What does KYC stand for?
What are KYC requirements?
It is up to financial institutions that issue credit or allow customers to open accounts to practice enhanced due diligence and verify customers to ensure they are not taking part in a money laundering scheme. They must verify where large sums of money originated, monitor suspicious activities and report material cash transactions.
Many financial institutions begin their KYC procedures by collecting basic data and information about their customers, ideally using electronic identity verification. Pieces of information such as names, passport, Medicare card, phone numbers, birthdays, and addresses can be very useful when determining whether an individual is involved in a financial crime. This verification process can go further to include facial verification and biometric verification.
Is KYC mandatory?
What is AML?
Directives such as the Bank Secrecy Act (BSA) of 1970 and the more recent legislation in Australia, the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 regulate the set of procedures, laws and regulations designed to stop the practice of generating income through illegal actions.
What is RegTech?
Electronic Identity Verification
How do the Electronic Identity Verifications work?
For example, while verifying Name, Address and Date of Birth on two independent data sources such as electoral roll and credit bureau will meet the minimum requirements, many organisations also require at least one government source such as a driver’s license, Medicare, or passport (known as the Document Verification Service or DVS).
The most common approach is to establish a ‘scorecard’ for verification against a source like electoral roll AND a government source.
What types of data sources are used for Electronic Identity Verification and how do they match our AML/KYC program?
All individuals in an application that are required to be electronically verified are identified in accordance with the selected IDMatrix profile.
For a comprehensive list please visit the LAB Community Knowledge Base here.
What are PEPs?
PEPs often have power over government spending and budgets, procurement processes, development approvals and grants. Examples of PEPs include government ministers or equivalent politicians, senior government executives, high ranking judges, high-ranking military officers, or board members or executives of an international organisation. This is not a complete list of PEPs.
Because PEPs hold positions of power and influence they can be a target for corruption and bribery attempts, and ultimately for money laundering or terrorism financing activities. This is why it’s important to use AML/CTF measures to identify and manage any such potential risks. However, you should remember that being a PEP doesn’t automatically mean someone is involved in criminal activities.
As part of your AML/CTF program, you must outline how you identify PEPs and what steps you take when dealing with them.
LAB Group Products
Is branding customisable for LABform?
What integrations are available?
We are almost always introducing new integrations and partners. For the most up to date list or to speak to us about an integration request, contact us.
Can my business integrate with an API?
- Triggering an action to your system based on events
- Our Initiate API allows businesses to initiate and pre populate aspects of a LABform application independent of the online application form
- LAB Group’s Completion API allows organisations to extract application data entered into a LABform online application. Organisations can extract application data via the Completion API and then use this to load application data into their account management, registry system or CRM.
- The Federated Identity API allows organisations to utilise LAB Groups Federated Identity capability to seamlessly log into the LAB Application Manager without a user needing to provide additional credentials.
- The Application Maintenance API allows organisations to update a LABform application with specific details, such as setting an account number or setting a specific label.
What languages does your technology support?
Currently the following languages are supported/activated in LABform:
Does LAB Group keep data and can my company do an audit trail?
The following types of information are stored by LAB Group:
- Customer information that is input, such as personally identifiable information (PII)
- Interaction information such as user activity on a form
- Information about a user’s location such as their Internet Protocol (IP) address
- Artefacts that are generated such as electronic identity verification Adobe PDFs
- Records of system communication such as copies of emails linking to product disclosure statements
- Artefacts uploaded such as scans of passports
As of 1st August 2018, LAB Group’s default record retention limit is as follows:
- 90 days from the creation date for incomplete applications
- 90 days from the completion date for completed applications
- 0 days after the termination of LAB Group’s services
After the 90 days, or in the event of a discontinuation of LABform subscription, LAB Group is under no obligation to continue to retain the data. In addition, data can be anonymised earlier than 90 days if requested.
Since organisations are subject to record-keeping obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act), LAB Group offers a Record Retention service which will retain records beyond this default limit for an additional fee.
Other stored data including email, internal sales and marketing information, HR, legal, and financial information, and contracts are currently kept indefinitely to ensure that LAB Group is able to enforce confidentiality and other legal terms even after termination of staff or services.
Personally Identifiable Information (PII) Controls
Personal Identifiable Information (PII) is protected in the following ways:
- Forbidding the communication of PII via email and internal messaging applications
- Restricting access to personal information
- Encrypting PII at rest and in transit
- Securely destroying or masking personal information when it is no longer needed for record retention purposes
Privacy laws state that organisations should not retain personally identifiable information (PII) beyond what is reasonably necessary to provide their services.
In some cases, customers prefer to remove PII while retaining other LABform data. In these cases, LAB Group pseudonymises the PII by replacing specific data with generic data.
Once an application reaches the predefined threshold, PII can be programmatically replaced with generic values.