In the next installment of its educational webinar series, IdentityMind Global will share “Know Your Customer: Tips and Tricks,” aimed at helping FinTech business leaders to understand how to adopt industry-leading Anti Money Laundering (AML) practices for Digital Currency.
The KYC Tips and Tricks session will take place on April 20th, at 11:00am PDT. After signing up, you will also receive access to a recording of our first webinar.While IdentityMind does not provide legal advice or dictate what should be included in AML programs, the company is a recognized authority and market leader in providing fraud prevention and AML (including KYC) to many of the most forward thinking companies in the FinTech industry.
Why You Should Attend: Ignorance of the Law May Result in Regulatory Fines
Recent innovations in virtual currencies are attracting new startups to the FinTech space, yet few have the regulatory expertise necessary to comply with the complex set of regulations that govern this rapidly growing space. The growth of the category combined with a worldwide focus on stopping money laundering and the funding of terrorism has led to focused efforts by regulatory agencies to crack down on regulated businesses that aren’t taking compliance seriously.
Education is especially relevant now as the explosive growth of FinTech businesses are offering new models for moving money cross border more quickly than traditional and heavily regulated mechanisms. Education can save startups a lot of headaches and heartaches. There are many examples in the headlines of promising companies getting crippled by fines due to negligence, ignorance, or a combination of both.
This webinar can help startups avoid being the latest industry sob story.
Summary of Webinar: Know Your Customer: Tips and Tricks
A detailed KYC process is essential for preventing fraud and money laundering. Many governments, including the United States, require businesses to have well-defined and comprehensive KYC processes in place. For example, the United States requires businesses to perform KYC compliance if they operate in the US or have clients from the US. This imposes KYC requirements on those business that want to offer services to US clients regardless of where the business is located.
- KYC Challenges:
- Validating customers in an online-only environment – There are significant challenges to when the customer is never seen face-to-face. Interaction with customers may lead to detecting suspicious activity and SAR filing (i.e. when a customer asks about splitting deposits to avoid additional paperwork). This session will discuss the challenges and opportunities of KYC in an online-only environment.
- KYC outside the U.S. – Any financial institution with U.S. customers must follow U.S. KYC regulations, even if the institution has no physical presence in the U.S. The only way to determine a customer’s location is to perform KYC. This session will discuss a lighter version of KYC to determine your customer’s location which can then be used to block or restrict access to your services.
- KYC in United States – The Bank Secrecy Act (BSA) requires “A system of internal controls to ensure ongoing compliance.” This relates to implementing risk-based KYC policies, procedures, and processes. The BSA is non-prescriptive, enabling digital currency companies’ flexibility when configuring their KYC program. This session will discuss: what ‘risk-based’ means to regulators, how to implement risk-based KYC, and how implement risk-based KYC while keeping customer friction as low as possible.
- Sanctions Screening – What do you do when you have a match? Matches to sanctions lists are typically viewed with disdain in that they must be addressed and are often false positives. This session will discuss the false-positive problem; how to investigate a match in a timely manner; and the criteria to verify that your potential client is not the individual on the sanctions list.
- Best practices – Hear from compliance specialists and virtual currency companies doing KYC about what works well and what doesn’t.
The KYC Tips and Tricks session will take place on April 20th, at 11:00am PDT, You can sign up here. After signing up, you will also receive access to a recording of our first webinar. For more information, feel free to email us at [email protected]
In case you missed it, a recap of Session One: AML Challenges
The first session was an overview of the AML challenges that exchanges and startups commonly face, including which companies likely are regulated, and which companies aren’t. It also covered in detail the very controversial topic of Money Transmitter State licenses. These were some highlights of the session:
- Recordkeeping and reporting requirements:
- Exchanges must keep Currency Transaction Reports, create Suspicious Activity Reports, and adhere to the Funds Transfer and Travel Rules.
- Good recordkeeping and reporting will help immensely should your business ever undergo auditing; it can save you a lot of time and pain if you invest in good recordkeeping/reporting upfront. You need to have the ability to justify your actions in front of a prosecutor.
- The pillars of a robust AML compliance program:
- Have a BSA Compliance Officer
- Internal controls: Have a well-defined policy and procedures to follow, appropriate supervision for employees that handle transactions
- Good internal training: BSA training, each person’s responsibilities should be discussed and defined, training should be document for external review. Training videos are not enough.
- Independent testing: Conduct every 12-18 months depending on your business’ risk level. Should be evaluating your policies, effectiveness, and employee competency.
- Who is covered by the Bank Secrecy Act?
- Virtual currency exchanges that do virtual to fiat, fiat to virtual, or virtual to virtual. However, it really doesn’t matter if you’re covered by the BSA or not. You should have an AML compliance program simply because it is a good business practice. You need to be able to show you’ve made a reasonable effort in case something happens.
- Technical considerations for AML compliance:
- Have adequate KYC and identity verification abilities, the ability to set limits on your users based on risk, the ability to see which users are interacting with each other, have automated compliance with the ability to quickly intervene, and the ability to keep an audit trail.
- Key lessons from companies that failed to meet regulations:
- It’s safer to report than not to report — when in doubt, report it
- AML program quality and effectiveness matters, having a policy means nothing unless it is properly implemented
- Cooperate and maintain a good attitude when dealing with auditors/regulators/investigators