July 9, 2023
At their core, Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations exist to limit or mitigate the impact of money laundering, terrorism funding, corruption, and other forms of financial crime.
KYC and AML are mandatory for regulated entities deemed at high risk of facilitating financial crime. While Financial institutions (FIs) are typically associated with KYC and AML, the regulations can apply to anything from a casino to an art gallery. Some countries do not yet have AML regulations, and some jurisdictions’ regulations are far more stringent than others — so you should always refer to your country’s specific regulations (such as AML6 in the EU and the Bank Secrecy Act in the US).
While these two terms are often used together, understanding their distinct meanings and importance is crucial for businesses operating in this highly regulated landscape. Essentially, KYC is the process organizations use to verify the identity of customers, and it falls under the wider AML framework.
One major problem for organizations is being able to quickly and accurately verify the identity of a new customer through a remote online channel while providing a positive customer experience. Robust procedures are critical to mitigate risks, comply with regulations, and maintain trust with clients and authorities; the first and most crucial step in KYC/AML efforts is to reliably verify who your customers actually are.
What is Know Your Customer (KYC)?
KYC is a financial regulatory requirement that is mandated by different regulations depending on the region. In the US, for example, it’s generally known as the Customer Identification Program (CIP) and is mandated by the USA Patriot Act.
KYC is a requirement by which regulated entities must obtain personal information about a customer to ensure that their services are not misused and that people applying for financial services are not on sanctions or PEP lists. These KYC procedures take place at account opening and periodically thereafter, or when a customer changes their details. The personal information gathered differs globally based on regulations, the organization’s risk appetite, and the product.
It’s important to be able to verify a person’s asserted identity on an online/remote channel. With biometric technology, you can verify a customer against their asserted identity in a way that delivers the highest level of security while being easy to use and inclusive. iProov uses biometric face verification, because it is the most secure, convenient, and inclusive method of supporting KYC compliance remotely.
Currently, KYC costs the average bank in Europe $60 million per year. Using a face verification solution such as iProov can help mitigate some of this burden by enhancing efficiency and customer experience during onboarding.
What is Anti-Money Laundering (AML)?
AML is a framework of laws and policies aiming to prevent and identify financial crime, including everything from terrorist financing to money laundering. For most institutions, AML will start with KYC — knowing your customers — and will then continue through monitoring financial activity and reporting suspicious behavior.
Therefore, AML can refer to a large pool of techniques employed to meet stringent requirements and avoid liabilities.
Global banks were fined $5bn for AML infractions in 2022, a 50% increase on the previous year. Accordingly, banks are investing heavily in compliance, particularly through strengthening onboarding processes.
Biometric face verification can help organizations with specific, critical parts of AML. The areas where iProov can help include…
- Preventing bad actors from gaining access to your services at the point of enrollment.
- Verifying that a user is the right person using their asserted identity during onboarding and returning authentication.
- Protecting against financial crime by verifying that customers are who they say they are.
More on how we help protect leading banks against money laundering can be found here.
What is The Difference Between KYC And AML?
In short, KYC and AML are not to be positioned against one another. This is because AML is an umbrella term for several techniques and regulations, and KYC falls within this. KYC is one of the many mechanisms that can facilitate compliance with the wider AML framework.
KYC refers specifically to identity verification and risk assessment, whereas AML could refer to a much wider range of techniques (such as transaction monitoring, enhanced due diligence, sanctions & PEP screening, and more) to monitor risk during and after KYC checks.
Ultimately, KYC is a part of AML.
Which Do You Need: KYC or AML?
KYC and AML regulations vary according to jurisdiction, but in the majority they’re compulsory. For example, KYC and AML compliance has been compulsory for US banks since 2001, when the US Patriot Act was enacted.
Due to the overlap, it would be impossible to comply with AML requirements without first having proper KYC controls in place.
Ultimately, money laundering is on the rise, and financial institutions have a lot of work to do to keep up. That’s why solutions such as iProov, which can securely verify the identity of a remote customer in jurisdictions that allow remote automated onboarding, have become essential.
Consequences of Poor AML & KYC Compliance
- Facilitating criminal and terrorist activities unknowingly
- Significant regulatory fines and legal penalties
- Loss of consumer confidence and reputational damage
- Exposure to greater financial and operational risks
Why Is Customer Due Diligence Important?
