KYC in Europe - What You Need to Know

By Thibault Dubois, Henning Heckman & Daan Vansimpsen (Vlerick Business School)

Money laundering and tax evasion are considered to be two of the main crime threats to the EU because they create great damage to the stability and reputation of the financial sector, and even to the economy as a whole. As these types of crime are becoming increasingly complex, sophisticated and dispersed internationally, action on a supranational level is required. That’s why the European Parliament and Council passed the 4th Anti-Money Laundering Directive (AMLD) in May 2015, introducing a common framework for proportionate prevention of the use of the financial system for the purpose of money laundering or trafficking. The scope of this directive extends to both banks and insurers, however not to the same extent as only insurance undertakings (and their intermediaries) carrying out life assurance activities and other investment-related services have to comply.

 

Each member state of the European Union should take appropriate steps to identify, assess, understand and mitigate the risks of money laundering, as well as assess any data protection concerns in that regard. Every member state should designate an authority or establish a security mechanism to coordinate the national response to these risks, and shall ensure that the obligated entities take appropriate steps to identify and assess the risks of money laundering (e.g. not keeping anonymous accounts, applying (extensive) customer due diligence measures in certain circumstances,..). Part of this process is generally referred to as KYC: Know Your Customer, the customer identification process/procedure (next to customer policy, monitoring of transaction & risk management). This process typically includes the collection and analysis of identity documents, name matching of customers against a list of known parties, creation of an expectation of a customer’s transactional behaviour, monitoring of transactions against expected behaviour and comparing it to peer behaviour.

 

The current KYC processes are highly redundant and inefficient, resulting in quite a few friction points. In general, the customer experience is quite poor as customers are forced to submit the same documentation multiple times with each new registration process, often with slightly different requirements. Institutions incur high operational costs and have to invest large amounts of money into man-hours to gather the relevant documents and to audit them for compliance. Finally, siloed technology systems are often not capable of efficiently adapting to the demands of changing regulatory requirements. Hence the question, what can financial institutions use, in terms of technology, to improve their KYC processes.

 

It can be said that fintech’s form a good pool of use cases as they are more actively following up on new technology to acquire customers. While organisations find themselves in battling conflicting mandates, it is our belief that financial institutions need to adopt a more cost-effective, flexible, innovative, KYC operating model which assures compliance with complex and changing regulatory requirements. The efficiency of KYC processes/procedures can be improved, through the use of technology, in three possible ways: safety, speed, broadness. Through the use of machine learning, artificial intelligence and blockchain, customer onboarding could potentially even be completely automated from a good pool of use cases as they are more actively following up on new technology to acquire customers. While organisations find themselves in battling conflicting mandates, it is our belief that financial institutions need to adopt a more cost-effective, flexible, innovative, KYC operating model which assures compliance with complex and changing regulatory requirements. The efficiency of KYC processes/procedures can be improved, through the use of technology, in three possible ways: safety, speed, broadness. Through the use of machine learning, artificial intelligence and blockchain, customer onboarding could potentially even be completely automated.

 

Making it safer and more efficient

 

Whenever talking about digital identity, banks and insurance companies almost solely focus on optimising their current processes. In a not so distant future it is likely that all of us will be managing our digital identities online as nodes in a network, sharing them on blockchain based ledgers. Distributed Ledger technology uses cryptographic mechanisms making it impossible to manipulate data. As a result, it eliminates the possibility of claim duplication or the creation of claims related to events that never occurred. This advantage can be transposed to identity verification with a safer and faster onboarding process. It also helps in conducting audits and be compliant with regulatory standards or checks.

 

 

Bitnation is considered to be the world's first operational decentralised borderless voluntary nation, powered by blockchain technology. Bitnation provides services such as secure ID or reputation systems, dispute resolutions, security and insurance services similar to what traditional governments offer. The difference with the latter is that Bitnation is not limited to geographical boundaries. In other words, any individual from around the globe can become a citizen of Bitnation by signing a constitution.  

