer will also lose a short-term bonus this year and will lose any long-term bonus that hasn’t already been given. 

Ever since the news broke out last Wednesday, pressure had been mounting on Hartzer and Maxsted to quit. Westpac is being accused by the Australian financial intelligence agency, AUSTRAC, for 23m breaches of money-laundering and counter-terrorism finance laws over $11 billion in transactions.  

The most damaging allegations include Westpac’s failure to properly monitor transactions which included transactions to the Philippines and other places in South East Asia, which were allegedly linked to child exploitation. 

After the allegations by Austrac, investigations were sparked from the federal police, the corporate regulator and the prudential regulator. There was also an announcement of potential class action and possible ratings downgrade from Moody’s which pushed the share price of Westpac down. 

Last week Hartzer said he would ‘fix’ the problem as the CEO of Westpac but now he will be done next Monday and chief financial officer Peter King will become the acting CEO. Hartzer said, 

“As CEO I accept that I am ultimately accountable for everything that happens at the bank. And it is clear that we have fallen well short of what the community expects of us, and we expect of ourselves.”

Maxsted has been on the Westpac board since 2008 and became chairman in 2011 will ‘bring forward his retirement as chairman to the first half of 2020”. It was announced by the bank that the bonuses of the executives will be withheld amidst the scandal.  

How AI is Transforming the Banking Sector

How AI is Transforming the Banking Sector

Artificial Intelligence has extensive applications across several domains: from banking to health, to travel, to finance. It continues to gain traction across industries that rely heavily on data which virtually encompasses all industries. The IHS Markit’s “Artificial Intelligence in Banking” report declares that the global cost for artificial intelligence is expected to reach $300 billion by 2030. AI in banking sector is no exception and it is providing remarkable benefits to banking. 

A study by PricewaterhouseCooper shows that 52% of the financial services industry is making considerable investments in artificial intelligence. 72% of business decision-makers assume that AI will be the business advantage of the future. Machine learning has become an important fixture in banking, leading to infinite possibilities as it continues to grow and advance.

How is AI Contributing to the Banking Sector 

There are a number of ways artificial intelligence is revolutionizing the banking practices. Fraud detection, seamless customer support, mobile banking, risk management are some of the fields in which AI is contributing in. 

Fraud Detection 

For financial institutions like banks, security is one of the topmost priorities as banks are under constant threat of frauds and hacks.  Through AI, decreasing rates of false positives, preventing fraud attempts and lessening manual reviews of potential payment frauds is achieved. According to a recent survey, ‘AI Innovation Playbook’ published by PYMNTS in collaboration with Brighterion, 80% of fraud specialists who employ AI-based platforms believe the AI technology helps reduce payment frauds and prevent fraud attempts. 63.6% of financial institutions that utilize AI believe that it is capable of preventing fraud before it happens. This shows the scope of AI for the mitigation of payment frauds. Payment frauds are reduced through AI’s ability to interpret trend-based insights through supervised machine learning, which is then joined with completely new knowledge achieved through unsupervised machine learning. Through the combination of both types of machine learning, it is determined whether a transaction is fraudulent or not. 

The following points depict why AI is one of the most used tools to combat payment fraud: 

  • With the advancements in technology, payment fraud attacks are increasing in complexity. These attacks normally have a digital footprint or sequence which makes them undetectable using predictive models alone. AI plays its role to mitigate these kinds of attacks and provide a security layer to the bank. 
  • Through the use of AI, payment fraud can be detected swiftly even on a large scale. This is how AI provides an immediate advantage to banks in battling the many risks and methods of fraud. 

Through AI’s predictive analytics and machine learning, anomalies in large-scale data sets can be found in seconds.

Cost Reduction 

Along with the number of other advantages of AI in the banking sector, cost reduction is a big one. It is estimated that by 2023, $447 billion will be saved in costs through the use of artificial intelligence. By utilizing AI, banks can cut costs in three key areas: 

  • Cycle Time

A huge amount of time is spent in digitizing, identifying and onboarding document templates. Through the automation of the digitization process, banks can reduce the total time spent on this circle. This results in highly improved cycle times and the benefit of redeploying employees to more important projects. 

  • Error Rate 

Errors are costly yet unavoidable. A recent survey by Netwrix shows that human error is one of the leading causes of financial data breaches. Through automation in banking systems, errors are lessened to a remarkable degree without an increase in cost. AI systems are much better at handling unstructured data which leads to lower error rates. 

  • Solution Costs

Costs of document digitization are huge. Based on the data from IBM, the traditional onboarding process can cost hundreds of millions of dollars. AI tools that are 80% automated and results in 90% accuracy are utilized so that banks are capable of reducing the costs of these onboarding processes. Approximately 30 to 40 percent of the original cost spent on the onboarding process can be saved. The AI-powered onboarding process also results in lessened error rates and greater use of employee labor. 

Enhanced Regulatory Compliance

Banks are always under intense pressure from regulatory bodies to enforce the most recent regulations. These regulations are there to protect the banks and customers from fraudulent activities while at the same time, reducing financial crimes like money laundering, tax evasion, and terrorism financing. AI in banking also helps ensure that banks are compliant with the most recent regulations. AI relies on cognitive fraud analytics that watches customer behaviors, track transactions, recognize dubious activities and assess the data of different compliance systems. 

Businesses can remain up to date with compliance rules and regulations through the use of AI. AI systems can read compliance requirements and detect any changes in the requirements through deep learning and natural language processing. Through this, banks can remain on top of ever-evolving regulatory requirements and align their own regulations with them. Through technologies like analytics, deep learning, and machine learning, banks can remain compliant with regulations. 

Seamless Customer Experience

Customer experience affects every business in the world, including the banking industry. Customer experience directly affects the way people perceive an organization. Especially in the case of banks, people want access to their money 24/7 and they want swift and easy transaction as well. This is where AI chatbots and voice assistants play their role. Chatbots don’t follow any timezone which helps users access them anytime, anywhere in the world. 

