Fintech KYC/KYB

FinTech 2022 – A Brief Insight into Global KYC Regulations

Financial services globally are heavily regulated by regulated bodies. The number one concern of the government about FinTech companies is the growing rate of fraud. Over the years, FinTechs have achieved incredible growth and flexibility. They can launch new services quickly, focus on scalability, and adapt fast. Although, the rapid growth of FinTechs doesn’t come without its challenges. As technology is added to the finance sector, regulatory bodies have implemented stricter regulations. Let’s take a look at what these regulatory challenges are for the present state of FinTechs.

Major KYC/AML Regulations for FinTechs in 2022

In many regions, the FinTech sector was unregulated a couple of years ago and became the ground zero for scams and frauds. Because the FinTech industry is so vast, it impacts several industries and the authorities can’t develop a single approach to the problems. 

For many areas, governments worldwide have updated the existing Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations. Some regulatory bodies have implemented FATF’s risk-based approach to tackle fraud. However, FinTechs are affected in numerous ways, so an industry-specific customer due diligence (CDD) approach is vital.

United States Regulations

FinTechs in the US aren’t regulated by any particular regulation. However, the firms are subjected to federal and state laws for registration, ID verification, and background screening is vital. The first fighter of fraud in the country “FinCEN” has issued a number of AML/CFT policies for FinTechs. The country’s FinTech companies have to perform customer due diligence during onboarding and submit Suspicious Activity Reports (SARs) to the regulatory body. 

United Kingdom Regulations

Just like the US, the United Kingdom doesn’t have any regulatory framework for FinTechs. However, any FinTech that offers traditional financial services, such as banking has to comply with the FinTechs set by regulatory authorities. If FinTech wants to operate in the UK, they have to get authorization from one of the UK’s financial regulators – the FCA (Financial Conduct Authority) or PRA (Prudential Regulation Authority).

EU’s Anti-Money Laundering Directive

The latest AML Directive (AMLD6) has a more profound impact on different sectors of the FinTech industry. From cryptocurrencies to wallet providers, AMD 6 has a far better influence and impact on fraud prevention across industries.

  1. Cryptocurrencies

Any platform that offers cryptocurrencies will have to go under tougher regulatory controls. All virtual currency exchanges have to register with the relevant authority, conduct necessary CDD protocols, and submit suspicious activity reports (SARs). Financial intelligence units (FIUs) have to maintain customer records with the name and address of the customer buying and selling digital currency.

  1. Prepaid Cards

According to the new AML directive, the limit for the prepaid card has been set between €150 to €250 and there’s a limit of €50 for online transactions. Additionally, cards are only allowed in the region unless a foreign provider meets the AML standards. Payments can only be accepted if the jurisdiction meets the AML standards.

  1. Beneficial Ownership

AMLD6 now requires all businesses to maintain publicly available and interconnected ultimate beneficial ownership (UBO) registries. National authorities will have access to these registries for trusts and bank accounts.

  1. High-Value Goods

High-value goods have been a part of money laundering activities for a long time. The use of high-value goods is now subject to new reporting requirements with updated thresholds. These goods include art, precious metals, artifacts, tobacco, and other items.

What FinTechs Can Do for Effective Compliance?

The FinTech industry is highly diverse and every sector has to re-evaluate and reform their customer due diligence programs according to the updated regulations. As a part of the FinTech industry you need to consider a few questions:

  • Are you complying with the country’s KYC/AML laws that you are serving in?
  • What customer due diligence protocols are you following as a business?
  • Is your customer screening process effective or is your drop-off increasing?
  • Is your customer due diligence process equally effective worldwide?


Doing Business in Brazil: Here’s All You Need to Know

The times are changing and businesses want to reach global markets. The increasing interactions and transactions with people around the globe. All this is supported by the latest advancement in communications and information technology. The major driving forces behind globalization are “shipping, data, and capital flows”, businesses can use these to their advantage to enter new markets.

Expanding to new markets, leveraging existing technologies, and building a loyal customer base are challenging with great rewards. Banks and financial services institutions offering services to the unbanked and underbanked face several challenges while entering new markets. 

Doing business internationally is difficult compared to operating domestically. Apart from cultural and language barriers, businesses need to comply with multiple regulations that they’re unfamiliar with. So, what does a business consider before trying to do business in other countries? To make the transition to new countries easier, we at DIRO have decided to offer insights on what it takes to enter new markets. In this guide, we’ll be sharing all the information necessary about doing business in Brazil.

Doing Business in Brazil

Brazil has a huge population and it has all the pillars that support a strong digital economy. A large portion of the population is equipped with fast internet connectivity and smartphones. To give you an idea, Brazil has the second-highest number of Facebook and Twitter users. What makes their digital economy even stronger is that it has more smartphones than people.

Most of the population is youthful and is up for new technology adoption. 85% of the population lives in urban areas. When it comes to entrepreneurship, Brazil is one of the top entrepreneurial countries in the world. 

Brazil Stats:

  • Population: 212 million 
  • Median Age: 32
  • GDP: $1.868 trillion
  • GDP growth: 1.8%
  • Income per capita: $12,300
  • Internet access: 70.2%
  • Smartphones: 44%

1. FinTechs

One indicator of Brazil’s financial growth is the number of FinTech companies. In 2019, 380 FinTech companies were successfully running their business in Brazil. The biggest name out of them all is Nubank, as they reported opening 1.5 million digital savings accounts first 6 months of their operations in 2018. Already 64% of the Brazilian population has adopted some type of FinTech.

2. Digital Payments

In 2020, the total transaction value for digital payments was over $50 billion. Combining that with an annual growth rate of 11.8 percent, the value is expected to cross the $75 billion mark in 2023. 

3. mCommerce

As we mentioned above, Brazil has a huge number of smartphone users. With the significant use of smartphones, and the youthful tech-friendly population, the mCommerce industry can grow. 

