Categories
KYC/KYB

Know Your Customer’s Customer

KYCC is a great way to protect your business’s reputation and protect itself against financial crimes.

KYC (Know Your Customer) protocols are too common and are known by almost every regulated business. But, have you thought about the level of risks your customers’ customer present to your business? The type of products and services your customers provide will decide the type of customers they have. Based on the number of customers, you may face unique risks.

When you comply with the Know Your Customer’s Customer (KYCC) process, you can protect your business from potential threats that come up.

What is Know Your Customer’s Customer (KYCC)?

KYCC is an additional compliance method that businesses can employ. KYCC goes a step beyond ordinary KYC or KYB methods. It is the most similar to the Know Your Business (KYB), process. It involves you doing a close analysis of our business’s customers.

With KYCC, you have to evaluate your business clients. You have to go past your business’s clients, and see who they work with. Based on your customer’s customer base, your business could be exposed to new and unique threats.

The primary goal of KYCC is to:

  • Confirm that businesses that are your customers are actually who they claim to be. By verifying their accounts, you can be a bit more confident that you’re dealing with an actual business, not some fraudster.
  • KYCC allows you to identify if any of your customers are offering their services to shell companies, or high-risk companies.

Importance of KYCC

KYCC measures can protect your business, customers, and the economy against tax evasion, terrorist financing, money laundering, etc. Without proper regulations, these crimes can grow at an alarming pace. 

KYCC procedures are not widely regulated across the globe currently. But, these regulations are becoming a standard. The 5th and 6th Directives in the EU and FinCEN have indicated a deepening interest in KYC, risk, and compliance. 

As new regulatory bodies continue to understand the importance of KYCC, it’s expected new regulations will soon be announced. If customers discover your businesses have facilitated illegal activity, it’s going to hurt your reputation. When you implement KYCC protocols, you’ll be able to identify these issues and reduce the level of risk associated. 

KYCC is more crucial for high-risk industries, such as finance. That said, any business can benefit from the reputational benefits of KYCC.

What Does KYCC Look Like?

KYCC looks a lot like KYC. The only big difference is that you have to verify your customers’ customers. Similar to KYC, there are some basic steps in KYCC:

  • Identification – In this step, businesses have to identify and verify the identity of each of your customers’ customers.
  • Due Diligence – This step involves checking sanctions lists, account history, and other information to make sure your customer’s customers aren’t involved in illegal activities.
  • Ongoing Monitoring – It is where you implement measures to come find illegal activities. Businesses have to take action to handle the task accordingly.

How to Start Implementing KYCC?

To begin KYCC, you’ll first need to ask your customers to provide a list of their customers. If they’re not comfortable sharing this information, or are hesitant to share it, you may have to teach your customers about the benefits of KYCC.

When you have the information, you’ll have to collect all the necessary information to do KYC checks on these individuals. To be able to perform KYC checks, you’ll need to collect information and data from multiple sources.

As your customers conduct business, they’ll add new clients to their list. It’s essential that KYCC becomes an ongoing process. This way, companies will be able to detect any suspicious activity as soon as possible.

Despite the efforts, a thorough KYCC process improves both your and your customer’s businesses. It helps businesses raise their reputational standards, establish improved compliance methods, and increase trust and safety. 

How to Protect Your Business with Proactive Implementation?

You can protect your business by implementing KYCC measures. But, you should only do this if other compliance methods are already fulfilled. While the measure is not too important currently, in the near future regulatory bodies may come up with new regulations. 

By implementing KYCC in place today, you can proactively protect yourself from financial crimes such as money laundering. You’ll also be able to protect your business against reputational risks and avoid legal troubles that come along.

Categories
AML KYC/KYB

KYC and AML Risk Assessment for Customer Onboarding

When onboarding new customers, financial institutions must balance the need to mitigate risk with the necessity to keep the customer experience frictionless. To that end, AML/KYC risk assessment is critical for onboarding new customers. Indeed, financial institutions are under increasing pressure to meet regulatory standards while making the customer onboarding process frictionless. The combination of digital and mobile technologies makes it easier than ever for customers to open new accounts.

As a result, financial institutions must maintain strict Know Your Customer (KYC) and Anti-Money Laundering (AML) standards while streamlining the onboarding process for new customers. In this article, we’ll explore different onboarding methods and how they impact your institution’s KYC/AML risk assessment.

What is AML/KYC Risk Assessment?

KYC/AML is an acronym standing for “Know Your Customer” and “Anti-Money Laundering.” These are compliance regulations that require financial institutions to verify the identity of their clients. This is done to prevent money laundering and other financial crimes. KYC is a procedure that requires financial institutions to collect and verify information about their customers. This data is then documented in an effort to prevent money laundering and terrorist financing.

KYC regulations are designed to strengthen the integrity of the financial sector and the wider economy by reducing crime and increasing trust. AML refers to the regulations that govern financial institutions’ due diligence when determining the source of their customers’ funds. For example, financial institutions must verify the source of funds deposited in accounts by customers who are opening new accounts. This is done to prevent money laundering.

Digital Customer Onboarding Methods

Digital onboarding methods are low-touch and mostly occur online. They include onboarding methods such as e-KYC, SMS verification, and OTP verification. E-KYC is the process of onboarding new customers digitally by collecting and verifying their identity and other relevant information. E-KYC uses the government-issued Unique Identification Number (UID) issued by the Indian government.

Once verified, the e-KYC process provides an electronic validation of the customer’s identity. This electronic verification is stored in an electronic format and is used to onboard new customers, transfer funds, and open new bank accounts.

E-KYC is the most common digital onboarding method. It is used by banks across the world to onboard new customers. SMS verification is a low-touch onboarding method that telecom companies commonly use to onboard new customers.

Manual KYC/AML Risk Assessment

Manual AML/KYC risk assessment is a low-to-moderate touch method that relies on a combination of digital and manual methods. It is an onboarding method that requires an initial review of customer information and documents that is followed by a final review of all customer information and documentation.

A manual review is necessary in order to accurately complete KYC/AML compliance. Manual KYC/AML risk assessment is the most common onboarding method. It is used by large money transfer companies and financial institutions that have large volumes of new customers. Manual AML/KYC risk assessment is conducted by an employee and typically involves reviewing documents such as passports, utility bills, and letters of employment.

This method is necessary to complete the full KYC/AML compliance for customers. Manual KYC/AML risk assessment is the traditional way that financial institutions onboard customers. It is done by reviewing customer information and documents by an employee. This process is necessary to complete the full AML/KYC compliance for customers.

