Regulators around the world are leaving no stone unturned in a renewed effort to ensure anyone doing business across borders abides by Know Your Customer (KYC) guidelines, forcing merchants and payment facilitators to absorb the costs of more detailed customer due diligence (CDD). Things get especially complex when dealing with market segments that have limited access to governmental identification or those that depend heavily on cash. To protect themselves from costly non-compliance fines, financial institutions need a firm grasp of KYC fundamentals.
Compliance can be a massive operational undertaking, necessitating additional staff, infrastructure, and data storage. Complicating things even further, those institutions facilitating commerce across borders are expected to observe regulations in both the originating country as well as the country to which funds are headed. Due to the non-standardized nature of anti-money laundering (AML) and counter funding of terrorist (CFT) requirements, operational overhead costs can grow exponentially as more markets are addressed, forcing businesses to choose between manageable growth and risk exposure. Thankfully, acquiring a high-level understanding of KYC compliance doesn’t take long, and it can help executives develop products and processes that strike an optimal balance between opportunity and vulnerability. The first step is understanding the potential threats that a lax compliance strategy can lead to.
Since the American financial crisis of 2008, non-compliance fines have been trending up in size and number. In 2017, one US regulator handed out an estimated $73 million in fines, the fourth highest of its ten year history. Failure to observe anti-money laundering regulations have cost individual firms like Standard Chartered hundreds of millions in penal charges, and it’s not just big banks feeling the pressure. Failure to conduct appropriate checks landed a UK gambling firm with a £2 million bill from the Gambling Commission. Cryptocurrency maker Ripple Labs was charged $700,000 for failing to setup an adequate anti-money laundering program. Even a small Texas community bank was charged $2 million for failing to conduct appropriate due diligence when accepting a Mexican bank’s customer application. Firms of all sizes are vulnerable, and before executives can craft appropriate corporate policies, they must first understand what motivates regulators.
KYC guidelines exist for a few very specific purposes. The International Compliance Association provides a comprehensive list:
- to comply with the requirements of relevant legislation and regulation
- to help the firm, at the time the due diligence is carried out, to be reasonably certain that the customers are who they say they are, and that it is appropriate to provide them with the products or services requested
- to guard against fraud, including impersonation and identity fraud
- to help the organisation to identify, during the course of a continuing relationship, what is unusual and to enable the unusual to be examined; if unusual events do not have a commercial or otherwise straightforward rationale they may involve money laundering, fraud, or handling criminal or terrorist property
- to enable the organisation to assist law enforcement, by providing available information on customers being investigated following the making of a suspicion report.
All of these needs are addressed by customer due diligence (CDD) processes, in which financial firms take appropriate measures to certify that customers are who they claim to be and that they are not exhibiting suspicious behavior or acting in violation of existing sanctions. The lawfully requisite level of due diligence varies from country to country, but there are baseline best practices that can serve as an ideal starting point. Standard onboarding processes should typically involve collecting the following applicant information, as verified via proof of identity via independent or state source:
- Full name
- Date and place of birth
Enhanced measures should be taken if a customer is not physically present for identification or if they are attempting to do business across state or federal borders. Heightened levels of security are also typically required for customers conducting transactions above state-imposed thresholds, or for politically exposed persons (PEP), i.e. gubernatorial officials who are at higher risk of bribery or corruption.
Financial institutions looking to expand into underbanked markets like those found in Southeast Asia, where as little as 28% of the population has a bank account, face additional challenges. Lack of verifiable identification within these markets can make customer due diligence prohibitively difficult and expensive, leading many to forego the opportunity entirely.
Regulators require that businesses facilitating the exchange of funds between customers not only observe country-specific regulations, but also any transactional thresholds meant to trigger further due diligence. The costs of facilitating this level of documentation can be substantial, especially for payment solutions dealing in high volumes of peer-to-peer money transfers, the average value of which is $45 USD. Fortunately, Rapyd can help.
Rapyd is a fully authorized financial institution, authorized and regulated by the Financial Conduct Authority, reference number 900769. We’re also registered in England under the reference number 10207686. We enable businesses and merchants to overcome compliance boundaries in pursuit of market expansion opportunities. We’re on a mission to make the world smaller by facilitating global and cross-border commerce for everyone. Our full-stack solution provides all the requisite regulatory tools and infrastructure to ensure that global compliance obligations are met by verifying user identities, scanning sanctions lists and tracking sending limits while also providing a comprehensive solution for businesses looking to expand into underbanked populations. With a single API integration, Rapyd instantly minimizes compliance burdens and protects your bottom line.
Visit our website to learn more about how Rapyd can reduce your compliance costs.