As digital financial services providers penetrate the African market at large, there is a need to ensure that fintech startups lay a strong foundation for a robust risk, fraud, anti-money laundering (AML)/combating the financing of terrorism (CFT), and compliance framework.
This is to ensure that they have a system that promptly detects fraud, and their platforms are not used as a conduit for money laundering, cybercrime, and other related crimes.
In Nigeria, the use of ATM card details and mobile banking PINs for fraudulent transactions is commonplace. Per the Nigeria Electronic Fraud Forum (NeFF), cases of electronic bank fraud cost lenders $14.2 million between 2016 and 2018.
A robust risk and compliance framework entail having inter alia an effective and efficient Know Your Customer (KYC) program in line with regulatory requirements; fraud prevention, detection, and prevention monitoring program; transaction monitoring process for prompt detection and reporting of suspicious activities and transactions as well as risk assessment and sanction screening programme.
This article focuses on Know Your Customer compliance and fraud.
“KYC simply means processes banks and other financial institutions use to ensure that customers are who they claim to be,” Mobolaji Bammeke, Chief Compliance Officer at Flutterwave, explains to TechCabal. “It’s at the heart of fraud prevention processes, as required by laws and regulations.”
Essentially, KYC involves fintech companies and other institutions with financial duties collecting specific information (including but not limited to full name, phone numbers, national ID numbers, utility bills, international passport, etc.) from potential customers—whether individual or corporate entities.
This is often done at the time of onboarding and where relevant, identity documents are validated before customers are approved.
Why’s this important? These measures serve as a line of defence against financial crimes such as money laundering and terrorist financing. KYC tests are typically very simple and easy to implement but when executed well, can be highly effective in preventing fraud.
“Compliance with KYC requirements prevents money launderers from using your platform as a conduit for fraud or other illicit financial activity,” Bammeke notes. “It’s in line with AML and CFT regulations. Typically, access is restricted for users that do not fulfil KYC requirements.”
It’s important to note that KYC is a continuous process. That is, after the initial onboarding is concluded, a financial company is required to regularly monitor client accounts to detect suspicious activity that indicates fraud or relates to financial crimes. If such unusual activities occur, a new KYC evaluation process is necessary.
Beyond identity checks, KYC policies ensure sound business practices and offer insightful data on customers. For instance, they can help companies evaluate the financial status of clients and determine creditworthiness where relevant.
How can fintechs get compliance right?
Fintech companies may not necessarily be financial institutions (that hold funds), but their transactions mostly flow through traditional banks.
As an extension of doing business with lenders that are subject to the KYC regulations, they must comply with the same to manage money laundering and terrorist financing (ML/TF) risk.
What are the key considerations players should be aware of?
The KYC process is a critical step in customer acquisition, and whatever policies are implemented should ideally have little impact on the onboarding experience of prospective customers.
“When drafting KYC compliance strategy, fintechs need to balance customer needs with risk management,” Bammeke says. “It’s vital to not miss out on lawful customers due to overly exhaustive processes. But that does not mean skipping necessary steps to ensure regulatory compliance. There just has to be a balance.” This balance is to ensure a smooth customer experience for customers.
More so, as the company expands, it should continuously improve the KYC process in line with new risks.
Innovation in KYC: A peek into the future
Compared to legacy institutions known for slower, more nuanced KYC compliance procedures, fintechs are nimble and have quicker, more accessible processes as their services are fully digital. The latter is thus more positioned to unlock innovative approaches to regulatory requirements like KYC.
Already, modern technologies like biometrics, artificial intelligence, and blockchain give companies new ways to achieve compliance with KYC requirements while enhancing user onboarding experience, limiting human interference, enabling greater access to financial services.
“In addition, fintechs can try other ways of identity verification such as video KYC and semantic analytics,” Bammeke says. “Legacy systems still largely dominate the space, but we’re seeing increasing KYC and AML innovations driven by modern technologies. They make the processes a lot faster, more accurate, and transparent.”
The link between KYC and fraud mitigation is a compelling reason for fintechs to establish adequate authentication and verification processes.
Compliance failure not only makes the company vulnerable to financial crimes but could also attract significant regulatory fines depending on the jurisdiction. An instance is the $100 million fine crypto exchange BitMex had to pay last year to settle claims of illegal trading and AML violations.
“Ultimately, KYC is an ongoing process, it involves achieving a balance of identifying and verifying your customer’s identity as well as minimizing risk in order to offer your customer base access to services without compromising on a great customer experience,” adds Bammeke.
If you enjoyed reading this article, please share it in your WhatsApp groups and Telegram channels.