4. Cybercrime

With the high number of smartphone users, the rate of cybercrime is high in Brazil. 76% of the Brazilian population have reported that they’ve been personally affected by cybercrime. The rate of cybercrime is the highest out of all countries. This may be a major challenge for banks and financial services providers trying to enter the market.

Current Situation of AML/KYC in Brazil

1. Anti-Money Laundering

 Brazil is a member of the FATF and has had AML laws since 1998. Although, the FATF has great concerns about deficiencies identified in its June 2010 mutual evaluation report. While Brazil didn’t implement necessary changes, in 2019 the FATF mentioned its concerns regarding Brazil not being able to keep up with international standards to prevent money laundering and terrorist financing. 

2. Regulators

When it comes to regulatory bodies in Brazil, there are 3 main regulatory bodies. These regulatory bodies are in charge of implementing and amending AML and KYC laws. The bodies are the Central Bank, CVM (Brazilian Securities and Exchange Commission), and Financial Activities Control Council (COAF).

3. RagTech

Regulatory bodies and industry leaders are in favor of innovation in the compliance industry to streamline the process. Using machine learning and artificial intelligence algorithms to improve the compliance process for both customers and businesses is in the works.

4. Data Protection

The Brazilian General Data Protection Law (LGPD) was released in 2018. Brazil’s first data protection regulation is largely aligned with the EU’s GDPS (General Data Protection Act).

Identity Requirements and Systems

 Brazil has two different Identity systems.

  • Registro Geral (RG)
  • Cadastro de Pessoas Físicas (CPF)

The Registro Geral is the official national ID document and it contains a person’s official ID document, containing a person’s name, DOB, parent’s names, signature, thumbprint, and a unique number. Since 2017, the RG cards are machine-readable. 

The Cadastro de Pessoas Físicas (CPF) is a federal taxpayer number for Brazilian and other residents. The government has recently issued an e-CPF, a digital document that can be used as a publicly provided cryptographed signature key. 

Brazil had planned to launch a more sophisticated digital ID program in 2019. The National Identification Document (DNI) connects to a national database of biometric information collected from 100 million Brazilians. 

However, the plans for DNI were put on hold due to an internal dispute. 


Maintaining Security in Financial Institutions: How Essential is KYC?

The 9/11 attack on American soil shook the nation to its core, and the perpetrators used The Hudson United Bank of New Jersey to fund this attack. According to the 9/11 Commission, proper money-laundering safeguards within the financial industry at the time weren’t designed to detect or disrupt the type of deposits, withdrawals, and wire transfers that helped the attackers to commit the crime. After the attack of 9/11 KYC laws were introduced as a part of the Patriotic Act as a means of preventing financial activity and crime.

Why is KYC Implemented for Banking Institutions?

Know Your Customer (KYC) laws were introduced as part of the Patriot Act as a means of preventing terrorism financing and financial crime such as money laundering. As criminals use fake or stolen identities to commit financial fraud, banking institutions have to find a way to distinguish between fake and legit customers. That’s what KYC policies help achieve, the policies require financial institutions to conduct a series of tests to get to know their customers. This should help financial institutions to understand if the customers are who they say they are. 

This makes KYC and Customer Identification Procedure (CIP) vital for banking and with more and more banks supporting online customer onboarding, KYC is becoming even more crucial. Banks, financial institutions, and other businesses need to find technologies that can streamline customer onboarding and KYC procedure and eliminate the risk of fraudsters getting access to financial systems.

Why is KYC Compliance Mandatory?

For decades, the United States Department of Treasury has had legislation guiding financial institutions on the detection and prevention of money laundering. The BSA (Bank Secrecy Act) of 1970 requires financial institutions to maintain specific records like cash transactions exceeding $10,000 and also report suspicious transactions that they think could be linked to money laundering, tax evasion, or any other criminal activities. 

Recently in 2016, the regulatory body ‘FinCEN’ issued new rules that outlined how to strengthen customer due diligence and Anti-Money Laundering strategies. This also requires financial institutions to perform due diligence so they can better understand who their customers are and what kind of transactions they conduct. Any transactions from their ordinary transaction habits can be marked as a red flag. 

To successfully comply with KYC regulations, banks all over the globe spent over $100 billion in 2016 and the cost has since risen by 10% in 2021. Regardless of the growing cost of compliance and huge investments, over $26 billion were imposed as fines in the last decade to financial institutions for non-compliance with KYC and AML laws.

Common KYC Procedure of Financial Institutions

To make the CDD (Customer Due Diligence) process more robust and meet the KYC requirements, FinCEN outlined 4 basic elements for an effective KYC procedure. The 4 elements are:

  • Identifying and authenticating the identity of customers
  • Identifying and authenticating the identity of beneficial owners of legal entity customers (Ultimate beneficial owners).
  • Understanding customer nature and purpose of customer relationship for building a risk profile.
  • Transaction monitoring, monitoring, and updating customer information based on customer risk profile. 

What do Customers Have to Provide During Onboarding?

To keep up with the regulations, financial institutions have to collect and authenticate identity information while onboarding new customers. Different financial institutions have different requirements when it comes to identity information. 

Individual customers who visit the bank for account opening will bring some ID documents (driver’s license, passport, etc), proof of address document, and any other document that is required. The banker then authenticates the documents to verify that the customers are who they claim to be. For onboarding businesses, banks ask for additional information to verify the identity of beneficial owners. Most financial institutions also require a profit and loss statement from businesses.

Opening a new account online significantly toughens the process as banks have to verify digital documents like driver’s licenses, proof of address documents, and others. Building a trustworthy link between a digital ID and an actual person requires a strong customer ID verification process to eliminate fraudsters from the customer onboarding process. This verification process may include biometrics verification, facial recognition, online document verification, and machine learning technologies for verification.