The most important feature of these chatbots is that they are constantly learning through previous customer interactions which in turn helps enhance them and their customer service. An example of chatbots in banking is the virtual assistant of Bank of America, Erica. Erica constantly sends notifications to their clients, updates users about their credit scores and helps them pay bills and make transactions automatically. 

Apart from chatbots, banks are also employing humanoids. Pepper, which is a humanoid developed by SoftBank, is one such example. Through the use of AI, customer experience is enhanced which in turn increases revenue. 

Risk Management

When it comes to customer onboarding or granting credit cards to clients, there is always a risk factor associated with it. To mitigate it, a thorough check of the potential customer is needed to authenticate the client. Through the use of AI, Know Your Customer (KYC) checks are done in real-time to identify the clients. Thus, AI offers the chance to save banks millions of dollars due to fraudulent or poor credit applications. Through the use of biometric technology which includes fingerprints, facial recognition scans, iris scans, voice recognition, etc., banks can implement a supplementary layer of security which in turn helps mitigate risks. 

Mobile Banking

Mobile banking is also another application of artificial technology in banking. AI in mobile banking has remarkably revolutionized the concept of banking and customer experience. The core features of mobile banking are 24/7 availability anywhere in the world as well as providing more opportunities for the bank staff to concentrate on more complex issues. According to a survey by the National Business Research Institute, 32% of financial institutions are already using AI tools like predictive analytics, voice recognition, and recommendation engines to provide a more personalized touch to the customers. 

The impact of artificial intelligence and machine learning in the banking sector runs deep. As we continue to become comfortable with the existing AI applications, it will continue to enhance and grow savvier. The banking industry is seeing a number of innovations due to artificial intelligence and machine learning and in the upcoming years, these innovations will continue to progress.

Amazon Challenges Pentagon’s $10 Billion Contract To Microsoft

Amazon Challenges Pentagon’s $10 Billion Contract To Microsoft

Amazon said on Thursday, that it is going to challenge a $10 billion contract awarded to Microsoft last month by Pentagon. Amazon called the decision-making process prejudiced and tainted by “political influence.” 

The Department of Defense had been considering a number of bids for a cloud computing project, “Joint Enterprise Defense Infrastructure” or JEDI initiative. The project, that has been delayed for a long period of time, is supposed to update the computing infrastructure of the Pentagon. Most of the agency’s technology relies on systems from the 1980s and 1990s. 

A number of people had expected the contract would be awarded to Amazon Web Services, which commands about 48% of the cloud computing market share. Over the past year, President Donald Trump has increased his attacks on Jeff Bezos, CEO of Amazon. Weighing in on the contract, he said in July, that he had considered intervening in the award process. 

“Great companies are complaining about it,” Trump said at that time, mentioning that this contract was one of the “biggest” ever. “So we’re going to take a look at it. We’ll take a very strong look at it.”

Last Friday on November 8, Amazon officially filed a notice to protest the decision and it is being filed in the US Court of Federal Claims. A spokesperson for Amazon Web Services said in a statement to HuffPost, 

“AWS is uniquely experienced and qualified to provide the critical technology the U.S. military needs and remains committed to supporting the DoD’s modernization efforts. We also believe it’s critical for our country that the government and its elected leaders administer procurements objectively and in a manner that is free from political influence. Numerous aspects of the JEDI evaluation process contained clear deficiencies, errors and unmistakable bias and it’s important that these matters be examined and rectified.”

Pentagon has more than 500 separate cloud systems throughout the military and through JEDI, it is intended to unify all the systems under one umbrella. This will help Pentagon keep up with the developments n the civilian computing industry. 

Difference between KYC and AML

Difference between KYC and AML

The growing Fintech industry leads to an increased demand for KYC and AML compliance requirements. Financial institutions face high-risk frauds through the customers and financial transactions. KYC and AML compliance programs build a systematic review of the secure financial system. Customer verification procedures, Know Your Customer and Anti-money Laundering screen customers against possible fraud risks.

The need for KYC and AML compliance has become mandatory to comply with the global and local regulations. The ones who fail to do so, are subjected to harsh regulatory penalties.  To avoid fines, businesses should identify the underlying company standards and the need for KYC and AML compliance in the business framework. Before this, there should be clear understanding of how KYC and AML are different from each other.

Know Your Customer is defined as a process that verifies the identity of customers. Customers are required to provide personal information which includes name, address, contact information, id card, etc. This information is verified before they become part of a  business or company. The term KYC is commonly referred for financial institutions. This is because the finance industry is prone to high-risk frauds that vary from money laundering and terrorist financing to identity theft and data breaches. 

The scope of KYC enlarges and takes in all the Fintech companies that provide financial services to customers. Online businesses that are under threat of a large number of financial frauds also lie into this cluster. KYC compliance has become mandatory whose non-compliance can result in businesses in the hefty monetary and reputational loss.

KYC Incorporates CDD AND EDD

Know Your Customer demonstrates customer verification which ultimately refers to the processes of Customer Due Diligence (CDD). Financial institutions verify the information of clients to make sure that they are building a secure relationship with them. Financial middlemen are supposed to undergo a CDD process to authenticate customer traffic and ensure their incorruptibility. In CDD, ascertain the identity of customers and verify the name and address. After authenticating, identify the risks before making an entity part of the system.

Enhanced Due Diligence (EDD) on the other hand, gathers additional information from customers. EDD came into force with the declaration of the USA Patriot Act. The difference between CDD and EDD should be clear to map the business standards and needs accordingly. Periodic due diligence processes on the customer are highly beneficial to deter the risks that could be generated by an entity later. 

EDD regulations are more efficient because of the extra information and proof it gathers from the customer. Detailed documentation is done for the whole EDD process and regulators are provided with the gathered information. EDD information includes;

  • Geographical factors
  • Property and assets information
  • Transactions types 
  • Occupation information
  • Banking information 

AML procedures detect suspicious transactions happening in the financial system. Entities are investigated and thorough documentation takes place that reveals malevolent entity beforehand. Criminal activity is accelerated when laundered money is used. By breaking that cash flow, a large number of criminal operations can be terminated. For this, a company must first verify the identity but do not stick to it. Continuous transaction monitoring should be done to identify the risky entity before some ruinous situation takes place. 