Computerized AML/KYC Risk Assessment

Computerized KYC/AML risk assessment is a high-touch method that involves the use of technology to onboard customers. It is an onboarding method that uses technology to identify and verify customer information and documents. This onboarding method is often used by large financial institutions with high volumes of new customers.

Computerized KYC/AML risk assessment is done by an online system that uses algorithms to screen and filter documents. The system uses algorithms to identify common information found in identity documents such as passport numbers, birth dates, and driver’s license numbers. This onboarding method uses preloaded customer information to verify identity and collect the necessary information.

Computerized AML/KYC risk assessment is a high-touch onboarding method that relies on technology to collect customer information and verify identity. This method is necessary to complete the full KYC/AML compliance for customers. This method is used by large financial institutions. It is the most efficient way to onboard new customers.

Combination of Digital and Manual AML/KYC Risk Assessment

Co-editing is a high-touch method that uses both digital and manual methods to collect and verify customer information and documents. This onboarding method uses both technology and employees to collect and verify customer information and documents. Co-editing is a manual onboarding method that relies on employees to verify customer information and documents.

It also uses software to filter information and documents. Manual KYC/AML risk assessment is the most common onboarding method. It is done by an employee and typically involves reviewing documents such as passports, utility bills, and letters of employment. This method is necessary to complete the full AML/KYC compliance for customers. Co-editing is the most efficient way to onboard new customers.

Conclusion

KYC/AML risk assessment is critical for onboarding new customers. When onboarding new customers, financial institutions must balance the need to mitigate risk with the necessity to keep the customer experience frictionless.

To that end, AML and KYC risk assessment is critical for onboarding new customers. Indeed, financial institutions are under increasing pressure to meet regulatory standards while making the customer onboarding process frictionless. The combination of digital and mobile technologies makes it easier than ever for customers to open new accounts. As a result, financial institutions must maintain strict KYC and AML standards while streamlining the onboarding process for new customers.

Categories
KYC/KYB

Enhanced Due Diligence: How Important is it for Banks?

In today’s business and regulatory climate, a business has to take all precautionary steps to prevent fraud. This means identifying and verifying customers’ identities and meeting KYC guidelines. Whenever a financial institution starts a new business partnership with individuals or organizations without fully knowing their past and present business dealings, it can open the business to huge lawsuits and fines. EDD (Enhanced Due Diligence) can help businesses understand their customers.

As a matter of fact, over the last decade over $26 billion in fines have been imposed across the U.S., Europe, APAC, and the Middle East against financial institutions for KYC/AML. But KYC compliance goes beyond ticking some checkboxes. KYC helps financial institutions understand and serve their customers in a better way.

The KYC process is often carried out by financial institutions while opening new accounts with online users. Customer Due Diligence (CDD) is a vital part of KYC verification, which usually involves background checks to assess the risk they pose to a business. In the financial sector, this usually involves verifying the users for creditworthiness and ensuring that these people aren’t on a money laundering or counter terrorism financing watchlist.

Fortunately, most of these verifications and AML verification processes are becoming automated so businesses can offer a better customer experience during onboarding. With Customer Due Diligence (CDD) financial institutions perform important checks.

What is Enhanced Due Diligence?

(EDD) Enhanced Due Diligence is part of the KYC verification process that offers a greater level of scrutiny of potential business partnerships and highlights risks that can’t be detected by customer due diligence. Enhanced due diligence requirements are an upgraded version of CDD that looks to establish a better level of identity verification by using customer ID data and evaluating the risk category of the customer.

EDD is specifically designed for dealing with high-risk customers and large transactions. These customers and the transactions they conduct pose greater risks to the financial sector, these customers and transactions are continuously monitored to ensure that nothing is out of place. 

There are several characteristics that EDD from regular KYC policies:

  • Rigorous & Robust: EDD policies have to be rigorous and more robust and should require more data for customer authentication.
  • Detailed Documentation: The EDD process has to be documented in detail, and regulators should be able to have immediate access to enhanced due diligence reports.
  • Reasonable Assurance: EDD requirements require “reasonable assurance” while building a risk profile. 
  • Going Through PEPs: Banks and financial institutions need to pay attention to Politically Exposed Persons (PEPs) lists. People on these lists are viewed as being a higher risk because they are in positions that can be exploited for money laundering. 

Another major challenge with EDD is knowing how much information is there to collect. Regulators have consistently favored financial institutions that leverage documented policies & procedures.

More and more companies are combining online identity verification and automated AML screening during the account onboarding process.

KYC Factors for Enhanced Due Diligence

To make sure your enhanced due diligence process is on-point, you need to pay attention to a number of factors. 

These factors include:

  • Location of the business/individual.
  • Purpose of the business transactions. 
  • Occupation and nature of the business. 
  • The pattern of activity (transaction type, dollar volume, and frequency).
  • Expected origination of payments and method of payment. 
  • Document of incorporation, partnerships, and business certificates. 
  • Understanding the customer base. 
  • Ultimate Beneficial Owner verification. 
  • Information about personal and business relationships. 
  • AML policies are set by the business in place. 
  • Third-party documentation. 
  • Reputation in the local market. 

There are some cases that demand EDD verification. In Europe, banks and financial institutions are required to conduct EDD for businesses operating in high-risk countries. 

The requirement also calls for EDD of Politically Exposed Persons. The new 6AMLD compliance has put additional pressure on financial institutions to conduct more vigorous verification. Negligence or non-compliance can lead to hefty fines. 

This pressure has only increased after sanctions on Russian Companies. Banks and financial institutions have to be extra careful about who they onboard. 

In April 2022, the Office of the Comptroller of the Currency put additional light on the need for thorough EDD policies. These include:

  • Maintaining an accurate and complete list of sanctioned companies and high-risk counties. 
  • Evidence of transactions, which includes unexpected activities, and unexpected sources of funds. 
  • Complete analysis of available information. Including red flags in information and making a document of high-risk indicators and suspicious activities. 

Enhanced Due Diligence Checklist

So, what do banks and financial institutions get out of using EDD as part of their KYC verification process? Here’s the Enhanced due diligence checklist:

1. Better Serve Your Customers

The EDD and identity verification process offer a bunch of useful information regarding your customers, including employment status, age, and so on. This data can be used to provide customers with better services.

2. Enhance Brand Reputation

Whenever a bank, or financial institution onboards a new customer with EDD, they can help in the prevention of corrupt politicians, criminals, and terrorists from entering the ecosystem. This also means that taking precautions to know your customer at a more fundamental level.

