Blog

/

Compliance

How to Select the Best Identity Verification Software

Working with BaaS and identity verification software to fight fintech fraud.
Apr 5, 2022
,
April 5, 2022
cell phone and identity software security

(Guest blog post from our compliance partner Unit 21)

To hide the illegal source of their funds, criminal networks masquerading as legitimate individuals or businesses use financial organizations to move illicit funds into a legal, financial system. As a result, the United Nations estimates that $800 billion to $2 trillion are laundered annually, with 90% of this amount undetected.

To combat this staggering problem, today’s organizations need to know whom they are doing business with by verifying each customer’s identity during onboarding as a first step to prevent fraud and money laundering.

This process protects organizations and victims of identity theft from the financial cost and additional negative consequences of a financial crime. Therefore, the act of identity verification is a vital element of an effective risk and compliance program and is critical to providing a positive customer experience and supporting secure business growth.

However, now that the industry has moved towards digitization, identity verification can no longer be performed at scale using a manual process. That is where the use of specialized identity verification software like Unit21 comes in. Banking as a service provider Treasury Prime and Unit21 work as partners to help fintechs and enterprise companies launch embedded finance services while combatting fraud and mitigating risk.

This article looks at the steps to take when searching for an identity verification solution. Read on to learn more about how finding the best identity verification software helps financial organizations to achieve compliance with regulations and legislation, prevent fraud, and approve more good customers at scale.

Watch the Treasury Prime / Unit21 joint webinar on transaction monitoring

History of Identity Verification for Financial Organizations

Today’s financial businesses have the ability to create well-conceived customer experiences online through the use of technology. These digital systems offer convenience to users and benefits to companies, including cost savings and a sustainable competitive advantage.

However, this shift from the physical to the digital world creates a challenge for organizations to establish the user's identity and ensure legitimacy throughout the business relationship.

Also, while the use of technology has created several benefits for customers and financial institutions alike, the same evolution of technology has provided fraudsters with more sophisticated and convincing methods to steal personal information.

The reach and scale of cyberattacks designed to capture user details require a low hit rate to produce vast numbers of identity theft victims. As a result, this inherent flaw provides criminals with the credentials needed to fraudulently open new accounts to launder the proceeds of their crimes.

In 2020, the FTC received 4.8 million identity theft and fraud reports, an increase of 45% over the previous year. And unfortunately, prior methods used to verify identity that relied on personally identifiable information (PII) are no longer effective because criminals have figured out ways to construct complex networks of companies that ultimately confuse authorities. They hide behind multiple layers of organizational interconnections to carry out illegal activities and move money into the banking system.

So, even though financial organizations are responsible for determining who their customers are, this requires gathering and analyzing information about the customer to verify their identity and assess the level of risk, which has become increasingly more difficult. Despite these challenges, regulations have recently been strengthened to hold these institutions accountable.

A Stronger Focus on KYC and Customer Due Diligence is Introduced

Prior to 2018, banking customers were not required to identify the owner of legal entities such as corporations or limited liability companies. But since then, the requirements have become tighter, making it so organizations much place a stronger focus on accurately assessing and verifying their customers and their risk profiles.

As such, the global scale and impact of fraud has resulted in stringent Anti-Money Laundering (AML) and Know Your Customer (KYC) requirements that financial organizations must comply with — or risk significant financial and reputational damage.

Know Your Customer (KYC) is a set of standards used to verify customers as part of a broader anti-money laundering policy and are designed to protect financial organizations against fraud, money laundering, and terrorist financing.

KYC requires that customers are identified and verified during the onboarding process. In addition, KYB or "Know Your Business," an extension of KYC, looks for additional corporate information, including the business registration details and location, to understand the corporate structure, the business model, source of funds, and beneficial ownership.

Customer Due Diligence (CDD) continues beyond the customer's onboarding process to continually assess the potential risk of doing business with a specific company or individual throughout the duration of the relationship — as a customer's activities change over time, so too can their risk profile. Therefore, updating customer information with current and relevant detail is essential to identify and report suspicious activity.

The progression in the depth of regulation around KYC and CDD has led organizations to need more robust solutions than were previously acceptable. That is why identity verification software has become increasingly prevalent in the realm of risk and compliance.

What is Identity Verification Software?

Identity verification software helps financial organizations understand their users and confirm they say they are in real life. This process demands a robust, comprehensive solution that protects the business and genuine customers — without impacting user experience.

Each identity needs to be cross-checked against multiple external data sources and enriched data to provide relevant context to determine if the identity is genuine or not. It is a complex and critical process, and a manual approach is impractical, time-consuming, and ineffective.

