Meeting New Compliance Challenges Through Digital Identity
The complexity of global trade, the rapid pace of business activity and increased digitalisation in banking have changed the way financial transactions are processed. Institutional and individual users today expect a seamless and frictionless digital experience in entire product and service lines.
This has been a key driver of ‘virtual banking’ across Asia, where new licensing regimes have spawned in Hong Kong, Singapore and Malaysia, among others. Meanwhile, new innovations in payments, open banking initiatives and APIs have made it easier for new players to enter the financial services space.
While these developments present clear benefits to consumers and businesses, they also potentially raise financial crime risks, placing a greater-than-ever onus on compliance departments to ensure adequate tools and technology to manage risk and compliance.
“The financial services space is continually expanding with more and more participants, from digital banks and technology-enabled payments providers, to fintech operators and crypto asset players,” says Phillip Malcom, Regional Performance Director for Asia Pacific at Refinitiv.
“As new technology and more powerful APIs disrupt traditional payment processes by providing users with greater access, speed and flexibility, faster and more accurate counterparty authentication is needed.”
Indeed, billions of dollars in daily transfers and e-commerce transactions are subject to ever-increasing regulatory control. Global AML fines are increasing in size and frequency each year, while board level liability for compliance failures are also rising.
National authorities are continually working towards global AML/CFT standards developed by the FATF (Financial Action Task Force). But, each interprets AML and KYC under their own national laws, adding to the vagueries of regulatory requirements, raising the compliance challenge for incumbents and new firms alike.
A case in point, crypto asset exchanges have attracted intense regulatory scrutiny across the world, having demonstrated their appeal to consumers over the past few years. As part of a move to ensure identification and verification of customers and counterparties dealing in crypto assets, the FATF announced last June it would adopt the so-called “travel rule” for crypto exchanges globally.
This means that by mid-2020 (expected), crypto exchanges will be required to gather and transfer information along the payment chain about the originators and beneficiaries of the transactions they process.
“Crypto asset platforms will be more regulated going forward,” Malcolm says. “But given the speed of their transactions, it is becoming increasingly necessary that they are able to efficiently screen customers and transactions in a seamless, fast and reliable end-to-end process, in order to meet both compliance and consumer demands.”
Similarly, the new digital banking regimes demand robust and technologically advanced KYC, identity verification and transaction processing systems and controls. A large scale AML or sanctions violation at a single digital bank could cause irreparable damage to the sector as a whole, threatening years of investment in innovative technologies and infrastructure.
Last November, Westpac suspended what was previously considered an innovative low-cost remittance service, known as LitePay, amid concerns that the system played a major role in the bank’s money laundering breaches alleged by AUSTRAC. With LitePay in mind, it is not hard to imagine the impact a similar incident could have on the digital banking space.
“The kind of identity verification and proofing that enables financial service providers such as digital banks to onboard customers and provide products and services with increased and scalable efficiency needs to be technologically advanced and supported by robust compliance controls,” says Malcolm.
The good news, he says, is that a ‘digital identity revolution’ is underway, driven by a host of interconnected factors, including the increased use of digital channels in financial services, and the growing need to protect against sophisticated financial criminals.
“Facial identification along with government supplied identifiers such as drivers licence and passport records have been offered as a solution towards forming a digital identity that facilitates client onboarding without requiring conventional documents. Ultimately, this also intensifies the need for a comprehensive verification tool that links multiple databases and resources,” Malcolm says.
Refinitiv’s Qual-ID solution, for instance, offers digital identity verification, document proofing and risk screening by leveraging the World-Check Risk Intelligence database. World-Check covers 100 percent of sanctioned entities globally, contains millions of additional records not found on official lists, and features negative media screening functionality to identify further potential risks.
“Each World-Check record represents a unique individual or entity and contains more than 30 identifying fields, such as name, age, date of birth, location and citizenship,” Malcolm says. “This detailed structure allows for increased screening accuracy and configurability, which dramatically cuts down on false positives.”
As financial sector digitalisation increases and regulatory scrutiny intensifies, greater demand is placed on compliance operations to increase search accuracy, reduce remediation time, implement sophisticated screening processes, and allow for auditable due diligence.
Qual-ID does this, while also enabling financial firms to verify customer identities using trusted sources, proof legal documents using facial comparison and OCR (optical character recognition), and screen for regulatory and financial risk – all in one transaction, via a single API.
“The solution has demonstrated an ability to lower onboarding costs, reduce abandonment rates, and cut down the time and effort traditionally required from compliance teams. Additionally, the client experience is significantly improved as a result of a frictionless experience and faster onboarding,” Malcolm says.
He believes that in the years to come, digital identity systems such as Qual-ID could form a significant component of the compliance infrastructures at the new digital banks, as well as crypto asset exchanges, payment services providers and even incumbent institutions, given today’s focus on ‘frictionless experience and faster onboarding’.
Indeed, the FATF endorsed such an approach at its Plenary this month, as it adopted a new guidance paper on digital identity. “Robust digital ID systems can improve the reliability, security and efficiency of identifying individuals in the financial sector and reduce the weaknesses of human control measures,” it said.
One of the next steps recommended by the FATF is for local authorities to develop clear guidelines or regulations allowing the appropriate, risk-based use of reliable, independent digital identity systems for AML/CFT purposes.
Although non-face-to-face customer identification has traditionally been classified as high-risk, this is no longer the case, according to the FATF guidance. “Reliable, independent digital ID systems, with strong risk-mitigation measures in place, may be standard risk, and may even be lower-risk,” it says.