Any company doing know your customer (KYC) and anti-money laundering (AML) checks during customer onboarding in the UK or EU is likely already familiar with the 2+2 checks that are outlined within the Joint Money Laundering Steering Group (JMLSG) Guidelines.
In a nutshell, those checks require companies to verify customer identity from two different sources: One match on an individual’s full name and current address, and a second match on the individual’s full name and either the current address or date of birth. These two sources should include a credit bureau or other ‘authoritative’ source, and a document scan such as an identification card or utility bill.
This creates a nice checklist for companies, but the purpose of the JMLSG Guidelines isn’t simply for companies to apply the 2+2 check and consider their verification job done. Instead, they’re meant to help companies think about risk holistically.
Supplementing 2+2 is especially important in this day and age where data elements such as a name, address, date of birth are readily available on the dark web, and many transactions now occur digitally rather than face-to-face. But adding more steps to the verification process also places additional hurdles in front of customers—which can lower a company’s competitive edge and negatively impact their customer experience.
Supplementing 2+2 with anti-impersonation checks
The JMLSG Guidelines already recommend that companies apply an additional verification check in cases where the customer isn’t being met in person. According to the JMLSG Guidelines (2017 Section 5.3.89 and 5.3.90), this includes:
- requiring the first payment to be carried out through an account in the customer’s name
- verifying additional aspects of the customer’s identity and electronic ‘footprint’
- telephone contact on a verified home or business number
- communicating with the customer at a verified address
- internet sign-on using security codes, tokens, and/or other passwords which have been provided by mail
- requiring copies of documents to be certified by an appropriate person
These checks are extremely valuable for verifying an individual’s identity, but can add extra friction to the onboarding process and could cause customer abandonment. Sending security codes or communicating through the mail can be insecure, notarizing documents often requires a visit to a separate office, and waiting for an initial payment to come through can take days.
Fortunately, there are ways of conducting KYC/AML checks that can be done quickly—and without requiring additional steps that increase customer friction.
Marrying anti-impersonation checks with customer experience
The key to providing a good customer experience while verifying identity—particularly when a customer isn’t physically present—is in the customer’s electronic footprint. Since traditional AML checks can be easily faked due to data breaches, companies have started using supplemental data like phone, email, and IP address to create a more robust risk check to avoid fraudulent applications.
Finding linkages between those data points can help companies quickly and confidently verify customer identity, while creating a simplified sign-up process that increases customer satisfaction. The result? More secure sign-up and verification, without the additional time and effort that can knock your customer out of the application process.
Ekata’s Identity Check API can help companies make fast, reliable anti-impersonation checks to supplement their KYC/AML checks. Learn more about how Ekata helps companies improve their account onboarding experience.