March 29, 2023
Regulations
PSPs need to comply with regulations like the EU’s 6AMLD and PSD2 in order to securely facilitate payments across the European Union.
6AMLD requires PSPs to collect and process customer data in a secure and compliant manner, while PSD2 mandates that all PSPs must be registered with the relevant local financial institutions in order to facilitate payments within the EU.
These regulations aim to protect customers from fraud and ensure that their financial information is handled responsibly. Furthermore, these regulations help create a level playing field for PSPs operating within the EU, ensuring a safe and secure environment for customers as well as businesses.
The crypto payment space is also facing increasing regulatory oversight. The Markets in Crypto-assets (MiCA) regulations are also set to affect how crypto payments are facilitated. The purpose of MiCA is to create an appropriate legal framework for crypto assets so that they can be used safely and securely by consumers, businesses and governments.
These regulations set out requirements for market players such as exchanges, custodian wallets and other infrastructure actors involved in holding or transferring crypto assets. This means that PSPs need to adhere to more stringent compliance requirements when facilitating payments with cryptocurrencies in order to meet MiCA’s standards.
MiCA will also require PSPs to provide customers with detailed information on protection measures taken against fraudulent activity when dealing with cryptocurrencies. This will help ensure a safe and secure environment for all parties involved when making crypto payments including, dynamic currency conversion (DCC), 3D Secure 2.0 verification systems, and more.
Merchant onboarding
PSPs must ensure that onboarding procedures adequately vet new merchant clients — while at the same time not being too cumbersome so that they become a deterrent to new customers joining.
PSPs need to implement effective KYC and Know Your Business (KYB) processes when carrying out merchant onboarding. This involves gathering key information such as name, address, contact details, identity documents, tax identification numbers and other legal documents that prove the merchant’s identity and legitimacy.
PSPs must also ensure that all of this data is accurate and up-to-date by using technologies such as document scanning, facial recognition or other biometric authentication systems.
A key aspect of maintaining this delicate balance of factors when deciding whether to onboard a new customer are broadly termed as ‘risk factors’. Risk factors can include a merchant’s industry, the average transaction values and volumes of its customers, and the areas and regions it operates in. By using automated data collection technology, PSPs can significantly optimize and streamline their KYC processes, allowing them to gather uniform data in large volumes.
This reduces the chances of mistakes being made during human-led compliance checks, and provides PSPs with a way to scale without the need for significant expansion of human compliance teams.
PSPs can use Automated KYC/KYB tools to detect abnormalities or other suspicious activities, such as sudden activity increases, large transactions, payments made from or to unusual jurisdictions, and/or interaction with sanctioned entities.
PSPs need to take a nuanced and strategic approach to their security and AML measures in order to avoid barring legitimate customers from accessing their services as a result of misidentification or misinterpretation of a legitimate activity or change in behavior. Each PSP will need to consider whether it will pursue a stricter approach to security that can lead to legitimate customers being identified as false positives, or a more relaxed approach that reduces friction but can risk opening the service to more instances of fraud or exploitation.
Whatever the decision, it’s of critical legal importance that a PSP’s KYC and AML protocols adhere to its local regulations, which are increasingly being brought into line with leading and stringent global regimes developed by the Financial Action Task Force (FATF). By using Artificial intelligence (AI)-based screening tools, PSPs can more effectively balance the need for lower customer friction with robust security and anti-fraud measures.
After a merchant has been onboarded, PSPs should use additional measures such as periodic reviews and ongoing monitoring to cross-check the customer’s identity information against sources such as public records databases and global watch lists in order to ensure that their risk profile has not changed. This helps to ensure that the customer presents the same level of risk to the PSP as they did when a decision was taken to onboard them, and reduces the risk of fraud or money laundering activities.
Other protections
In addition to KYC/KYB checks, PSPs should carry out further due diligence on new merchants. This includes reviewing their business model, financial statements and other relevant documents in order to verify their legitimacy.
PSPs can also use tools such as AML scanners to detect any suspicious activities associated with the merchant’s accounts. This helps protect both PSPs and customers from potential risks posed by fraudulent merchants.
PSPs need to also have systems in place to continuously monitor customer activity for any irregularities or unusual behavior that could indicate fraudulent activity or money laundering attempts. For example, PSPs may use machine learning algorithms to detect any anomalies in customer spending patterns or sudden changes in international transactions which may be indicative of criminal activity.
By implementing these proactive measures alongside KYC compliance checks, PSPs can ensure a secure environment for customers while mitigating the risk of fraud or money laundering activities taking place within their platform.
Are you looking for a robust, market-leading automated KYC/KYB solution for your PSP’s merchant and customer onboarding processes? Get in touch to find out how KYC-Chain can help your business grow securely and efficiently.