What Brexit means for KYC and AML
Tuesday, January 5, 2021
As reported by Info Security magazine Barclays has warned UK businesses that cyber-criminals will target them with new scams relating to changing rules over Brexit.
Despite the UK’s exit from the EU there is still a lack of clarity over the new rules that many businesses will be operating under, made even more complex by the new lockdown situation.
As a result, the bank has urged companies to stay extra vigilant, with fraudsters likely to try and capitalize on this period of uncertainty. It said it is vital that businesses ensure their fraud and scam prevention practices are up-to-date in areas such as receiving unexpected calls, protecting against malicious messages and on confirming the identity of new suppliers.
The warning comes after new research from Barclays which shows that there has been a 20 per cent rise in business scams during the last five months, many of which have exploited the uncertainty posed by COVID-19 .
Impersonation of genuine organisations to gain personal or banking information was the technique most commonly employed by fraudsters according to the analysis, representing 42 per cent of all attempts since January. In the last five months, use of this method was found to have increased by a staggering 79 per cent.
This was followed by purchase scams, in which victims are tricked into purchasing non-existing products through a fake website. This made up 25 per cent of all fraud attempts this year.
In third place was invoice and mandate scams at 18 per cent, whereby suppliers are impersonated in emails that request an update in bank details, potentially leading to large sums of money being transferred into the scammers account.
As a result, Jim Winters head of Fraud at Barclays is urging businesses in the UK to make sure they are compliant with Know Your Customer (KYC) legislation and also Know Your Business (KYB). Otherwise, they are seriously exposed to fraud and potentially financial penalties from the Financial Conduct Authority (FCA).
Now we have left the EU it is critical that organisations know who they are dealing with when entering into a commercial relationship with another business or consumer. The fact is fraudsters are not just posing as individuals or customers looking to use a fake ID to launder money or rack up thousands of pounds in credit. They are posing as businesses, CEOs and suppliers too.
There are also significant implications for UK businesses that do business in the EU. Whilst the UK was still a member state, all UK-based companies had to demonstrate compliance by following and adhering to EU AML and KYC regulations and law. However, post-Brexit the UK will no longer have access to simplified identity verification and as a result enhanced due diligence checks will be required to fulfil newer AML amendments and requirements.
UK companies that onboard customers in the EU will be required to follow local laws and regulations specific to individual countries. In doing so, they will also have to ensure that no matter which country their customer is based in, their AML and KYC regulatory standards meet or exceed those of the UK.
According to Ryissa Armata, head of regulatory affairs at IDnow, whilst writing for Fintech magazine, the degree of change for many companies in Britain and Northern Ireland will depend on their current European footprint. For businesses that are obliged under AML law, notably in the banking, financial, insurances, mobility, telecoms, and online entertainment/gaming sectors, several factors will need to be taken into account in order to fully understand the scale and extent that Brexit will affect their business.
Whilst there is still much uncertainty - what is clear is being able to identify customers in order to lessen the chance of fraud will be absolutely critical as we move into 2021.
For further information about how our deceased identity fraud product, Halo, helps organisations to identify potential deceased identity fraud attempts please get in touch.