Know-your-Customer (KYC) processing just became easier and less expensive. With new decentralized identity technologies important client information is collected once, and can be reused repeatedly by using verifiable credentials to hold and share data.
By Tim Spring
What is KYC?
Know Your Customer (KYC) refers to the data collection process that financial institutions do to authenticate customer or client identity, assess financial risk, and attempt to avoid fraud. establish
KYC can be broken down into three steps that most financial institutions will take when opening an account or qualifying a customer for a loan.
- Customer Identification Program
Financial firms must obtain four pieces of identifying information about a client: name, date of birth, address, and identification number (usually taxpayer identification number).
- Customer Due Diligence
This is the process where all of a customer’s documents are collected to verify their identity and evaluate their risk profile for suspicious account activity.
- Enhanced Due Diligence (optional)
Sometimes additional information is collected for customers that are suspected to be at a higher risk of infiltration, terrorism financing, or money laundering.
KYC is also regulated by several government agencies to reduce money laundering, and is often associated with Anti-Money Laundering policies (AML).
The drawbacks of traditional KYC
KYC’s main drawback is that it is time consuming to do, and becomes even more time consuming when you have to do it multiple times for multiple applications or organizations. For example a bank will need to do KYC to open an account for a customer, and then need to do it again to approve them for a loan. If the bank needs to refer this customer to a partner organization that organization will also need to do their own KYC to verify that customer. This is a lot of documentation for the applicant to collect and repeatedly submit, and takes considerable time, effort, and expense to repeatedly verify.
Each instance of KYC costs a financial institution between $13 and $130 per customer, with corporate clients costing considerably more — one survey reported between $1,501 and $3,500 per review. With banks having thousands of customers, and each customer potentially needing to do KYC multiple times, the average spending on KYC per bank hovers around 60 million dollars annually.
The time it takes to do KYC for a customer or client can be anywhere from 31 to 180 days.
Re-usable KYC through Decentralized Identity
KYC is necessary (and regulated by the government) so it’s not going away, but we can make it much more efficient by reducing the amount of duplication.
The key value proposition presented by decentralized identity is that once you have verified the relevant financial data that same data can be verified repeatedly with the same level of assurance. How is this possible?
Once the KYC process has been conducted satisfactorily, a financial institution issues their customer or client with a verifiable credential containing all the details and relevant data from the initial KYC process. This information is digitally signed.
When the customer or client wants to share their KYC data with another party (or even the same financial institution), the authenticity of the credential is verified through cryptography (by checking a record on a distributed ledger) and the digital signatures provide proof that the data presented in the credential hasn’t been altered.
A verifiable credential is like a cryptographic wrapper that can seal any kind of information. Try to change the information and the seal is broken. The nature of decentralized identity is that the source of the wrapper can always be known and cryptographically verified, which means if you trust the source’s KYC process — such as that of a financial institution — you can trust the information presented by the credential holder.
A KYC credential can contain all kinds of information that could be necessary for a financial institution to have, but annoying or time consuming for a customer to acquire, for example: Proof of address, government ID number, proof of employment, proof of annual income, and more.
Once this process is more automated with decentralized identity, this information only needs to be collected one time or if the credential is set to expire. We can remove the need for partner organizations or other departments to re-do work that has already been done, saving customers time and stress, and organizations millions of dollars.
Collect once, verify often.
To learn more about how decentralized identity can change your workflows you can check out Indicio Proven, Indicio’s full solution for the secure exchange of verifiable credentials.
If you have questions about the technology or would like to discuss details with our team of technical experts you can contact Indicio.
####