The evolution of KYC – Part 3

This is the third and final part in a three-part article series that covers the history of KYC (Know Your Customer) legislation and the three primary drivers of the need for such legislation: money laundering, tax evasion, and the financing of terrorism. If you missed the second part check that out here.

2000s: 9/11 and The Patriot Act

Before this time, KYC regulations were really just aimed at preventing money laundering of criminal proceeds and tax evasion but all that changed in 2001. 

Following the events of 9/11, the U.S. federal government passed the USA Patriot Act in which combating terrorism financing was a core component. This spurred international and European efforts to fight against terrorism and its financing. 

The preparations for the 9/11 attacks were estimated to have cost somewhere between $400,000 $500,000, of which approximately $300,000 was spent unnoticed in the US.   

The investigation of financial flows and banking data is believed to be a powerful tool for combating terrorism and other illegal activities. With the Patriot Act, Financial institutions were required to

  1. Verify the identity of any customer seeking to open an account using documentary and non-documentary verification. 
  2. Maintain the records of verification for 5 years after the account is closed. 
  3. Compare the customer’s name against the government’s list of known or suspected terrorists. 

In Europe, the third EU Directive was released with a strong focus on KYC. Regulated entities were obliged to increase due diligence checks on their customers and the accounts they may hold. 

Through enhanced KYC and due diligence requirements, financial institutions and businesses were required to establish the identity of their client, to record and analyze their financial transactions and to report any suspicious transactions to a national Financial Intelligence Unit (FIU).

2010s: The decade when technology complicated and simplified KYC

Technology is now a major part of all aspects of society and business operations including that of banks and financial institutions, as well as criminal activities. As a result, KYC regulations were constantly being revised and became increasingly complex. 

This period also saw the trend towards digitalization and automation of AML/KYC processes using Machine Learning (ML) and Artificial Intelligence (AI). 

At this point in time, the core principles of money laundering and fraud haven’t changed much but the mechanisms used have changed drastically. While technology has enabled financial institutions and other businesses to reach more customers with their offerings, it has also opened new doors to money launderers and fraudsters. That complicates the work of KYC professionals who now need to spend far more of their time conducting due diligence checks. 

Up until this point, enhanced KYC and due diligence requirements were heavily focused on selected industries. Then came the rise of sharing and gig economies where trust and safety play a critical role. 

2020: The future is complex (and the KYC solution simple)

Machine Learning and other forms of AI will continue to be a big driver in shaping the KYC compliance landscape. To keep up with changes in technology, society, and criminal behavior, the complexity of KYC regulations will continue to expand and reach all areas of business that involve any form of monetary transactions. The data that financial institutions and businesses have on their customers will need to be current, accurate, and even more comprehensive than it is today. That means that it will become increasingly difficult for financial institutions and businesses to keep abreast of the changes through manual labour alone. 

Today, KYC costs are breathtakingly high and the process time-consuming. KYC professionals need to dedicate a large sum of their time to manually comb through customer data as part of the compliance efforts. In the future, only automation and digitization will be able to reduce, or even eliminate, this effort with the associated cost savings. Businesses that do not embrace automated identity verification, AML, PEP, and sanctions procedures will crumble under the sheer manual effort required to stay in compliance with the ever-changing and expanding regulation.

Even as KYC regulations expand and more personal information must be verified and kept by more businesses to maintain compliance, people will increasingly seek to limit digital privacy invasions. More data privacy regulations such as the European GDPR and California’s CCPA will emerge and this will further complicate compliance. With increased privacy legislation, the storage of personal data will simply become an even greater liability than it is today.

While many aspects of the future are uncertain, it is clear that Identity verification will become ubiquitous as criminals take advantage of new technologies and governments race to tackle new forms of money laundering, terrorism financing, and tax evasion. 

With increased regulation and increased need for privacy, 100% Automated GDPR compliant identity verification solutions that are built on the principles of Privacy by Design are the answer to the KYC, AML and identity verification needs of the future. 

As luck would have it, that is exactly what Authenteq provides.