Nearly 100% of companies have stated that the pandemic accelerated their digital transformation efforts. However, there has also been a surge in fraudulent activity as threat actors are exploiting newly remote operations. With more than 184,000 fraud cases related to COVID-19 and losses of over $124 million reported by Americans, fraud will only increase as businesses remain remote.
The new state of remote operations has made user verification increasingly challenging. With traditional authentication methods like knowledge-based authentication (KBA) and passwords, it’s impossible to confirm a user’s real identity. To mitigate the risk of fraud and identity theft, enterprises must be certain that the user logging in is the true account owner rather than a criminal using stolen credentials.
In today’s digital world, knowing your customer is more critical than ever before. As such, financial institutions must look to the following best practices to ensure their users are trustworthy.
Confirm customers are who they claim to be
The dark web contains an abundance of personal data (including usernames, passwords, email addresses, birth dates, etc.), with 36 billion records breached in 2020 alone. This gives cybercriminals easier access to stolen usernames and passwords, as well as security questions and answers. Since criminals can simply log in with this information and pose as the user, traditional authentication methods like security questions or passwords don’t provide real proof of identity. To safeguard their enterprise, credibility and customers, financial organizations must implement solutions that are KYC and AML compliant, while efficiently verifying users during onboarding and beyond.
Enforce KYC throughout the entire customer journey
Implementing a Know Your Customer (KYC) process is required for all financial organizations to confirm their customers are truly who they say they are and make sure they haven’t engaged in any financial crimes such as bribery, corruption or money laundering. However, fraud prevention doesn’t end at the onboarding process: it’s crucial at every step of the customer journey. Even if a customer is not on any watchlists upon registration, institutions must regularly monitor account owners to make sure they’re still trustworthy.
Financial institutions must enforce an identity verification process during account creation to confirm users are who they say they are. For example, document-centric identity proofing compares a photo of a government-issued ID to a selfie to help financial enterprises know and trust their online customers, ultimately protecting both the business and customer from fraud. Aside from initial identity verification, users must be verified with each consecutive login attempt to confirm they are the true account owner. Using the document-centric identity proofing method mentioned above, users are asked to take a new selfie with each login which is compared to the selfie taken when the account was created to verify the users are the same. It’s also critical that institutions enforce continuous transaction monitoring to make sure they are taking necessary precautions to identify unlawful activity such as terrorist financing or money laundering that they should report to regulatory agencies. Agencies like FinCEN work with law enforcement to identify and mitigate illegal funds passing through the financial system.
Ensure compliance to prevent damaging consequences
Organizations that fail to comply with KYC requirements may risk losing their customers’ trust, falling victim to fraud or being charged with costly fines. Just in 2020, financial organizations were penalized with $10.4 billion in global fines and penalties associated with KYC, anti-money laundering (AML), data privacy and Markets in Financial Instruments Directive (MiFID) regulations. Enterprises must ensure their identity verification and transaction monitoring solutions comply with regulations to avoid risks of non-compliance.
Build customer trust with a comprehensive platform
Financial organizations have historically required countless different solutions to verify user identity, scan their ID and supporting documents, authenticate them with each consecutive visit, execute continuous screening to confirm they aren’t on any watchlists, keep track of all transactions, perform investigations and disclose any suspicious behavior. This approach is highly inefficient, costly, complex and simply isn’t secure enough. To properly verify identity and spot financial crime while effectively authenticating users and maintaining compliance, financial organizations must adopt a unified platform that integrates all of these capabilities.
By 2023, three quarters of organizations will shift away from using various third-party solutions and opt for a single vendor with strong verification capabilities and connections, an increase from less than 15% currently (source: 2020 Gartner Market Guide for Identity Proofing and Affirmation).The new state of remote operations has made user verification increasingly challenging. The old approach is highly inefficient, costly, complex and simply isn't secure enough. #KYC #cybersecurity #respectdataClick to Tweet
With ongoing KYC, continuous transaction monitoring, and a unified platform to effectively verify users and comply with regulations, financial institutions can ensure their customers are who they claim to be and maintain trust.