Global and local regulators are all set up to evaluate the AML standards of businesses. Regulations are declared to which states are supposed to comply strictly. Otherwise, it could lead to heavy regulatory punishments. AML regulations intend to eliminate the incidences of money laundering and terrorist financing. Businesses across the world are evaluated with respect to in-house AML techniques and procedures. This is done to make sure that no individual is facilitated to launder money through some industry or business (knowingly or unknowingly). An overall assessment takes place by global regulators that evaluate the AML norms of countries and present amendments accordingly. 

AML Procedures

The AML framework keeps on updating with the pace of fraudulent activities. Rules and regulations change with time. Following are the steps that help businesses comply with the AML regulations and standards:

Step#1 Stay updated with the changing AML rules and regulations

On a continuous basis, keep on reviewing the company norms and improve them accordingly. 

Step#2 Know Your Customer

KYC is a part of AML compliance. It is necessary to know who you are facilitating with your services and how in return your customer will be. 

Step#3 Identify the external and internal risks

It is necessary for companies to identify the high-risks associated with the business.  Identify the vendors, third parties and customers. 

Elaboration: Difference between KYC and AML

 

Elaboration: Difference between KYC and AML

 

AML procedures contribute to avoiding money laundering and terrorist financing activities. KYC, on the other hand, is the process of gathering customer verification on the basis of gathered information. It is necessary to consider both simultaneously. A business that complies with both KYC and AML regimes is considered well-reputed and trustworthy. The reason is that the chances of fraud are reduced when a company takes in place stringent actions and steps for fraud prevention. 

Bill to Combat Money Laundering Makes Its Way Through The Senate

Bill to Combat Money Laundering Makes Its Way Through The Senate

The US House of Representatives passed the Corporate Transparency Act of 2019 (HR 2513) on October 22, 2019. It is currently being reviewed by the Senate. 

The bill aims to reveal the true owners of “anonymous” shell companies to law enforcement agencies. It will have major implications for all the small businesses and their owners. The bill would require businesses, that didn’t fall under the Bank Secrecy Act, to report every transaction, however small, to the government. Moreover, the business owners would have to alert the authorities regarding any suspicious activity, while maintaining a comprehensive record of all sales.

United Nations finance expert, Eric LeCompte, said of the bill, 

“This legislation helps us stop human traffickers and corrupt public officials and protects development aid. Shell companies contribute to a trillion-dollar loss to the developing world every single year.”

This bill is part of an extensive effort to crack down on money laundering and terrorist financing in both the US and Europe. Passed by the House of Representatives on October 22, it is now being evaluated by the committee experts in the Senate. 

Why CDD is significant for both Know Your Customer and Know your Business verification?

Customer Due Diligence: From KYC to KYB

Why CDD is significant for both Know Your Customer and Know your Business verification?

Banking is a profitable sector but is risky at the same time. Frauds, as well as compliance risks, are often complicated and intricate. The banks and financial institutes are spending a high amount of capital on KYC compliance, which surpassed $100 billion in the year 2019. Even with this much investment, global banks have been fined $321 billion since the global crisis in 2008. Further complicating these risks is the fact that financial crimes such as money laundering, terrorist financing, and cyber frauds are increasing.

On the other hand, regulatory authorities are striving hard to enforce measures that could lead to the eradication of financial crimes. One of the first regulations that were enacted amidst the Vietnam war back in the 1970s was BSA. US regulatory authorities issued the Bank Secrecy Act of 1970 (BSA).

The purpose of this law was to counter money laundering activities emerging from illicit drug trafficking. Under this provision, banks are obliged to report any customer activity that seems suspicious such as transaction above $10,000 to the Federal Financial Crimes Enforcement Network (FinCEN).

The regulations aimed to make it difficult for the drug cartels, terrorists, and other lucrative criminal enterprises to launder money by making their transactions more visible to law enforcement agencies.

Introduction of Customer Due Diligence as Know Your Customer (KYC) regulations

 

The Banking Act of 1970, laid the foundation for the Anti Money laundering (AML) regulations later in US patriot Act, 2001, after the tragic incident of 9/11. Customer due diligence (CDD) was declared necessary for the financial sector. The term coined for performing CDD is Know Your Customer or KYC.

The KYC regulations were fortified to restrain the flow of money to the terrorists. It requires financial institutes to verify the customer to ensure that they are, who they claim to be. These regulations led to the adoption of various approaches to comply with CDD and KYC laws. Since the US regulatory changes affect the landscapes of the global financial sectors, these regulatory changes were accepted by the banking sector worldwide.

Financial Sectors adopted several ID verification controls to respond to these regulations. These ID verification controls include:

  • Maintaining a thorough Customer Identification Program (CIP).
  • Verifying customers against the list released by Law enforcement agencies.
  • Predicting, customer’s behavior and criminal risks associated with a particular entity, based on the statistical data.
  • Ongoing screening of the transactional activities of suspected customers.

It continues to be the main line of defense for the financial sector against financial crimes, with minor amendments. For a simple person, this law appears comprehensive. However, in June 2016, a loophole was identified in KYC compliance regulations. 

The banks weren’t required to verify the identity of stakeholders and beneficiaries of the businesses they provide services. It was after Panama Papers Scandal the world realized that apparently, legitimate businesses could hide the identities of bad actors and perform illegal activities on their behalf. The regulatory authorities identified the risk and issued a fix as Know Your Business (KYB).

Tying up Loose Ends with KYC Verification

 

This fix made by regulatory authorities in the KYC checks includes the Customer Due Diligence for the financial institutes. Under the new provision, Financial institutes are now required to perform stringent verification checks. KYB regulations are aimed to identify the shell companies that are involved in money laundering and other illicit financial crimes. 

Firms are required to verify the person who owns the business legally as well as, the identity of stakeholders owning a minimum of 25% share in the business. European Commission also introduced the same legislation in its 4th AML Directive (4AMLD). This process of business verification was improved, with new regulatory changes in AMLD5 and AMLD6, which are aimed to make due diligence transparent.

