Introduction
“e-KYC” stems from the acronym “KYC” (Know Your Customer). As the name suggests, KYC is a mandatory practice or process imposed upon businesses to verify the identities and suitability of customers as well as the risks involved in maintaining a business relationship with them. The advancements of financial technology (Fintech), paired with the urgency to usher in an age of total digitalisation of banking and other financial services have caused e-KYC (electronic-Know Your Customer) to rapidly gain traction.
Around the end of June 2020, the Central Bank of Malaysia (BNM) published its policy document regarding the guidelines for e-KYC. Within this document, BNM acknowledged the convenience and cost-effectiveness of the digitalisation of identification and verification services. With the country placed under the Movement Control Order (MCO) for the second time, this policy guideline could not have come sooner as the demand to identify and verify customers remotely became a pressing issue.
e-KYC and Fintech
Fintech has been an avid endorser of e-KYC since its launch, and this comes as no surprise as a partnership between financial services and KYC has long since existed. Fintech businesses that fall under the ‘financial institution’ category of the BNM guidelines are required to adopt an appropriate combination of authentication factors during the identification and verification process. BNM further laid down three basic authentication factors, namely something the customer possesses (e.g. identity card, registered mobile number), something the customer knows (e.g. PIN, personal information) and something the customer is (e.g. biometric characteristics). Some of the biggest examples of Malaysian Fintech businesses that have incorporated e-KYC would be e-Wallets such as Grab Pay and Touch-n-Go e-Wallet. These e-wallets utilise authentication processes such as the requirement to capture a photo of your MyKad along with a self-portrait photograph.
Artificial Intelligence (AI)
Apart from that, the use of artificial intelligence alongside e-KYC has been on the rise. Systems such as facial recognition, optical character recognition (OCR) and fraud detection solutions are encouraging the effectuation of e-KYC processes in hopes of achieving a more streamlined and accelerated KYC procedure. Consequently, paragraph 7.7 of the BNM e-KYC guidelines granted financial institutions in Malaysia to adopt AI, machine learning and other forms of predictive algorithms in hopes of reducing the need for human intervention in future e-KYC processes.
In Malaysia, online money transfer service Transferwise has partnered with US-based AI company Jumio’s identity verification system to protect its online ecosystem. Customers are able to enjoy the convenience that comes with e-KYC that utilises biometrics and AI while the business is protected against potential frauds and provide better services; both parties can establish a better relationship of trust.
Data Protection
To date, there have been several high-profile data breaches across Malaysia. For example, the 2017 data breach of 12 Malaysian mobile operators affected as many as 46 million Malaysian mobile subscribers, including foreigners who were on temporary pre-paid mobile numbers. The Malaysian Communications and Multimedia Commission (MCMC) stated that an individual was able to bypass the security measures of these mobile operators in an attempt to sell the compromised databases for an undisclosed amount of Bitcoin.
With the rapid rise of cybercrime rates, the increasing number of businesses interested in integrating e-KYC comes as no surprise. e-KYC processes add an additional layer of protection towards the users data – an electronic software that identifies and verifies customers must possess the capability to collect, store, secure and share data with the safety and privacy of its users in mind. Furthermore, as e-KYC processes are regulated by the Personal Data Protection Act 2010 (PDPA), customers need not worry about businesses exploiting their personal information without legal repercussions.
Anti-Money Laundering
One of the purposes of e-KYC is to assess the possible illegal intentions of its customers within each transaction. Money laundering and terrorism financing are some of the crimes that may potentially be reduced by introducing e-KYC processes before or while engaging with a customer. By imposing on customers the requirement to verify the identities that they have submitted, businesses are able to properly and accurately ascertain the possible intentions and risks the customer would pose. As a result, discussions about e-KYC processes have often been heavily linked with statutes such as the Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act 2001 (AMLA) – the primary statute for providing measures to be undertaken in combating money laundering and terrorsim financing in Malaysia. e-KYC works hand-in-hand with AMLA to reduce the cases of money laundering and terrorism financing in Malaysia by ensuring that criminals with malicious intent are discouraged from making transactions via Fintech services.
Conclusion: the future of e-KYC
All things considered, it is safe to say that e-KYC is here to stay. The convenience, security and efficiency that comes with e-KYC processes will catalyse the growth and expansion of the Malaysian Fintech scene. Moreover, with numerous countries in Southeast Asia introducing digital banking into its financial ecosystem, it is merely a matter of time before digital banking in Malaysia will become a reality. This will trigger a rise in e-KYC usage as digital banks would only be able to perform identification and verification online. On the other hand, the arrival of COVID-19 witnessed humanity’s increasing reliance on technology to carry out day-to-day activities. e-KYC’s ability to rise up to this occasion will garner itself the attention needed to secure a spot in the Malaysia Fintech scene.
