Smile ID's KYC & Compliance Glossary
Unlocking Africa’s digital potential, Smile ID provides key definitions for navigating identity verification and compliance. This concise guide is essential for businesses aiming for secure growth across the continent.
A
Active Liveness
This is a verification process in which the user must perform specific actions, like blinking or turning their head, to prove they are physically present during the verification process. This helps ensure the user isn't just a picture or recording.
Adaptive Compliance
The ongoing process of adjusting compliance practices to keep up with changing regulations. This allows for a more efficient and user-friendly verification process, focusing stricter measures on higher-risk scenarios.
Adverse Media
Negative news or information about an individual or business. AML checks often include screening against adverse media to identify potential risks.
AML Compliance Checklist
A business should follow a list of tasks and procedures to ensure they meet Anti-Money Laundering (AML) regulations. This checklist typically covers customer due diligence (CDD), transaction monitoring, suspicious activity reporting (SAR), and record-keeping requirements.
AML Compliance Program
The set of policies, procedures, and controls a financial institution implement to comply with AML regulations. This program typically includes customer due diligence (CDD), transaction monitoring, suspicious activity reporting (SAR), and employee training.
Anti-Money Laundering (AML)
Regulations and procedures designed to prevent criminals from disguising the origin of illegally obtained funds.
Attribute
A piece of information used to describe an identity, such as name, date of birth, or address.
Audit Trails
A chronological activity record within a digital identity verification system. It tracks user actions, system events, and verification results, providing a detailed log for compliance and security purposes.
Authentication
The process of confirming a user's identity. This is often done through a login process where a user enters a username and password.
B
Background Check
An investigation into a person's or business's past to verify their identity, employment history, criminal record, and other relevant information. Background checks are often used during customer due diligence (CDD) to assess the risk of money laundering or terrorist financing.
Bank Verification Number (BVN)
A unique identification number for individual bank accounts in Nigeria. It is used to verify customer identity and prevent fraud.
Beneficial Ownership
The person(s) who ultimately owns or controls a company. AML regulations require businesses to identify and verify the beneficial owners of their customers, especially for companies and trusts.
Biometric Fraud
Criminal activities that involve the misuse or impersonation of someone's unique biological traits to gain unauthorised access or benefits.
Biometrics
The measurement and analysis of unique physical or behavioural characteristics used for identification or authentication purposes. Examples include fingerprints, facial features, iris patterns, voice prints, and typing patterns.
Bonus/Referral Fraud
This occurs when a large number of new accounts or referrals come from similar sources, exhibit identical behaviour patterns, or have payouts for referrals that are unusually high. This suggests potential fraudulent activity.
C
Cash-Intensive Businesses
Businesses that deal with a large amount of cash in their daily operations. Examples include casinos, pawn shops, and money service businesses. These businesses are considered at higher risk for money laundering due to the difficulty of tracing cash transactions.
CDD (Customer Due Diligence)
It is the process businesses undertake to verify a customer's identity, understand their financial activities, and assess their risk profile.
Central Bank of Kenya (CBK)
Kenya's central bank and main financial regulatory body. It issues guidelines and enforces compliance with AML regulations.
Central Bank of Nigeria (CBN)
Nigeria's central bank and apex monetary authority, established by the CBN Act of 1958. It is responsible for maintaining the country's external reserves, promoting monetary stability and a sound financial environment, and acting as a banker and financial adviser to the federal government.
Channel Risk
The Money laundering (ML) /Terrorist Financing (TF) risk is associated with the way a financial service is delivered (e.g., online banking, money transfer services). For example, internet-based transactions may have a higher risk of identity theft.
Chargeback Fraud
When a customer disputes a legitimate purchase with their bank or credit card company, claiming they didn't make it or are unhappy with the service. This can be a real issue for businesses.
Churn
The rate at which customers stop using a service. A high churn rate can signal problems with your onboarding process or user experience.