However, KYB compliance is not easy to achieve as it seems. The major problem in KYB verification is the identification of shareholders in the businesses. Most of the time, no record of these entities is available and to make things worse, the disclosure requirements in each jurisdiction varies. This sometimes makes it impossible to identify the stakeholders in the business. It is a recipe for disaster, for the firms who want to stay in compliance.

Turning towards Technology for Solution 

 

Emerging from the ashes of the global financial crisis in 2008, the new regulatory technologies are helping to ease the burden of compliance by reducing the operational costs as well as mitigating the risks for financial crimes. At the crux of these technologies, is the use of new technologies such as Identity verification and KYC identification, to help financial institutes to monitor, comply and regulate. The RegTech solutions are already assisting financial institutes to meet KYC and AML regulations.

Businesses need to stay one step ahead of the fraudsters. With a comprehensive approach to global risk mitigation, businesses could easily prevent fraudulent activities and stay in compliance with regulatory authorities. 

RegTech industry is rendering efficient AI-based solutions for Business verification solutions that can eliminate the inefficiencies and risks involved in onboarding new customers. For instance, automation of official document checking process and verification against the government issued registries. 

The future of RegTech is expected to see great adoption in the financial sector in the future. Owing to the changes in regulatory compliance, performing KYC and KYB verification parallelly will enhance the customer due diligence process and businesses to stay compliant.

 

FATF Guideline Key Features

RegTech – FATF Guidance for Digital Identity Verification

Regulatory authorities have recognized the benefits of technology and its use for seamless regulatory compliance and scrutiny. Digital identity verification referred to as “digital ID systems” in the FATF guidelines, is a futuristic approach towards fraud prevention. FATF recently issued a guideline for digital ID systems, their use cases, the risks involved and the benefits of such solutions. 

FATF took this initiative back in 2017. It showed its positive attitude towards technological solutions for regulatory compliance that are aligned with the regulations of FATF. Since then FATF has been working on developing guidelines for such fintech and RegTech solutions, that will further make this industry fraud-free. As the guideline highlighted that risk prevails in the fintech industry as well and it can be mitigated through regulatory compliance. The FATF guideline on the digital ID systems is still under scrutiny and it requested suggestions for public stakeholders to leave no loophole for financial criminals. 

FATF Guideline Key Features

The following are the key features of FATF guidance on digital ID systems. It is expected that the final draft of guidance will be very much different from the current draft. 

 

  • Stakeholders of the Digital ID guidance

 

FATF developed guidelines to assist in regulatory compliance, supervision, examination, and cybersecurity authorities by government organizations involved in policymaking. Also, the private sector that delivers digital ID systems will have a lot to gain from the guidance. 

Last but not least, the businesses and organizations that use outsourced digital ID systems will also benefit from this guidance, as it will help them to choose the best Digital ID verification solution. 

 

  • Limitations of the guidance

 

The guidance draft issued by FATF doesn’t cover any information regarding some Customer Due Diligence (CDD) practices. The guidance doesn’t cover the CDD through digital ID for legal person verification, Ultimate Beneficiary Owner (UBO) screening, and nature of a business relationship. 

There is no doubt that digital ID verification can serve these above-mentioned purposes as well but for the time being FATF didn’t cover these in this guidance. 

 

  • Main components and participants of the digital Identity systems

 

The guidance mentioned three main components and participants that it seeks to be available in digital identity systems used by the entities. It includes the process of identity screening through digital ID systems, the ongoing screening and the technical aspects of the digital identity systems. 

  • Identity proofing and enrollment is the first component and it involves the collection and verification of customer data. A picture is shown on the 13th page of the guidance draft and it shows the process of collection of data from the official identity document (like ID card) and then screening of the information to verify the identity of a customer. The component one also includes the verification of a person through biometrics like face verification and liveness detection to ensure that the original person is providing the identity evidence.

 

  • Identification and identity lifecycle management is the second component and it includes the information regarding the stakeholders that need to be verified. The system should be designed to verify the identity of new customers and to verify the identity of already existing customers. It also mentioned that the digital identity system can be used every time a customer logs in to his/her account online or for every face to face interaction with the customers. Such verification should be performed on all the transactions and events mentioned in the FATF regulations regarding identity verification.  

 

  • Portability of identity proof is the third component that allows the end-users to develop portable identities that will be issued for future verification. 

 

 

  • References 

 

The guidance referred to NIFT Digital ID Guidelines and EU’s EIDAS Regulations and explained how Digital ID systems help in the effective implementation of CFT and AML regulations. 

 

 

  • Technical standards

 

The Digital ID systems that follow the guidelines of following international standard organizations are good to go as per the guideline:

  • various jurisdictions or supra-national jurisdictions (e.g. eIDAS Regulation by the European Union)
  • International Organization for Standardization (ISO), International Electrotechnical Commission (IEC), Faster Identity Online (FIDO) Alliance, and the OpenID Foundation (OIDF), and
  • International Telecommunications Union (ITU) and GSMA (for industry-specific). 

To wrap up, businesses are required to comply with KYC, AML and CDD recommendations of FATF in every corner of the world. Now FATF is making things easier for them by developing a guideline for digital ID systems. Just follow this guideline for choosing the best identity verification solution for your business.

KYB know your Business

Know Your Business: The Next Step in Identity Verification

The complex regulatory environment and increased exposure to illegal activities indicate that business verification is in the best interest of regulated companies eyeing long term stability. According to the UNDOC, money laundering is estimated at 2-5% of global GDP, amounting to almost $2 trillion. Digital data breaches have also increased substantially over the recent past, with rising threats of virtual ID theft.  

In order to counter this, banks are spending more than $48 million on due diligence and KYB processes, with rising onboarding costs, as reported by the Thomsons Reuters’ survey. 

With the advancement in digital technologies and virtual data sets, KYB compliance and verification tools can help mark businesses that are involved in undercover activities and transactions. International requirements of both KYB and AML are increasingly reflecting the need to secure business transactions and prevent illicit financial flows from entering the formal sector. 

