In 2020, social distancing norms shot up the adoption of digital payments in India. The pandemic gave a push to digital wallets and internet banking, which has given fraudsters and scamsters an added source to commit sophisticated cybercrimes. A recent warning by the State Bank of India, that alerted consumers about KYC (Know Your Customer) fraud, has sparked fear and anxiety among the general public.
Many have questioned the awareness level of consumers and businesses to prevent these frequent instances of fraud and scams. KYC fraud isn't a new way to dupe people, but it has seen a recent increase in the market.
What is KYC fraud?
Know Your Customer (KYC) or Know Your Client is a mandatory process where banks and financial institutions verify consumers' identities to adhere to anti-money laundering and terrorist financing laws. It ensures that customers aren’t financing terrorism, dealing with black money, or being involved in shady or fraudulent schemes. Since the Covid-19 pandemic, banks have begun to allow customers to complete the KYC process digitally.
Fraudsters use KYC as an entry point to gain access to the private data and even money of gullible consumers. In an effort to retrieve personal data, a fraudster typically sends text messages to customers & even non-customers, asking them to upgrade their KYC. At times, they even instill panic by mentioning the account-holder losing money if there's no immediate action taken. This is most commonly followed by a shady link.
They gain remote access to the devices of people who unwittingly click on the shared link. Through this, fraudsters then have access to saved passwords and other crucial information that enable them to steal money from vulnerable customers easily. Many fraudsters also assure gullible depositors to do KYC on the phone. The lack of digital privacy and awareness has made many people fall victim to these attempts and lose lakhs of money in the process.
How can consumers and financial institutions prevent fraud?
To start with, consumers should remember and be aware that no bank or digital wallets does KYC process over a phone call. They also do not ask to download any third-party apps to do so. Further, no bank asks for an account number, card details, or any other personal information of the customer over a call. In addition, people should also be wary of text messages about wallet expiry or KYC upgradation. These messages typically have a link attached which, upon clicking, can provide unauthorized access to personal information.
Moreover, such messages typically contain spelling and grammatical errors. People should look out for language and grammar to differentiate such messages. Consumers should come forward and report cybercrimes to the respective authorities when they encounter or identify them.
Consumers alone won't be able to fight the menace of KYC frauds. Financial Institutions and banks, too, need to step up and make an effort. Banks can start by doing the whole KYC procedure online through video, as suggested by the Reserve Bank of India. For this, they will have to develop a robust IT infrastructure to detect deep-fake, a possible threat to video KYC as well. It is imperative for businesses and institutions to consider automating the entire process and using artificial intelligence to prevent KYC fraud in real-time, especially now, to protect their customers. Banking as a service platform, like Decentro, has started offering easy-to-consume CKYC banking APIs for businesses & financial institutions of all sizes and from different verticals. The CKYC API integration smoothens the onboarding process, reduces fraud risk, and allows query resolution.
CKYC and Businesses
The Central Know Your Customer (CKYC) or Central Know Your Customer Registry (CKYCR) is an initiative by the Government of India that provides users, especially investors, a structure to skip multiple steps and do their KYC only once that shall be valid for all financial services. Once CKYC is completed, customers can avail of financial services from any regulated entities without spending time on repeated KYC processes. As of 31st March 2021, the CKYC registry consists of over 35 crore KYC records, which indicates that Indian financial institutions aim to tackle rising fraud by sharing data.
With CKYC in place, financial institutions can efficiently detect fraud and money laundering cases. It meets a long due requirement to standardize the identification process. It further allows businesses to skip multiple KYC steps and onboard customers by accessing their information in one place.
Financial institutions can do away with the burden of producing and verifying KYC documents every time. A single CKYC API can enable quick and easy access to all critical documents required from customers after their consent. Apart from this, financial institutions don’t have to maintain offline KYC since CKYC is Original Seen & Verified (OSV). Financial institutions also have to bear around 50 percent less expenditure via this process.
Businesses, especially startups, face bottlenecks while onboarding users and checking if the documents they provided are authentic & verified. However, many businesses like neobanks and wealth management applications have integrated all-in-one KYC APIs that help them to overcome such challenges.
Businesses can have a single API endpoint, offered by API banking providers like Decentro, that covers multiple document types and underlying sources of data. So that they don’t have to worry about load balancing, switching providers, or maintenance at any point of time. With modern-day consumer expectations, it is important for businesses and financial institutions to adopt modern-day solutions that are secure and standardized.
CKYC is just one of the meaningful steps that can help organizations keep their customers safe and fraudulent activities at bay.
The author, Pratik Daudkhane, is Co-Founder at Decentro, API Platform for Banking Integrations