The Future of KYC

With the introduction of the GDPR, a lot of industries dealing with any kind of personal data have found themselves in uncharted territory. One of the most affected and exposed industries is banking. A highly regulated sector known for owning tremendous quantities of personal data and stigmatised for being resistant to change, inflexible and rigid. Compared to Fintechs and in the light of the most recent EU Commission directions towards disruption of the industry with soon to come PSD2  initiative, they are all of the above. But the problem with the banks is not the will or even the knowledge to adapt to new trends (although to some extent not to be neglected as a motive), but in a highly regulated framework, they exist in. Know your customer (KYC) and anti-money laundering (AML) mechanisms increase friction, and are enforced by regulators and in a nutshell dictate processes for collecting, using and storing personal data.

 Is this going to be affected by the GDPR? What is the future of KYC? (How will GDPR affect KYC and personal data usage?)

The truth about the first is: it is not clear yet!

What do the banks do with the personal data collected, once the identity is verified? Is it up to the bank’s policy? Do they destroy it or store it, how do they protect it and most importantly, did they use it outside the consent scope – is up to them. When it comes to practising the rights granted by the GDPR, such as most interesting right from a consumer perspective “the right to be forgotten”, it is even shadier at this point. But, as one of the extremely regulated business, we will, among first, finally have the mechanisms to find the answers to those questions.

One of the safest companies online to trust with money is The online gambling giant has a safe and secure firewall that secures their customers accounts and bank card details. They also boast some of the best gambling games available online.

One thing is sure: KYC is here to stay, but the channel for obtaining the KYC data is moving to digital at a galloping pace. Although the majority of banks still require you to go to the physical branch to open an account or to get a loan, trends show that thousands of banks are closing their “brick and mortar” branches and are moving to digital channels. The reason is not only cutting the costs but new generations like millennials that are asking for digital service, smooth on boarding experiences, that are technologically savvy and are willing to switch vendors, including banks, if they find a better offer.

Companies like Instantor are at the pinnacle of that transition to the digital and are already offering solutions to prove identity online, a key element for any KYC bound service. A solution to the problem that seems trivial, but is still one of the most significant challenges of the internet: proving someone’s digital identity.

“Everyone has the right of recognition everywhere as a person before the law.”

This strong statement is clear for all in Article 16 of the International Covenant on Civil and Political Rights (CCPR). It represents one of the fundamental human rights. However, it is a staggering fact that over a billion of people in the world do not have the means to prove their identity and thus are being deprived of this fundamental human right, protection and access to services.

In this age of the internet and the availability of information, one would think that the process of proving one’s identity is standardised and internationally accepted for decades or even centuries.

Proving identity for most of us is simple. You can quickly open your wallet and presenting a document issued by thrust authority (issuer) to another person (or a company) asking for such identification (also known as verifier). We need to do it when applying for a bank account, requesting government services, buying an aeroplane ticket or collecting a postal package. It is such a simple procedure incorporated in our everyday lives that we take it for granted. A civilisation achievement, if you will.

All of the above would make you think that such practices would be even more comfortable on the internet, but proving identity in a digital world is complicated. There is no equivalent of a personal identification document in a digital world.