Businesses need to build robust safeguards that help in defending against losses for fraud, non-compliance fines, and loss of brand reputation.

3. Financial Crime Prevention

All the ideas of knowing your customers, verifying identities, making sure they’re real, and cross-referencing customers from PEPs and Sanction lists. Enhanced due diligence and other fraud prevention methods such as bank account verification software allow businesses to focus on scaling their businesses instead.

4. Build Trust

Unfortunately, as more and more cases of data breaches, money laundering, and financial fraud are being uncovered, customers are losing trust in the banking sector. It is high time for banks, financial institutions, payment providers, and others to stop the flow of money laundering and other financial crimes. 

This can happen by integrating identity verification and identity screening technologies into the KYC workflow. With a secure digital-first approach, it is possible for banks to digitally onboard customers from all over the world. While ensuring security and enhancing a positive customer experience.

Measures for Enhanced Due Diligence

Let’s say there’s a client that needs EDD verification, what will you do? Instead of going through the process without proper knowledge, you can take some measures. A lot of financial institutions follow de-risking strategies, but that’s too much hassle for legit companies.

The FATF recommends following a risk-based approach for high-risk customers. In a risk-based approach, the amount of information required increases when the level of risk associated with the business increases. 

The risk-based approach offers several other advantages for financial institutions. Entities can scale it up or down based on the size and scale of the business. It is highly flexible and can adapt to changing conditions, technology, and other factors. 

According to FATF, financial institutions must follow some particular steps while conducting EDD, such as:

  • Institutions should try to gather as much information as possible about a customer. They should use this information to build an ideal risk assessment profile. 
  • Should conduct additional searches to get more information about individual customer risk assessment. 
  • Should build a thorough report on the customer or beneficial owner to better understand the level of risk involved. It is possible that the beneficial owner is part of criminal activities.
  • Institutions should build a number of questions that help them collect additional information about the customer. The questions should also try and uncover the intended nature of the business relationships.

Also, it’s not enough to run checks just once, EDD is an ongoing process. To make sure banks stay on top of all the risky activities, they need to keep track of high-risk customer activities. 

Requirements for Beneficial Owner EDD

To make sure that you’re covering all the bases, you need to verify the identity of the beneficial owner. Often, institutions forget or neglect the need to verify the beneficial owner. This can put them at greater risk of financial crime.

UBO verification is slowly becoming a vital part of EDD. If an account holder does some international transactions, institutions need to know the beneficial owners of the other account holder. This is to comply with the OFAC (Office of Foreign Assets Control). The OFAC requires banks to conduct due diligence of international accounts at the time of transaction. 

Due to the FCPA ACT, an institution has to identify the owner of all the third-party intermediaries. A company can’t comply with regulations properly until they thoroughly check the beneficial owner information. 

 The 4AMLD states that all the member states have to ensure that all the entities are incorporated within their territory according to national law. They need to collect all the vital information about the beneficial ownership alongside all the basic information about the entity itself. 

In the US, there are similar beneficial ownership disclosures that are a part of the FinCEN Customer Due Diligence Final Rule. As per the FinCEN Guidance FIN-2016-G003, “the CDD Rule outlines explicit customer due diligence requirements and imposes a new requirement for these financial institutions to identify and verify the identity of beneficial owners of legal entity customers, subject to certain exclusions and exemptions.”

The FATF did an analysis of the beneficial ownership best practices, and they concluded that the challenges with tracing UBO information while dealing with foreign ownership or directorships suggest the requirement for enhanced measures for these entities.

Procedure for Ultimate Beneficial Ownership Verification

Up until a couple of years ago, verifying beneficial ownership was a challenging and cumbersome process. It included a lot of manual work which led to mistakes. Business entities had to submit official documents to financial institutions.

Businesses that had to go through additional due diligence have to provide other documents based on their level of risk.

Some common examples include:

  • Official company documents from the official registry to verify information submitted by the account holders. 
  • UBO identification and verification.
  • Performing KYC checks on ultimate beneficial owners. 

With the help of DIRO’s ultimate beneficial ownership verification, financial institutions can now say goodbye to old manual methods.

DIRO can instantly verify incorporation documents with automated user consent in over 195 countries. It helps in eliminating fraud in merchant onboarding and complying with vendor due diligence rules. Moreover, banks can use it for UBO identity verification and cut down on the risk of UBO fraud. 

Conclusion – Growing Need for EDD

Changing regulations and policies are increasing the need for enhanced due diligence. As the scope and need for due diligence requirements are growing, the need for technologies that can handle these requirements is also growing. DIRO document verification and KYC verification solution can help institutions stay on top of these changing requirements with instant and accurate document verification.

Categories
KYC/KYB

KYC Requirements in Singapore in 2022

Singapore is one of the world’s leading financial hubs and also one of the Asia-Pacific leaders. So, it makes sense that businesses all over the globe want to invest in the Singapore markets. Economic stability makes it an even better option for investors globally. Singapore for years has been following a pro-business attitude that encourages global trade.

Anyone wishing to do business or onboard Singapore customers must follow the clear and robust KYC and AML guidelines. These KYC guidelines Singapore are set by regulatory bodies in Singapore to prevent ID theft fraud and the rise of money laundering.

KYC Regulations Singapore as Set by MAS

The KYC guidelines Singapore are built and implemented by the “Monetary Authority of Singapore (MAS).” And the Singapore KYC requirements specify that digital verification is acceptable, but businesses have to take appropriate measures, these include:

No verification is needed until a customer moves forward with the account opening process. This is only applicable if there are internal policies that limit access to financial services before customer verification is complete.

Singapore Digital Identity System

Singapore has one of the best digital identity systems. The Singapore digital identity system completely relies on mobile apps and biometric data to make the onboarding process faster.

Citizens of Singapore can use the Singpass app to sign up for a government and private sector services. Singpass is connected to Myinfo (a service that provides verified personal and corporate data) which leads to the remote signing of the documents. 

There’s also a step beyond customer identification, that is the general KYC rules such as due diligence and customer monitoring.

If a customer is on the PEP list or poses a greater risk for money laundering, then an enhanced due diligence level is required. Even greater levels of due diligence are needed if:

  • Transaction activities change
  • The institution changes document standards
  • Lack of appropriate identification information
  • There’s a physical change in relations with the customer

Beneficial Ownership Verification in Singapore

The steps to verifying businesses and beneficial owners lie outside the basic KYC and CDD norms in Singapore. Any director, partner, or entity that has executive-level control over the organization’s operations is considered a beneficial owner. Identities of these beneficial owners have to be identified by businesses.

