WHAT IS “KYC” IN THE CONTEXT OF EUROPE?

You are probably familiar with the term “money laundering”. Where does the term come from? One of the most famous schemes used by Mr. “Capone” was the cash only laundry business.

What are all those acronyms for European regulations “KYC”, “CDD”, “AMLD5”, “eIDAS”, “PSD2 ″?

Let’s see. With the recent advent of virtual currencies, online banking and e-commerce, the schemes have become much more complex. However, money laundering and tax evasion remain one of the biggest threats to the financial system. To avoid such impacts, the European Union has promoted specific regulations over the last 10 years to reduce this risk. How is this relevant? Well, if you are running a FinTech company in a European country or plan to expand there, plan to be impacted directly: you must comply with the regulations or be prepared to face fines if you do not comply,

AMLD and PSD2 represent the Anti-Money Laundering Directives (AMLD) and the Second Payment Services Directive (PSD2).

The AMLD is a set of regulatory requirements issued by the EU that contains rules to combat money laundering and financing of terrorism by EU member states. Its main objective is to protect the financial system by implementing procedures for the prevention, detection and investigation of money laundering and the financing of terrorism. AMLD is suitable for financial and credit institutions, certain legal professionals such as auditors, notaries, trust or company service providers, persons exchanging goods for payments made or received in cash totalling EUR 10,000 or more, and gaming service providers.

PSD2 is the second Payment Services Directive, designed by the EU to revolutionise the payment industry by influencing the way we pay online as well as the information we see when completing a payment. PSD2 will also require stronger identity controls such as KYC, especially when it comes to higher transactions.

And what is KYC? (Know Your Cusotomer), meaning Know Your Customer, is the first step in AML procedures. It is the practice carried out by companies to verify the identity of their customers in accordance with legal requirements and applicable laws and regulations. In short, to verify that their customers are, in fact, who they say they are. This process ensures that the user who wants to become a client of a company proves his identity with legal evidence.

There are several simple methods that can be implemented in which the user sends identity documents, which must be authenticated, and an image or video of their face (in some cases, their fingertips), in addition to other biometric tests and security checks.

Not all KYC checks meet the legal requirements in Europe. For example, identification solutions based on selfies (which means that it asks the user to send a photo of their face to ensure that it matches the photo on the ID) are not compatible with KYC / AML in the EU. The latest version of AMLD, named AMLD5 (yes, because it is the fifth edition) states that they have weak reliability and do not meet the requirements of the legislation. The good news is that AMLD5 introduced a new regulation last year called eIDAS (Electronic Identification Authentication and Trust Services), which allows other recognized identification methods that provide security equal to physical presence, such as Liveness Recognition also known as proof of life.

Neobanks, loan companies, e-commerce, to name a few, are some of the industries that will now have to comply with KYC; as well as the lifting of cryptomonies (exchanges) that had a great impact on AMLD5 by stating that all EU member states must implement AML regulations when it comes to cryptography. These exchanges will now be required not only to follow KYC rules but also to monitor customer transactions and file suspicious activity reports. This will ensure that they are legitimate and do not attempt to abuse the platform for malicious purposes.

So, to comply with regulations, what should I do?

For example, Fintechs operating in the EU must comply with basic KYC / AML regulations, which can be summarized in 3 steps:

Make sure your user provides an authentic document to verify his identity.

Make sure that it is the same person as the one on the provided document who performs a life verification.

Confirm that users are not on international anti-money laundering watch lists or blacklists.

As simple as this sounds, it can be a painful process to conduct without the proper tools. Fortunately, technology has evolved greatly in recent years, and identity verification processes have done the same, helping to resolve any potential friction for users.

The global pandemic we now face has presented a tremendous challenge to organizations that must comply with KYC regulations, at least to those that were not prepared to digitize operations. While many companies have adapted to digital processes and compliance, many others have not and have therefore seen a substantial loss of customers during this time. Major financial institutions, such as banks, are struggling to keep these processes up and running during this crisis, which should reveal how unprepared everyone was for COVID-19. The truth is that client intake should not come to a complete halt when a pandemic occurs. However, this should be taken as a lesson that being able to digitally incorporate new clients is key, as is following regulations aimed at preventing crimes such as tax evasion and money laundering regardless of the situation, be it a pandemic or any other global crisis .

Final thoughts: KYC/AML regulations may be difficult to understand, but it is a great way to protect your business from malicious activity. Especially during these times when fraud is skyrocketing around the world, mainly due to the increasing uncertainty arising from the COVID-19 pandemic, which makes con artists more creative and scams businesses from left to right. Therefore, the accelerated processes, such as fully digitized and uninterrupted compliance, should be on your agenda!