Use of Technologies for KYC Verification

Companies all over the world are using biometrics verification, manual verification, and online document verification software to comply with KYC regulations, prevent online fraud, and provide a better customer experience for customers.

The technologies can be used to enhance trust among customers and also create a seamless onboarding experience.


How to Prevent Fraud in KYC/AML for Online Business?

Due to the digitization of the world, the interactions between businesses and consumers are on the rise. As businesses are switching to digital methods of transactions, commerce is becoming global instead of sticking to one particular region. With the rise of digital services, the problem of document verification and how to build trust among your brand and customers also increase. If your business is online, then you will need to learn how to prevent your business from online identity theft. 

According to the global fraud index, the number of frauds is on a constant rise. In the last 12 months, more than 60% of businesses have experienced some kind of fraud or an increase in fraudulent activities. This sudden growth in fraud-related activities calls for swift and secure document verification processes. As a business, you must learn how to protect your business from online fraud in KYC/AML. 

Using the best document verification technology, you can satisfy internal compliance and AML teams, and regulators with a verifiable audit trail of the original source of documents. Almost 80% of businesses that operate on digital models have shown a lot of interest in acquiring greater security measures and using them for document verification processes. Here are our tips for online KYC verification.

How to Prevent Business from Online Identity Theft During Document Verification?

As a business, what kind of investments have you put in place to manage your risks against document fraud while keeping in mind compliance with KYC and AML. If you know that your business is weak in this particular area, then you should make use of the following KYC tips. You should be aware of the main areas you need to focus on to prevent fraud and stolen documents in KYC & AML. Here’s how to do online KYC securely:

1. Make Sure All Your Payment Methods are Secure

It doesn’t matter if your business uses Paypal Credit Cards or any other form of online payment, you need to be aware of all the policies that can affect your business adversely. If you want to start preventing businesses from online identity theft, then you should pay attention to payment method policies. 

As a business, it is good practice to familiarize yourself with all the necessary security measures and apply them to your business. Following up with that can be incredibly beneficial for your business and it can help you protect yourself from document fraud. It is one of the best tips for online KYC verification.

2. Protect Yourself Against Chargebacks

Chargebacks are huge issues for businesses that operate completely online. They happen when a customer reaches out to their bank to claim that a payment hasn’t been authorized properly. 

Different banks, credit cards, and even PayPal have different policies for handling chargebacks, we suggest that you look up these policies so you know what to do to protect yourself. 

In terms of preventing and winning cases for chargebacks, you need to make sure you always have tracking. If you sell physical products then tracking lets you prove the suitable delivery of goods and signature on receipts. This step will help you in preventing businesses from online identity theft.

3. Use Common KYC Practices to Fight Fraud

If you’re wondering how to do online KYC securely, you need to follow the most common KYC practices to fight document fraud. 

  • Verify email addresses.
  • Verify telephone numbers (by sending an OTP via SMS).
  • Check public records while you’re dealing with businesses or individuals (for verifying addresses and other details).
  • Validate any document with the issuing bodies.
  • Ask specific questions that only the customer or the business you’re dealing with would know about. 
  • Try doing the whole KYC procedure on video. Which is also known as the video KYC process. 

Follow these KYC tips for online business, to make sure your business doesn’t get hurt. All of these KYC tests are simple and very easy to implement and all of them are great ways of preventing document and identity fraud. 

4. Use a 3-D Secure System

A 3-D secure system was introduced and adopted by major credit card companies way back in 2010. It’s a secure system that was designed to authenticate at three different levels. Preventing businesses from online identity theft is one of the main purposes of a 3-D secure system.

A 3-D secure system verifies information on the bank and the business of the sender and the information on the bank of the receiver. You can deploy the 3-D secure system as an extra layer of security so you can prevent yourself from document fraud. Using this, the information that is exchanged via intermediary companies can be used to process a transaction that can also be used for verification purposes. 

5. Use AVS Response Codes

Address verification service or AVS has a specific code that can be used to confirm a user or customer’s address. This whole process depends on cross-referencing, the address that a customer has provided is cross-checked with the address provided to a credit card company. Using AVS response codes is a well-known document fraud prevention method in KYC. It can even help a business decide whether they want to go forward with a transaction or not. 

6. Use a Third-Party Document Verification Software

Most businesses that rely heavily on an online business model have shown an increased need for security measures. As a business, you can outsource your document authentication process to a third party that can be affordable. 

Security expectations and requirements for solutions differ greatly based on the type of business. If you want to decrease the fraud levels of your company, there are several things that you can do to achieve that. 

There are a lot of companies out there that offer a manual document verification process for KYC and other things. Others use software solutions for document verification. 

This is where DIRO’s world-class document verification technology comes in. Using their software solution, you can authenticate documents like bank statements, certificates, and other documents anywhere in the world using a single click. This process is secure and can suit the needs of banks, payment services, lending, mortgages, and FinTech businesses. This is one of the greatest tips for online KYC verification, as using a third-party document verification service can be extremely beneficial to your business operations. 

7. Reassure Your Customers that Your Website is Secure

According to reports, the rise in fraud is directly related to weak website security. A website that has weak security measures doesn’t look well in front of your customers. Awareness about identity theft is growing and your customers need to rest assured that you are taking preventive methods to reduce that. 

Lack of visible security is basically a welcome sign for fraudsters. If you can put measures to secure your website then you are assuring your customers while reducing the risk of identity and document fraud. 

Doing this the right way can be a tough thing as you would have to change a lot of things. While doing that, you also need to keep in mind not to add too many layers of security which can increase the risk of customers switching to other businesses. You can’t learn how to protect your business from online fraud if you don’t follow the right online KYC practices.

