How Identity & Access Management and Legal Entity Identifiers can optimise client onboarding and automate KYC workflows.
KYC, or Know Your Customer, is considered a standard set of processes and standards used by Financial Institutions to understand detailed information about a new client. This information would be aggregated and depending on type of client the FI wished to serve, could then be used as the due diligence data to better manage risk and meet KYC and AML (Anti-Money Laundering) compliance.
Today, KYC/AML has a broader appeal for all types of digital services. Understanding who your new customer or supplier really is can dramatically reduce fraud, identity theft, and financial crime. Modern KYC technology can even be used to improve the user experience during new customer registration and onboarding.
The broader appeal has also been driven by the increased availability of verified digital identities, both for individuals and organisations. These digital identity schemes, or eIDs, are credentials issued and federated by banks, Governments, standards bodies or private initiatives. They can be used during KYC checks as an attestation of the identity of the credential holder. This reduces the need to share sensitive identity documents. Being digital they can be used to create efficient, automated client onboarding workflows.
Let’s look at how use of Identity & Access Management (IAM) and Legal Entity Identifier (LEI) technology can work together to automate KYC and benefit digital client onboarding.
Onboarding Customers
Identity verification using 3rd party digital identities
IAM solutions should connect Identity Providers (IdPs) and verified identity schemes to your application. This allows you to take advantage of verified digital identities issued by third parties such as bank IDs, Government eIDs, and mobile providers.
Using certain IdPs help you achieve trusted, efficient customer identity verification. Using existing digital identities also reduces the friction your customers usually encounter when registering for a new service. It also puts the control for consent to use which sensitive data (and why) firmly in the hands of the customer.
Identity verification using document verification or physical biometrics
In regions where verified digital identities may not exist, or have not yet achieved critical mass, real-time customer digital identity verification using government-issued identity documents and physical biometrics offer an effective alternative. Your IAM solution should be able to verify that presented identity documents truly belong to the person being onboarded.
Attribute Collection & Aggregation
Effective onboarding requires the company to simplify trust decisions by consolidating the onboarding data set. Your IAM solution should support the collection, aggregation and exchange of user attributes to offer Zero Trust networking while respecting (and enforcing) user privacy.
Delegated Authority
Delegated Authority allows the principle of “verify, delegate, assert” to be implemented at large scale within both closed and open ecosystems. It allows users to onward delegate all, or some part, of the individual, company or family onboarding to other users. Such as securely delegating certain KYC checks to the company’s accountant.
IAM solutions that understand Delegated Authority capabilities enable multi-tier delegation of authority can remove manual work from your own IT/Support team and eliminate the need for shared access credentials which present a security risk.
Onboarding Organisation Customers
Legal Entity Identifiers – verified organisation identities
A Legal Entity Identifier (LEI) is a G20 endorsed 20-character global identifier that identifies distinct legal entities that engage in transactions. The LEI provides access to verified organisation reference data and connects the numerous different organisation regional and private identifiers used in KYC/AML.
“Today, the global banking sector spends around U.S.$40 billion on client onboarding annually. That’s an estimated U.S.$54m per bank, U.S.$31m of which is ‘people’ cost. Productivity improvements gained through LEI usage could generate cross-sector cost reductions of between 5-10% annually.” Global LEI Foundation
Ultimate Beneficial Ownership (UBO)
KYC/AML procedures and processes must collect information about the beneficial owner including the identity of all individuals who have a significant ownership or control position. This will include the name of the person opening the account, the legal entity, and detailed data about the beneficial owner.
Penalties for non-compliance are significant. Maintaining proper UBO information is critical.
Partnering with an IAM provider that supports LEIs, UBO, and understands how legal entity reference data can be used in organisational KYC/AML compliance can be a huge advantage.
Onboarding Employees associated with Organisations
Understanding an Employee’s “Right to Represent” with Representation Governance
Service providers or government departments may wish to check a company’s verified LEI. Then they would check the rights of individuals to represent the company detailed in the LEI. An employee’s representation attributes may include legal, financial, administrative or authoritative powers.
Digitising representation workflows offers significant operational cost reductions. One Nordic Government department reduced representation validation costs by 99% (see case study).
Right to Represent ties an individual to an organisation and can dramatically reduce the time to execute successful corporate KYC/AML.
Representation Governance is a relatively new area in IAM, but one that can revolutionise many aspects of onboarding.
Talk to an Identity Expert
Ubisecure has many years of experience in the EU identity ecosystem. Ubisecure’ RapidLEI service is the world’s number one LEI issuer. We’d be happy to discuss how the Ubisecure Identity Platform can support your KYC and Onboarding automation plans. Get in touch!
KYC & Onboarding – Free White Paper
Deeper detail: How IAM & LEI can work together to optimise KYC and onboarding
About The Author: Steve Waite
As Chief Marketing Officer, Steve is responsible for Ubisecure’s corporate marketing and communication, partner and customer communication, demand generation and brand development.
More posts by Steve Waite