Back to top

Tony Machin

CEO

Tony has led TrustID through a transformation program of significant upgrades in technology and services, delivering year on year growth. With previous experience in corporate finance and as CEO of a leading UK financial services organisation, he brings strong leadership and excellent knowledge of compliance and regulatory matters. In 2018 Tony joined a group of like-minded identity validation experts and founded the Association of Document Validation Professionals (ADVP). He was chair of the organisation from its creation until the end of 2020.

Automated KYC verification: ease your regulatory burden

Know your customer (KYC) checks are one of the key tools in the battle against money laundering, fraud and terrorism financing. In this post, we discuss the most effective ways to verify a customer’s identity, so your company stays on the right side of the regulators, and how automated KYC verification can help.

In 2020, HMRC issued a record fine of nearly £24 million to a money service business called MT Global for breaching money laundering rules. One of the offences committed was failing to conduct ‘fundamental’ due diligence which involves verifying a customer’s identity and, where appropriate, their line of business.

While this case made the headlines, during the same year several other firms, including an office address service and estate agents, paid fines totalling thousands of pounds for committing similar offences.

This shows how closely global regulators monitor financial crime and why staying compliant is more critical than ever.

Why is identity verification important?

KYC checks involve verifying a customer’s identity before doing business with them, and in some cases throughout the lifetime of the relationship. Asking a customer to provide proof of identity is the first step in this process. Government-issued documents, such as a passport, are most reliable because they have robust security features designed to make a forger’s job as hard as possible.

Take passports for example. Passports must conform to international standards to ensure their validity. Some of the security features can be seen by the naked eye, like the seal over the holder’s photograph (to prevent it being replaced), the alignment of the pages or the document’s stitching. Other features are more technical, such as the algorithmic calculations of the machine-readable zone (MRZ) which aligns with information provided by the holder.

Global regulators recognise that official documents are the most reliable proof of identity. The European Union’s Anti Money Laundering Directives- the fifth (and last that applied to the UK) came into force in early 2020- emphasise the importance of verifying a customer based on documents obtained from a trustworthy and independent source. Recognising technological advances, the fifth directive contained an amendment stating companies can also verify a customer using any form of electronic identification regulated by the relevant national authority (where available).

What’s more, technology has made KYC checks more efficient, removing friction from the customer journey and reducing dropout rates. Whereas previously a customer had to present a physical copy of an identity document, these days they have the option to simply scan and upload an image of it. Since lockdown forced many people to work remotely, online verification has become even more popular and widely accepted  Once an identity is confirmed, applicants can then be monitored against other lists, according to your organisation’s risk profile, for example politically exposed persons (PEPs) and sanctions lists or address match databases.

Three layers of protection

TrustID’s verification solution consists of three layers to provide added peace of mind. The first two leverage the latest tech innovations to make the process robust and more efficient. Some documents may still require closer inspection or investigation, so the third layer is our Helpdesk, a team of experienced document analysts who see hundreds of documents each every day.

Layer 1- Identity document validation technology

We use identity document validation technology (IDVT) to verify the authenticity of documents. Our system checks the security features on the submitted document and runs it past a police database to make sure it hasn’t been reported as stolen or obtained illegally. IDVT picks up on most signs of fraud, including those that aren’t obvious to the naked eye, so it serves as an effective first line of defence. It also provides an audit trail to prove to regulators that you’re meeting your compliance requirements. Other services we offer include customer screening against PEP and sanctions lists, ongoing monitoring and address verification.

Layer 2- Face biometrics

We use face biometrics to check if a customer’s document belongs to the individual presenting it, which is particularly important when you’re onboarding remotely. The customer simply takes a selfie on their phone and uploads it. ‘Passive liveness’ technology (which doesn’t require any movement) confirms the image is a live person, and anti-spoofing software prevents fake presentation attacks, where a customer submits an image of somebody else’s photo. Once we approve the selfie, we use face biometrics to compare it with the photo on the document to verify a match.

Layer 3- The Helpdesk

Our validation system automatically sends high-risk documents and those with poor quality images or that appear suspicious to our team of identity experts. Our experts are recognised as some of the best in the industry- so good that some of our competitors use them too. They inspect thousands of documents each week, identifying more than 1,600 fakes from 52 countries in 2020 alone. This vast experience means they play an important role in the final stage of the document validation process.

A flexible solution

While major banks allocate up to 15% of their budget to cover compliance costs, most SMEs don’t have big teams to support their efforts and can’t afford to build their own solution. We’ve designed our KYC service to be flexible enough to cater for smaller companies and those that don’t onboard a high volume of customers. You can choose different features to suit your budget and perceived risk, and we operate a pay-per-check pricing model which allows you to scale your usage up or down according to demand.

Financial regulations affect firms of all sizes, but tech solutions which ease the burden are readily available. To find out how TrustID can streamline your compliance processes so you can focus your resources on activities that add greater value to your business, get in touch today.

What being ISO27001 certified means

Our IS27001 accredited certification lets you know that we follow information security best practice, helping to eliminate or minimise the risk of a security breach, keep information secure and ensure compliance with data protection regulations.

ISO logo