The Digital identity system in Singapore can also help in hastening this process. Myinfo Business app can automatically provide verified business information and beneficial ownership information data. The app can do this by fetching data from government sources.

An additional level of due diligence is required only if there are any changes in the ownership.

Payment Services Act in Singapore

The Payment Services Act in Singapore undertakes the Licensing and regulation for all the payment service providers. Organizations that have to follow these rules include:

  • Domestic money transfer services
  • International money transfer services
  • Account creation services
  • Merchant acquisition services
  • E-money issuance services
  • Digital payment token services

The biggest impact of these regulations is on entities operating the crypto and the NFT industry. Any entity that works in buying and selling digital assets, offers token exchange, or promotes these services may fall under the payment services act in Singapore.

Payment providers have to be ready to fight money laundering in advance. They should build money laundering prevention systems to combat fraud. Also, all the customers need to go through identity verification.

Low-risk customers need to go through simple due diligence, but customers with high risk have to go through enhanced due diligence. Other methods of risk prevention include Watchlist screening, transaction monitoring, and recording and reporting of transactions that seem suspicious. 

There’s one more regulation that payment companies operating in Singapore have to follow. The regulation is known as Financial Services and Markets Bill also called FSM Bill.  

The goal of the FSM bill is to minimize the risks by licensing the payment service providers and imposing AML/CFT requirements.

State of FinTech Industry in Singapore

Even though the population of Singapore is just 5.9 million, it has 132 banks. Plus, there’s a boom in the FinTech industry in Singapore. In 2021, the investments in the FinTech market rose by 37%. Moreover, the total amount invested in 2021 left China and India behind. 

Singapore is a great platform for companies that want to gain a firm footing. Plus, it can be the perfect place to expand service globally. Singapore is working towards Crypto adoption, which will only boost the financial situation of the country. And currently, the financial environment is highly secure because of the KYC requirements in Singapore.

Categories
KYC/KYB

What Is The Importance of KYB and Ultimate Beneficial Ownership (UBO)?

Today’s topic is Know Your Business (KYB) and Ultimate Beneficial Ownership (UBO). We will also understand the need and the importance of KYB – know your business and Ultimate beneficial ownership. 

There are B2C companies that follow various steps to verify their customers’ identities. This is known as the Know your customer (KYC) process.

Other businesses and financial institutes are obligated to do the same verification process for businesses they onboard. This process is also known as Know Your Business (KYB) or Business Risk Assessment. In the past few years, the need for KYB regulation has been changed by the Financial Action Task Force (FATF).

What is Ultimate Beneficial Ownership (UBO)? 

UBO is a beneficiary or a legal entity that is responsible to verify the identity of the customers and ensure that it is not fake. The Ultimate Beneficial Owner also gets the profits for businesses, this is why financial institutions need to identify UBO’s identity. 

UBO verification plays an important step in Know Your business verification and provides relevant information to decide whether FIs should onboard specific businesses. This helps to reduce the chances of various frauds and financial losses. So, you know the importance of Know Your Business. 

When it comes to UBO, the United States FinCEN (Financial Crimes Enforcement Network), the European Union’s 4th and 5th Anti-Money Laundering Directives, and the CDD rule, all are intended to guarantee a better way to assess risks that would be helpful to strengthen the anti-money laundering measures.

What is the Customer Due Diligence Rule? 

The FinCEN Customer Due Diligence rule has four fundamental requirements to ensure the transparency of the financial Institutes and to detect any mishaps related to this: another step that explains the importance of know your business. 

Here are the four key requirements:

  1. The identity of the users and the customers is verified. 
  2. The account of the beneficial owners is verified. 
  3. To verify and identify beneficial owners who own 25% or over 25% of a legal entity. 
  4. Developing a customer risk profile for a better understanding of the customer relationship, customer purpose, and customer nature. 

What is the Importance of Know Your Business (KYB)? 

This process helps various businesses to catch the upcoming risk related to the business and their customers or clients. 

This process also helps the regulated entities and banks to stay compliant with the industry regulations.

When we talk about the importance of Know Your Business (KYB), we are trying to say that it is crucial to identify deterring frauds and to protect businesses from mishaps that can lead to huge financial losses. 

This process includes verification of the documents related to the bank records, incorporation, and the source of wealth. And, various KYB platforms are helpful for the businesses to create records with the UBOs and to get access to the databases. Best KYB platforms also help to perform KYC on the UBOs (as an individual) and the operational workflows, and investigation to track the data. This helps to get access to the information for the brief analysis, relevant parties and reporting by regulators. 

As per the regulatory requirement, maintaining a robust compliance program (with KYB) and using risk mitigation strategies with proper due diligence for UBOs is necessary to prevent your business from nefarious intent and also a regulatory requirement.

How does DIRO Play an Important Role in Know Your Business Process? 

It is crucial for business and financial institutes to maintain the integrity of their organization, firm, or institute without neglecting the compliance regulations. This also includes managing and detecting the risk related to the businesses and financial institutes. 

DIRO online document verification technology can play a vital role to reduce the load of the verification process in KYB, and UBO verification processes. This is crucial to avoid identity theft and various other financial threats.

DIRO document verification technology provides a quick way to verify incorporation documents, bank accounts, business documents, utility bills, credit bureau reports, tax returns, etc.

DIRO also helps to ease the KYB compliance process with the real-time document verification solution. We as DIRO also assist with UBO identification and shareholder information.

Categories
KYC/KYB

Steps to Streamline KYB Process

To ensure the success of a business and the elimination of fraud, effective KYB measures need to be established throughout the organization. The Know Your Business (KYB) process begins with the onboarding of corporate clients and since the pandemic, the integration of digital solutions has become a vital step for KYB compliance.

Regardless of the usefulness of digital services in keeping up with regulations, businesses operating in the financial industry are reluctant to rely on technologies. Countless studies point toward the fact that focusing on a solely paper-based process for onboarding clients hurts businesses in the long run. Regulatory bodies all over the globe are encouraging businesses to take the first step toward digital transformation.

While digital transformation isn’t easy to achieve, with the integration of DIRO’s online document verification software, the process can become faster, efficient, and seamless. With DIRO, it can be easy to comply with regulations, perform due diligence checks and reduce friction from the customer onboarding.

What is Know Your Business Regulation?