Designed to verify users' identities, identity verification software applies the latest technologies to quickly and efficiently check user information against current and comprehensive data sources.

The right solution in place allows organizations to differentiate between good customers and fraudsters and, in doing so, build trust, prevent fraud, and maintain compliance with regulatory obligations. If a user or entity fails verification, risk and compliance teams can investigate and build cases for suspicious activity report (SAR) filings.

Benefits of Having an Identity Verification Solution

There are many significant benefits for an organization to invest in an identity verification solution, and they all support the secure growth and development of the business.

  • Fraud prevention: By verifying the identity of customers, the business is protecting itself and customers from potential fraudsters. The detection and reporting of suspicious activity to authorities provides valuable insight essential to aiding national and international efforts to expose criminals and the corporations they hide behind.
  • Compliance management: Identity verification is a KYC requirement. Non-compliance can result in costly fines for a business and create negative brand associations.
  • Customer trust: Identify verification shows customers that their privacy and security are essential to the business and builds trust.

Who Needs Identity Verification Software?

As discussed, criminals frequently target financial organizations as a means to launder the proceeds of illegal activities. Other industries that move funds in and out of customer accounts also face increased risk, such as insurance companies, gaming companies, and cryptocurrency dealers.

Healthcare organizations move, process, and store significant amounts of personal data. As a result, they are a prime target for cybercriminals looking for this valuable data and may also consider using identity verification software to protect their business and customers.

Given the damaging impact any association with money laundering and financial crime can have on an organization, organizations that engage with customers online rather than in-person require a KYC program to protect their customers, build trust and protect their business from fraud and data breaches.

These organizations need to identify and verify users as part of the onboarding process. But it doesn’t stop there. They need to continuously repeat the process throughout the relationship with the customer to ensure they do not pose any risk to the organization at any point in time. The verification process should not be an obstacle to an optimal customer experience but seamlessly connect a users' physical and digital identities efficiently and securely.

The teams and individuals with roles in designing, deploying, and managing the efforts required to protect the organization from the risk of financial crime will all have a vested interest in identity verification software. These team members include compliance officers that manage the adherence to regulatory obligations and the analysts that ensure the necessary rules and systems are in place.

4 Steps to Finding the Best Identity Verification Software

Identity verification is critical to ensuring the financial organization only engages with legitimate customers and adheres to compliance requirements. Choosing identity verification software for the business needs to consider several factors so that the organization's decision is the best one.

Step 1: Understanding the Requirements

The specific needs of the business must drive the decision. The industry, the customer profile, the nature of the engagements online, and the user experience all determine the role that identity verification plays and how it needs to function.

There are multiple stakeholders from across the organization that should be involved in selecting an identity verification solution. Gathering their requirements to get a comprehensive understanding of what is needed is the first step and ensures that the chosen solution includes the features and functionality required now and in the foreseeable future.

Step 2: Evaluating Features and Functionality

With clarity on the requirements of the identity verification software, attention then turns to what providers are offering. Some features are essential to a solution, and understanding what these are and how they are provided is vital to making an informed evaluation. Here are some of those key features and approaches that ensure optimal effectiveness.

  • Verification providers: The data sources used for validation are critical and need to be legitimate, official, and updated regularly to verify the validity, nature, and current regulatory status for business entities to produce the best match results.
  • Customizable: Every business is different, and finding a solution that allows workflows to be tailored to the organization's needs is critical. This flexibility ensures a robust and adequate streamlined verification process to be efficient and effective for the business and the customers.
  • Visibility: A comprehensive dashboard allows for events to be reviewed and ensures that timely and relevant action is taken, logged, and reports updated. Integration with an effective case management system streamlines processes, recording all necessary details in a single location with a comprehensive and auditable record.
  • Context: By seeing the bigger picture, financial organizations can view seemingly unconnected activities to uncover the efforts of fraudsters attempting to avoid detection. Link analysis shows connections between events and entities to highlight where someone may be trying to circumvent controls and create an alert.

Step 3: Assessing Usability

The solution needs to work with other systems in the organization. Understanding what these are and how the integration should work is an important consideration.

What will the requirement be from engineering resources to deploy and manage the solution in the future? How autonomous will risk and compliance professionals be when utilizing the solution?

A no-code approach can empower teams to design and deploy the most effective workflows without the need for additional resources that can be much in demand.

Step 4: Determining Fit

As possible solutions are evaluated, deciding on the best choice for the organization should remain focused on addressing the needs of the business. Although there can be cost savings made, some solutions require the vendor or in-house engineers to modify systems and do not offer the team the flexibility to tailor the solution to the organization's needs.