How DIRO can Save Businesses with Groundbreaking Technology in KYC?

As we mentioned above, the number of online frauds is on a constant rise. Preventing business from online identity theft can be a huge task if you don’t have a solid plan. If you are seeking compliance during the KYC process, you need to make use of DIRO’s award-winning technology. Using DIRO’s software solution, you can verify any document online with automated user consent. The verification happens using a secure browser and you can get results in under 30 seconds. Businesses can make completely authentic documents with a few simple clicks.


Blockchain Technology for KYC Verification

Blockchain is a good solution for KYC verification, not a lot of people would agree with it but using blockchain for KYC is a crucial step in ensuring secure and fast compliance. With the pandemic changing industry standards, KYC automation stands to revolutionize payments, customer onboarding, and so on. It only makes sense to use the most secure technology, “blockchain,” for KYC compliance. 

Blockchain is a decentralized ledger that can help financial institutions, banks, merchants, and so on to streamline the KYC verification process. Here’s why you should use blockchain technology for KYC verification. 

Current Landscape of KYC Industry

It is easy for banks and financial institutions to authenticate customer identities using government-issued ID documents including driver’s licenses, social security numbers, passports, etc. However, the biggest challenge lies in establishing the authentication of other ID sources. Having inefficient KYC verification solutions also leads to an increased rate of financial fraud such as money laundering. 

Regardless of the use case, verifying customer identities using Know Your Customer or KYC verification, is a long and monotonous process. Apart from a huge amount of paperwork, a lack of transparency in the procedure of the use of personal data collected from customers has led to a lack of trust in the process. 

Regulatory bodies all over the world are trying their best to combat financial terrorism and money laundering, which is a highly expensive process. According to reports, firms all over the globe spend over $10 billion on AML compliance annually. 

This volatile environment, with complexity and uncertainty, is the current landscape of KYC compliance. Blockchain KYC verification is a way to fix the problem of less trust and inefficient policies. 

Changes in KYC Environment- Integration of Blockchain

For decades, financial institutions and regulatory bodies have been trying to find viable solutions for KYC and identity verification. Fortunately, blockchain technology came out as a solution.

Blockchain’s role in KYC verification is simple and elegant. As a decentralized ledger technology, blockchain technology will allow for the collection and storage of data from multiple governments and private data portals into a single immutable, secure database. Complying with KYC regulations and authenticating customer identities using blockchain technologies can be faster, easier, safer, and cost-saving than the traditional verification process.

How Can Blockchain Help with KYC Verification?

In the upcoming time, blockchain-based technologies will help bring down cost savings in an industry that utilizes ID verification. Let’s dive deeper into the benefits of blockchain technology for KYC verification:

1. Distributed User Data Collection

A KYC verification system based on blockchain technology will aid financial institutions in enhancing the ID verification process. This is because currently the data is collected and sorted with a centralized system. Access to this data requires KYC providers to share their customer data with companies needing access to it.

With the integration of a blockchain solution to handle the KYC process, customer data for verification is available on a decentralized network and then can be accessed by third parties directly after permission has been given.

2. Centralization of Controls and Risks

By limiting human interference in the KYC and customer verification process, it is easy for FIs to reduce the risk of fraud to a certain extent. This can happen by achieving standardization within the industry overnight. Blockchain allows key regulator concerns to be solved, such as automating the AML customer risk rating process.

Blockchain-based KYC and AML systems have the potential to change industry tides and how banks and financial institutions tackle identity and onboarding.

3. Communication and Transparency

One of the biggest problems with the present KYC landscape is the lack of transparency between customers and businesses. Blockchain will facilitate active monitoring of customers from onboarding till the end of the business-customer relationship.

The immutable nature of blockchain is vital in building trust between all the parties involved in the KYC process. The ability to trust data stored on KYC blockchain software solutions removes the need for secondary validation processes or cross-checking.

Finally, a distributed ledger system makes the reporting and communication processes more efficient, thus saving time and money. Since involved parties can access reliable data, processes, mistakes, and fraud can be detected much more easily.

4. Suspicious Activity Reporting

Currently, doing verification checks during customer onboarding takes weeks at a time, this proves to be extremely expensive for businesses, and staying compliant becomes tougher with the growing costs. 

With a shared ledger, where the data can be managed and accessed by all involved parties, the process of KYC could be easily monitored. Any change to the data of a user will be accessible by all parties, so it is next to impossible to conduct data fraud. Having instant access to a shared ledger will help institutions save time during fraud detection and reporting. 

5. Comprehensive Authentication Process

A decentralized verification technology will help financial institutions quickly verify if a person is who he/she claims to be. This is vital for fraud prevention and compliance with KYC & AML regulations. 

The level of security and trust offered by Blockchain technology reduces the risk of fraud in certain scenarios. It may be possible for fraudsters to get access to sensitive data if a customer’s device is stolen, but they won’t be able to change any data on the blockchain, which leads to fraud prevention. Blockchain KYC verification solutions can change the workflow of the banking industry drastically due to their immutability and increased level of customer satisfaction.


What Is The Complete KYC Procedure For Merchant Onboarding Process?

Finishing the merchant onboarding process comes with its fair share of risks such as fraud, excessive chargebacks, and money laundering. To save businesses from this series of frauds, regulatory guidelines and rules are set in place to reduce the risk of fraud. Know Your Customer or KYC is a set of due diligence rules that has to be complied with by organizations to mitigate their chances of getting scammed. Few KYC requirements for merchants have to be followed for a more seamless process. 

Merchant onboarding requires carrying out a lot of due diligence checks for merchants which need to prior to onboarding, and the checks need to continue until the end of a relationship with an organization. Each financial organization may have different step-by-step KYC procedure compliance according to their needs, but the core of it remains the same. KYC compliance is crucial to mitigate risks. 

What is KYC?