KYB is the pass or fails point of a new relationship with a corporate client. KYB compliance came into existence because of some loopholes in the older KYC (Know Your Customer) compliance. With KYB, businesses can verify the clientele and figure out the risk factors in the initial stages of a relationship. The KYB regulation covers all the legal and regulatory processes when onboarding a new client. 

Usually, there are 4 main steps of KYB verification:

  • Document collection and verification
  • Data assessment
  • Continuous monitoring
  • Reporting and intelligence

Companies need to do their due diligence to figure out any criminal activity like money laundering and terrorist funding. It is vital to understand that KYB is not a one-time audit but an ongoing process that requires continuous monitoring to verify that everything is squeaky clean.

3 Ways Traditional KYB Hurts Your Business

  • Traditional KYB methods require tons of resources, financial institutions need to have a dedicated team who are slowed down by outdated processes. In most cases, corporate clients can take months to successfully onboard. 
  • Human error is part of business operations and when handling huge amounts of data and information, mistakes happen, exposing businesses to major risks. 
  • The biggest challenge of the KYB process is keeping up with the ever-changing regulatory landscape, especially when numerous countries are involved. The rules and regulations of the KYB process are complicated and ever-changing. Top banks can also have some blunders, which can lead to reputational damages.

How to Streamline the KYB Process During Corporate Onboarding?

Technology is ever-evolving and with the help of the right technologies, you can help future-proof your business. The need for KYB regulation is growing, not just because of the regulatory requirement, but because the ability to onboard clients is essential.

The traditional KYB processes can be improved through numerous automated verifications, AI, and data assessment. All of it can be done faster than a person ever could. Automations allow companies to react quickly and work in accordance to enforce compliance procedures without having to spend more on their teams. 

This, in turn, helps in delivering an experience to the onboarding that is more secure, convenient, and sustainable. According to a recent report, companies that achieved successful KYB compliance save an average of $1.45 million per year in compliance costs. 

Building an in-house KYB digital onboarding system from nothing is super expensive, time-consuming and there’s a lot of room for error. With the integration of DIRO online document verification software, businesses can effectively comply with KYB regulations and mitigate the risk of financial fraud.

Categories
KYC/KYB

Simplifying the KYB Process for Faster Client Onboarding

As fraud continues to rise, the regulations around the world keep evolving to keep up with the constant threat. Several of these regulatory changes require companies, financial institutions, and others to verify businesses and Ultimate Beneficial Owners (UBOs) that they interact with on a daily basis. The process of verifying business identities and UBOs is known as Know Your Business (KYB). 

KYB verification requirements create additional pressures for financial institutions and other regulated businesses such as:

  • Have to comply with AML laws and regulations, including the “Corporate Transparency Act” in the U.S or AMLD5 in the EU.
  • Spending additional monetary resources to protect customer data and privacy.
  • Controlling additional expenditure for regulation compliance. 
  • Trying to make the process smooth and friction-proof to increase positive customer experience. 

Entities that have to verify businesses and UBOs require enhanced due diligence (EDD). To perform EDD, an organization has to collect additional information about a business client. This additional data can consist of:

  • Nature of business relationship
  • Identifying the source of incoming funds
  • Enhanced monitoring of transactions
  • Monitoring and reporting suspicious activities

Enhanced Due Diligence helps businesses figure out if their client is real or not and it also helps in identifying stakeholders and UBOs that aren’t possible with KYC verification. To ensure complete compliance and avoid future fraud risks, KYC and watchlist checks have to be done on UBOs to verify their identities. It is always a good idea to identify the people who control a business, this can help in building an accurate customer risk profile.

Ineffective KYB: What Does it Cost?

Before the COVID-19 pandemic, almost all the banks performed due diligence on businesses using a paper-based process. Team members conducted individual searches on numerous lists and then analyze the data collected about an entity. Analyzing small businesses and merchants is an even tougher task as their history is almost non-existent. Manual KYC/KYB/CDD processes are onerous, ineffective, and expensive and also leave a lot of room for human errors. Thus, conducting accurate CDD is almost impossible and fraudsters can easily slip by.

A study conducted by Thomson Reuters showed that out of 430 AML compliance leaders of Financial Institutions, 58% claimed that the inability to access UBO data was the biggest challenge. According to the same study, the average annual global cost for conducting CDD and KYB is almost $48 million ranging all the way to $70 million. 

Not only that, but the cost of onboarding clients is also increasing due to ever-changing compliance rules. On the other hand, corporates have claimed that FIs have made inconsistent requests, access to data that was a security concern, and so on. These barriers result in poor customer experience and an increased customer drop-off rate. 

On average, it takes 3-4 months to onboard a corporate banking customer. The huge time window leads to application abandonment and the increased friction caused the global commercial and business banking market to lose $3.3 trillion.

Integrating Technologies in KYB Process

Needless to say, that future will bring a series of brand new challenges for entities trying to comply with regulations. The only solution is to leverage automation and technological solutions to cut back on costs, enhance the process and detect and prevent fraud. Our solution, “DIRO online document verification software” can assist businesses and FIs to keep up with KYC/AML and CDD requirements.

DIRO eliminates the need for manual document verification by instantly verifying online documents required for KYC/KYB/AML compliance. Banks and Financial institutions can integrate DIRO’s online document verification software into their workflow and significantly reduce the 3-4 month onboarding time frame. 

Businesses have to adapt to today’s environment and customer requirements. Customers need instant access to products and services without having to stand in lines for hours. With DIRO’s online document verification API, companies can onboard customers quickly, and efficiently, while ensuring the standard of security is maintained. 

DIRO can verify over 7000 document types from all over the globe and also provides stronger proof of verification for verified documents. It 100% eliminates the use of fake and stolen documents, thus eliminating the chances of fraud during the customer onboarding process. 

With the integration of technologies like DIRO’s online document verification tool in the KYB process, organizations can leave the outdated processes in the past. Organizations can easily provide a smoother customer onboarding process while 100% complying with the regulations.

Categories
KYC/KYB

Customer Due Diligence

Security should be the first and foremost priority of financial institutions and banks. You wouldn’t want to provide access to financial systems to fraudsters of any kind? It makes sense for banks and financial services institutions to vet their customers and potential customers thoroughly. Verifying customers before giving them access to financial services is crucial. This is needed to prevent money laundering, embezzlement, account takeover fraud, and all types of fraud. And this is why customer due diligence is an important part of onboarding new customers.

In this guide, we’ll walk you through what is customer due diligence and what it means for banks and other financial institutions.

What Is Customer Due Diligence?