The Regulatory Approach to KYB

Businesses face strict regulations that require them to identity and verify customers before onboarding them. The 4th AML Directive, in particular, puts emphasis on stringent audit trails that help prevent fraud and financial crime. For this purpose, Digital Verification Services such as KYC and AML screening have proven to be significantly effective in improving compliance procedures. 

In a similar tune, regulatory requirements, such as the AMLD5 directive, now demand strict evaluation of both individual clients and commercial entities before carrying out business with them. This is to ensure that financial institutions and other businesses can avoid being connected to illegal transactions conducted by their clients. 

Money launderers often get under the cover of businesses and the EU is rolling our stricter regulations for customer due diligence to stamp out aggressors. For regulated companies, this translates into a legal compliance requirement for which the adoption of a duplicate screening process for suppliers, vendors and traders becomes important. Other regulations such as the GDPR, PSD2, and FinCEN also require companies to be aware of the Ultimate Beneficiary Owners (UBOs) of entities before beginning a relationship. 

According to new registration demands of the AML directive, all EU states are required to maintain national registers of beneficial ownership information on corporations and other legal entities. All companies and their owners now have to get their details registered, making it all the more easy to identify individuals involved in illegal activities through a business. Information of such regulated businesses will be made available to companies with a legal interest in business relationships.

KYB Process 

Similar to KYC, Know Your Business (KYB) is a Verification Solution that cross-checks business identity by extracting official commercial register data using APIs. Using a business’ registration number and jurisdiction code, an efficient digital KYB service can collect verifiable information for the business. 

Access to automated commercial registers through a data-powered business verification service make the due diligence process swift and free of errors, while saving valuable time and manpower. 

Business Search 

 

This includes background data on the company: registered address, current status, company type, UBOs, previous name, trademark registration. A financial summary of the company’s operational accounts is also provided by the authentication service, in order to better validate its authenticity. 

Business FIlings

 

In addition, business filings offer instant, verifiable information about company financials; access to financial statements, sources and links to downloadable reports (such as register reports, annual accounts and shareholder lists). 

Business Statements 

 

Business statements can help companies stay on top of changes in management and organisation of connecting businesses. A change in directors or beneficiary owners can also reflect an evolving business environment, indicating the need for followup information on business matters. 

Business Networks

 

Detailed information on corporate structure also provides insights into parent entities and lists of company subsidiaries (child, sister companies). Key factors under consideration are also based on the country in which the business is registered, the nature of business activities and the value of transactions it carries out. 

Challenges in KYB

 

By far, one of the foremost challenges in KYB compliance lies in accessing beneficial ownership information, especially in jurisdictions that do not require companies to submit relevant documentation. A lack of shareholder information can make it harder to investigate money trails and business authenticity, leading to potential non-compliance costs. 

Timely availability of data, in the right format, is also another hindrance, especially as company structures and management change over time. Storage and interpretation of data is also subject to a number of factors, mainly centering on companies adopting a manual approach to due diligence processes. 

Moreover, companies that are currently implementing KYC processes have ample room for improvement in process efficiency, costing banks millions of dollars in lost time. It follows that digitization of KYB verification solutions will also be a tedious process of hit-and-trial before firms can grab its full potential. 

Business Verification: Moving Forward

 

When it comes to risky transactions, regulatory authorities are not ready to bend their rules. The 6th AML Directive is also ready to be implemented soon, which indicates little or no leniency for financial institutions or businesses in the coming future. Therefore, KYB is central to the efficiency and transparency of firms doing business. 

Data analytics software that aggregate and updates information about businesses assists stakeholders in keeping tabs on their operations and practices, as well as fulfilling due diligence requirements of KYB.

As a one-stop solution for business verification, Shufti Pro offers a cost-effective solution of due diligence review of companies. With an electronic identity verification (eIDV) service, the authentication process for business entities is made easier and more accurate. The integration of APIs and data-driven systems now allow easier extraction of data, as well as smoother coordination mechanisms for compliance review. 

Transparent B2B Relations 

 

As a pre-emptive measure, businesses can use KYB solutions as fraud covers in case of a breach. Using the right mix of technology and support, full coverage of business financials and organizational structure can be accessed in order to trace business activities. This also allows firms to maintain updated company databases for better workflows. 

Business reputation is also incumbent upon due diligence processes that are reliable and foolproof. As a consequence, identification and verification of the beneficial ownership of connecting entities is vital to solving verification challenges.

Effortless Regulatory Compliance

 

A user-friendly interface allows businesses to fulfill regulatory compliance needs without any friction. Potential losses and non-compliance penalties diminish productivity for firms willing to extend their business networks. Reputational damage is also a leading cause of business failure when it comes to carrying out business with suspicious entities. 

With a comprehensive approach to risk mitigation, online KYB authentication services provide strong risk-shields against such losses, securing long term benefits for all concerned parties. 

 

FATF-Plenary-Outcomes

FATF October 2019 Plenary – Here is What You Need to Know

Financial Action Task Force (FATF) President Xiangmin Liu, chaired the first meeting from 16-18 October 2019 under the FATF Chinese Presidency. In this three day meeting, 800 delegates represented 205 jurisdictions. The international organizations which include the UN, IMF, World Bank, etc. discussed the current issues that are giving rise to financial crimes and presented solutions that possibly contribute to global security.  

FATF is an inter-governmental body that aims to set standards for effective implementation of the regulatory, legal and operational measures to combat money laundering and terrorist financing. FATF goals for the elimination of any criminal activity that disrupts the flow of the financial system. In the recent meeting, FATF highlights important issues discussed below: 

 

  • Associated Risks with Virtual Assets 

 

Money laundering and terrorist financing risks with virtual currency, “stablecoins” or similar assets are pondering. FATF focuses on countries and their norms to facilitate the virtual currency industry. According to FATF, it is necessary for the countries to take in place requirements while recognizing the risks associated with virtual assets. This sector should be properly supervised to eliminate the incidences that aid criminal activities. The countries which have already implemented measures should report back regarding the actions they took for evaluation purposes.