KYC is a fundamental part of the anti-money laundering framework, and Customer Due Diligence (CDD) is a subset of KYC processes.
Having proper KYC controls in place will then allow you to conduct the appropriate due diligence on a customer or account according to their risk level.
iProov does not provide customer due diligence checks. We provide trusted identity verification during onboarding and ongoing authentication using face biometrics. However, identity verification is part of CDD. Once verified, FIs can then determine which accounts require further due diligence.
Ensuring Robust KYC/AML Compliance with Biometrics: How Does iProov Support You?
Traditional KYC/AML processes often rely on manual document verification and knowledge-based authentication, which can be time-consuming, prone to error, and vulnerable to fraud. Biometric identity verification solutions provide a secure and efficient alternative.
With a brief facial scan, iProov’s highly secure face verification can assure the genuine presence of a remote user and support compliance with KYC and AML regulations effortlessly.
Trusted remote identity verification depends on linking the physical person asserting their identity to an identity document. The only way to do that is with biometrics. Government-issued photo ID enables an individual to assert their identity online and iProov enables an organization to verify that the physical face of the person asserting that identity is indeed the genuine holder of that ID document. iProov’s science-based liveness ensures that the applying ‘face’ is authentic and not spoofed.
Our market-leading biometric verification is deployed across the world in conjunction with document verification to create an end-to-end KYC solution, which can then support further AML compliance.
This has a number of key benefits:
- Improve the accuracy and efficiency of onboarding new customers remotely: iProov research in 2020 showed that while half of the top 20 US banks enabled a new customer to open an account in 30 minutes or less, almost half took 2 days or longer. iProov technology solves this problem by removing the need for in-person checks or manual verification, which increases accuracy and reduces costs. It also speeds up the process, enabling customers to quickly get access to their new accounts, while maintaining high levels of security.
- Mitigate the risk of fraud and financial crime: iProov enables you to ensure that new customers are who they say they are with a high level of assurance.
- Reduce the risk of compliance penalties and reputational damage from negative publicity: iProov enables FIs to meet regulatory guidelines while reassuring customers and protecting the organization’s reputation.
This ultimately reduces the costs and time taken for KYC and identity verification, removing much of the burden associated with the KYC/AML ecosystem.
Why Do You Need To Assure Liveness In KYC & AML?
Liveness refers to technologies that verify a face presented to a device is a live human being. But not all liveness solutions are equal. iProov’s Biometric Solutions Suite one of the most accredited, thoroughly tested, and robust in the world
Our solution uses an effortless, passive face scan to assure that an individual…
- Is the right person, using face matching by matching the identity to a trusted photo identity document.
- Is a real, live person, and not a presentation attack (a physical or digital artifact presented to the device sensor, like a photo or mask).
- Is authenticating right now, and not a digitally injected attack using a deepfake or other synthetic media (ensured by a one-time biometric delivered by Flashmark).
The highest level of assurance is recommended for KYC/AML because initial user onboarding is a high-risk action – you don’t know anything about the user or their risk until you have onboarded, so it’s important to start off securely as trust established at onboarding will carry through the customer lifecycle. Our solution assures users are authenticating in real-time and our industry-first iSOC active threat management system enables response to new and emerging threats.
KYC and AML: Summary
- KYC is the requirement for financial organizations to obtain personal information about their customers to ensure that services are not misused.
- KYC is part of the larger AML framework, which refers to a set of regulations and techniques aiming to minimize money laundering.
- Financial institutions are spending billions of dollars annually to combat financial crime. These organizations face significant regulatory and reputational risks if they do not comply with KYC and AML.
- iProov supports KYC and AML compliance through two methods: customer verification during remote onboarding and ongoing authentication of returning customers. This means that you can be confident that your customers are who they say they are.
- Using iProov to assist with KYC and AML can cut costs, enhance and streamline regulatory compliance, reduce onboarding times and minimize frustrations, and delight customers.
- Remember that these points are dependent on country and jurisdiction. Be sure to check your jurisdiction’s directive for more specific information.
Understand that KYC and AML regulations are no empty threat: in 2020, a staggering $10.6 billion in fines were imposed globally for non-compliance with AML and KYC regulations, rising 27% from the year before. Organizations are under increasing scrutiny and iProov can help.
Biometric verification can streamline KYC/AML processes while minimizing risks and ensuring regulatory compliance. Request a demo of our solution here.