Regulated financial organizations such as Banks, Payment aggregators, and investment companies conduct KYC every time a new customer tries to open an account with them. A new client can be an individual, an organization, or a legal entity, the primary focus, and aim of KYC compliance are to verify a customer’s identity, address, and other key factors, they do this verification using a set of documents. 

Combining this verification with other required due diligence checks improves the chances of identifying potential threats before they end up becoming bigger trouble. More than often, non-regulated entities like online markets, etc have to follow up with KYC compliance as a precaution. Following up with the KYC compliance allows banks, financial institutions, and FinTechs to secure themselves, customer information, and the entire system from attackers. Merchant KYC helps businesses to stay away from merchant-related fraud. 

Step-by-Step KYC Procedure

1. KYC Document Check or CDD Process

The foremost step in merchant onboarding KYC is a document check or Customer Due Diligence check, also known as the CDD process. It can be done using either an individual KYC form or a Business KYC form:

  • Individual KYC: If you are a merchant who is an individual, then the organizations will complete an individual KYC or CDD process. Businesses verify your identity using any “officially valid document”, if necessary, the process may require proof of current residence, utility bills, etc. Traditionally, the verification of documents was carried out using human resources, new technologies like DIRO’s document verification have digitized the process and reduced the risk of human error.
  • Business KYC: Whenever a business partners with another business, the business KYC process is conducted. One of the major differences is that the identity check is replaced with an “entity check”. This process differs based on the type of entity a business is. If the businesses partnering with each other are under a trust/partnership, then a trust/partnership deed will be needed. Businesses also conduct UBO checks during the KYC compliance. It is crucial to verify who has the actual ownership of the business, such as the directors, and shareholders,. A separate KYC process can be done for the UBO’s as well.

 2. Verification Against PEP Lists

The next step in the KYC requirement for merchants is to verify the name of onboarding customers, and beneficial owners against specific lists. Lists like the national and international terrorist lists or politically exposed person’s lists. If any of the names match a name that can be a national threat, then businesses need to report them to their respective regulatory bodies. In the USA, the KYC regulatory body is “Financial Crimes Enforcement Network (FinCEN)” 

Apart from that, businesses usually verify these names on blacklists, greylists. Banks, the Office of Foreign Assets Control, etc issue these lists. These lists help the organization fight terrorism and money laundering and reduce the chances of partnering with entities that can end up at a risk. 

3. Onboarding Policies and Merchant Screening

The next step is to do a background check, most organizations build an internal merchant onboarding policy for this step. The aim of conducting a background check is to verify the nature, purpose, and bona fides of a prospective client’s business.

Background research and merchant screening include running a series of tests such as licensing and registration checks, and credit checks. Combining that with verifying publicly available information such as business listings, reviews, and other activities can offer a better idea of how the merchant works. This background check and screening allows for reduced risks. 

4. Ongoing Due Diligence

After onboarding, businesses need to do constant due diligence checks to monitor any changes in merchant behavior. A change in website details or contact information change can be a hint of fraud. If there are a lot of red flags, businesses can review merchant profiles and conduct due diligence checks. Ongoing due diligence checks are crucial for a complete KYC process for merchant onboarding.

5. Transaction Monitoring

One of the most crucial checks after merchant onboarding is to verify the transaction, monitoring transactions can lead to figuring out red flags. Let’s say that a merchant exceeds the maximum permitted transaction limit, and shows an unusual refund pattern then these can be red flags. In case of any suspicious activities that look like money laundering or transactions that exceed the predetermined limit, businesses need to report these red flags to their regulatory bodies. 

6. Record Keeping

The next step in merchant KYC procedure is to maintain records of all the merchant transactions and ID documents collected in the last 5 years. Keeping records is vital, as they have to be presented to authorities upon request. There are regulatory bodies that ensure the effective implementation of rules and regulations by a business. 

7. Periodic Updates

The last but not the least step is to update both merchant risk profiles and KYC profiles at regular intervals. Ongoing due diligence checks assist organizations in improving their chances against financial crimes such as terrorist funding and money laundering. It is a key KYC requirement for merchants businesses are dealing with to keep updating the risk profile. 

DIRO’s Role in Streamlining KYC Procedure

Collecting, verifying, and maintaining records is just one trouble of KYC compliance. Banks and financial institutions spend countless resources to keep up with KYC compliance and mitigate the risks of financial fraud. 

Unfortunately, traditional methods are failing slowly with the rise of sophisticated methods used by criminals to find the weak point in bank systems. DIRO’s online document verification technology is made to eliminate this issue and improve the overall KYC/AML compliance. 

DIRO’s award-winning online document verification technology captures and verifies information right from the original web source. The technology helps check online documents instantly and reduces friction during customer onboarding. It offers 100% proof of authenticity for verified information. Utilizing DIRO’s document verification technology, organizations can improve their KYC compliance and onboarding process. 


KYC & AML Guide for Crypto Businesses

Money laundering is a huge threat to the global economy and unfortunately, cryptocurrency has become the magnet for fraudsters looking to launder money with minimal friction. Ever since it started growing, the crypto industry has become holy ground for money laundering and terrorist funding.

To disrupt the flow of money laundering and terrorist funding, regulatory bodies all over the world are implementing anti-money laundering measures. These measures can help prevent money laundering using cryptocurrency exchanges and wallets.

Robust internal AML programs include full-proof KYC procedures to identify and verify users. Using this, authorities have to root out suspicious activities in the crypto industry. This will also lead to more expensive customer onboarding for customers in the crypto industries and make the process full of friction. Manual verification processes won’t work for the crypto industry that is slowly getting regulated.

Fortunately for the crypto industry, there are thousands of FinTechs that can help achieve compliance while still offering a positive customer experience.