It is the duty of FATF to monitor the standards industry is following in its development processes and make sure that they are complying with the requirements defined by FATF. Emerging virtual assets such as “stablecoins” are supposed to introduce to a shift in the virtual currency ecosystem which could be a source to facilitate criminal activities most likely money laundering and terrorist financing. “Stablecoins” service providers are supposed to adhere to FATF standards strictly just like traditional financial service providers do. FATF is continuously monitoring the characteristics and is looking for further specifications these virtual assets hold and to be reported with updates these currencies come up with. 

 

  • Understanding Digital Identity Use

 

A swift shift towards the digital world, digital payments, and digital identity are worth notable. Every year, a large number of transactions through digital means take place and are growing by 12%. The digital identity roaming over the internet should be identified and verified. This is a vital step to perform as its negligence gives rise to criminal activities. Fake identities over the internet participate in money laundering and terrorist financing. This can be eliminated through customer identification to make sure that each person has its own real identity. 

FATF is going to release a draft for public consultation elaborating on the use of digital identity. The draft would give clear statements regarding the use, reliability, and standards of digital identification systems. FATF aims to eliminate the sources that are facilitating criminal activities.  

 

  • Follow-up Assessments

 

Mutual Evaluation of the Russian Federation and Turkey 

 

FATF plenary conducted a mutual evaluation of the Russian Federation and Turkey. It evaluated the effectiveness of AML/CFT compliance in both countries. Also, their compliance level with FATF requirements. 

In Russia, the FATF-EAG-MONEYVAL assessment was conducted whch showed that Russia has an in-depth understanding of the criminal activities and risks associated with them. It follows robust policies to combat risks of financial crimes like terrorist financing. However, it needs to work on the supervision standards of money laundering especilaly the money that is laundered abroad. 

In Turkey, plenary concluded that measures Turkey is taking in place to cater to money laundering and terrorist financing activities are stringent. However, it is in dire need of persuing financial crimes in line with the risk profile of the country. Also, there should be strict actions immediately to freeze the criminal liability at the spot which includes any detection of terrorist financing or money laundering or even weapon proliferation of the purpose of mass destruction. 

Plenary discussed AML/CFT regulations compliance of each country. After evaluation of both countries’ compliance with FATF requirements, mutual evaluation reports will officially publish in December 2019. 

Norway and Spain Follow-up Assessments

 

Since the mutual evaluations conducted in 2014, plenary discussed changes Norway and Spain entertained at their ends regarding money laundering and terrorist financing activities. 

Norway is on the go to strengthen its strategies for financial intelligence to understand the bad money flow through money laundering and terrorist financing, it has developed effective strategies to combat the risks of dirty money flow. Its improvements towards the ability to freeze suspicious criminal liabilities are also effective.

 Similarly, Spain is also active in ensuring the sources that facilitate criminal activities and measures they are taking to combat them. It has established an effective framework and mechanism to freeze the weapons proliferation supposed for mass destruction.

Denmark, Ireland and Singapore Mutual Evaluation

 

FATF plenary re-rated these countries on the basis of mutual evaluation. It came out that among these, Ireland moved to regular follow-up procedures from enhanced processes. FATF will be publishing the mutual evaluation report soon declaring fluctuations in technical compliances. Also, the rating with respect to measures taken to eliminate terrorist financing, money laundering and ability of weapon freezing having mass destruction intentions.

Brazil’s Mutual Evaluation Report

 

In the report of 2016, FATF conveyed concerns about Brazil’s continued failure with technical compliances to deter the risks of money laundering and terrorist financing. FATF declared that this would be the primary concern in the October FATF plenary. Now, evaluation resulted in positive results depicting the effective adoption of regulatory compliance by Brazil. Its substantial progress has proved to address most of the compliance requirements for the betterment of the financial system.

However, serious concerns remain regarding the international compliance standards of Brazil. This emerged as a result of limitation laid by a provisional injunction that was issued by a Brazilian Supreme Court judge. This limitation was on the use of financial intelligence for criminal investigations. FATF is active to get timely updates regarding this matter.

 

  • Jurisdictions Identification

 

Identifying Jurisdictions w.r.t AML/CFT Deficiencies

 

FATF concerned the identification of Juridictions with respect to strategies that they are taking in place for the elimination of terrorist financing and money laundering. FATF maintains public documents of June 2019 containing lists of jurisdictions that might pose potential risks to the international financial system. These contain amendments regarding the call for action and an action plan with FATF.

Ethiopia, Srilanka, and Tunisia with no Jurisdiction monitoring 

 

FATF is satisfied with the progress of Ethiopia, Srilanka, and Tunisia in addressing AML/CFT deficiencies. Now, these jurisdictions are out of the list of FATF monitoring. 

The FATF praised Ethiopia, Sri Lanka and Tunisia for the significant progress made in addressing the strategic AML/CFT deficiencies identified earlier by the FATF and included in their respective action plans.

These jurisdictions will not be subject to the FATF’s monitoring any long under its on-going global AML/CFT compliance process and will work with the FATF-Style Regional Body of which they are a member and continue to encourage their AML/CFT regimes.

New Jurisdiction Monitoring over Iceland, Mongolia, and Zimbabwe

 

FATF identified serious deficiencies in AML/CFT compliance programs of Iceland, Mongolia, and Zimbabwe. Each jurisdiction now has developed an action plan to comply with FATF requirements and FATF is looking forward to their plan. 

Pakistan and AML/CFT System

 

Since Pakistan committed to making high-level progress in June 2018 in regard to the requirements of FATF and APG, Pakistan has improved the AML/CFT regime’s compliance. However still, the progress is not up to the mark. Pakistan still lacks a proper understanding of terrorist financing risks. It is able to complete five out of 27 action plans. FATF urges Pakistan to complete the thorough action plan by February 2020. In case of any discrepancy, FATF will take action. This action could be a serious call to all jurisdictions to give special attention to the relationship with Pakistan’s financial institutions.

Iran and AML/CFT System

 

In June 2018, Iran committed with FATF regarding effective practices with respect to AML/CFT strategies to overcome the current deficiency and to act upon the implementation of the Action Plan. Iran significantly lacks proper identification of terrorist financing risks. FATF calls upon its members in June 2019 to conduct the supervisory examination in Iran’s subsidiaries and branches of financial institutions. Now if before the deadline i.e February 2020, Iran does not act upon the conventions of terrorist financing and Palermo, FATF will call for members and subject Iran with effective countermeasures. 

