There’s no doubt in the minds of financial organizations and anti-laundering regulators that Know Your Customer (KYC) verified accounts prevent fraudulent activity– and that’s exactly the problem.
In the early 1990s, governments around the globe had a growing concern about preventing the increasingly connected banking system from harboring international transfers of illicit funds.
To combat this, they introduced KYC verification– a straightforward method of ensuring that the person a banker was speaking with was who they claimed to be. In practice, new banking customers had to present various documents, set forth by their local regulatory body, to open an account in their own name.
In addition, it made it difficult for fraudsters using forged documentation to physically go from bank to bank.
KYC prevented the crime from becoming scaleable- deterring organizations from using these regulated financial institutions as a safe harbor for ill-gotten funds.
KYC verification in the digital era
In line with anti-money laundering (AML) frameworks, cryptocurrency-related organizations, such as marketplaces and trading platforms, are considered a money service business (MSB) by the US government. As such, MSBs have legally required to KYC any account that reaches a daily trading threshold. In the United States, this limit is currently $10,000 per month and above.
This is where KYC-verified accounts and modern MSBs become tricky. Especially since payment fraud and money laundering are not the same, and preventing crime by treating them as such is a fool’s errand.
KYC accounts had their time and place in the financial industry. It helped keep fraud low by creating a significant barrier of entry for fraudsters who would have to present documents in person. Yet, the data points to something that many in anti-fraud departments already know– KYC verification no longer serves as an anti-fraud measure.
How it works
In a globally connected world, criminals and fraudsters have recognized ample opportunity to sell illegal goods to a global audience.
To commit the perfect crime, a legal resident of a foreign country can open a KYC-verified account by presenting legitimate government-issued documents, then selling their login information on the Dark Web. One person can open multiple accounts per day without ever needing to leave the comfort of their own home. These fraudsters play off two key factors:
1. The first is the ease of opening accounts online instead of physically traveling to bank branches makes this illegal act scaleable.
2. Not only do they never need to ever meet a banking representative face to face, but they also don’t even need to be in the same country. It is cost-effective, and they can spoof an IP address as an alibi. If they are ever questioned, they can say it wasn’t them, and their information was stolen. While their account may be automatically closed, their name remains clean.
75% of payment fraud in crypto is carried out by KYC-verified accounts.
This harsh reality requires banking institutions to not only regulate transactions and ensure their platform operates appropriately for users and regulators, it also forces them to become risk analysts. Without being able to fully trust any account, friction is added to all users, potentially pushing account holders to another crypto platform, should they be forced to jump through too many hurdles.
This double blow of losing money to fraudsters and losing customers due to friction is forcing organizations to bear the brunt of a deeply unbalanced ecosystem through lost sales and painful credit card chargebacks.
In addition, fake KYC-verified accounts are a non-traceable means to move illicit funds around the globe anonymously. Legitimate banks are transferring funds that potentially support terrorism, drug smuggling, and other black market activities via accounts that have been given the hollow badge of ‘KYC verification’– the exact thing regulators tried to stop in the early 1990s.
We are busy chasing our tails as fraudsters continue to exploit the outdated nature of this regulation, all without actually helping to prevent fraud.
Simply put, it’s time to rethink and reconsider KYC-verified accounts. This can hardly be surprising to anyone who is familiar with risk analysis departments, as these accounts are a strain on internal resources and don’t provide even a veil of coverage, according to the data.
As an industry, we can’t wait for legislation to think of solutions. Companies who have begun to overcome the KYC barrier only execute Know Your Customer protocols when legally required.
They remove friction when unnecessary to boost transaction approval rates to previously unseen levels in ways that are appropriate for the online space, not ones that were devised to secure in-person operations.
Finally, the recent leap in machine learning technology allows organizations of all sizes to implement AI-driven systems that can identify fraudsters immediately, saving businesses money and making it annoying for them to return.
By creating a space that is unwelcome for fraudsters, companies can avoid chargebacks and boost approval rates to 98%, all while reducing costs, and operating expenses, and ensuring a more welcoming customer experience for those who mean no harm.