Topics covered in this issue:

Austria’s Know Your Customer Regulations Allow Fully Automated, Biometric Identification Procedures

This November, the Austrian Financial Market Authority (FMA) amended their online identification Ordinance. New amendments, published for their Anti Money Laundering Act (Austrian AMLA), now make it possible to apply a fully automated biometric procedure for remote identity verification. The new process allows banks and other obliged entities under AML law to fulfil Know Your Customer (KYC) obligations using various remote identity verification methods. This is a welcome development for identity service providers like IDnow who are known for their platform line of secure and compliant products. Such products enable clients to comply with identity proofing and Customer Due Diligence (CDD) laws. 

Under the new amendment, requirements for a biometric verification process must meet current state-of-the-art technology and guarantee equivalent security requirements of an actual “in person” identification. This process includes technical requirements from security feature checks of the ID documents to a biometric capture or Liveness Detection that can be verified by video recording. The existing contingency under the new amendment is that a photo ID must be verified by reading of the electronic security chip (NFC chip) from January 2023 onwards. 

Israel Approves New KYC Rules for Digital Currency Profit Deposits

Israel’s Commissioner of Capital Markets, Insurance and Savings approved new KYC rules to permit bank deposit of digital currency profits. On 14 November, the new set of rules that came into effect will apply to the opening of new accounts and transfer of funds (real and digital) in and out of Israel. These regulations will hope to provide a greater ability to track funds inside the banking system via enhanced recordkeeping and retention mandates.

The introduction of Israel’s rules are coupled with the Commissioner’s release of a draft circular on money laundering and terror financing risk. These rules would apply to all entities covered under the rules mentioned above.

In all, Israel is known for having strict AML / terror financing regulations in the traditional banking system, but they seemingly have been slow to accept digital / crypto. This move on the regulators’ part shows they finally decided to harmonize with many parts of the world to acknowledge and be competitive with the continued growth in popularity of digital currencies. 

Netherlands’ Rabobank Ordered to Tighten KYC / AML / CDD procedures by Regulator DNB

Pending a decision on punishment by De Nerderlandsche Bank (DNB), The Netherlands’ regulatory authority on banking, Rabobank has been ordered to immediately improve KYC procedures. Per Rabobank’s statement, they report the deficiencies revolve around client due diligence (CDD), record keeping, transaction monitoring, and the reporting anomalous transactions.

This comes after significant settlements by other Dutch banks, specifically, ING Groep NV and ABN Amro whose penalties combined equal more than 1.2 billion Euros.

UAE Regulators issue Guidelines for Financial Institutions, enabling Automated Solutions for Risk Management

In a joint effort, regulators from The UAE Central Bank, Securities and Commodities Authority, the Dubai Financial Services Authority (DFSA) of the Dubai International Financial Centre (DIFC) and the Financial Services Regulatory Authority (FSRA) of Abu Dhabi Global Market (ADGM) (the Regulators) issued “Guidelines for Financial Institutions Adopting Enabling Technologies” (the Guidelines).

For financial institutions who are licensed and supervised under UAE law, these standards apply and enable such companies to perform their risk management via automated customer identification at onboarding to continued monitoring and screening requirements that fall under Anti Money Laundering Laws. The regulatory trend to approve biometric solutions that rely on automation and Artificial Intelligence (AI) to onboard customers is evolving across Europe, Asia, and now the Middle East. Institutions will need to establish appropriate identity verification and proofing mechanisms that validate and verify that their identification document, ID, and the user are one and the same in near-real time. The Guidelines allow for systems to collect relevant data from an official ID via chip or wireless technology from a user’s device.

Digital Fraud Schemes and AML / KYC Non-Compliance Fines in the Financial Services Industry are increasing at Record Rates 

In Summer 2021, TransUnion published research stating that digital fraud schemes in financial services increased 149.44% in the first four months of 2021 versus the final four months of 2020. Though staggering, it is not a surprise to companies like IDnow, who operate in this sphere to defend against such malfeasance and violations. One would think financial institutions would immediately move to tighten procedures to protect themselves, their depositors, and shareholders. Instead, we are we seeing incredible fines for many financial services organizations for poor compliance practices – which many would say, is an avoidable error. These errors stem mostly from compliance procedures that were simply not followed.

According to the research by UK-based Kyckr, fines for financial institutions so far in 2021 has exceeded USD 1.9 billion, and it will likely be higher by the end of December. Without question, we are in a fascinating time as we are likely involved in one of the greatest reorganizations of the financial system imaginable. For the wicked, in this case, instability can lead to opportunity. This should be clear to all stakeholders. However, the level of punishment seen so far this year appears to far exceed the amount of money required to work with a whole host of service providers dedicated to addressing Know Your Customer (KYC) and Customer Due Diligence (CDD) requirements – such as IDnow.

Institutions, either legacy, digital, or hybrid, that are not quick to combat – or use less-than-top level firms to address new and increasing threat vectors ­– will continue to be hit with ever increasing fines, punishment, and reputational damage. As the regulatory environment throughout most of the world tightens, corrective measures will be more common and more public. This could lead to a notable reorganization in the industry as people are less focused on brand attachment and more of a “what can they do for me” attitude.