Iran will be in FATF public statements till it fully comes up with with the Action Plan. Until Iran takes a serious approach towards the implementation of countermeasures to eliminate terrorist financing, FATF will be highly concerned with the risks that can arise from Iran regions and pose this threat to the international financial system.

 

  • Promoting more Effective Supervision

 

In the plenary of FATF, one the major discussion involve identification of improvements that can better help in the supervision of AML/CFT regimes. FATF discussed the program and aims to outreach to improved strategies to national supervisors. The objective behind this effort is to let entities regulate their processes and focus more on the outcomes while taking in place a risk-based approach. 

 

  • New Practices for Legal Professionals

 

FATF focuses on the transparency of beneficial owners of the legal sector. It is important to prevent terrorist financing and money laundering through companies. However, jurisdictions find it challenging to implement the requirements in this field. Although mutual evaluations using a prolonged approach opens the ways for effective solutions. The collection of information through several sources contributes to effective approach towards the prevention of misuse of the legal sector. Facilitation of criminal activity through legal persons can be avoided. A large number of sources help in better addressing of problems and identifying their respective solutions. Using input from global databases can help in catering to criminal activities in a better way. 

Significance of AML Compliance in Money Services Business

Significance of AML Compliance in Money Services Business

The financial sector landscape is evolving with the advent of the FinTech industry. Many revolutionary services and products are introduced by this sector and Money Services Businesses (MSBs) are one good example of such businesses. These revolutionary innovations increased ease for the masses. But lack of KYC and AML regulatory compliance specific to this sector left loopholes for the criminals. Also, most of the money transfer businesses are showing a lack of concern towards AML compliance, which increased the fraud rate in this sector. 

Sensing the urgency, some countries including Australia, Canada,etc. are taking steps to prevent financial crime in money services businesses. Before we explore the regulatory and preventive measures taken by these countries let’s dig deeper into MSBs as defined by the regulatory authorities. 

If we look at the definitions provided by FinCEN, AUSTRAC, FATF, and

FINTRAC, broadly an MSB business includes any individual, business or organization that performs the following operations as a :

  • Currency dealer or exchange
  • Issuer or seller of traveler’s checks, money orders, etc
  • Money transmitters 
  • Check casher
  • Remittance service provider

If a person or a business conducts these operations worth $1000 or more on a daily basis than it is liable for compliance with KYC and AML regulations. 

The MSBs are regulated in several regimes but lack of implementation and scrutiny led to an increased exploitation of this sector. Regulations are developed for AML compliance in MSB but lack of implementation is the issue. Regulatory authorities like FATF, AUSTRAC, and FINTRAC adopted a risk-based approach in MSBs’ AML regulation. 

Primary actions required for KYC and AML compliance by MSB are as follows:

  • Complete KYC of customers (identity verification)
  • AML screening of customers
  • Getting registered with the regulatory bodies

Why MSBs Need KYC/AML Compliance?

 

MSBs are some of the most common victim of money launderers. Often the MSBs do not perform KYC and AML screening on their customers, and this loophole in security is utilized by fraudsters. Money launderers and terrorist financiers cannot go to banks because they often run KYC/AML screening on people before serving them. That is why criminals use MSBs. 

They transfer the funds without being traced. Later, if a transaction is labeled as illegal the criminal will be untraceable because they use fake identities. Ultimately the service provider MSB will be deemed liable for fine.  

So, the MSBs need to practice in-depth KYC and AML screening on their customers before onboarding them. KYC and AML compliance helps MSBs in gaining credibility and customer trust. Research found that people feel more confident with online platforms that have some sort of visible security measures like real-time identity verification, 2-factor authentication, face verification, etc.  

Regulatory Authorities Tightening Reins on MSBs

 

The need for improved compliance culture is identified by global regulatory institutions. Financial watchdogs are all set to eliminate money laundering from all the business sectors. This compliance culture could be achieved only if the businesses will also understand their responsibility towards eliminating financial crime from their spaces. 

AUSTRAC Targeting Money Transfer Businesses for AML Scrutiny

 

AUSTRAC (Australian Transaction Report and Analysis Center) is targeting the money transfer businesses for thorough implementation of KYC and AML laws in that sector. 

In August 2019, Austrac launched the campaign against illegal money transfer businesses. This campaign requires the money transfer businesses to register with AUSTRAC and to practice KYC/AML compliance. The objective of this campaign is to reduce the exploitation of these unregistered businesses by criminals. 

Money transfer businesses that will not register with AUSTRAC will be liable for a fine of $420,000, seven years jail or both. 

The money transfer businesses are required to submit their International Funds Transfer Instruction (IFTI) to AUSTRAC on time. Those who fail to do so are fined for non-compliance. 

In September 2019, the regulatory authority fined $252,000 to Compas global holdings Pty Ltd. the company was unable to report the international fund transfer between 2018-2019. 

Not only that AUSTAC also ordered PayPal Australia to hire an external auditor at their cost to report on the fund transfer of the company to and from Australia. This order was generated after the self-reporting of PayPal on the findings of its internal report. 

AUSTRAC is aiming at eliminating the crimes associated with money laundering through strict scrutiny of the businesses involved in high-risk fund transfers. “Money laundering enables criminal activity that causes real harm to Australians, such as human trafficking, child exploitation, illegal firearm sales, and drug trafficking.”  AUSTRAC Chief Executive Nicole Rose said in a statement. 

Canada Increasing Pressure on MSBs (Money Services Businesses)

 

Canada also increased pressure on MSBs and introduced some rigid KYC and AML laws for this sector. The government of Canada amended the regulations of Proceeds of Crime Money Laundering and Terrorist Financing Act (PCMLTFA). FINTRAC (Financial Transactions and Report Analysis Center) will be responsible for the implementation of these laws. 