Importance of KYC & AML Regulations in Crypto Industry

Over time, the financial industry is evolving and cryptocurrencies are rapidly changing the way transactions take place. For international monetary exchanges, virtual currency is taking the place of traditional currency.

However, this comes with its fair share of challenges, a major issue is that criminals launder money using anonymous crypto exchanges. The fifth anti-money laundering directive makes it clear that crypto exchanges and wallets have to operate under anti-money laundering regulations.

This means a robust AML program helps identify and protect against suspicious activities. Crypto exchanges and wallets need to integrate KYC & AML regulations in the onboarding workflow to protect against financial crime.

Currently, most crypto exchanges don’t have proper AML strategies. A recent study states that 69% of crypto exchanges don’t have a complete and transparent KYC procedure in place.

Understanding AML Regulation

The term anti-money laundering or AML dictates a set of rules and legal regulations that are built to identify fraudsters and prevent illegal activities. It includes activities such as trading illegal goods, tax evasion, drug, and human trafficking, and laundering ill-gotten funds. 

To prevent money laundering and other financial fraud, regulatory bodies make it a legal obligation for banks and the financial industry to conduct due diligence checks while onboarding customers. The unregulated nature of the crypto industry has given birth to a whole new type of financial crime, where criminals can launder money and cover their tracks.

This is a huge issue on cryptocurrency gambling websites, money laundering crypto mixer platforms, and exchanges.

How Does KYC & AML Affect Crypto Exchanges?

For businesses operating in the crypto exchange, AML programs are a must, for protection against fraud and to stay compliant with growing regulations. This means the implementation of an effective AML program that includes a customer Acceptance Policy (CAP), Customer Identification Program (CIP), continuous monitoring, and risk management.

The CAP refers to the identification of new customers using official ID documentation. CIP is the process of verifying a customer from this documentation and against official databases. Ongoing monitoring allows crypto exchanges to identify suspicious transactions and ensure customer details aren’t outdated. 

In the USA, FinCEN puts all types of crypto exchanges the same way. This means that all cryptocurrency exchanges must carry out all KYC and implement effective AML programs, regardless of the type of cryptocurrency. 

Why is KYC Important for Crypto Exchanges?

Money laundering has become a global issue and the losses incurred to the global economy due to money laundering equal almost 5% of the global GDP. These procedures help financial institutions to mitigate and manage fraud. So how is KYC useful for crypto exchanges?

  1. KYC Builds Trust and Transparency

For cryptocurrencies to become a streamlined service, there need to be some regulations set in place to eliminate fraud. By implementing KYC procedures, exchanges can demonstrate that they are trustworthy and have the right regulations set in place to prevent fraud. 

  1. KYC Reduces the Risk of Financial Crime

Proper KYC procedures reduce the chances of financial crime as users are identified and verified. Having robust KYC programs can help weed out criminals and high-risk candidates, which in turn reduces the likelihood of illicit activity occurring through exchange or wallet. 

  1. KYC Will Ensure Stabilization in Crypto Market

AML and KYC regulations are important for stabilizing crypto exchanges for upcoming years. For customers to truly trust a system, they need to know the system in assessing risks to protect the users.

General KYC/KYB

Know Your Customer Compliance: How Much Does It Cost To Verify Customers?

Trust goes both ways, both the customers and businesses need to trust each other for maintaining a healthy relationship. Even in the digital age, earning trust is crucial. If a brand can offer trust in all its services, customers will stay loyal to the product and services. With the heaps of data breaches and financial fraud, firms have to make their customers believe that they are capable of protecting their information and transaction history.

To maintain a brand reputation, firms have to make sure that fraudsters don’t gain access to the internal systems and harm customer data. As most businesses are moving towards an online environment, the process of verifying customers is changing. 

Financial services are regulated by domestic and international bodies that provide a set of rules around Know-Your-Customer (KYC) regulations. Following up with the KYC compliance is important for reducing fraud, preventing money laundering and other financial frauds. 

Maintaining Balance Between Time & Cost 

The need for complying with KYC requirements has complicated the account opening process. A survey conducted in 2017 stated that the customer onboarding process increased 22% in 2016. The time taken is expected to increase by 18% in 2017. To put a number on that, banks took an average of 24 days to complete the customer onboarding process. Banks and financial firms need to improve their customer onboarding process using online verification methods.

Why Developing a 360-Degree Customer Profile is Crucial?

Building a complete 360-degree customer profile can’t happen if businesses rely on only a single source. A lot of information has to be acquired from a series of sources. Traditional systems can’t handle the data sources, and developing a complex set of integrations is costly and time-consuming. Having a proper customer profile helps banks and financial institutions to assess the risk level. With market dynamics changing constantly, there aren’t just enough tools to build the profiles. Building a comprehensive customer profile relies on three factors. 

  • Access to data from multiple sources
  • Collecting and managing customer data in one place
  • Assessing the information and converting it into actionable insight.

How Much Does KYC Know Your Customer Cost?

According to a report, financial institutions end up spending more than $500 million annually for KYC compliance. If we talk about JPMorgan, in 2013 they added 5,000 employees to their compliance team and spent $1 billion on controls. These trends show that the costs revolving around KYC compliance are growing.

KYC compliance processes have internal and external costs. Internal costs directly affect the verification process. The internal costs of KYC compliance include systems, licensing fees to operate checks, and staff/offices. External costs for KYC compliance include regulatory guidelines that require new training for all staff. 

Depending on the business’s scale, firms can have hundreds to thousands of compliance staff for customer verification and monitoring transactions. 

Steps Included in Know Your Customer Verification

KYC procedures are usually defined by banks and they involve necessary actions to ensure their customers are real, assess and monitor the risks. Strong KYC procedures help in preventing and identifying money laundering, terrorism funding, and other illegal schemes. 