Compliance Risk
The risk that a company will fail to comply with relevant laws and regulations, including AML regulations. Compliance risk can lead to financial penalties, reputational damage, and even criminal prosecution.
Continuous Authentication
The ongoing process of verifying a user's identity throughout a session, not just at login. This is becoming increasingly important for high-risk activities.
Counter-Terrorist Financing (CTF)
Refers to the global effort to stop money flow to terrorist organisations and individuals. This includes various strategies employed by governments, financial institutions, and international organisations.
D
Deduplication
The process of removing duplicate data from a system. This is important to ensure the accuracy of your records.
Deep Learning Algorithms
A machine learning algorithm is particularly effective at image recognition tasks, including facial recognition.
Digital Identity Verification
The electronic process of confirming a person's identity using digital documents and credentials.
Document Verification
Confirming the authenticity of identification documents, such as passports or driver's licenses.
Duplication
Enrolling multiple biometric templates for the same person in a system. This can be used to bypass security measures.
E
EDD (Enhanced Due Diligence)
A more thorough KYC process applied to high-risk customers, such as those in sectors prone to money laundering or terrorist financing. EDD may involve additional checks like verifying the source of funds and business ownership structures.
Electronic Know Your Customer (eKYC)
The digital verification of a customer's identity using electronic means, such as facial recognition or document scans.
F
Facial Recognition
A biometric technology that identifies or verifies a person by comparing their face to a stored image.
False Acceptance Rate (FAR)
The percentage of unauthorised users who are mistakenly granted system access due to a verification process flaw.
False Positives
Alerts triggered by transaction monitoring systems that turn out to be legitimate transactions and not suspicious activity. While false positives are not ideal, they are better than missing true suspicious activity.
FATF Grey List (Greylisting)
This refers to the Financial Action Task Force's (FATF) designation for countries with strategic deficiencies in their Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) regimes. These countries are placed under increased monitoring and must work to address the deficiencies within a set timeframe to avoid being blacklisted.
Financial Action Task Force (FATF)
An international organisation that sets global standards for AML and combating the financing of terrorists (CFT). FATF recommendations are used by governments and financial institutions around the world to develop and implement AML/CFT regulations.
Fingerprint Biometrics
A biometric authentication technology that uses a person's unique fingerprint pattern for identification or verification. Fingerprint patterns consist of ridges and valleys on the surface of a finger, and these patterns are very unique to each individual.
Friction in Authentication
Challenges users experience during the authentication process, such as remembering complex passwords or answering multiple security questions. Too much friction can lead to user frustration and abandonment.
G
Generative AI (Deepfakes)
Artificial intelligence technology used to create realistic but synthetic videos or images. Deepfakes can be used to spoof facial recognition systems.
Geographic Risk
The Money Laundering (ML) /Terrorist Financing (TF) risk associated with a particular country or region. Jurisdictions with weak AML regulations or high corruption are generally considered high-risk.
I
Identity and Access Management (IAM)
A framework for managing an organisation's user identities, access rights, and other security aspects.
Identity Document (ID Document)
An official document, typically issued by a government agency, that proves a person's identity. Examples include passports, driver's licenses, and national ID cards.
Identity Fraud
The illegal use of someone else's identity to gain unauthorised access to benefits, resources, or financial gain.
Identity Liveness Detection
Techniques used to ensure the person presenting themselves during verification is a real person and not a photograph or recording.
Identity Theft
A crime where someone steals another person's personal information to commit fraud or other crimes.
Iris Recognition
A biometric authentication technology that uses the unique patterns of the iris (the coloured part of the eye) for identification or verification. The iris is a complex structure with intricate patterns that are stable throughout a person's life (except for very young children). This image is then compared to a stored template for verification.
K
Knowledge-Based Authentication (KBA)
Authentication based on a user's knowledge of secret information, such as passwords or answers to security questions.
