I hope this title doesn’t offend anyone because I include myself as one of these idiots. Whenever I need to find information on a subject, my go-to google request is always ‘An idiots guide to…..’
As a salesperson wanting to speak to absolutely anyone that will give me 10 minutes of their time, I come across lots of people in the compliance, risk, operations and IT departments. I have to say that I am surprised by how little some of my contacts have known about customer verification and the importance of conducting it properly. A surprisingly common reply being ‘we know that person really well and we’ve done business with them for years, so we don’t need to do anything on them’.
At its most basic, companies that deal with individuals have a responsibility to ensure they are who they say they are and live where they say they live. To the best of your knowledge you have to be able to say your company did everything they could in reason to protect against people using your company to launder money, commit identity fraud for personal gain and in general, to harvest criminal activity. All this information you collate has to be documented throughout a customer lifecycle and readily accessible to prove you did it.
The problem with this *In my opinion pretty obvious* requirement is that regulatory bodies in your own specific industries do not always tell you what exactly that should look like. As a result, I am often left speaking to companies that have to determine what their own ‘risk’ or ‘identification’ policies should be. Ultimately, the answer to this question is multi-faceted; what is going to protect your business from risk and crime? What is going to protect your business from regulatory breaches and fines? What is going to protect your customers?
Once you’ve answered those questions, you then need to add an additional layer of thought; How are those checks going to conducted? What is going to make that process as seamless as possible for our customers? What is going to be best to drive sales and minimise operational headache? How much work does that mean for your IT & development team? The list, sadly, will go on.
When the words KYC and AML are banded about, it’s easy to get confused by their terms. Essentially, these checks are identity verification checks. Passing an AML check doesn’t confirm that person is definitely not money laundering or definitely not going to commit a crime. Likewise, passing a KYC check doesn’t mean you will forever ‘Know Your Customer’. These verification checks are an important part of proving you were making sure you knew as much as possible about your customer before you started conducting business with them, whether you are a used car warranty provider, coworking office supplier, credit provider or in any other service based industry, and then doing the same on an ongoing basis as well.
The mechanics of identity verification are quite straight forwards. On the whole, most companies conduct their electronic due diligence via one of two ways; a ‘data’ led journey and/or a ‘document’ led journey. Dataset verification quite simply allows you to check an individual matches to a live national dataset(s) as a means of verifying the details they have provided are true. Document authenticity is pretty self explanatory in that it will be able to give you assurances that the documents your customers supply are real and that the photographic ID matches the person who provided it. These services turn manual cost and time consuming processes into split second compliant decision making.
If you’re interested in hearing more about how W2 can provide all of these services through a single point of access, you can contact us here and book in a demonstration with me, and I promise I won’t call you an idiot!