How to Improve AML in iGaming

Last Updated: July 26, 2023 by Tamas Kadar
KYC verification is lengthy, expensive, unpleasant for the customer and – let’s be realistic – easy for criminals to bypass.
In fact, the cost of Know Your Customer checks is estimated to be $60 million a year for the average bank, which isn’t surprising considering that it slows down onboarding, increases churn, and requires dedicated resources to work effectively.
This is why anyone wishing to make the process safe and low in friction should carry out every step of their KYC verification effectively. We discuss the best ways to do this, what challenges to look out for, and other major aspects of KYC verification.
KYC verification is a crucial part of the customer due diligence (CDD) process and involves ensuring that a customer is who they say they are and can be trusted. Along with other KYC checks, it sees organizations cross-checking a prospective customer’s personally identifiable information (PII) with identification documents such as passports.
In other words, KYC verification is a process of identity verification that is focused on the CDD process of ensuring KYC compliance. It is also an essential part of preventing and mitigating fincrime, such as money laundering and the financing of terrorism.
To process and complete KYC verification, you need to ask your prospective customer for their details (usually their name, address and date of birth), ask for official ID documentation, and then cross-check those received items to determine if they are all in agreement.
The way the cross-checking process is carried out depends on the level of automation (if any) that’s involved. For example, some organizations may digitally scan a person’s ID documents to automatically pick up on the details printed on them, whereas others may opt to check it manually.
It is advisable that anyone doing KYC verification uses both IDV (identity verification) software and their own perception because this will increase the likelihood of spotting tampered documents.
The process is only complete once the organization doing the KYC verification has determined whether or not it deems the applicant eligible for the full Know Your Customer process.
The customer needs to provide proof of these details using official documentation, such as a passport, driving license, or national ID.
For iGaming and online casinos, KYC checks must also include age verification and self-exclusion lists.
SEON’s social media lookup tool checks 50+ social media networks and messenger apps to support your KYC verification checks
Ask an Expert
KYC verification and authentication processes help organizations know the extent to which their clients are trustworthy, and they also allow business owners to avoid fees and other penalties that would arise from compliance issues. They help us know which customers are legitimate and which may be linked to criminal activity, such as money laundering and the financing of terrorism.
In other words, both KYC verification and authentication processes are important because they help organizations to be compliant and able to determine which of their accounts should be retained and which should be blacklisted.
In fact, both processes are not just vital to decision-making in the management of accounts and customer relationships, but they also help police work itself. It is often a legal requirement for organizations to use KYC verification and authentication, and this reflects their application to crime reporting.
The use of KYC software and authentication processes mean that criminals have to undergo a process that may build evidence against their malicious activity. And this is all assuming that those criminals aren’t put off by the identity checks in the first place.
They are also important thanks to their collective ability to prevent crime by acting as a deterrent to criminals from the very beginning of a sign-up process.
These two are often coupled together in a business’s risk management segment and, to an extent, they have similar goals. Indeed, they can both be mandated by local authorities. But they are not synonymous.
The easiest way to understand the difference between KYC and AML is by thinking about the goals of each:
We should also note that in principle, both of these fall under the umbrella of CDD.
Let’s look at a number of reasons why – and preview how this can be ameliorated.
Unfortunately, there is a lack of awareness of the benefits of KYC among the public – so much so that many consumers view such measures as something to avoid.
In fact, research by Accenture shows that a convenient digital experience is among the top three reasons customers switch from traditional banks to challenger banks and neobanks.
Being overzealous when onboarding new users can cause churn – and especially so for digital-first institutions, where it goes against consumers’ primary reasons to choose you.
KYC regulations are different across the globe, and the type of documentation deemed acceptable varies too.
In the US, for instance, the Financial Crimes Enforcement Network (FinCEN) creates the regulatory framework digital banks follow. On the other hand, UK banks comply with the Sanctions and Money Laundering Act of 2018 and the Sixth Anti-Money Laundering Directive (6AMLD) governing the EU.
Each jurisdiction has restrictions unique to them, and its own passports, credit/debit cards, driver’s licenses, utility bills, etc.
This can create a logistical nightmare for companies working with an international user base. There are currently 150 different types of passports and national IDs worldwide. How do you verify every document when there is so much disparity between, say, an Italian ID printed on paper, and an Indian passport which does not contain a hologram?
Too many people around the globe are either underbanked or entirely unbanked.
The World Bank’s 2021 report says that nearly 1.7 billion people remain unbanked. The latest research by Merchant Machine corroborates that finding, and highlights Egypt, Mexico, Morocco, Philippines, and Vietnam as the most unbanked countries, with more than 60% of their population unbanked each.
In fact, even in the US, 25% of households are unbanked or underbanked, according to figures published on CNBC.
Fintechs considering serving these countries face great difficulty in sourcing reliable customer information. This is even worse if they provide lending services, as they need some sort of credit check to do so safely.
Increasingly, we’ve seen evidence that legacy identity verification methods can be much easier to fool than expected.
In fact, document scans are welcomed by fraudsters who want to pass customer identification checks, as it’s one of the easiest ways to get around user KYC authentication. There is no shortage of options, as they can:
In fact, we even conducted an experiment to see how easy it is to apply for a loan with a stolen ID – and the results are not encouraging for lenders.
