Using CIAM To Combat Money Laundering and Terrorist Financing

Have you ever wondered how Customer Identity and Access Management (CIAM) can become part of the Anti-Money Laundering (AML) strategy? Find out here:

Jun 23, 2023 - 3 min.

Do you know your customer? Most people will answer this question with a confident “Yes, of course”. KYC (Know Your Customer) technology can be used to establish a customer's identity in the banking sector. This is how banks ensure that the person who, let’s say, wants to open an account is the person they claim to be. KYC is one of many measures that banks take to protect themselves and their customers from fraudsters and money launderers. Yet the authorities keep imposing record fines on banks, and the number of cases of money laundering is sharply on the rise. In Germany, 22,614 cases were registered by the authorities in 2022. By comparison: in 2021, there were “only” 14,785 cases. The penalties imposed on banks are also quite high. The sheer number of cases is only one aspect. Money laundering also casts a dark shadow where crime and human suffering lurk. Human trafficking, drug trafficking, terrorist financing and funds from other criminal businesses are moved across continents. Read here what banks can do to put a stop to money laundering:

KYC is the principal measure banks can take to combat money laundering and terrorist financing

With KYC, banks can verify and identify the identity of their (new) customers. In most countries, the implementation of KYC procedures is mandatory due to anti-money laundering regulations. Customer verification – which includes retail and commercial customers – prevents money laundering, terrorist financing and other illegal activities. This includes gathering proof of the customer’s identity and address, establishing the source of funds, conducting a risk assessment of the customer, monitoring transactions and the obligation to retain records. However, KYC measures may differ from country to country and institution. Some banks also apply additional measures such as due diligence, the screening of politically exposed persons (PEP) or the monitoring of sanctions lists.

Banks that fail to comply with the KYC requirements face heavy fines and immense reputational damage. The European Union is increasingly obliging banks to prevent money laundering proactively. That means KYC processes form part of banks and other financial institutions' compliance and risk management.

However, the KYC check can also be carried out digitally and automatically. With the help of electronic identity verification (eIDV), customers can do things like upload identification documents or photos to a platform of bank in order to obtain verification by means of artificial intelligence (AI) using biometric features. The video ID procedure can also be part of such a process. In this way, banks and financial institutions can prevent new account fraud.

The benefit for clients: the automated KYC process enables smooth onboarding. 

When the client becomes a money launderer

Some criminals are able to bypass the relatively secure onboarding process either by hijacking an account through account takeover or by persuading a “good” bank customer to help them launder money. How does this work? Experts confirm cases where customers often unwittingly become accomplices of the money launderers. For example, fake job offers promising quick money are piling up on the Internet. 

This should already set off alarm bells, as such offers are often too good to be true. Voluntary accounts then serve to disguise the path of the money.

For the banks, these methods are often difficult to detect and assess. In order to escape the immense penalties imposed by the regulatory authorities, banks block or even terminate the customer’s account at the slightest suspicion of money laundering. For the customer, this not only entails a lot of hassle but can also threaten their existence under certain circumstances, as often all their money is at stake. Processing suspicious transactions takes a long time, and consumers are not informed about the status of the proceedings.

To prevent this from happening in the first place, it’s important to take preventive safety measures in advance.

Authentication as a defensive wall against criminals

To prevent suspicions from arising in the first place, banks and financial institutions must have authentication measures in place to establish a user's identity beyond doubt. This contributes to the security of highly sensitive financial and user data and a smooth customer experience. To ensure both, it’s advisable to rely on state-of-the-art forms of passwordless authentication according to the internationally recognised FIDO standard

But security measures downstream from the login process are also essential: context-based checks of attributes such as device fingerprint, geolocation, typical typing behaviour and similar characteristics can prevent cases of money laundering and terrorist financing before the money is transferred to another account.

CIAM against money laundering and terrorist financing

Secure and user-friendly authentication is a central component of modern banking infrastructure to ensure a smooth customer experience and security. Modular systems can be implemented cost-effectively, especially in the banking sector.

What is CIAM?