Customer Due Diligence (CDD) is the process of identifying your customers and checking if they are who they claim to be. Organizations need to properly risk-assess customers and give them a risk profile before onboarding them. To achieve CDD, businesses need to obtain a customer’s details and cross-reference them with those of an official document that confirms their identity. 

CDD is a regulatory requirement for banks, financial institutions, and other businesses starting a relationship with a new customer. The purpose of this is to prevent financial crime and prevent potential crimes that can happen by doing business with highly risky customers. 

In the customer due diligence, FIs have to analyze customer information from several sources, including the customer sanction lists as well as public and private data sources. The amount of information you collect depends on the risk profile of your customers. Basic customer due diligence requires the following:

  • Information about the identity of your customers, including their name, address, and a photograph of an official ID document.
  • An overview of your customer’s activities and the markets they do business in
  • Basic understanding of other entities that your customers do business with

Customer Due Diligence is at the foundation of Anti-Money Laundering (AML) and Know Your Customer (KYC) compliance. CDD is aimed to help financial institutions verify their customers, confirm they’re not on any sanctioned lists, and assess the risk factors.

Customer Due Diligence Practice for Banks

Financial institutions have to build and follow a risk-based strategy to comply with customer due diligence as part of KYC and other regulations. This helps in making sure that the organizations remain compliant with basic regulatory laws and regulations of the markets that they operate in. 

The level of CDD in banking depends on the type of business-customer relationship and the customer’s risk profile. In a broader sense, banks need to take the necessary steps to make sure that a customer is who they claim to be. This can help in preventing fraudulent activities such as identity fraud or impersonation.

What does a Customer Due Diligence Process Look Like?

An effective customer due diligence process includes collecting a series of detailed customer information before initiating a customer-business relationship. But that’s not all, a customer due diligence process is operational long after the customer is part of a business. Here are the requirements for a robust customer due diligence process.

  • Customer Information: To make sure that customers are who they claim to be, businesses need to collect customers’ basic information. This basic information is the full name, photo identification, address, phone number, email address, occupation, tax identification, and more. 
  • Business Information: CDD processes should have additional information regarding a customer’s business model, source of funds, and UBO.
  • Customer Risk Profile: Another crucial part of customer due diligence is building a risk profile for every customer. This risk profile is made by collecting information such as location, business type, and customer identity. Based on this information, a risk profile is built (low, medium, high), which is to show the level of money laundering risk they pose. A customer’s risk profile determines how much due diligence is needed for a customer. High-risk customers need more detailed diligence compared to low and medium-risk customers. 
  • Continuous Monitoring: The customer due diligence process doesn’t stop after customer onboarding by a bank/financial services industry. An ideal CDD measure should include some kind of ongoing monitoring system and keep an eye on high-risk clients, suspicious transactions, sudden changes to customer profiles, and so on. 

Your customer due diligence process should answer all the fundamental questions:

  • Is the applicant the person claiming online?
  • Does the risk profile of the applicant raise any red flags?

Low-risk customers can be fast-tracked through the approval process. All because of the online customer verification software and online bank account verification software. Because of automation, customer verification has become 40% more streamlined. This means that the customer onboarding process for low-risk customers should be cut down to under 2 hours.

However, the decision time for higher-risk individuals may still take longer. Most of the time it takes around 48-72 hours to onboard high-risk customers. Assuming that 90% of the customers will be low to medium-risk customers, the cost and efficiency gains of automated ID verification and AML screening can reduce the costs dramatically and improve user experience.

Streamlining Customer Due Diligence Process

Complying with KYC and AML requirements has made the account opening process complex and time-consuming for most businesses. Different banks take different amounts of time for onboarding new customers. But, on average a bank takes 24 days to complete the customer onboarding process. And with a growing number of regulations, it’s only going to get worse. 

Moreover, increased onboarding time and friction will cause higher abandonment rates by customers. These costs can exceed the costs of any type of fraud considering the lifetime value of lost customers. 

This is why it’s high time businesses need to streamline the CDD process to save money and get new customers.

1. Identity Verification

While there are a series of other ID verification methods, more and more businesses are now relying on automated identity verification to smooth out the onboarding process. Automated ID verification relies on AI, machine learning, and biometric verification to authenticate identity documents. In some cases, banks may even ask customers to perform a liveness check to ensure that the applicant is physically present instead of customers using a pre-recorded video.

2. Ongoing Monitoring & Screening

Not just ID verification, AI and machine learning software can easily provide financial institutions with a more effective transaction monitoring system. This reduces the risk of false positives for suspicious activity.

Same as building risk profiles, individual transactions can also be scored and combined with advanced algorithms that track expected vs actual transaction behavior and update customer risk ratings in real-time. 

Better ID verification, AML screening, and transaction monitoring solutions are enabling financial institutions to keep up with the changes made by regulatory bodies. These technological solutions can help financial services institutions to spot patterns and suspicious transactions by monitoring current transaction data and comparing them with historical transaction data.

Importance of CDD

When you consider the amount of harm fraudulent activities can do, it makes sense the amount financial institutions spend on complying with KYC and AML compliance. These countermeasures are designed to prevent money laundering and other financial frauds. 

Here are the main reasons why banks need to take CDD seriously:

  • Big compliance fines: The enforcement of AML regulations is on the rise, since 2009, regulators have levied over $32 billion in AML non-compliance fines. In 2020 itself, FinCEN fined banks in the United States for over $11.11 billion.
  • Sophisticated Cyber Crimes: Criminal are using more sophisticated methods to remain undetected, including globally coordinated tech, insider information, the dark web, and e-commerce.
  • Reputational Risk: AML non-compliance puts financial institutions’ reputations on the line. The average value of the top 10 banks is $45 billion. 
  • Rising Costs: Most AML compliance activities require a huge manual effort, making them inefficient and difficult to scale.

Enlightened Approach to CDD

A growing number of banks and FinTechs are discovering how to automate their CDD process and if needed the enhanced due diligence process. By using the latest tools and technologies such as online document verification and online KYC verification software, businesses can improve the customer due diligence process.

When is CDD Necessary in Banking?

  • Starting a Business Relationship: Before starting a new customer-business relationship, banks have to perform due diligence checks, verify who the customers and ensure that they aren’t using a fake identity. 
  • Occasional Transactions: Certain transactions may require you to follow CDD strategies. For example, transactions over a certain monetary amount (over USD 10,000) or if the customer is transacting with high-risk persons or regions.
  • Suspicious Activity: Banks have to implement CDD checks if the customers have a suspicious history and shady activity related to money laundering or financing terrorism.