Know Your Business (KYB)
Similar to KYC, but for businesses. KYB procedures involve verifying the beneficial ownership, management structure, and business activities of a company.
Know Your Customer (KYC)
A process for verifying a customer's identity to comply with anti-money laundering and other regulations.
KYC Data Remediation Process
Identifying, correcting, and updating inaccurate or incomplete KYC data. Effective KYC data remediation helps ensure AML compliance and reduces the risk of false positives in transaction monitoring.
KYC Documents
Documents used to verify the identity of a customer during Know Your Customer (KYC) procedures. These documents typically include proof of identity (e.g., passport, ID card) and proof of address (e.g., utility bill, bank statement).
KYC Verification Partner
A third-party company that provides services to businesses to help them verify customer identities during the Know Your Customer (CDD) process. SmileID is an example of a great partner.
L
Layering
A technique used by money launderers to move illegal funds through multiple financial transactions to make them appear legitimate. This makes it harder to trace the origin of the funds.
Liveness Detection
Technology used to ensure the subject in a biometric scan is a real and present person, not a picture or recording. Liveness detection may require the user to perform actions like blinking moving their head or smiling.
Local Regulatory Expectations
AML regulations can vary from country to country. Keeping up with changing regulations and ensuring compliance across different markets can be challenging for multinational businesses.
M
Machine Learning (ML)
A type of artificial intelligence (AI) that allows computers to learn and improve without being explicitly programmed. Machine learning is used in many identity verification solutions.
Money Laundering
Money laundering is the illegal process of disguising the illegal source of funds acquired through criminal activities such as drug trafficking, corruption, embezzlement, or fraud.
Money Laundering Reporting Officer (MLRO)
an MLRO is an individual who ensures their company stays compliant with the rules on money laundering, which are described and overseen by the Financial Conduct Authority (FCA). MLROs are also often known as a ‘nominated officers’, and they are the central figure in charge of managing the company’s anti-money laundering (AML) strategies.
Multi-Factor Authentication (MFA)
An authentication method requiring two or more verification factors to confirm a user's identity. This adds an extra layer of security compared to just using a password.
O
OFAC Penalties
Civil and criminal penalties imposed by the Office of Foreign Assets Control (OFAC) for violating US sanctions regulations. These penalties can be significant and include fines, license revocation, and even imprisonment.
OFAC Sanctions
Economic and trade sanctions imposed by the US government on targeted countries, individuals, and entities. OFAC sanctions typically prohibit US persons from doing business with sanctioned parties.
Onboarding
The process of integrating new users to a service, including account creation and identity verification. A smooth onboarding experience is crucial for user satisfaction.
Online Casino Verification
Online Casino Verification is the process of verifying the identity of players in online gaming environments to ensure compliance with regulatory standards, prevent fraud, and promote responsible gambling.
Optical Character Recognition (OCR)
Technology that converts images of text into machine-encoded text, used in document verification to extract data from IDs and other documents.
Organisation for Economic Co-operation and Development (OECD):
An intergovernmental organisation that promotes policies to improve the economic and social well-being of people around the world. The OECD works with governments to develop and implement effective AML/CFT (Anti-Money Laundering and Combating the Financing of Terrorist) regimes.
P
PEP Red Flag Indicators
Warning signs that a customer may be a Politically Exposed Person (PEP) or associated with a PEP. These indicators can include holding high-level government positions, being family members or close associates of PEPs, or having business relationships with PEPs.
Personally Identifiable Information (PII)
Any data that can be used to identify a specific individual.
Phishing
A fraudulent attempt to obtain sensitive information such as usernames, passwords, or credit card details by disguising oneself as a trustworthy entity in an electronic communication (email, text message, etc.).
Politically Exposed Persons (PEPs)
Individuals who hold prominent public functions or have close relationships with those who do. PEPs are considered at higher risk for money laundering due to their access to public funds and potential influence.
