For organizations to achieve a proper digital transformation, it is key to know the most important concepts in vogue. This is the case of KYC, an essential strategy that is currently regulated by the National Banking and Securities Commission (CNBV).
Let's review below what KYC means and what legal aspects should be taken into account by fintech companies in Mexico.
What does KYC mean?
KYC stands for Know Your Customer, and refers to the processes of a company through which the identity of customers is identified and verified, especially in the banking field.
Fintech companies globally have been adopting this concept as an essential part of their strategies more and more frequently, due to its relevance in identity control and money laundering (AML or Anti-Money Laundering).
So much so that by the end of 2020 a total global spending of approximately $ 1.2 billion for KYC and AML, an increase of 12.5% compared to the previous year.
Fintech companies in Mexico: everything you need to know about KYC and CNBV
This story began on August 29, 2017, when the CNBV published in the Official Gazette a series of changes whose purpose was to combat identity theft in the banking industry.
Then, in March 2018, the so-called Fintech Law was published, whose objective is to regulate the services of financial technology institutions, while in September of that same year the General Provisions were published (Article 58 of the Law Fintech), all aimed at making a better KYC record.
One of the most important regulations has to do with use of biometric data, especially fingerprint, allowing a more secure authentication of bank users, and seeking to avoid identity theft or fraud.
These are some of the essential provisions of the CNBV:
- It is the obligation of the credit institutions to previously validate, and in line with the INE records, the user's fingerprint. Only once this is regularized, users will be able to contract products and services, or carry out counter operations.
- It is also the obligation of the credit institutions to guarantee the integrity of the stored biometric information and to keep records of incidents of identity theft.
- For window operations greater than 1,500 UDIs (approximately 10,509 pesos, as of November 2021), specifically withdrawals and transfers, banks must verify the customer's fingerprint online with the INE database. It is possible to omit this validation, in which case the bank must repair the damage to the clients in no more than 48 hours after the claim.
- Institutions can integrate biometric databases of clients to substitute online verification with the INE. However, when populating the database for the first time, it must be validated with the records of said institute.
- If the previous step was complied with, when carrying out operations and contracting, banks will be able to use the database to authenticate their clients, without the need to carry out online verification with the INE.
- Finally, the CNBV leaves the doors open to innovation, as the provisions consider the possibility of authorizing future or eventual biometric authentication schemes, such as voice recognition, iris recognition, etc.
Some of the great advantages of implementing a correct KYC strategy and registration lie in increasing the security of financial institutions, complying with the law, safeguarding customer data and avoiding fraud, all of which translates into an optimization of the resources.
If you think your company needs user validation and authentication with Know Your Customer processes, get in touch with us and discover the benefits for yourself. On Codster we will be happy to help you.