How can you Reinforce KYC with Mobile Data?

What a Well-Rounded Approach Looks Like

What happened to the high street?

The pandemic has been problematic for almost every industry in the UK. Companies have undoubtedly struggled during covid due to work absences, lockdowns, and regulations, and many have collapsed entirely. Small to Medium Enterprises (SMEs) make up 99.9% of all UK businesses and, shockingly, over half over half of these have been in operation for five years or less. While most sectors were reporting major disruption, the e-commerce industry thrived, experiencing record profits.

2021 saw non-food e-commerce increase 14.3%; online clothes sales are expected to overtake in-store sales in 2022 and 70% of surveyed Britons prefer online shopping now compared to under 50% pre-pandemic. What had once been a gradual shift online has become a landslide under Covid, forcing many SMEs to adapt or crumble.

What is KYC?

Though lucrative, moving online can present distinct legal challenges which may be unfamiliar to many SMEs. The colloquial ‘Know Your Customer (KYC)’ refers firstly to you having a decent grasp on who you do business with – is my customer who they say they are? Catlover1966 says his name is Sebastian, how do we know this is true? Does he live where he says he lives? Is he really 55?

And secondly it refers to compliance with the 2019 Money Laundering and Terrorist Financing Regulations. Almost all SMEs are required to adhere to KYC and Anti-Money Laundering (AML) compliance regulations, which vary depending on your individual risk profile. However, after two years of Covid, and a growing fraud industry, businesses have found themselves with greater risk profiles than they initially anticipated.

Where does this leave you legally?

Unlike most other countries in the world, the UK has no formal citizenship ID – this leaves the responsibility of identifying and verifying customers up to the companies themselves. Currently, businesses are required to put in place reasonable KYC checks, with the most stringent processes left for banks and insurers, but this might change. 2021 began with the announcement of the digital identity and attributes trust framework, an attempt by the government to combat the now excessive levels of fraud. With cybercrime costing £2.5bn to UK residents and businesses in 2021 alone, an increase in legislation is a distinct likelihood.

What level of protection would you tolerate?

Primarily, it is your job to make sure you are not trading with any money launderers or fraudsters – you can be held liable if you do not do your due diligence.

So, how can you stay ahead of the curve regarding government regulation and fraud, without annoying your customers with boring and laborious sign-up processes?

There has almost always been a trade-off between KYC and seamless onboarding; trade-offs which companies with greater risk profiles have borne the brunt of. But it might not be like this much longer. Many SMEs are turning away from the frustrating but traditional passport scan or credit checks, and instead are layering new digital verification methods as an equally as effective, yet unintrusive method of identifying and authenticating users.

So, what does the future of KYC look like?

There is never one solution to identification and fraud prevention – it is always going to be a multifaceted approach. Some modern solutions include page behaviour tracking, digital biometrics, and Mobile Network Operator (MNO) data. The latter is particularly promising because 96% of UK citizens have mobile numbers – something they are not overly reluctant to give up during the sign-up process – making them a great proxy for identity.

Numbers are usually retained from contract to contract and provide considerable information about your customer, such as the associated name, address, age and whether the number is working and active. With mobile becoming the preferred method of online shopping, MNO data can help identify indicators of fraud such as whether the phone number has been ported or forwarded, if a SIM has been swapped or whether the device has been changed. You can even check if the phone has been reported lost or stolen in real-time.

This data is not only invaluable to identification and verification, but to fraud prevention too. Wide-spread fraud leaves you and your customers out of pocket and can damage brand integrity long term.

Fraud has been thriving under Covid, with a reported 410,000 reported incidents in the UK in 2021 alone. With SIM-Swap becoming a more prominent method of invalidating 2-factor-authentication, SMEs relying on one method of protection alone are vulnerable.

Mobile data can help answer a lot of important KYC questions, so you can be more certain your customers are who they claim to be. Despite the broad applications of MNO data many companies are yet to catch up, if you would like to find out more about how Phronesis can help you keep your customers safe you can read more here or book a call.



Econsultancy / DBS ID Guidelines


Baymard Institute