Proceeds of Crime and Anti-Money Laundering Act (POCAMLA)
The Proceeds of Crime and Anti-Money Laundering Act, the primary legislation against money laundering and terrorist financing in Kenya.
Procurement
The process of acquiring goods, services, or works from an external source. AML considerations are important in procurement to mitigate the risk of corruption or money laundering through vendor relationships.
Progressive Profiling
An onboarding strategy that collects user information incrementally, requesting only what's necessary at each stage. This helps balance security with a smooth user experience.
R
Reputational Risk
The risk of damage to a company's reputation due to negative publicity or association with illegal activity. Failing to comply with AML regulations can lead to reputational risk.
Restricted or Denied Parties Lists (RPLs/DPLs)
A list of individuals and entities prohibited from doing business with a company or subject to enhanced due diligence procedures due to sanctions, reputation risk, or other concerns.
Risk-Based Authentication (RBA)
An approach to authentication that tailors the verification process to the level of risk associated with a particular transaction. For example, a high-value transaction might require more verification factors than a low-value purchase.
Risk in Correspondent Banking
The risk that a correspondent bank (a bank that provides services to other banks) could be used to facilitate money laundering or other illegal activities. Banks need to carefully assess the AML risks of their correspondent banking relationships.
S
Sanctions Lists
Databases of individuals and organizations subject to economic sanctions imposed by governments. Screening customers against these lists is a key part of AML compliance.
Sanctions List Screening
Checking a customer or entity against lists of individuals or organizations subject to economic sanctions imposed by governments.
Second Factor (MFA)
An additional verification factor used in MFA, such as a one-time code, fingerprint scan, or security token.
Spoofing
The act of falsifying data to gain unauthorized access to a system. This can involve imitating a legitimate user or device.
Suspicious Activity Reporting (SAR)
The reporting of suspicious activity to the relevant financial intelligence unit (FIU).
Synthetic Identity Attack
Creating a new fraudulent identity using a combination of real and fake information. This can be difficult to detect with traditional verification methods.
T
Template
In Biometric technology, a template is a digital representation of a person's unique biological characteristic that is stored in a system for comparison during authentication. It's essentially a compressed file containing the essential data extracted from a biometric scan, rather than a raw image or recording.
Textual Verification
It is the process of verifying an ID number by looking it up in an ID authority database.
Third-Party Due Diligence
It is the process of reviewing and monitoring your third-party partners for potential conflicts of interest or other legal, ethical and compliance issues. The need will typically arise when considering a new vendor or preparing for a merger or acquisition.
Tier 1 Account
It is the most basic type of bank account offered by a bank. It typically comes with lower transaction limits, fewer features, and potentially lower fees compared to other tiers (e.g., Tier 2, and Tier 3 accounts).
Tokenisation
Replacing sensitive data with a unique identifier (token) that can be used for processing without exposing the original data. This helps protect sensitive information like credit card numbers.
Transaction Monitoring
The ongoing process of reviewing customer transactions to identify suspicious activity that may be indicative of money laundering or terrorist financing.
Transaction Risk
The Money Laundering (ML) /Terrorist Financing (TF) ) risk associated with a specific type of transaction. Complex transactions, large cash deposits, or transactions involving virtual currencies are often considered higher risk.
V
Velocity Checks
Monitoring the frequency of transactions to identify suspicious activity patterns. This can help detect things like automated attacks or attempts to launder money.
Voiceprint Recognition (Speaker Recognition)
Also known as speaker recognition, is a biometric technology that uses a person's unique voice characteristics for identification or verification. Voiceprint recognition systems analyse various aspects of a person's voice, such as pitch, tone, and cadence. During verification, a user speaks a phrase or sentence into a microphone, and the voice print is compared to a stored template for verification.
Ready to get started?
We are equipped to help you level up your KYC/AML compliance stack. Our team is ready to understand your needs, answer questions, and set up your account.