KYC Identity Verification
Global increase of internet usage and the implementation of online services has resulted in both significant economic growth and criminal activities. Fraud, corruption, money laundering, and other forms of economic crime are real issues that corporations and financial institutions face every day. To counter such attacks, companies are required to verify the identity of their customers before entering into a business relationship or transaction.
Traditionally, the identity verification process, known as Know Your Customer or KYC, is an in-person meeting. Nowadays, many companies are shifting their KYC processes from the traditional method to electronic know your customer or eKYC. Exchanging KYC for eKYC is a convenient solution for company and customer alike.
This page outlines the fundamental principles of KYC and its proper implementation into your business operations.
Know Your Customer is a subset of Anti-Money Laundering (AML) regulations. KYC denotes the process of customer identity verification. Sometimes, “Know Your Customer” and “Know Your Client” are used interchangeably. These legal guidelines help protect financial institutions against fraud, corruption, terrorist financing, and money laundering. KYC is a mandatory process; therefore, financial institutions that fail to comply are subject to potential fines, sanctions, reputational damage, and in some cases, imprisonment.
More recently, KYC has branched out beyond the financial industry. Non-profit organizations, virtual asset dealers, and companies in other industries have begun to adhere to KYC guidelines. Since KYC plays a significant role in the business world, understanding its importance is vital to the protection of your business, the satisfaction of your customers, and the prevention of crime.
Benefits of KYC
KYC has many advantages:
- Understanding your clients: By verifying customers, companies have a better understanding of their clients’ financial profiles.
- Risk assessment: This helps companies assess the risk involved before entering into a business deal.
- Long-term relationship: Companies can make informed decisions regarding the suitability of clients and what it might take to maintain a business relationship with them.
- Builds mutual trust: KYC ensures a greater level of trust and transparency between both parties.
- Regulatory compliance: KYC processes are modular, so they can easily be expanded with add-ons or security checks to fit the required guidelines. It is a small investment that ensures your company and its clients remain safe.
On a broad scale, KYC is also beneficial for customers. These regulations are in place to prevent criminal acts, such as terrorist financing; thereby ensuring that wider markets and economies remain safe.
2. Document checks
3. Information validation
4. Risk assessment
5. Client approval
6. Ongoing monitoring and record maintenance
Main components of KYC
1. Customer Identification Program (CIP)
The Customer Identification Program is the most important component of the KYC framework: verifying a client’s identity. In order to prevent spoof attacks and ensure that the customer is actually who they claim to be, any individual or business entity must be verified. In the case of the latter, the beneficial owners must be verified.
Customer identification includes, but is not limited to, data collection, document checks, identification and verification, sanction list checks, etc. Documents, especially ID cards, are usually verified through a document reader and document verification software.
2. Customer Due Diligence (CDD)
CDD gathers additional customer data to assess the individual’s risk factor. This information enables you to make an informed decision about a potential client. It also ensures that the information is reliable and from a valid source.
Higher-risk customers typically require rigorous identification checks, which may take considerably longer.
3. Enhanced Due Diligence (EDD) / Continuous Monitoring
Once a customer passes the initial check, their activity and status will continue to be monitored. This can include: transactions, sanction lists, and media coverage. The extent and frequency of EDD will depend upon a client’s risk profile.
To maintain a KYC-compliant business relationship, EDD keeps customer profiles under continuous scrutiny.
4. Record Maintenance
Keeping records from the initial KYC process and ongoing transactions is an important step.
This will ensure that you immediately spot any illegal activities that may occur in the future. If you encounter any unlawful transactions, terrorist funding, etc., it must be immediately reported to the appropriate authority.
It is recommended to keep a customer’s records for at least 5 years.
If any suspicious activity occurs, it should be reported immediately. Having a set of procedures already in place enables you to quickly handle the situation with the appropriate authority.
Digitalization of KYC
Prior to the introduction of eKYC, customer identity verification required an in-person meeting to manually check the customer’s ID documentation, or to check important legal documents through a third party source. As an alternative, Knowledge-Based Authentication (KBA) was also used. Unfortunately, these processes are all less efficient, costly, and leave more room for human error.
To improve the accuracy of KYC, the verification process has been digitalized. Modern conventions of eKYC include, but are not limited to:
- Security checks (biometrics)
- Other technologies (AI or NFC)
Digital KYC procedures streamline the customer onboarding process. In a matter of minutes, the customer can complete the verification process from anywhere.
Furthermore, not only can POI and POA documents be quickly verified, but the document holder’s demographic data can also be integrated into a Customer Relationship Management (CRM) system. Thus, customer data is easily accessible for continuous monitoring and record-keeping.
KYC has a general set of requirements along with country specific regulations. Moreover, these basic requirements differ from industry to industry – the financial industry being the strictest among them.
These common requirements include:
- Facial verification – facial verification ensures the live presence of the individual (to quickly and effectively identify spoof attacks).
- Document verification – document verification ensures that the government-issued ID is neither forged, invalid, nor faulty. It is common for institutions to request more than one form of ID (i.e. birth certificate, social security card, passport, driver’s license, etc.) to confirm the customer’s identity.