 

How does it work?

The existence of identity is proven by taking a picture with the latest Bitcoin merkle root, the first block in the chain so to speak. Then the picture goes into an ID template and the documents are signed with PGP keys. Further identification will be simpler.

 

Where can we use it?

In November 2015, Bitnation partnered up with Estonia’s public notary. Estonian e-residents can as a result sign in with their physical ID card and execute digital signatures on the blockchain. E-residents do not have the same rights as traditional residents, however, it facilitates many administrative aspects. It allows e-residents, to notarize their marriages, birth certificates, business contracts on the blockchain regardless of where they live or do business.


Moreover, Bitnation started in November 2015, the Refugee Emergency Response (BRER) program in response to the refugee crises. Those who could not get identification documents through normal means were able to acquire a form of identification through the project where they received an ID recorded on the blockchain. Authorities were then able to provide social assistance and financial services.

 

An example of financial services is the following:

Recorded refugees could apply for a Bitcoin Visa Card which could be used throughout the EU and UK without having a bank account. This made it possible to accept transfers from all over the world. Moreover, a map and a forum were included in order to track lost family members, safe locations and dangerous locations.

 

Making it faster

 

The digitisation of the onboarding process is something that is bound to happen and will lead to enormous efficiency gains. It will obviously also increase conversion rates for online customers

[verify-U] identifies natural persons in a manner that complies with the Anti-Money Laundering Act, free of media discontinuity, and in less than five minutes, using simple video-telephony. [verify-U]’s full-suite solution also includes legally enforceable, paperless contract signing through using the qualified eSignature verification and extensive identity checks in a legally secure and binding manner.

 

IDnow offers patented technology for innovative companies that allows their customers to verify their identity quickly and conveniently online through using their smartphone, tablet or webcam. This novel process replaces the antiquated PostIdent process and allows for significant improvements to conversion rates for online applications.The e-signing solution allows people to sign contracts online with a qualified electronic signature (QES) which is equal to handwritten signatures. IDnow’s product is used by among others N26, bunq, UBS, commerzbank and Solarisbank.

 

Broadening the scope

 

As mentioned the objective of KYC compliance is to prevent financial institutions from being used by criminal for money laundering activities. Besides, related procedures enable financial institutions to better understand their customers and thus provide them with a better experience.

 

Although being a very cumbersome process, both from the institutional perspective as well as the customer’s perspective, fintech disruption in the banking industry has shown that through customer-centered design this can even improve the overall customer/user experience. Given the regulatory constraints under which financial service companies operate it’s definitely a big challenge to keep it simple.

 

Online challenger banks and insurers are opening the path for incumbents to experiment with digital solutions, sometimes initiated with a growth hacking purpose in mind. Not asking for all information upfront, taking the burden as much off the customer as possible, explaining your objectives and setting clear expectations are all tricks that can be applied to smoothen/simplify the process. However, these approaches may never lead to customers feeling unsafe, as trust and security are equally important as simplicity from a UX perspective.

 

Belgian Mobile ID is a consortium of Belgium’s leading banks (Belfius, BNP Paribas Fortis, KBC/CBC & ING) and mobile network operators (Orange, Proximus & Telenet Group) who have joined together to create the Belgian reference for mobile identity and digital privacy.
Via a dedicated app, itsme, Belgian Mobile ID makes it easier for anyone with a mobile phone and a bank account or eID to digitally log in, confirm transactions and even sign documents. The solution is fully compliant with eIDAS and GDPR.

veridu.png

Veridu is a B2B service provider that allows companies to check a customer's identity through machine learning analysis aimed at the customer’s social media. Veridu makes customer onboarding frictionless plus it reduces fraud and KYC requirements. When customers are about to sign in onto their account, they can do so via their social media account. Veridu will then use machine learning to analyse the data contained in these accounts and give a credibility score on the customer’s identity.   

References:

Y. Lootsma (Initio), From Fintech to Regtech: the possible use of Blockchain for KYC