A few years back, I was driving north to a meeting on Route 83 in Oakbrook, Illinois. The road conditions were pretty bad because there had been heavy snow overnight and the plows hadn’t gotten everywhere yet. The speed of traffic in the area was usually around 55 or 60 mph, but most folks were creeping around 40 mph.
Flying along far too fast for the conditions, a reckless driver in the left lane decided to cut across all three lanes of traffic in one go, nearly causing a massive pileup. The likely reason that this careless driver failed to anticipate a potential disaster? They had only carved the tiniest of portholes, at best maybe 10-inches across, out of the snow covering their rear window. Most people would have taken the time to ensure maximum visibility, given the state of the road. This person? Not so much. So without the ability to see who was behind them, or in the next lane over, they were flying blind.
Don’t Be a Reckless Driver
Doing the bare minimum is never a fast track to success. But unfortunately, the bare minimum is what a lot of financial institutions, especially smaller ones, rely on during customer onboarding. The Patriot Act dictates that financial institutions must make a reasonable effort to identify who they’re enabling for financial transactions. Many small financial institutions treat compliance with regulations—such as the Patriot Act—as a checkbox and aren’t motivated or pushed by their investors to go the extra mile in filtering out bad actors. Why? Because they simply want to see new user account growth, with the ever-optimistic hope that they’ll have time to work on identifying the bad actors later.
“Know Your Customer” is Table Stakes
Okay, so you’re not going to put any effort into detecting and deflecting financial crime or fraud. Instead, you’re just going to make a baseline (or minimum) effort to verify that a new consumer is at least a real person, if not necessarily the correct real person. This bare-minimum process is commonly called Know Your Customer, or KYC, which is mandated by the aforementioned Patriot Act, that unique-sounding law meant to starve bad acting organizations of cash but has really only been used for domestic financial transactions. KYC is usually implemented as that bare minimum. The thinking: Yes, we validated the SSN. Yes, we validated the address. And so on. See, we met the low bar set by the government. Fraud is a cost of doing business, so we’ll just live with it. This might work for now, but it can cost your company untold amounts of money and cause a vicious cycle as you unintentionally continue to feed and encourage crooks.
Ultimately, you deter fraud because you want to, but you actually perform KYC because you’re forced to meet a compliance standard. The way most KYC products work is that they perform binary matching: they check to see that some blob of credit header data agrees that a certain name seems to match a phone number, address, so forth and so on. It’s the bare minimum.
Don’t Check the KYC/CIP Box. Crush the Box.
Fine, so check the box, pass the audit, achieve that compliance. But while you’re at it, why not crush the box? Don’t settle for the bare minimum. Make that mandated process actually work for you, while satisfying the government regulation.
This is why Socure has built the leading KYC/CIP solution on the planet. We don’t just bounce queries off of a database. We learn from and create intelligence from that data in order to deliver solid decisions to our customers about the consumers who apply to their business. We go beyond bare minimum attempts and deliver concrete insights and conclusions.
Socure KYC is a powerfully intuitive solution for that next-step level of assurance. The platform leverages non-traditional data sources in addition to traditional, including cable and streaming data, utility and telco records, eCBSV, higher education, and over 200 more aggregated sources for validation. But that’s just the start. We also use hyper-advanced AI and ML technology to leverage that data and develop known identities. We look for a critical mass of corroborating matches and associations between PII elements in order to provide a far greater assurance that “this person is really this person,” and not just a live body. Socure KYC answers questions that include: Does this critical mass support the application for a loan, an account, a credit card? Do these individual pieces of PII support each other, and the entity as presented? With this approach, we firmly resolve the parts of the identity to the whole.
Confidence, not optimism. Know Your Customer better.
Stop flying blind when it comes to fraud. Identify who you want to do business with. Give yourself the greatest possible visibility, not just a small porthole that obscures dangerous situations. Cover all the bases. Onboard new accounts with confidence, not blind optimism. Socure KYC is the intelligent choice for compliance and assurance. Turn that bare minimum into the smart maximum. Talk to our KYC experts to find out how.
Jeff Scheidel is a technologist with 34 years in software, including 26 years in security solution design. He is the author of numerous white papers on security and regulatory compliance, as well as a McGraw-Hill book on identity, access, database, and application protection. Jeff is an expert on compliance requirements across a number of industries, and has presented at a wide variety of security events.
Funny, This Doesn’t Taste Like Third-Party Fraud to...
You can’t prevent identity fraud if you don’t know what it...
How Do You Protect Your Online Business From...
As a longtime horror fan, I live for October. It’s nearly...