- Address verification - address verificiation validates the address on government-issued identification docments against Proof of Address (POA).
To complete the three above-mentioned stages of verification, several different documents are required. Upon successful verification of the customer’s identity, both parties may proceed to the next stage of the onboarding process.
For the first stage, facial verification, a document containing a picture of the customer, such as an ID card, must be provided. For the second stage, the customer must provide Proof of Identity (POI) The second document required for Proof of Identity (POI), which may be any other government-issued document with a picture on it, such as a driver’s license. Both documents are compared against each other to confirm that neither POI document was falsified. The third, and final stage of the KYC process, requires the customer to provide a document for Proof of Address (POA).
Note: the above-mentioned requirements do not suffice for all KYC processes. This outline is solely intended to provide a basic understanding of the common guidelines set forth for the execution of KYC processes.
Documents required for KYC may include, but are not limited to:
Proof of Identity (POI):
- Identification Card (government-issued ID)
- Driver's License
- Residence permit
- Employee ID card
- Student ID card
- Health insurance card (with photograph)
Proof of Address (POA):
- Residence permit or government-issued ID card
- Driver's License
- Utility bill that is not more than 6 months old (e.g. a bill such as, water, electricity, gas, telephone, wireless, etc.)
- Bank Account Statement
- Credit Card Statement
- House Purchase deed
- Lease agreement (along with last 3 months rent receipt)
- Employer’s certificate for residence proof
Proof of Income:
- Income Tax Returns
- Salary Slips
- Bank Statement
In recent years, the European Commission has established a set of KYC guidelines that form the basis for KYC across all EU member states. However, because Europe is too vast for just one organization to ensure the compliance of all businesses, each country still maintains its own regulatory authority and legislation variants.
In Europe, the regulatory framework for the financial sectors is regulated by 5AMLD (5th money laundering directive) and eIDAS (electronic Identification, Authentication and trust services).
5AMLD ensures that all EU member states have the same understanding of money laundering. Since the KYC requirements are virtually the same in nature, companies can more easily expand the reach of their products and/or services to a wider range of potential clients.
5AMLD has also established a reference framework for eKYC processes to assist businesses with the onboarding of remote customers.
Some European examples include:
- Germany: The Federal Financial Supervisory Authority (BaFin)
- Switzerland: Financial Market Supervisory Authority (FINMA)
- Italy: Banca d’Italia
- United Kingdom: The Money Laundering Regulations
Examples in other countries:
- US: Financial Crimes Enforcement Network (FinCEN)
- Canada: The Financial Transactions and Reports Analysis Centre of Canada (FINTRAC)
- Australia: Australian Transaction Reports and Analysis Centre (AUSTRAC)
- India: Reserve Bank of India
- South Africa: The Financial Intelligence Center Act 38 (FICA)
The PXL Vision Solution
Understanding the fundamental basis of KYC is the first step to making an informed decision about which identity verification solution is best suited for your company. To avoid the risk of non-compliance penalties, ineffective KYC processes, and customer drop-outs, PXL Vision has engineered a fast and user-friendly identity verification solution with state-of-the-art machine learning intelligence and AI technology. Our solution is designed to configure to the specific needs of each enterprise.
The PXL Vision solution:
- Utilizes high-efficiency, precise AI technology
- Verifies customer in 30 seconds or less
- Accurately performs POI and POA checks
PXL Vision Document Checks
Following the full integration and customized configuration of the PXL Vision solution, customers can easily complete their eKYC check. The general steps include:
- Scan the requested document(s) with a smartphone camera
- Take a short selfie video
- Submit and complete
Our AI technology identifies, analyzes, then matches the information extracted from the ID document(s) to the recorded selfie video. Moreover, the type of document and its authenticity will also be determined and verified.
PXL Vision process:
- Check MRZ: We pull information from the machine-readable code lines (MRZ) and run several checks on them.
- Examine the visual inspection zone (VIZ): We review the remainder of the document or VIZ.
- Assess authenticity: We run several security checks and analyze hundreds of visual key features to ensure that the document is real.
- Read biometric NFC chip, if available: This allows us to read information from the document. We also make sure to inspect the chip to confirm that it has not been tampered with.
PXL Vision offers two identity verification solutions: PXL Ident® and PXL Pro. Our primary solution, PXL Ident®, is a user-friendly SaaS solution that can be individually adapted to local KYC regulations.
To perform a POA check, we use an API from a third party service provider. This implementation makes it possible to follow through with a POA check anywhere in the world while maintaining accordance with the KYC guidelines of your country.
Naturally, KYC adherence is an integral part of the financial industry, however, its importance continues to branch out into other areas of the business world as well. The principal purpose of KYC is to protect companies, institutions, and customers by preventing potential crime.
With PXL Vision’s IDV solutions, the KYC process can be simplified and human-error eliminated. Our solution is designed to reduce risk and cost, while improving compatibility into your enterprise operations and convenience for your customers.
Summarizing the KYC principle:
- The KYC process is an approach that is particularly suitable for banks and financial institutions
- Profiles of potential customers are examined to ensure that they do not engage in illegal activities with their open business accounts.