While 97% of enterprises report the pandemic has sped up their company’s digital transformation, fraud has also increased as cybercriminals are taking advantage of new online-only operations. Americans have reported over 184,000 cases of COVID-19 related-fraud and losses of over $124 million to date, and these numbers are sure to increase as the pandemic and remote business operations continue.
Verifying a user’s identity is more critical and challenging than ever as businesses have shifted online, and it is impossible to truly know if a user is who they claim to be with traditional authentication methods such as passwords or security questions. To protect customers from identity theft and fraud, financial institutions must be able to know that the person using their service is the actual account owner and not a fraudster logging in with stolen information.
This article will explore four best practices for financial institutions to know and trust their customers in today’s remote world, driven by the COVID-19 pandemic.
Implement Continuous KYC
Financial institutions are required to implement Know Your Customer (KYC), a process to ensure their customers are who they claim to be and confirm they are not involved with corruption, bribery or money laundering. But organizations are responsible for preventing fraud and financial crimes throughout the full customer journey, not just when onboarding new customers. While a customer may have not been on any watchlists when they signed up, financial organizations need to periodically review their customers to ensure they remain trustworthy.
Beyond initial verification, organizations need to authenticate users with each login to ensure the account is being operated by the true user each time and not someone logging in with stolen credentials. For example, biometric-based authentication captures a selfie of the user when creating the account and, each time the user logs in, a new selfie is taken and compared to the original to confirm identity (using face-based biometric templates). Additionally, financial organizations must also implement ongoing transaction monitoring to ensure they are taking every precaution to detect suspicious activity that may indicate money laundering or terrorist financing and file reports to regulatory agencies such as FinCEN. These agencies, in turn, work with law enforcement to detect and prevent the flow of illicit funds through our financial system.
Avoid Risks of Non-Compliance
Not following KYC best practices can lead to fraud, loss of customer trust and large fines. Financial institutions have been hit with $10.4 billion in global fines and penalties related to anti-money laundering (AML), KYC, data privacy and Markets in Financial Instruments Directive (MiFID) regulations in 2020 alone. It is critical enterprises’ identity verification and transaction monitoring solutions ensure compliance with all applicable regulations to protect both the enterprise and its customers.
Ensure Your Customers Can be Trusted
The dark web is filled with personal information (36 billion records were breached just in 2020), making it simple for cybercriminals to log in with an exposed username and password or an answer to a security question and act as the user. Because of this, these traditional password-based authentication methods offer no real proof of identity. Financial institutions must ensure that they build in the necessary safeguards to protect their ecosystems, reputation and accounts owners with solutions that effectively verify users remotely, while remaining compliant with KYC and AML requirements.
Utilize a Single Platform to Build Customer Trust
Traditionally, financial institutions would need over a dozen solutions to verify the user’s identity, check their ID and supporting documentation, authenticate them on subsequent visits, perform ongoing screening to make sure they’re not on watchlists, monitor their transactions, manage investigations and report suspicious activity. Because this approach is complex, inefficient, expensive and is often insufficient in verifying identity and spotting financial crime, financial institutions are favoring a single platform with these capabilities built in to effectively verify users quickly while maintaining compliance.
By 2023, 75% of organizations will be using a single vendor with strong identity verification capabilities and connections to many other third parties for identity proofing and affirmation, which is an increase from fewer than 15% today (source: 2020 Gartner Market Guide for Identity Proofing and Affirmation).
As fraud and financial crime evolve as financial operations remain remote, organizations can ensure their customers remain trustworthy by implementing continuous KYC, ongoing transaction monitoring and utilizing a single platform to execute identity verification and compliance processes.