With the fraud wave rising since the beginning of the COVID-19 pandemic, the importance of KYC and AML for businesses worldwide has grown immensely. For example, regulatory bodies in the US and Europe now demand cryptocurrency exchanges perform CDD (customer due diligence), KYC (Know Your Customer), and AML (Anti-Money Laundering) procedures for their customers.
While this is not the case for other countries worldwide, like Japan, or New Zealand — preventing fraud is an ever-present necessity. So, sooner or later every online business worldwide will have to implement anti-fraud tools to ensure they are able to detect and prevent online fraud — or risk losing their license.
Covery is enterprise-grade risk mitigation, fraud prevention, transaction monitoring, chargeback management, and anti-fraud system. It has all the tools and features needed to detect and prevent fraud in real-time, on all customer journey steps — from registration to payouts. And registration stage is the one where KYC and AML checks are needed the most.
While terms KYC and AML are used in conjunction, this does not make them interchangeable, as these are two different concepts that serve 2 different purposes. This article clarifies the field: it explains the meaning of KYC and AML and how to use them correctly to prevent fraud from damaging your business.
What is the meaning of KYC & AML?
Know Your Customer or KYC is a part of the Customer Due Diligence (CDD) procedure, comprised of several identity checks to ensure it is safe to conduct business with this customer. KYC checks can require providing photo-quality copies of government-issued IDs, taking selfies, and reading phrases out loud — all to ensure the user is actually who they claim they are, and they undergo KYC checks on their own. But this is still not enough.
A person can have a perfectly valid government ID — and be connected to organized crime or money laundering schemes, or be under sanctions for any reason. Thus said, in order to prevent your business from suffering from online fraud schemes, you should conduct extensive background checks on every customer during the registration stage.
Covery enables this through integration with Ondato, ShuftiPro, and Dow Jones. We use the latest version of Dow Jones’s databases to check all the details provided by your customers during registration against watchlists of PEPs (Politically Exposed Persons), sanctioned persons, and entities related to them. This is the very first and absolutely required step of the KYC procedure. The check takes less than a second immediately after a customer provides these details after registration.
The next step can involve ID validation using ShuftiPro or Ondato video verification capabilities integrated with Covery. Customers should provide their IDs and perform live video verification (take a selfie, tilt their heads, smile, read some numbers out loud, etc.) Verification tools check whether there are any signs of forgery on IDs (fake documents, traces of Photoshop altering, scratches or burns, etc.) The system also checks if the customer tries to obscure their face — wearing hats or glasses, using fake mustaches, etc.
This check also takes just several seconds during registration, allowing Covery customers to filter out potentially undesirable persons — known fraudsters, PEPs, people under sanctions, and persons related to them. This is the basic requirement of AML compliance, and neglecting it might cost you a merchant license or make you liable as an accomplice to the crime.
But what is AML exactly?
What is AML?
Anit-money laundering or AML is a series of workflows aimed at detecting and preventing the process of making illegitimate gains appear as legal income. The money-laundering scheme is well-known: crooks have to deposit ill-gained funds to some account, perform several transactions with them and then withdraw to make this all seem legitimate.
AML aims to prevent this from happening, as eCommerce, Fintech, and microfinance are especially vulnerable to money laundering — because the money the fraudsters deposit are not the money they withdraw, and your business can unknowingly become a part of an online fraud scheme.
What are the 3 stages of anti-money laundering?
As mentioned above, there are 3 key stages of money laundering:
- Depositing — putting illegal money into some banking account
- Layering — performing several layers of transactions to make a credible history and help dirty money appear “clean”
- Extraction — transferring “clean” money to the benefactor’s account
This type of online fraud is especially vulnerable at the first stage, as it is quite complicated to explain depositing large sums of cash at once. Taking a close look at the source of funds your customers deposit on your website is a good way to secure your business.
Luckily, most AML checks are done by Payment Service Providers or PSPs like Visa, Mastercard, AmEx, and others — but businesses are required to comply with these requirements as well.
Why is KYC important for AML?
As you can see, when you know your customers from the start, you avoid huge risks that can result in significant losses. However, KYC is a continuous effort, as people get added to/removed from PEP/RSA watchlists daily, so the initial KYC procedure should be followed up by ongoing checks during every customer session. Of course, we don’t mean you should demand your customers to provide their IDs during every login. But automatically checking their customer details against the latest version of the Dow Jones database is a benefit you get with Covery.
Only by ensuring reliable automated KYC checks you can guarantee AML compliance and prevent your business from becoming an accomplice to the crime.
This is possible due to a combination of factors:
- Device fingerprinting technology, building digital fingerprints of devices your customers use to access your website. This helps for a huge variety of reasons — from supporting KYC checks to preventing account takeover attempts and containing the threat of phishing.
- Trustchain — the global database of reputation records. Every session at your website has more than 13 distinct markers — from email address and IP used, to bank IDsm SEPA and Swift numbers used for transactions, which form a reputation record for every user. Trustchain is a distributed database of such records, storing information about all user activity on websites within the Covery community.
This way, when a new user registers at your website, you can immediately find out if any of the details they use were previously marked as a part of an online fraud scheme, and generally look up their online behavior. For example, information that this user is a frequenter of online casinos might be irrelevant for eCommerce website owners but will become a risk factor for microfinance platforms.
- Rule-based risk logic engine coupled with supervised Machine Learning algorithm for preventing fraud. This feature comes with 15 pre-configured scenarios covering the basic needs of companies from 23+ industries Covery serves. In addition, every company can configure any risk logic rule they need using a flexible editor.
KYC and AML checks with Covery are automated. They are configured via API, using our in-depth documentation. Covery can provide risk analysts to configure everything faster on your end or deal with daily toil on your behalf.
However, this is only the tip of the iceberg. Should you want to find out all the value Covery can provide for your business — get in touch, order a free demo and see for yourself!