Balancing AML and KYC compliance with convenience, a Q&A for the financial industry

26-10-2017 by Joe Bloemendaal

The latest EU Anti-Money Laundering directive is poised to dramatically increase the frequency with which financial service providers need to conduct ‘Know Your Customer’ (KYC) checks.

The rapid pace at which data breaches happen and the alarming scope of those hacks, which in the past months have left exposed billions of consumers worldwide, has nothing but added to the growing list of customer identification steps financial services providers must follow.

In other words, the time is now for financial institutions to regain their customers’ trust in the digital channel, fulfilling not only their demands for speed, security, and convenience but also to meet their own strategic goals. Despite this urge to change the way we transact online is well acknowledged by the financial industry, there are still many open questions to answer.

Recently, Joe Bloemendaal, Vice President, Sales EU, Mitek; and Chris Phillips, Compliance Department, Gain Capital, discussed online smart ways to reduce friction and cut compliance costs with digital ID verification.

What are the key risks and challenges for financial institutions regarding the latest KYC and AML regulations?

 “The primary risk is that you do not know your client and end up either facilitating nefarious actors or engaging with sanctioned individuals,” stressed Chris during the webinar Reduce Friction and Cut Compliance Costs with Digital ID Verification.

The compliance expert added that trusting customers online without taking all due measures can likely result in losses to the financial firm due to chargebacks and fraudulent transactions, as well as trigger regulatory actions. 

Furthermore, in addition to operational cost, financial services providers that do not comply with the new legislation risk extremely punitive fines such as that levied to Deutsche Bank by the FCA in January 2017. The German bank was fined £163 million for serious anti-money laundering controls failings, gaining fame for the dubious honour of getting the largest penalty for AML controls failings ever imposed by the FCA (or its predecessor the FSA). Unfortunately for financial institutions, costs related to AML & KYC compliance infringement don’t stop there: financial firms normally bear further costs in reputational damage, stock price loss, and the cost of restoring the public’s trust.

The good news is that mobile technology can significantly decrease the risk of sanctions, provide significant improvements in user experience and reductions in KYC friction, while delivering savings for the average bank of £5m in operational costs, rising to £10m in three years’ time, argues Joe Bloemendaal, Vice President, Sales EU, Mitek.

How do stricter regulations and the increased need for identity checks impact end-customers?

One of the most immediate consequences of strengthened compliance procedures is that consumers are required to spend more time opening accounts or registering new services. This certainly goes against their demands and expectations for enhanced ease of use and convenience. A long and tedious onboarding process normally leads to high abandonment rates. “All of this results in a bad experience before the client even opens the account,” points out Chris. In fact, in the UK alone, 25% of applications are abandoned due to KYC friction.

There is also the behavioural component as nearly every consumer today has a smartphone or tablet, plus a home computer.  These customers now prefer to engage with brands through these devices rather than in person to take advantage of the convenience of the digital channel.

On a related note, highlights Joe, “the rise of the Millennial generation and the free movement of people across the EU means that financial services organisations must rethink how they acquire and service a growing population that is often transient and predominantly digital first. Consumers will no longer accept having to visit a branch and fill out reams of forms to access financial services. These mobile-first, loyalty adverse and convenience-oriented individuals will vote with their feet if organisations don’t meet their needs.”

What does the KYC and AML compliance landscape look like in the wake of massive data breaches?

Data breaches such as that of Equifax, Yahoo or the SEC in the U.S. more recently, bolster the urgency of restoring trust in the digital channel through secure and user-friendly identity verification. “The big lesson everyone seems agreeable to is that this will happen again,” said Joe regarding Equifax’ hack. At Mitek we firmly believe that we have moved past a point of inflection; this is the time for organizations and policymakers to join forces and work on regulations that foster more secure and convenient identity verification processes.

On the back of these many, major, data breaches, industry experts warn about the highly likely spike in synthetic identity fraud and account takeover fraud, both spurred by the considerable amount of PII readily available on the web. “The larger risk is the use of this information to create synthetic identities, which may take years to develop to the point where fraudsters will use them,” concurs Chris. This is a sensitive issue, as synthetic identity theft is very difficult to spot and guard against, and appears to be an increasing portion of identity fraud. 

What’s the role of digital identity verification in making AML and KYC checks more reliable yet still user-friendly?

Moving forward and as these synthetic identities begin to enter the market in larger quantities, through an increasingly virtual environment, KYC will need to become more and more sophisticated. To maximise the effectiveness of digital transformation initiatives, financial services and other regulated industries must find effective digital identity verification solutions.

Figuring out how to balance the competing needs of compliance and costs against the expectations of today’s digital native users is key to any financial service provider looking to win and retain new customers.

Fortunately, risk-based approaches grounded on a thorough identity verification component are already accepted by all stakeholders as the best way to prevent and mitigate losses such as those caused by the Equifax data breach. In a recent white paper, Looking Behind KBA, Javelin urges financial institutions and other organisations operating online to address the three pillars of successful and secure digital transactions: customer experience, regulatory compliance, and evolving fraud risks.

Have more questions on how to bridge the convenience-compliance gap with smarter, frictionless digital identity verification solutions? Watch this webinar on demand or contact us.