KYC verification includes ID card verification, biometrics verification, and document verification (bank statements, utility bills, and more). Banks have to comply with KYC regulations and anti-money laundering regulations to detect and eliminate fraud. To comply with KYC regulations is a responsibility banks have to follow through. Non-compliance with KYC and AML regulations can lead to heavy fines imposed by regulatory bodies. 

From 2008-2018, a total of USD 26 billion in fines have been levied for non-compliance with AML, KYC.

Know Your Customer KYC and Customer Due Diligence Methods

The KYC policy is crucial for banks and financial institutions used for the customer identification process. The regulation is born out of 2001 Title III of the Patriot Act, which aimed to provide tools for reducing terrorist activities.

To comply with the domestic and international regulations against money laundering and terrorist funding. The implementation of strict Know Your Customer procedures have to be implemented. Banks build their KYC policies incorporating four main elements including:

  • Customer policy
  • Customer identification procedures (data collection, identification, verification, politically exposed person/sanction lists).
  • Risk assessment and management (due diligence, part of the KYC process)
  • Continuous monitoring and record-keeping

The process includes verifying customer identity using documents, including government-issued documents. 

Keeping information Up-to-date

To be able to verify customers, the data has to be up-to-date. A customer of a bank from 2018 may now be part of some sketchy activities and continuous monitoring helps the bank achieve that. According to surveys, 58% of all businesses rely on outdated data for verifying customer identities. 46% of businesses reference data that is not accurate and comes from different inconsistent sources.

Costs are Going Up For KYC Verification

Until there’s a standardized process available worldwide, the costs incurred by businesses for KYC verification will keep on growing. During the Covid-19 pandemic, the cost of Know Your Customer verification for some companies grew at a rate of 170%.


Customer Due Diligence: Moving from KYC to KYB

Banking is one sector that is always profitable but is also constantly surrounded by fraudsters. Frauds, as well as compliance risks, are often complicated and intricate. To combat the fraud, banks and financial institutions are spending a huge amount to keep up with KYC compliance. The average cost of KYC compliance yearly is close to $100 billion globally. Even after investing such huge amounts, banks all over the globe still have to suffer losses at the hands of fraud.

That’s not all, banks have been fined more than $300 billion since 2008. To make things even worse, financial crimes such as money laundering, terrorist funding, and cyber frauds are increasing, that’s why banks and FIs need to buckle up and focus on customer due diligence.

Regulatory bodies all over the world are working round the clock to enforce KYC and KYB regulations all over the globe. One of the first regulations that were enforced was amid the Vietnam War all the way back in the 1970s.

The aim of this regulation was to counter money laundering activities from growing illegal drug trafficking. Under the BSA act, banks are legally obligated to report any suspicious consumer activity and transaction for more than $10,000.

The regulations made it almost impossible for drug dealers, terrorists and other criminals to launder money as every huge and suspicious transaction was constantly under monitoring.

Introduction of KYC to the Financial Sector

The Banking Act of 1970 later became the foundation for the Anti-Money Laundering (AML) regulation. AML regulation came to fruition in 2001 under the US Patriot Act after the incident of 9/11. Customer Due Diligence was declared necessary for all financial institutions. The term for doing CDD is more commonly known as KYC or Know Your Customer.

The KYC regulations became strict over time to reduce the flow of illegal money as much as possible. KYC asks financial institutions to verify the customer and to ensure who they are. Verifying customer identity gave birth to a series of steps and approaches to comply with the CDD and KYC laws. As the US regulatory changes tend to affect the global financial industry, the KYC and CDD laws were soon followed by the banking sector globally.

The financial sector derived several ID verification methods to successfully comply with the laws. These ID verification controls include:

  • Maintaining a thorough Customer Identification Program (CIP)
  • Cross verifying customers against the list of suspicious people released by Law enforcement agencies. 
  • Predicting and analyzing customer behavior and customer risks associated with a particular person. 
  • Constant screening and monitoring of transactions to look for suspicious activities and hints of money laundering. 

KYC is the primary and the biggest line of defense for the financial sector against financial crimes with minor changes. For a regular customer, the KYC laws seem robust and efficient, however, in 2016, a loophole was identified in the KYC compliance regulations. 

 Banks were unable to identify the identity of stakeholders and UBOs of a business they provide services to. The Panama Papers Scandal was the tipping point in the KYC regulations. The scandal brought to light that legit businesses can hide the identities of bad actors and perform money laundering and financial crime. Thus, a new regulation was created known as “Know Your Business (KYB).”

How KYB Improved the KYC Regulations?

Regulatory bodies made some improvements to the KYC regulations and included Customer Due Diligence for financial institutions. Under the new law, Financial Institutions are now required to perform strong verification checks. KYB regulations are built to identify shell corporations that are involved in money laundering, tax evasion, terrorist funding, and so on.

Organizations are legally obligated to verify the person who owns the business legally and also verify the identity of stakeholders holding a minimum of 25% share in the business. The same law was passed by the EU in the fourth AML directive (AMLD4). With the release of AMLD5 and AMLD6, the process was improved to make the business entity’s due diligence more transparent. 

However, KYB compliance isn’t as easy to achieve as KYC regulations. The biggest challenge in complying with KYB laws is verifying the identities of the stakeholders. In a majority of cases, no record of these entities is available. Also, different jurisdiction laws vary which makes verifying identities even tougher. These challenges sometimes make it almost impossible to verify the identities of stakeholders of a business. For firms that want complete compliance, not being able to verify identity can make them susceptible to huge fines by regulatory bodies.

Choosing Technologies as a Solution Provider

Since the financial crisis of 2008, various unique and helpful technologies are rising up to help in reducing the burden of compliance and assist in making the process easier. At its core, new technological solutions can help in strengthening the KYC & KYB programs for better compliance. 

