Learn what KYB is and see how we verify businesses at Sumsub.
Fraud and money laundering are growing threats to the B2B industry. In 2021, 98% of B2B retailers, manufacturers and marketplaces had experienced financial losses due to successful fraud attacks.
To stay safe, businesses need to get to know each other if they work together. This involves company identification, verification of the information provided by the business counterparty, determining company structure, beneficial owners etc. Such Know Your Business (or KYB) measures are also required by national and global AML regulations.
Most jurisdictions have pretty much the same requirements for KYB measures. Yet, for businesses, getting these done properly—and in full compliance with all applicable laws—can put considerable strain on their resources.
Let’s dive deep into KYB and see how we verify businesses at Sumsub.
Know Your Business, or KYB, is a due diligence procedure aimed at establishing the structure, ownership, purpose and activities of a given company. This process enables companies to determine the authenticity of the entities they are dealing with to ensure they are not being used to conceal the identities of owners for illegitimate purposes.
KYB verification measures are key components of Anti-Money Laundering (AML) and Combating the Financing of Terrorism (CFT) regulations. They are also legally required by the Financial Action Task Force (FATF), regional regulations such as the 5th and 6th EU AML directives, and various national AML laws.
When establishing a business relationship with a corporate customer, a regulated company must conduct CDD procedures in accordance with AML regulations. Usually, this involves the following steps:
Beneficiaries are those who directly or indirectly own more than 25% (in some jurisdictions, 10-20%) of the company or otherwise exercise significant control over it. The following documents need to be provided for verification of such individuals:
This is to assess whether it’s in line with the company’s expectations and has a meaningful basis for ongoing monitoring.
This allows companies to adopt a more flexible set of measures to target their resources more effectively and apply preventative measures relevant to the nature of risks.
This involves screening companies and their beneficiaries against sanctions lists, global watchlists, PEPs lists, adverse media and other similar sources.
This involves checking if the company structure has changed, whether officials have been added to PEP list, or if its jurisdiction has appeared under sanctions. To track all these changes over the course of a business relationship, the ongoing monitoring process should include:
The above measures help companies know their customers, assess risks and ensure that their partner is not involved in money laundering, terrorist financing and financial crime.
Businesses must keep copies of documents obtained through conducting due diligence on both individuals and companies.
Companies must retain data for five years after the end of the customer relationship/completion of an occasional transaction. These records should contain the following:
The most obvious reasons for KYB verification include compliance and fraud prevention.
1) Compliance. KYB helps AML-regulated companies understand whether their partners, corporate customers or suppliers are:
In addition, business verification enables companies to assist law enforcement by reporting suspicious activity and providing available information on customers or activities being investigated.
Inadequate CDD, or lack thereof, may be a warning sign of a violation of AML regulations. This means that a company begins working with a corporate customer before carrying out necessary due diligence procedures, exposing them to the risk of involvment in money laundering or terrorist financing.
2) Fraud prevention. KYB helps companies detect and eliminate fraudsters among their counterparties. This helps reduce the financial and reputational risks of money laundering, terrorist financing and fraud.
Fraud can easily make its way into a business. For instance, a fraudster finds information about a company that hasn’t been in operation for several years. They rename it and start placing orders with suppliers without any intention to pay for them. Before anyone realizes what’s going on, the fraudster has disappeared with millions in goods.
That’s why it’s important to notice red flags ahead of time. These may include but are not limited to:
According to 5th AML directive, KYB is required for the following AML-regulated entities:
However, some corporate customers are not subject to identifying and verifying the identities of beneficial owners. Such companies include:
KYB verification is also beneficial for non-regulated industries such as e-commerce platforms and car sharing services. Such verification helps expose shell suppliers and the individuals behind them.
The KYB process is complex and requires companies to collect, analyze, and manage vast amounts of data on the businesses that they have relationships with. Doing this manually is typically even more complicated and time-consuming as it requires:
Automated workflows verify companies and individuals in real-time while ensuring compliance and seamless onboarding. At the same time, there’s room for human intervention where tailored solutions are necessary. Such hybrid approaches account for the complexity of certain company structures and industry specifics.
Sumsub combines automated and manual KYB and KYC checks into one solution that fully automates company verification and AML screening. The full KYB flow involves manual intervention by AML compliance specialists who scrutinize all the documents submitted by applicants and perform required registry checks.
Before proceeding with the full KYB verification flow, the company’s representative fills out a special KYB questionnaire to ensure compliance with their internal procedures. This includes questions such as: “should corporate documents be in English?” or “should documents be provided as certified copies?” This way, Sumsub works to understand the specific requirements of each business to offer a tailored solution.
There are three ways to collect required data from companies and UBOs:
The following basic KYB data is mandatory for automatic checks:
According to this basic KYB data, the following automatic checks are performed:
Applicants can add additional levels of verification and make them mandatory for users if needed.
There are 5 steps to effective KYB verification:
Step 1: Collecting company data
Customers set the required levels of verification and determine the types and quantity of required documents. This step can be basic (company name, registration number, country) or may include additional fields such as company website, register location, legal address, postal address, etc. The customer can also set customized fields for UBOs, shareholders, and representatives.
Step 2. Using Questionnaires
The customer can prepare and send questionnaires to their counterparts in order to:
The customer may use questionnaire templates or customize their own. The questions can be made optional or mandatory.
Step 3. KYC verification of Ultimate Beneficial Owners (UBOs)
UBOs, shareholders, and representatives are required to undergo KYC verification in the system. A wide range of automated KYC checks can be set for each of them. In addition to identity verification, UBOs, shareholders, and representatives can be required to undergo a liveness check, as well as screening against sanctions lists, global watchlists, PEPs lists, adverse media, etc. It depends on the particular KYB flow determined by the customer.
There are various ways for users to proceed with identity verification:
All verification statuses are updated automatically and the system allows the applicant to re-upload documents and pass checks again. Also, the applicant can see the reasons provided for document resubmissions, pending applications, and incomplete document submissions by beneficiaries
The applicant can see the company structure in the dashboard, including all verified individuals, percentage of ownership, and verification statuses. All this information can be submitted to the regulator in the form of a report.
Step 4. Uploading documents
Companies should upload documents that confirm their legal existence and identify/verify shareholders and beneficiaries. Users may set mandatory documents such as:
The types and number of documents required may vary depending on the business specifics, jurisdiction, etc. The company can check the applicant’s uploaded documents and perform AML and registry checks themselves, or delegate this function to Sumsub’s KYB specialists.
Step 5. Obtaining a company report
The applicant can download the report with the following information:
To sum up, Sumsub’s all-in-one KYB verification solution makes life a lot easier for businesses. Companies obtain all the data they require ( corporate structures, registry documentation, identified ultimate beneficial owners, etc.) in one straightforward window, with enhanced due diligence KYC available.
As a result, this KYB solution helps businesses confidently onboard counterparts while enabling continuous and automated data re-checks and monitoring services to mitigate risk within existing business relationships.