In the last few years, many industries have shifted to internet-first business models, with many companies servicing customers exclusively online. The uptick in digital adoption translates into increased fraud attack surface and, ultimately, more pressure on businesses to protect customers from scammers.
Currently, cybercrime costs the global economy a whopping USD 6 trillion each year - that’s over USD 16 billion a day, to put it in greater perspective! By 2025, this figure is expected to climb to USD 10.5 trillion. If measured as a country, it would be the third-largest economy after the US and China.
The online shift, however, creates opportunities for institutions to showcase their customer-focused credentials and demonstrate strong fraud controls in the digital space. This article briefly discusses how businesses can leverage eKYC to bake such controls into the user journey without impacting the customer experience (CX).
Customers have become accustomed to engaging and frictionless user experiences, with the overwhelming majority often prioritising the latter over price and product. Hence, businesses must continuously look for ways to derive more value, reduce friction, and increase competitiveness at every touchpoint to win and retain customers.
Meanwhile, fraudsters are constantly working to bypass anti-fraud controls and exploit any weaknesses. Businesses naturally respond with additional countermeasures that invariably impact the user experience and increase genuine customer dropouts.
In addition, regulated institutions such as banks, payment processors, and fintechs typically have a global customer base. Hence, they must comply with disparate and onerous Anti-Money Laundering (AML) regulations, often with competing requirements, without compromising the customer experience.
Finally, the balance between CX, fraud deterrence, and regulation must be achieved cost-effectively to increase the Return on Investment (ROI). Fortunately, modern eKYC solutions offer a superior CX, adhere to regulations, and leverage cutting-edge anti-fraud technologies.
Before we delve in, let’s quickly revisit Know Your Customer (KYC). In a nutshell, it is the due diligence process by which businesses establish a user’s identity to protect themselves and their customers from fraud and other types of financial crime. It is also a cornerstone of AML laws designed to fight money laundering, terrorist financing, and sanctions evasion.
Electronic KYC (eKYC) is the digital counterpart of the conventional paper-based KYC. It typically takes place online in a remote, automated, and paperless fashion. It involves verifying a customer’s identity electronically through government e-gateways, bank identity, digital identity certificates, or AI-powered identity verification.
While eKYC first kicks in during onboarding, it also plays an essential role in keeping up with ongoing due diligence commitments throughout the customer relationship.
While eKYC platforms vie to achieve real-time verification and reduce touchpoints to keep customers engaged, there’s no one-size-fits-all solution due to numerous considerations.
For example, the UK’s Financial Conduct Authority (FCA) allows banks and fintechs to use automated solutions to perform eKYC. However, the German financial regulator, BaFin, takes a more conservative approach by allowing automated video verification for specific use cases and only if complemented by a Qualified Electronic Signature (QES) and a bank transfer as part of onboarding.
On the other hand, while Germany stipulates specific technical requirements for eKYC, other countries, such as Spain, are less prescriptive. That said, not all laws are ‘imposing’ frameworks. One important example of ‘facilitating’ legislation is the electronic Identification, Authentication and Trust Services (eIDAS) regulation. It was introduced by the European Union (EU) in 2018 to facilitate interoperability across disparate national electronic identification (eID) schemes and create a common framework for cross-border identities based on three Levels of Assurance (LoAs): low, substantial, and high.
Furthermore, eIDAS regulates the use of trust services and introduces three types of electronic signatures: simple, advanced, and qualified. Qualified Electronic Signatures (QES) have the same legal effect as handwritten signatures in the EU.
While businesses are keen to provide the best user journey to entice customers to products and services, they need to find the right balance between low and adequate friction levels to effectively fend off fraud without getting in the way of genuine customers.
However, fraud threats are multifaceted, growing, and rapidly evolving. Therefore, for fraud deterrence to be effective, it needs to be adaptable and tailored to the customer journey. Layering identity checks is an effective strategy that helps businesses respond more quickly to threats.
Multi-layer identity checking combines and orchestrates the right mix of verifications based on fraud indicators. This effectively allows user friction to be dynamically adjusted based on several factors, including business context, location, behaviour, transaction amount, and so forth.
For instance, a selfie-based eKYC solution can be deployed to conduct passive liveness checks to catch the most common spoofs and reduce fake signups. However, when a user uncharacteristically initiates a large-sum transaction, a randomised video-based challenge can be introduced, adding more friction but catching more spoofs.
Likewise, when identity assurance is paramount, let’s say for a mortgage application, layering biometric verification on top of document proofing and database checks gives the best chance of keeping fraud at bay. Independently, weaknesses in these three checks can be exploited by criminals. However, when their outcomes are triangulated, it makes them challenging for fraudsters to circumvent while reducing back-and-forth with genuine customers. That’s why using an eKYC solution with a decision engine at its core is vital to achieving an adequate balance between CX and fraud deterrence.
The stakes for digital identity have never been higher. Businesses need to identify and authenticate customers in real time and accurately. At the same time, users expect fast and frictionless online experiences.
Though no one-size-fits-all eKYC solution exists, a multifaceted approach that orchestrates and combines identity checks can mitigate fraud risks without adversely impacting the user experience.
Nevertheless, in an increasingly globalised economy, support from the right eKYC vendor that understands regulatory nuances and market specificities is invaluable. A robust eKYC solution must also be flexible to adapt to ever-changing fraud risks without breaking compliance posture or user journey.
Dr. Tarek Nechma is the founder and CEO of ComplyCube, an award-winning AML/KYC compliance platform. Prior to ComplyCube, Dr. Nechma held senior roles in financial services, most recently as the Head of Enterprise Data Tools and Insights at Barclays bank, where he oversaw the buildout of innovative platforms to uncover insights and unleash business value.
ComplyCube is an award-winning identity verification platform for automating AML and KYC compliance. The platform combines cutting-edge Artificial Intelligence, trusted data sources, and expert human reviewers to enable businesses to effortlessly achieve global AML/CTF compliance, convert more customers, prevent fraud, and cut costs.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now