AML & KYC for iGaming: Staying Compliant and Safe

by Florian
Fraudsters know exactly how to fool KYC checks. Let’s see why alternative data helps with your customer due diligence.
In one of our webinars, we asked fastloan industry specialists which data points were the most important for them. ID verification was number one.
We suspect the same is true of a number of verticals.
Whether it’s for digital onboarding for new users or as part of your AML software, electronic identity verification (eIDV) is an increasingly important part of many businesses as part of the KYC and eKYC verification.
The problem? Customer due diligence is both a compliance issue, and a challenge that fraudsters love to solve. And they’re doing pretty well at evading detection.
In this post we’ll show you how fraudsters fool KYC checks, and why sourcing alternative data is one of the best solutions to flag them.
But first, a quick recap of the key terms here.
Customer due diligence, or CDD, is a process where companies attempt to learn key information about their customers to ensure they are who they say they are. The process includes screening and ID verification as a form of risk assessment.
CDD, just like other processes such as KYC (Know Your Customer) and AML (Anti money-laundering), is a legal requirement for certain industries – especially banks and neobanks. You must therefore comply with CDD regulations to avoid fines.
Customer due diligence is a legal requirement and it must be performed for new business relationships (new customers), for certain transactions over a threshold, money laundering suspicion, or if a user presents unreliable documentation.
It is a four-step process, which sees companies:
You can read more about the best identity verification software.
CDD or Customer Due Diligence includes KYC checks, but adds a focus on the source of funds. Moreover, CDD checks need to be ongoing throughout your relationship with the user, not just during signup.
KYC or Know Your Customer checks happen at the onboarding stage. The three key components include a first and last name, date of birth and residential address.
Identity theft accounts for 64% of all data breaches. That means there’s no shortage of user IDs that fraudsters can purchase on the darkweb and use to sign up to your service.
But an even bigger challenge is that of money mules, hacked accounts and rent-an-ID services.
Put simply: fraudulent organisations hire real people to do their criminal bidding for them.
The challenge is that these are legitimate user profiles, which have all the proper IDs, credit history and paperwork. Only the intention is different from that of a good customer: they are essentially highjacked to defraud your business.
Fraudsters aren’t the kind of people who give up after facing one hurdle, and a growing number of solutions are available for those who want to bypass ID checks:
Enhanced Due Diligence, or EDD, is required when your product or service and the types of customers it attracts is considered high risk.
It requires a higher level of scrutiny, for instance, when: the bulk of your clients are foreigners or non-residents; Politically Exposed Persons (PEP); nominee shareholders; or if the company is cash-intensive.
To complete the picture about their users, risk managers have begun leveraging another kind of data from alternative sources.
On paper, this is a wonderful innovation. Networked rather than centralised accounts facilitate numerous processes such as switching bank or integrating third-party financial products. It also allows lenders to access some:
Best of all, Open Banking APIs work fast, allowing you to build a modern digital credit scoring system in real-time.
But unfortunately, that data may be:
To make matters worse, that alternative data is simply inexistent in emerging markets, or in countries like the USA where 25% of households are considered either unbanked or underbanked.
So what else should you look at if even the financial institution’s data isn’t helpful? Alternative data you can gather by enriching data from an email address, phone number, IP address, or social media profile: what we call digital footprint analysis.
The key is to gather data that is fresh, up-to-date and relevant. Even complex device configuration is easy enough to emulate. But a whole social media history creates a high barrier for fraudulent organisations who want to scale their operations.
We offer one of the most advanced social media lookup solutions on the anti-risk market. This finds information on a person’s social media profiles based on a single email address or phone number.
SEON checks 20+ social media sites, based on a single email address or a phone number. You will get access to the user profiles, bio and avatar, and even a “last seen” date.
Best of all, all the data enrichment information can be aggregated via manual query, API call or even a Chrome browser extension.
Don’t let legitimate-looking accounts fool your Customer Due Diligence and KYC checks. By building a fuller user profile using fresh alternative data, you get to:
All with zero extra user friction, and a choice of integration that works with your business.
Read about how an iGaming operator reduced onboarding risk and improved customer due diligence with SEON.
A due diligence checklist is a series of steps your organization must complete to ensure it remains legally compliant. The checklist steps may vary from one industry to the next, but they always include some form of identity and financial information verification.
Customer due diligence requirements vary from one industry to another, however, you will commonly find that a business must establish a user’s: 1) identity, 2) financial information, 3) residential address, 4) money-laundering risk.
While customer due diligence is a broad term, it can also be broken into different processes such as KYC (know your customer) checks, AML checks (for anti-money laundering), or EDD (enhanced due diligence).
Click here
Florian helps tech startups and global leaders organise their thoughts, find their voices, and connect with customers worldwide.
Join over 6000 companies in getting the latest fraud-fighting tips