The new laws for MSBs have the following key points:

 

  1. The MSBs (local or international) should be registered with FINTRAC and it will have the right to charge penalties in case of non-compliance. 
  2. The financial institutions are not allowed to conduct business with unregistered MSBs. 
  3. The MSBs are entered into the reporting entities list of FINTRAC. 
  4. The AML screening, recording and reporting regulations that were previously imposed on fiat businesses are now imposed on the MSBs as well. It means that the MSBs operating in Canada will have to conduct in-depth KYC and AML screening of their customers before onboarding them. Also, they will have to maintain a record of the compliance process and should report any suspicious transactions above the predetermined threshold. 

How Online KYC/AML Screening Will Help? 

 

Online KYC and AML screening can be the companion of a hard time for the MSBs. The customers of these businesses are from every corner of the world so manual verification is not possible. Developing in-house verification software requires exhaustive resources and bears huge costs, so it is not a feasible solution. 

Online KYC and AML screening solution is a cost-effective and easy solution that delivers results with high precision within a minute. It is high time the Money Services Businesses should invest in KYC and AML compliance because the regulatory authorities have identified the risk lurking in this business sector and are all set to give a hard time to non-compliant businesses. 

5AMLD: Implications for Cryptocurrency

5AMLD: Implications for Cryptocurrency

What is 5AMLD?

As part of the Action Plan against terrorism, the 5th Anti-Money Laundering Directive (5AMLD) proposed by the European Commission aims to address risks associated with virtual currencies and wallet providers. The proposal augments the 4th Directive in its efforts to enact EU rules designed to combat Anti Money Laundering (AML) and financing of terrorist activities (CFT). 

The indication is of thorough regulatory change as digital currency exchange platforms and e-wallet providers are now required to comply with AML and CFT requirements. Collecting and monitoring customer data will be part of their compliance operations. 

Under the new law, the general public will have access to beneficial ownership information of EU companies, and due diligence measures for financial flows from high-risk countries will be beefed up. 

Cryptocurrency – Safe or Not?

 

Virtual currencies such as bitcoin provide efficient ways of data sharing and user interaction for a wide customer base. However, the inherent way in which cryptocurrencies are able to hide user identity opens up opportunities for suspicious transactions online. 

This implies that authorities cannot trace the identity behind any kind of transaction, and financial transfers can therefore be concealed easily. The risk of such services being used by terrorist organisations looms large on the horizon, leading to strict scrutiny measures for the crypto realm in 5AMLD. Virtual currency remittance systems are also at the risk of being used for terrorist and illegal activity financing.

As safety of digital transactions dwindles, KYC for identity verification becomes an increasingly important part of the security equation. In contrast, at the very heart of cryptocurrency is the counter-intuitive idea of decentralisation that allows a user to create a disconnect between his identity and e-money. The key here is finding the middle ground between privacy and legality. 

Currently, only a third of all businesses across Europe and the US perform background checks on their users. And this is about to change after the implementation of 5AMLD. 

Before this commission, no other EU Laws were directed at monitoring digital currencies or e-wallets. Previously absent in 4AMLD, the new directive includes a definition of virtual currencies: 

‘a digital representation of value that is not issued or guaranteed by a central bank or a public authority, is not necessarily attached to a legally established currency and does not possess a legal status of currency or money, but is accepted by natural or legal persons as a means of exchange and which can be transferred, stored and traded electronically’.

This covers a wide range of virtual money – coins, tokens, custodial wallets – to ensure that no form of electronic value escapes monitoring. Although the definition is all-encompassing, it is useful to note that it merely views cryptocurrency as a means of exchange online and not as assets, securities or commodities. 

There is no clarification for ‘virtual currency exchanges’, but individual entities are identified as providing services between virtual and fiat currencies. Again, the scope of such transactions under AML/CFT compliance is unclear, and the commission almost overlooks crypto-to-crypto exchanges. For Initial Coin Offering (ICO) organisers, brokers and other platforms, this underscores the need for detailed checks under 5AMLD Compliance.  

In this respect, the UK has warned against the use of crypto assets in illegal activities, and hinted at using a broader regulatory framework. 

Next in importance to cryptocurrencies are e-wallets. A custodian wallet is explained by the law as:

“An entity that provides services to safeguard private cryptographic keys on behalf of their customers, to hold, store and transfer virtual currencies”. 

Following this interpretation, a service provider shall not be liable under CFT/AML laws unless it holds the user’s private key. Obliged entities include centralised cryptocurrency exchanges such as Mist, Ledger Nano S and Trezor. 

Under 5AMLD, previously unlicensed exchange services and e-wallet providers now need to be authorised through a registration process. This means that common AML practices such as customer due diligence, transaction monitoring, and fraud detection will need to become part of company compliance processes. Countries are obliged to create central databases, with complete lists of virtual currency users and their self-declaration forms. 

As ironic as it may seem, cryptocurrency providers will collect, store and monitor information of customers, as well as any beneficiary owners that may be involved. For the purpose of AML/CFT screening, this puts an end to any anonymity in the currency space, and enables concerned national authorities to collect such data and verify it against relevant account holders. 

The law also lowers the threshold for identifying users of e-money, to further empower Financial Intelligence Units (FIUs) by facilitating information exchange. In addition, when performing a KYC before a business relationship, the corresponding beneficial register in the EU must be accessed. 

Onwards and Safer

 

After the 5th AML Directive of the EU is rolled out, crypto exchanges, e-wallets and trading platforms will require efficient identity verification processes and AML monitoring tools for enhanced customer experience. 

For smooth sailing amid regulatory change, digital currency providers are better off adopting reliable KYC/AML/Customer Due Diligence and financial crime control strategies well in time. Cybercrime and terrorism need to be rooted out at source, and compliance officers must carefully identify their exposure to the risk of criminal activity. Keeping in view the products and services being offered, cryptocurrencies must conduct a risk assessment and take pre-emptive action against high-risk transactions and users. 

Regulating cryptocurrency space will not be as easy as controlling its non-digital counterpart. Regulators, financial institutions and crypto providers equally face technical challenges in ensuring compliance of AML laws. Sharing relevant, open and transparent information, as well as establishing partnerships at each level, will, therefore, be central to the process of regulation and innovation. 

More posts