Back in the day, Mr. Hooper knew all his Sesame Street customers by name. He even had a personal relationship with most of them. Most of them were difficult to impersonate anyway. After all, who else but Big Bird would want a birdseed milkshake?
Neighborhoods like that still exist here and there, but for the most part, the Sesame Street days are gone. Moreover, although nearly everyone still saunters into a store from time to time, most people prefer online transactions. Security is a growing concern, for current customers, potential customers, and government regulators. All these groups define “security” in slightly different ways, and your company’s trusted identity service must appease each of them.
Setting the Stage :
KYC/AML (Know Your Customer and Anti-Money Laundering) requirements are everywhere. Even in your company will not face fines and other such action for noncompliance, your company will most likely be guilty in the court of public opinion. Either way, KYC/AML noncompliance is extremely costly.
Fortunately, compliance is rather easy to achieve. While there are many technical requirements in many laws, and your company must adhere to all of them, there are three basic core principles in this area:
- Customer Identification Program: Typically, banks and other financial institutions, including peer-to-peer lenders and online payment processing systems, must comply with CIP procedures. For the most part, the organization must determine its risk and then act accordingly.
- Customer Due Diligence: Once again, the organization must determine risk and act appropriately. For the most part, a customer is either SDD (simplified due diligence) or CDD (basic due diligence). Occasionally, enhancements are required, largely depending on the statute’s wording.
- Ongoing Monitoring: Customer identification is not a one-and-done proposition. Organizations must also conduct ongoing monitoring, and many regulators are stepping up requirements in this area.
Since hackers and identity thieves constantly change tactics, KYC/AML rules are in constant flux as well. So, it’s important that the solution your company implements be scalable to meet requirements that do not even exist yet.
How to Exceed Minimum Requirements :
Picture selfies and e-mail attached documents might satisfy regulators for now, but that can change tomorrow. Furthermore, and perhaps more importantly, such weak security does not satisfy current and potential customers. So, to maintain its competitive edge, your business needs to take an extra step in areas like:
- ID Verification: Most drivers’ licenses, passports, and other government documents have built-in security features. Your identity verification service should take full advantage of all of them.
- Identity Verification: Most regulators and customers will soon expect businesses to perform Jason Bourne-style facial recognition. Will your system be ready to handle such an upgrade?
- Document Verification: Almost any system can capture basic information from documents which are fully in English, have straightforward formats, and are in good condition. If your customers submit documents that don’t meet your high standards for precision and condition, what happens next? Does your system work around the problem or essentially direct the customer to one of your competitors?
KYC/AML requirements are here to stay, as are heightened customer expectations in terms of convenience and security. The right identity verification system satisfies regulators and keeps customers coming back.
This post complies with my Disclosure Policy