Unreliable Identification: If the information offered by your customer is unreliable, suspicious, or doesn’t meet requirements, banks should implement additional CDD measures. 

Reducing Customer Due Diligence Time: How to Go From Weeks to Minutes?

The regulations made for saving customers and businesses from fraud are diverse and institutions have to keep pace with developing strategies to remain compliant. As such, creating a smooth onboarding process that is robust and efficient isn’t a mean feat. The biggest challenge in staying compliant is for businesses to keep evolving requirements while reducing friction and delays. A process full of friction and delays lead to increased poor customer frustration and drop-offs. 

When onboarding new customers, financial institutions need to know who they are dealing with before getting into a full-fledged business relationship. To verify customer identities, due diligence is important.

Customer due diligence is an important part of your businesses’ risk management. Different customers have different levels of risks, so CDD is conducted based on risk level. You should assess the potential risk level of each customer, and adjust your due diligence strategy. For the majority of clientele, standard due diligence practices that just require the authentication of customer identities will suffice.

In certain lower-risk scenarios, simplified due diligence is enough. When carrying out simplified due diligence, you just need to identify your customers instead of identifying and verifying them.

On other hand, there might be instances where standard due diligence isn’t enough, in this case, you’d need to adopt an enhanced due diligence process. 

Let’s break down 3 different levels of customer due diligence:

  1. Simplified Due Diligence (SDD): Simplified Due Diligence is used in situations where the risk of money laundering or terrorist funding is minimal and CDD isn’t important. SDD happens in accounts that have low transactional value, the risk of illegal activities is minimal at best.
  2. Customer Due Diligence (CDD): This type of diligence happens when information is obtained on customers to verify their identity and assess the risk profile of customers. These types of diligence checks are done on customers when opening a financial account in some form.
  3. Enhanced Due Diligence (EDD): EDD is done for customers to assess the identities of high-risk customers and monitor their transactional history to mitigate the chances of future risks. Most jurisdictions need politically exposed people lists (PEPs) to go through the EDD process. Other factors that require EDD for a customer are high transaction/value accounts, or accounts that deal with high-risk countries, or accounts that deal with high-risk activities.
  4. Due diligence is vital for mitigating fraud, not only to comply with regulations and avoid hefty fines, but it is also a smart business strategy. Not knowing your customer identity is a risk factor for most businesses. 

International standards require a risk-based approach to be added to the customer due diligence. Companies have to assess the money laundering risks each customer poses and adjust their due diligence checks. 

Customer Due Diligence Checklist

1. Conduct Basic Customer Due Diligence

The first step is to conduct a simple investigation, such as identifying and verifying a customer’s identity. Businesses are needed to verify the identity of the customers they’re dealing with. These requirements apply to all new customers as part of Know Your Customer regulations. 

There are multiple methods businesses can verify customer identities. The first step is online document verification, which involves assessing the legitimacy of a customer’s identity document.

In addition to online ID verification, businesses should also look forward to verifying customers’ financial information and their business activities. 

2. Take Help from Third Parties

Most of the time, businesses will opt to work with third-party solution providers while conducting customer due diligence. Third-party solution providers can be auditors and providers of CDD solutions such as online document verification. Businesses need to make sure that any third parties they work with are reliable and are trusted enough to share confidential data.

3. Figure Out if EDD is Needed

If the customer is considered as high-risk, the businesses may need to go beyond ordinary customer due diligence. Enhanced due diligence is necessary if you’re entering into a business relationship with a politically exposed person (PEP), and if the transaction involves a person from a high-risk country. 

4. Keep a Thorough Record

A bank/financial institution is forced by law to keep a record of all financial transactions for at least 5 years. This includes any information collected through CDD measures, account files, and any related analysis.

Businesses also have to securely document and store all the information, as this information contains sensitive information, and it would be challenging if the information was lost.

5. Keep Up-to-Date Records

It’s vital for businesses to keep records of their customers. If any changes happen regarding your customers, you’ll need to redo their risk assessment and carry out further due diligence if it’s required.

Speeding Up the Process

Regulated businesses have to apply risk-based customer due diligence measures to prevent their businesses from getting threatened by money laundering or terrorist financiers. To avoid these financial frauds, KYC & AML checks have to be completed. With proper due diligence checks, businesses can reduce the financial, reputational, regulatory, and strategic risks of other entities.

Traditionally, businesses perform due diligence checks using manual paper-based processes. Manual work requires a human, and it takes up a lot of time, the process is full of errors and offers no visibility to the customers. The manual process usually is frustrating, and time-consuming. That’s why integrating new technologies into the CDD process is always a good idea. 

How does DIRO Help?

DIRO’s online document verification software offers instantaneous document verification that can easily strengthen the KYC & AML process. DIRO offers stronger proof of authentication with verifiable credentials. With DIRO being able to verify over 7000 document types from all over the globe, it can strengthen the AML and KYC verification process. 

Categories
Fintech KYC/KYB

FinTech 2022 – A Brief Insight into Global KYC Regulations

Financial services globally are heavily regulated by regulated bodies. The number one concern of the government about FinTech companies is the growing rate of fraud. Over the years, FinTechs have achieved incredible growth and flexibility. They can launch new services quickly, focus on scalability and adapt fast. Although, the rapid growth of FinTechs doesn’t come without its challenges. As technology is added into the finance sector, regulatory bodies have implemented stricter regulations. Let’s take a look at what these regulatory challenges are for the present state of FinTechs.

Major KYC/AML Regulations for FinTechs in 2022

In many regions, the FinTech sector was unregulated a couple of years ago and became the ground zero for scams and frauds. Because the FinTech industry is so vast, it impacts several industries and the authorities can’t develop a single approach to the problems. 

For many areas, governments worldwide have updated the existing Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations. Some regulatory bodies have implemented FATF’s risk-based approach to tackle fraud. However, FinTechs are affected in numerous ways, so an industry-specific customer due diligence (CDD) approach is vital.

United States Regulations

FinTechs in the US isn’t regulated by any particular regulation. However, the firms are subjected to the federal and state laws for registration, ID verification, and background screening is vital. The first fighter of fraud against the country “FinCEN” has issued a number of AML/CFT policies for FinTechs. The country’s FinTech companies have to perform customer due diligence during onboarding and submit Suspicious Activity Reports (SARs) to the regulatory body. 