These solutions may limit what they provide and require the organization to address some elements of the process themselves — creating gaps in what needs to be an end-to-end process.

Other solutions may offer an extensive list of features and functionality. These options can require organizations to pay significantly more than they need to. Starting with a clear understanding of what is required identifying the solution that incorporates the features and can be tailored to match the resources, budgets, and workflows.

How Unit21's Identity Verification Product Can Help

With Unit21's Identity Verification solution, organizations can automate the validation, screening, and decision-making required to approve good customers faster, adhere to compliance requirements and reduce the risk of fraud.

AML teams can manage identity and document verification, including non-documentary verifications (name, address, DOB, SSN), watchlist screening, and monitoring using independent and reliable data sources — scanning against different lists and databases to validate identity and check against known or suspected criminals to defend against fraud with better data.

Unit21's no-code flag and review platform allow teams to customize workflows that suit their particular use cases. These include synthetic checks to identify entities using spoofed or falsified personal information.

An interactive dashboard provides a complete picture of the process and connections between events and entities, creating a timely alert when fraudsters may be trying to circumvent controls. Alerts are also triggered if a user or entity fails verification and allows risk and compliance teams to use the entity data to build cases for SAR filings using the Case Management platform.

Unit21 offers this information through partnerships with several leading identity verification providers. As a result, customers can quickly and efficiently identify their customers and manage the process from within an interactive dashboard to provide transparency across the organization.

Partner solutions are also bolstered by additional analytics and reporting, allowing organizations to automate portions of their identity verification process. Here are some notable features of a highly effective identity verification solution like Unit21:

  • Custom Workflows: Software that allows users to easily build out workflows that are unique to a specific use case helps streamline the identity verification process and provide the most relevant results.
  • Integrated Case and Entity Dashboards: Users should be able to monitor the alerts that are raised by the workflows in an easy-to-understand dashboard. It’s even more efficient for the identity verification solution to integrate with a case management platform that allows for custom escalation, action, and/or disposition workflows so that everything from reviewing, to investigating, to reporting can all be managed in one location.
  • Data Enrichment: Platforms like Unit21 can strategically integrate with external sources to enrich the data that our customers are sending in. This data enrichment can be automatically triggered upon data ingestion or on-demand through the review workflows. To do this, key partners are involved to verify the validity, nature, and current regulatory status for business entities. Industry classification data to help classify the nature of a business can also be returned, giving customers more robust information.
  • Synthetic Identity Checks: The ability to return a synthetic fraud score for every entity helps ensure that entities submitting spoofed or falsified personal identifiable information can be identified and flagged for review quickly and accurately.
  • Link Analysis: Being able to visualize the data in a meaningful way helps teams find fraudsters who may be intentionally ducking known detection techniques. Software that includes link analysis enables users to take a step back and view the whole picture, drawing links between entities and events that would otherwise be difficult to detect.
  • Auditable Trails: Every action taken in the platform should be logged and stored as an auditable trace of an event. This ensures that teams have the proper records to use for reporting so that nothing slips through the cracks.

Choosing an Identity Verification Solution: Key Takeaways

Organizations need to be able to identify their legitimate customers from fraudsters, protect the business and ensure compliance. Risk and compliance teams can build and maintain successful KYC/KYB and AML programs that reduce fraud and avoid regulatory fines with a robust identity verification solution.

When selecting an identity verification software for your organization, consider the following before making a decision. Does the solution in question provide:

  • Reliable, independent data sources? The validation process requires customer information to be correlated across multiple databases to produce the highest quality match.
  • Tailored workflows? Organizations need to create workflows designed to fit their specific use case. This streamlines the identity verification process to provide the relevant results.
  • Ease of use? An easy-to-understand dashboard allows users to monitor and manage the workflows and alerts. This ensures transparency and empowers risk and compliance professionals to be successful.
  • Integrated Case Management? In the event of an alert, building cases for SARs filings using the entity data allows for all reviewing, investigating, and reporting to be managed in one place.
  • Continuous product evolution? The insights and processes for identity verification are dynamic, so data sources, workflows, and analytics need to be constantly reviewed to ensure that they are current, relevant, and effective.

Want to dive deeper on compliance? Read more useful compliance articles here. Treasury Prime has a 4-point compliance framework that can help your bank or fintech manage risk, to learn more, get in touch with our team.

If you are ready to begin the process of vetting an identity verification solution for your organization, arrange a demo with Unit21.

← Back to blog