The Fourth Industrial Revolution: Facial recognition and the future of KYC
Resulting from the covid-19 pandemic, traditionally face-to-face interactions such as board meetings, press conferences, product announcements, and even family reunions have moved towards an increasingly digital presence via internet based video calls. Suddenly less able to physically meet with customers, whether that be by choice or law, the many challenges already faced by financial institutions now include that of how the identities of new customers can accurately and efficiently be assessed and verified before the onboarding process begins, in order to maintain compliance with global KYC and AML regulations.
Anyone could tell you that the pace of technology has exploded over the last 15 years, technologies such as artificial intelligence, quantum computing, 3D printing and the Internet of Things (IoT) have so suddenly gone from sci-fi to reality, and in many cases now, normality. Simply put - we are now amidst the ‘Fourth industrial revolution’, or as Klaus Schwab, founder and chairman of the Geneva based World Economic Forum (WEF) puts it, a technological revolution “that is blurring the lines between the physical, digital, and biological spheres”.
This has been particularly evident through the employment of facial recognition systems, which had been on a steady rise over the last decade before exploding in popularity between 2014 and late 2015. As the title suggests - this is technology ‘capable of identifying or verifying a person from a digital image’ or ‘frame from a video source’ often by comparing ‘selected facial features’ from given images within a database. This tech can also be described as a form of biometric artificial intelligence, and like it or not, is becoming increasingly difficult to avoid in day-to-day life.
Prior to covid-19, biometric technology such as: contactless payment using facial recognition, security systems using vein pattern or iris recognition, or perhaps the most widespread - fingerprint recognition, had already seen limited employment in global (but especially Asian) tech markets. Following the onset of the pandemic, the use of these technologies has skyrocketed as firms scrambled to find new contactless ways to accurately identify clients, prospective and current, and as global economies and industries in general shifted away from traditional pen and paper methods, in favour of the digital.
KYC, or ‘Know Your Customer’ in full, is the process of a business identifying and verifying the identity of a client. The process involves due diligence by financial institutions to ascertain relevant information from the client prior to confirming intention to do business with them. This helps organisations, especially those in the Financial Industry, ensure that the customers they will be onboarding are in fact real people, actually who they purport to be, and have sound intentions in terms of what they intend to do with their funds channeled through said financial institution. Once the customer has been identified and onboarded, customer knowledge derived through the client identification and KYC processes also give financial institutions more of an understanding of the nature of the customer’s activities through the ability to better monitor and assess their transactions. The primary objective of this is to prevent money laundering, terrorism financing, and other illegal schemes, as well as satisfying the criteria that the source fo the customer’s funds are legitimate, which in turn helps the bank manage their risks, and preserve a reputable reputation.
Currently, this process is most important in the financial industry, where strict fines and possible sanctions may be levied against organisations for regulatory noncompliance. Inadequate KYC measures often mean that institutions may not be fully aware regarding the identity and intentions of a client that they do business with, potentially leading to them inadvertently supporting and facilitating dealings with criminal elements for money laundering or terrorist financing activities. Upon this news coming to light, in addition to now being held accountable for noncompliance in KYC, the institution must also answer to federal authorities for its role in breaches of AML (Anti-Money Laundering) and CTF (Counter Terrorism Financing) regulations. This all makes for an excellent scoop for the media, especially if a large, established and reputable organisation is involved - but it goes without saying that this is an absolute nightmare headline for the organisation itself.
The reputation damage spanning from noncompliance can be immense, long lasting, as well as expose a firm to public ridicule and consumer boycott - and that’s not even getting started on the hefty penalties and fines federal authorities are certain to award. In December last year, Deutsche Bank, Germany’s biggest lender, was ordered by Frankfurt prosecutors to pay a €15m settlement for ‘shortcomings in money-laundering controls’ after a criminal investigation into suspected tax evasion. The fine was a consequence of the bank not flagging suspicious transactions in time, as well as not having enough AML oversight. In early 2020, Dutch financial services company ING was ordered to pay a €30m settlement by Italian prosecutors to settle a money laundering case there, and in April this year, Westpac Australia set aside an eye watering AU$1.4 billion to settle ‘serious and systematic’ breaches of AML regulation between 2013 and 2019. Disclosures that some of these payments may have facilitated child exploitation by pedophiles forced the resignation of former CEO Brian Hartzer last November.
Needless to say, it is often in the best interest of firms within the financial industry to keep up to date with the latest developments in KYC in order to meet and exceed the KYC standards mandated by law to prevent such a situation from occurring in the first place.
But how can banks, now less able to physically verify the identity of new clients, remain compliant given ever more stringent KYC regulations, and a tsunami of unprecedented barriers arising from covid-19?
Well - it’s been a journey, a rough one to say the least. As cybercrime and fraud has increased during the covid-19 period, regulators have imposed bigger and stricter fines for AML failures in the first half of 2020, than they did for the whole of 2019 in an attempt to deter companies from repeating their previous mistakes and errors in combating financial crime. To put that into perspective, Duff & Phelps found that AML fines in the first six months of 2020 reached a total of US $706m, compared with last year’s aggregate of US $444m. Banks globally have been trialing a number of solutions in an attempt to address these issues and some of the results are interesting:
In India, for example, the Reserve Bank of India (RBI) approved the use of video KYC systems developed by tech company ‘Wibmo’ for financial institutions through amendments to the existing 2002 ‘Prevention of Money Laundering Act’ in January 2020. These seemingly minor amendments sparked major disruption within age-old KYC processes in the nation, and allowed for onboarding, utilising the Video based Customer Identification Process (V-CIP), to take place in a completely digital sphere. The Video-KYC service includes facial biometrics and a liveness check, according to Wibmo's website, and is “built with end-to-end data encryption, and AI-based user verification technologies”. Numerous Indian banks have now implemented the system and are offering customers the option to complete the mandatory KYC formalities from the comfort of their homes through video amidst the pandemic.
In Singapore, the national ‘Singapore Personal Access’ system (or SingPass), allows civilian users to transact with over 60 government agencies online easily and securely through a single platform. The database within SingPass contains ‘facial images and identities of [over] four million local residents aged 15 years and above,’ captured through passport and NRIC applications for the purpose of identification. This database is currently for government use and access only, however, with the recent July addition of ‘SingPass Face Verification’, private sector organisations such as banks may now have access to portions of the nation’s digital identity infrastructure in order to securely verify online transactions without needing to build their own systems. This also means that prospective customers can choose to sign up for bank accounts from home, with KYC being performed through a facial scan directly from their mobile phone, which then is cross referenced against the government database through the bank. DBS was the first bank in the nation to fully adopt this new system, which they integrated into their 'digibank' app.
In the US financial sector, private sector RegTech firm iComply has been listed on the Financial Industry Regulatory Authority (FINRA) Compliance Vendor Directory to supply its biometric regtech software to U.S. firms regulated by FINRA, the company announced.
It has been said before, and it will without a doubt be said many times more, but the onset of this pandemic has served as the primary driving factor to finally force banks and other financial institutions to digitally transform their systems. Many will agree that post covid, the financial world will be vastly different from the one we know today, and like it or not, at this stage the ability of financial institutions to digitally transform has become one of do or die.
Visit regpac.com for more blogs like this one