United Kingdom Regulations

Just like the US, the United Kingdom doesn’t have any regulatory framework for FinTechs. However, any FinTech that offers traditional financial services, such as banking has to comply with the FinTechs set by regulatory authorities. If a FinTech wants to operate in the UK, they have to get authorization from one of the UK’s financial regulators – the FCA (Financial Conduct Authority) or PRA (Prudential Regulation Authority).

EU’s Anti-Money Laundering Directive

The latest AML Directive (AMLD6) has a more profound impact on different sectors of the FinTech industry. From cryptocurrencies to wallet providers, AMD 6 has a far better influence and impact on fraud prevention across industries. 

  1. Cryptocurrencies

Any platform that offers cryptocurrencies will have to go under tougher regulatory controls. All virtual currency exchanges have to register with the relevant authority, conduct necessary CDD protocols and submit suspicious activity reports (SARs). Financial intelligence units (FIUs) have to maintain customer records with the name and address of the customer buying and selling digital currency. 

  1. Prepaid Cards

According to the new AML directive, the limit for the prepaid card has been set between €150 to €250 and there’s a limit of €50 for online transactions. Additionally, cards are only allowed in the region unless a foreign provider meets the AML standards. Payments can only be accepted if the jurisdiction meets the AML standards.

  1. Beneficial Ownership

AMLD6 now requires all businesses to maintain publicly available and interconnected ultimate beneficial ownership (UBO) registries. National authorities will have access to these registries for trusts and bank accounts. 

  1. High-Value Goods

High-value goods have been a part of money laundering activities for a long time. The use of high-value goods is now subject to new reporting requirements with updated thresholds. These goods include art, precious metals, artifacts, tobacco, and other items.

What FinTechs Can Do for Effective Compliance?

The FinTech industry is highly diverse and every sector has to re-evaluate and reform their customer due diligence programs according to the updated regulations. As a part of the FinTech industry you need to consider a few questions:

  • Are you complying with the country’s KYC/AML laws that you are serving in?
  • What customer due diligence protocols are you following as a business?
  • Is your customer screening process effective or is your drop-off increasing?
  • Is your customer due diligence process equally effective worldwide?
Categories
KYC/KYB

Doing Business in Brazil: Here’s All You Need to Know

The times are changing and businesses want to reach global markets. The increasing interactions and transactions with people around the globe. All this is supported by the latest advancement in communications and information technology. The major driving forces behind globalization are “shipping, data, and capital flows”, businesses can use these to their advantage to enter new markets.

Expanding to new markets, leveraging existing technologies, and building a loyal customer base are challenging with great rewards. Banks and financial services institutions offering services to the unbanked and underbanked face several challenges while entering new markets. 

Doing business internationally is difficult compared to operating domestically. Apart from cultural and language barriers, businesses need to comply with multiple regulations that they’re unfamiliar with. So, what does a business consider before trying to do business in other countries? To make the transition to new countries easier, we at DIRO have decided to offer insights on what it takes to enter new markets. In this guide, we’ll be sharing all the information necessary about doing business in Brazil.

Doing Business in Brazil

Brazil has a huge population and it has all the pillars that support a strong digital economy. A large portion of the population is equipped with fast internet connectivity and smartphones. To give you an idea, Brazil has the second-highest number of Facebook and Twitter users. What makes their digital economy even stronger is that it has more smartphones than people.

Most of the population is youthful and is up for new technology adoption. 85% of the population lives in urban areas. When it comes to entrepreneurship, Brazil is one of the top entrepreneurial countries in the world. 

Brazil Stats:

  • Population: 212 million 
  • Median Age: 32
  • GDP: $1.868 trillion
  • GDP growth: 1.8%
  • Income per capita: $12,300
  • Internet access: 70.2%
  • Smartphones: 44%

1. FinTechs

One indicator of Brazil’s financial growth is the number of FinTech companies. In 2019, 380 FinTech companies were successfully running their business in Brazil. The biggest name out of them all is Nubank, as they reported opening 1.5 million digital savings accounts first 6 months of their operations in 2018. Already 64% of the Brazilian population has adopted some type of FinTech.

2. Digital Payments

In 2020, the total transaction value for digital payments was over $50 billion. Combining that with an annual growth rate of 11.8 percent, the value is expected to cross the $75 billion mark in 2023. 

3. mCommerce

As we mentioned above, Brazil has a huge number of smartphone users. With the significant use of smartphones, and the youthful tech-friendly population, the mCommerce industry can grow. 

4. Cybercrime

With the high number of smartphone users, the rate of cybercrime is high in Brazil. 76% of the Brazilian population have reported that they’ve been personally affected by cybercrime. The rate of cybercrime is the highest out of all countries. This may be a major challenge for banks and financial services providers trying to enter the market.

Current Situation of AML/KYC in Brazil

1. Anti-Money Laundering

 Brazil is a member of the FATF and has had AML laws since 1998. Although, the FATF has great concerns about deficiencies identified in its June 2010 mutual evaluation report. While Brazil didn’t implement necessary changes, in 2019 the FATF mentioned its concerns regarding Brazil not being able to keep up with international standards to prevent money laundering and terrorist financing. 

2. Regulators

When it comes to regulatory bodies in Brazil, there are 3 main regulatory bodies. These regulatory bodies are in charge of implementing and amending AML and KYC laws. The bodies are the Central Bank, CVM (Brazilian Securities and Exchange Commission), and Financial Activities Control Council (COAF).

3. RagTech

Regulatory bodies and industry leaders are in favor of innovation in the compliance industry to streamline the process. Using machine learning and artificial intelligence algorithms to improve the compliance process for both customers and businesses is in the works.

4. Data Protection

The Brazilian General Data Protection Law (LGPD) was released in 2018. Brazil’s first data protection regulation is largely aligned with the EU’s GDPS (General Data Protection Act).

Identity Requirements and Systems

 Brazil has two different Identity systems.

  • Registro Geral (RG)
  • Cadastro de Pessoas Físicas (CPF)

The Registro Geral is the official national ID document and it contains a person’s official ID document, containing a person’s name, DOB, parent’s names, signature, thumbprint, and a unique number. Since 2017, the RG cards are machine-readable. 

The Cadastro de Pessoas Físicas (CPF) is a federal taxpayer number for Brazilian and other residents. The government has recently issued an e-CPF, a digital document that can be used as a publicly provided cryptographed signature key. 

Brazil had planned to launch a more sophisticated digital ID program in 2019. The National Identification Document (DNI) connects to a national database of biometric information collected from 100 million Brazilians. 

However, the plans for DNI were put on hold due to an internal dispute.