Financial institutions and businesses are extremely familiar with the guidelines of KYCKYC stands for “Know Your Customer”. In banking, it is a process by which banks obtain information about the identity and address of the customers. This process helps to ensure... (Know-Your-Client or Know-Your-Customer). The minimum of these regulatory standards includes the customer identification program, customer due diligence, and ongoing monitoring or enhanced due diligence. The goal of KYC standards is to verify the identity, suitability, and risks of current or potential customers to identify money laundering and financial terrorism before they materialize.
With these systems in place, do bank executives and chief complianceCompliance is used to refer to the adherence to laws, regulations and industry standards within a specific business or financial context. Compliance can involve implementing policies and procedures to ensure... officers really know their customers?
Simply, no.
No, they don’t.
What do we know?
In times past, in order to open a bank accountA bank account is a financial account provided by a bank. It allows depositing, withdrawing, and managing funds securely., a customer would need to visit a retail location and provide a form of physical identification (i.e., a driver’s license or passport). Bank employees would then make a judgement of whether or not the customer was being truthful by comparing the photo ID and the face of the customer in front of them. Customers deemed truthful could proceed with the process.
As counterfeit identity cards became more convincing and prevalent, business would develop better technology to detect fake ID’s.
With this procedure firmly implemented, do banks know their clients?
No.
Not completely.
For 100% identity verification, financial institutionA financial institution is a regulated entity that offers financial services to individuals, companies, or governments. Examples include banks, credit unions, and investment firms. would need a DNA sample, a DNA sample from their parents, and the lab tests associated with DNA comparison. Then they would need birth records, like birth certificates, maybe even on-oath witnesses to corroborate the narrative of their birth in that particular hospital.
Is this a ridiculous standard to holdWhen a final transaction total is uncertain, as in a hotel stay, an authorization hold is placed on a portion of the cardholder’s credit limit or debit balance as a... banks to?
Absolutely!
Without-a-doubt identity authentication doesn’t exist.
Maybe in the future, subdermal microchips will be commonplace to confirm who is who, but maybe counterfeit, stolen, and replaced microchips will also be commonplace.
Regardless of the barriers and technologies regulators or business implement, fraudsters will find a workaround.
If it’s hopeless to know your customer, how do financial institutions create an effective strategy to prevent fraudFraud is defined as a deliberate and deceptive act carried out with the intent to gain an unfair or unlawful advantage. Fraud is mostly associated with deceit, misrepresentation or concealment... and crime?
Math.
That’s right. Math!
Effective KYC goes back to high school calculus and probabilities. Client onboardingOnboarding is the process of integrating a new employee, customer, or user into an organisation or system. It includes orientation, training, and familiarisation to ensure a smooth transition and effective... requires a deterministic probability.
Start by using the process of elimination.
At some point in school, teachers ask students to prove 1+1=2. The process often starts with a hypothesis that 1+1 is not = 2. Students try to prove this hypothesis with a ridiculous premise like 3=5. Since 3≠5, the conclusion becomes 1+1=2. Now, apply this technique to customer onboarding.
The current KYC model in the United States is broken.
Opening an account at a financial institution only takes four main elements into consideration: name, home address, date of birth, and Social Security Number or Tax Identification Number. Most people know that this information is not difficult to obtain. If someone knows this information for an ex-partner, they could open an account in their name.
A popular upgrade to onboarding beyond these four elements is a scan of their ID card and a selfie with biometricBiometrics uses special physical or behavioural traits like fingerprints, facial recognition, and voice recognition to confirm a person’s identity, adding a very strong layer of security to authentication. and liveness detection. However, banks often see a sharp drop-off of customers at this stage in the process. Many consumers find this procedure intrusive, regardless of the excess of selfies – some with driver’s licenses and passports in frame – they share to social media platforms. Fraudsters use the images from social media to construct convincing ID’s and animated deepfakes that makes the fraud and disguises in the Mission Impossible films seem amateur. These deepfakes bypass liveness detection and pass facial recognition with ease.
Many fintechs today prioritize customer quantity over quality, so they make the onboarding process as frictionless as possible. A fintechFintech is a term used to describe financial technology. This often refers to the innovative use of technology to provide consumers and businesses with financial services. This can include banking,... could require the bare minimum of KYC standards, allowing someone to create a new account in less than a minute. This saves the fintech money and supplies them the statistics of customer growth and adoption needed for the next round of fundraising.
Startups can come and go with their benefits but allowing bad actors to enter and easily move about the financial system can be extremely harmful. Fintechs can stop a significant amount of fraud at the gate.
So, how are fintechs, banks, and other fintechs supposed to identify money laundering and financial terrorism before they materialize?
- Step 1: Admit ignorance. Claims of complete lack of fraud are unfounded and will reveal itself eventually.
- Step 2: Implement a dynamic strategy, instead of a stagnant one. The KYC strategy should be able to be modified as requirements and times change.
- Step 3: Carefully select vendors and partners. KYC vendors should work hand-in-hand with the bank or credit union, occasionally offering advice for improvements.
- Step 4: Be willing to budget for real solutions. Onboarding is not a business component to cut corners on or select the least expensive option.
- Step 5: Stay vigilant. Fraudsters must only be right once to succeed. Financial institutions must prevent every attempt and occurrence to stay safe.
This article was originally published in The BHB BaaS Association Newsletter.