Other measures put in place to protect consumers that can cause friction and churn in payments are 3DS and SCA.
In fact, cart abandonment due to 3DS can be as high as 40% (in Spain and France, according to Forter). These are not sales any merchant wants to miss out on – which gives them ample reason to avoid implementing 3DS if they can help it, or even avoid specific banks.
Often, when a bank expands its services across savings, loans, and investments, its departments tend to work in silos, leading to a lack of mutualization.
For example, the lending team might not share customer information with the investments team, meaning a customer can be asked to submit the same information on multiple occasions. This leads to poor customer experience and confusing risk decisions for the bank’s team.
With identity theft on the rise, relying only on KYC information provided by users leaves your bank vulnerable to fraud.
Documents can be forged, identities hacked, bought and generated, and even biometric verification has been shown to be susceptible to spoofing.
Yes, KYC mandates usually require you to look at such proof of identity, but you can add more layers of protection – especially so if it’s frictionless.
It all starts with gathering as much information as you can about each customer. A great fraud prevention tool helps you get a 360-degree view of your users.
The way SEON’s engine does this with zero friction is by examining the customer’s digital footprint, starting with just their email address, IP address, and phone number.
The result of this search will be a comprehensive profile of their public data, sourced from 50+ social media and online services. What this tells us is whether they behave like a real person online, and thus how likely they are to be a legitimate customer.
For instance, digital footprint analysis at SEON has demonstrated that the average good user has five to six online profiles on some service or another, while they are also likely to have fallen victim to a data breach.
On the contrary, an email generated by a fraudster will have very little online presence – which means they should be funneled towards more rigorous KYC checks, if not banned outright.
Device fingerprinting paints a vivid picture of how a user connects to your platform. By examining their software and hardware configuration and generating browser, cookie and device hashes, SEON is further able to conduct velocity checks, behavior checks and real-time monitoring.
These data points add even more information to the assessment of the new user’s intentions. As a case in point, SEON’s solution gathers the following data, among others:
As we have seen, KYC checks are costly. Identity verification vendors charge anywhere between $13 and $130 per customer verified. This can very quickly add up.
The fewer fraudsters reach KYC verification, the more money the organization can save.
By implementing SEON’s solution at signup and letting it work behind the scenes, you’re introducing a traffic lights system that greatly reduces the number of junk users who reach true KYC. So you don’t have to pay up to $130 to reject each fraudster.
In other words, SEON’s solution funnels fewer bad users through, and increases the ratio of good to bad users who get verified.
Beyond compliance and costs, this also helps minimize overall fraud at your company, as fraudsters and money launderers are significantly less likely to gain access to your products.
Since anyone working in your vertical should have the same KYC risk assessment requirements, it’s all about implementing them in a smart way, for instance by using dynamic friction.
Here is how SEON can optimize your KYC to give you a competitive advantage:
This also creates the basis for further financial services functionality. For instance, loan providers trying to perform alternative credit scoring through digital ID profiling don’t have to worry so much about finding financial info: They can use digital footprinting to build their scoring models instead of using details from banks and financial institutions.
SEON lets you onboard good users as soon as possible, applying the least amount of KYC possible – while you block obvious criminals, as well as request more documentation from suspicious users.
Our solutions have allowed leading neobanks and fintechs to grow faster and serve more customers without any compromise to their safety or compliance – by filtering out bad users pre-KYC, triggering exceptions for 3DS checks, reducing transaction fraud, eradicating defaulting customers, and enjoying peace of mind in the process.
As just one case in point, fintech Felix Pago reported 90% more confidence in accepting or rejecting payments and 100% improvement in detecting multi-accounting.
SEON is more than just software; it is your business partner in fighting fraud – a customizable, flexible solution that can fit your needs.
Ask an Expert
A KYC journey can vary depending on the context but typically will consist of ID card verification, video verification, document verification, and biometric verification.
The answer should be a resounding no – not if they are going to be rejected! If you can filter out junk users, bad leads, and obvious fraudsters, you’re saving on costs and resources before the checks even begin. So even if your company is mandated by law to conduct KYC on everyone, you can avoid doing so when it’s an obvious fraudster, by applying simple pre-KYC profiling to block them before they reach KYC.
Current and predicted trends in the sector of KYC verification include:
– a bigger push towards frictionless KYC
– synthetic IDs will become more convincing due to the rise in deepfakes
– an increase in official identities that will be both digital and online
– new legal mandates will act on criminal activity in the context of modern digital currency, particularly cryptocurrency and NFTs
Sources
Browser Fingerprinting | Device Fingerprinting | Fraud Detection API | Fraud Detection with Machine Learning & AI
Showing all with `` tag
Click here
Tamás Kádár is the Chief Executive Officer and co-founder of SEON. His mission to create a fraud-free world began after he founded the CEE’s first crypto exchange in 2017 and found it under constant attack. The solution he built now reduces fraud for 5,000+ companies worldwide, including global leaders such as KLM, Avis, and Patreon. In his spare time, he’s devouring data visualizations and injuring himself while doing basic DIY around his London pad.
The top stories of the month delivered straight to your inbox