DIRO is also helping countless organizations worldwide to make their KYC and KYB compliance programs easier. DIRO online document verification tool provides instantaneous online document verification for frictionless KYC and KYB verification. DIRO’s online document verification software verifies over 7000 document types from around the globe, it also verifies document data from an original web source, thus eliminating the use of stolen and forged documents by 100%. By incorporating DIRO’s online document verification software, banks and financial institutions can fortify their compliance programs.


What is KYB Compliance and How Is It Related to KYC?

Due to the increase in money laundering activities and other forms of financial fraud, countless reforms in regulatory guidelines are being made. More and more businesses understand the need for having strong regulations in place to reduce the risk of fraud and improve the customer onboarding experience. However, most individuals and organizations fail to recognize the key difference between KYC and KYB compliance. To make things clear, KYB (Know Your Business) compliance shares each major requirement of KYC (Know Your Customer) compliance. Both the KYC and KYB compliance shares the same goal which is to follow AML/CTF regulations to make sure all the financial transactions are done safely and are protected.

Both the KYC and KYB compliance are strict and they follow a certain set of rules and guidelines. They do have a key difference, and the difference between both the compliance is the target that is being analyzed. In KYC a certain person is being analyzed, in KYB a business operation is analyzed.

What Is KYB Compliance?

KYB or Know Your Business is compliance that checks to identify the transparency of the business, companies, or organizations apart from due diligence, KYB compliance also requires constant monitoring of financial transactions. These strict checks are made to verify a business’s features, ownership, and other information to make sure a business doesn’t fall prey to any type of financial fraud. KYB compliance is focused on business verification which is done by submitting document data and some types of monitoring that is similar to KYC compliance due diligence checks. The information provided by businesses is checked and verified against public and government databases and other AML databases.

These constant checks and verification of business information help businesses stay safe from financial fraud such as money laundering, money embezzlement, etc. Following with KYB compliance also allows a firm to stay transparent to their customers and also ensures the customer data is secure. 

What is KYC Compliance?

Know Your Customer compliance focuses on individuals who apply to open bank accounts or try to sign up for new services like financial services or cryptocurrency. KYC is important to verify customer financial backgrounds and financial histories to find out any illegal activities in the past, it helps in assessing how big of a risk a customer can pose to an organization. The risk score and risk profiles are vital for banks and financial institutions to assess how big of a risk a customer is.

The compliance and identity verification industries focused on building solutions that helped in KYC compliance, but as the industry patterns changed, the industry also started using KYB as a method of detecting and preventing fraud. The digitization of KYC compliance is much more crucial as almost all the customers are demanding digital methods. As technology improved, KYC with the help of cloud computing turned into eKYC. This ultimately led to fewer compliance costs, fewer chances of human error, and a positive customer experience.

KYC to KYB: How They Came Into Existence?

Before either KYC or KYB compliance came into existence or before they were digitized, the amount of financial fraud reached a certain proportion of actual crime. According to the UN’s office, the global rate of money laundering was 2-5% of all types of crime. There was no perfect way to detect high-risk levels or to control individual and business illegal transactions. 

To regulate and control the rampant crime, the Bank Secrecy Act of 1970 introduced new Anti-Money Laundering guidelines. These guidelines were later incorporated into the 2001 USA Patriot Act. Some changes were made in the guidelines and then they were tuned into KYC in 2003. These guidelines were built to check the financial health and monitor the transactions of the individuals. KYC Compliance required financial institutions and banks to constantly monitor all their customers and follow specific regulations. Soon after, KYC compliance became incredibly useful in reducing and preventing fraud, but it had a major loophole. 

The loophole helped businesses ’ UBOs and corporate owners as banks weren’t required to check and verify the partners and representatives of a business. This left a huge loophole for fraud and illegal financial activities. This made sure that the businesses could partake in illegal financial activities and go unnoticed by banks and other regulatory bodies. Certain large-scale scams under KYC compliance led to the birth of mandatory KYB compliance in 2016.

Both the KYC and KYB compliance follow the same rules and they make sure that financial activities are regulated and help in reducing the risk of financial fraud. The major factor that sets both compliances apart from each other is who they target:

Major Difference between KYC and KYB

  • KYB: The guidelines in almost KYB compliance are followed by all the industries as different types of schemes and frauds have led to huge losses to customers and businesses alike. KYB compliance includes all types of businesses and structures and it is well established throughout most of the industries. The industries that follow KYB compliance most stringently are banks and financial institutions. 

Key Requirements for KYB & KYC

Since KYB and KYC are built to target different client types and different data, the data that is verified is different. To register for verification, the core data for verification remains the same, which are financial documents and identity documents. 

  1. Data for KYB

As KYB specifically targets businesses and organizations, the verification process requires information that includes a character report of the UBO of the business and of business investors that hold a quarter share, each. The necessary verification data includes:

  • Business address
  • Recruitment reports
  • Business license and registration
  • Identification documents of UBOs, and business partners.
  1. Data for KYC

KYC focuses on an individual customer of a bank or a financial institution that needs to verify themselves by providing identity and address proof documents. These records help in verify the financial situation of an individual and help banks assess how risky a certain customer can be. The necessary verification data for KYC includes: 

  • Social security number or PAN Card number.
  • An ID card issued by the government. 
  • Any debit card or credit card issued by a bank.
  • A copy of utility bills such as electricity bills.
  • Driver’s license/Passport with a digital photo.

Virtual Identification for KYC and KYB

One of the major reasons that banks and financial institutions are moving towards digitized KYB and KYC compliance is to provide better efficiency. Traditional KYC methods used to require people to submit the verification data in person, but with the improvement of technology, the same can be done using digital methods. 
The whole process can be done in just 2-3 minutes, depending on how fast the online document verification solution is. DIRO’s online document verification technology can verify documents instantly which means the KYC process can be done in just minutes.