From Panic To Expertise

Frank is the world’s most anxious compliance officer. He may not be great at adopting new technologies, but he’s excellent at panicking. Frank insists that nothing beats the “sharp” human eye—except when he misses half the red flags.

In our special project, Frank interviews Sumsub’s Chief Technology Officer Vyacheslav Zholudev, addressing the most pressing questions concerning compliance experts.

Question 1

Answer: You’re mistaken here, Frank. Things can go wrong after the onboarding stage. For instance, existing user accounts can be stolen and used as mules for money laundering, or, rarely, someone might sell their accounts on the dark web. Furthermore, fraudsters have increasingly been using AI to fool onboarding systems, using highly-realistic deepfakes and forgeries. This means that customers that appear ‘legit’ may turn out to be fraudsters after all, underscoring the importance of ongoing monitoring. In fact, according to Sumsub’s internal research, 70% of fraud cases occur after the onboarding stage. So, it’s essential to monitor customer activity after they become a client, set triggers, and spot potential red flags.

Question 2

Answer: There’s no chance you’ll lose your job as a compliance officer, even if you use a single platform with an integrated dashboard for KYC, transaction monitoring, and anti-fraud. The beauty of a single platform is that all compliance and fraud cases will be handled in one console, and you will be able to better manage your incidents independently and collaborate with other departments (such as the anti-fraud department).

Question 3

Answer: There’s no need to work with multiple regional KYC providers if you can choose one that supports hundreds of languages and has a comprehensive feature toolkit. As a compliance officer, you should, of course, select a verification provider with connections to various regional databases and capabilities like optical character recognition (OCR) for document verification. The provider should also support different alphabets, including Cyrillic, Latin, Greek, Georgian, Armenian, Japanese, Korean, and Chinese. Additionally, a reliable verification solution should offer orchestration to ensure compliance with regulations in various countries, such as VideoIdent in Germany.

Question 4

Answer: Great question, Frank! While we can’t exactly predict winning lottery numbers, we can anticipate fraud based on patterns and anomalies in user behavior. Fraud prevention systems don’t rely on predicting specific events as you might think—it’s more about identifying early red flags, such as unusual activity, behavioral patterns, or inconsistencies common in fraud attempts. This allows us to stop fraud before it fully materializes.

Think of it like weather forecasting: We can’t control the storm, but we can see the warning signs and take action to prevent damage. Fraud detection uses advanced algorithms, machine learning, and behavioral analytics to spot threats before they hit. It’s not about predicting the future, but rather preventing fraudsters from gaining a foothold.

Question 5

Answer: Our systems don’t flag someone for minor daily fluctuations. Instead, we look for patterns consistently out of the ordinary or behaviors specifically tied to known fraudulent activities. For example, a change in your habits today won’t set off alarms unless paired with other high-risk factors, such as logging in from an unusual location or attempting a large, unexpected transaction. Fraud detection is about understanding the bigger picture, not overreacting to normal human behavior.

Question 6

Answer: Unfortunately, Frank, people are already struggling to spot the difference between real photos and deepfakes. There have already been quite dangerous precedents involving deepfakes of Joe Biden and Slovak politician Michal Šimečka, both used to undermine elections in their respective countries. And that recent case with a finance worker in Hong Kong who fell victim to APP fraud, where criminals used deepfake technology to impersonate a Chief Financial Officer during a video conference, leading to a fraudulent payout of $25 million. Now, just imagine how many other cases have gone unnoticed? Unfortunately, the human eye can no longer reliably spot the difference. You can try by playing our game, For Fake’s Sake, to see how many deepfakes you can successfully identify.
That’s why, at Sumsub, we’ve developed in-house Liveness Detection, which outperforms humans at spotting altered photos and deepfakes. Moreover, last year Sumsub released a set of machine learning-driven models designed to detect deepfakes and synthetic fraud. This tool is available for free to download and use by everyone.

Question 7

Answer: Non-documentary verification can be both secure and compliant when done correctly. It’s crucial to follow the specific regulatory guidelines for the region in which you’re operating. When appropriately implemented, non-documentary verification methods can absolutely meet compliance standards like GDPR, CCPA, and KYC/AML. As for fines, companies can face penalties if their verification processes are poorly implemented or if they fail to meet data privacy regulations. So, the key here is choosing a provider that prioritizes both security and compliance, ensuring you’re protected from both fraud and potential regulatory fines.

Recently, FINTRAIL, an independent financial crime consultancy, conducted a comprehensive audit of our Non-Doc ID Verification solution and confirmed that it meets AML compliance requirements across multiple jurisdictions, including Argentina, Brazil, India, Nigeria, Norway, South Africa, Sweden, the UK, the USA, Australia, Canada, Colombia, Ghana, the UAE, and a number of others. Moreover, if your business operates in other jurisdictions, Sumsub’s experts can assess whether Non-Doc is a compliant verification method there.

Question 8

Answer: Great question! To prevent user frustration and drop-offs, we focus on providing a seamless, user-friendly experience. We offer both mobile SDKs and web SDKs, so users can choose their preferred platform. Mobile SDKs let users quickly verify their identity through app-based features like camera access, while the web SDK offers an easy browser experience without requiring a download.

Both options are designed with clear instructions and progress indicators to guide users smoothly through the process, minimizing confusion and keeping them from quitting halfway through.

Question 9

Answer: Absolutely. At Sumsub, our technical support team responds in less than 24 hours. You can reach us through various channels, including the contact form on our website. You can also easily access our documentation and resources, including guides, release notes, and other supporting documents. So rest easy, Frank—if something goes wrong, you’ll know exactly who to contact.