- KYC requirements differ across the European Union. It is crucial to understand the differences if you are looking to expand into multiple countries.
- The passporting regime for financial institutions can be advantageous if you choose your regulator wisely—but even then, country-specific requirements may come into play.
- European citizens differ in how and when they will pass your KYC process—impacting operations and conversion.
- Designing a compliant hyper growth-proof KYC process requires careful advance planning.
Legal framework: regulations are easy, directives create complexity
European law, broadly speaking, consists of regulations (which are binding across the EU) and directives (which set goals). For KYC, the two most relevant pieces of European legislation are the GDPR (which is a regulation and hence uniform across the EU) and the fifth AML (a directive, along with its four predecessors). By transposing AML directives into national laws, countries can impose stricter requirements.
The best-known example is the German implementation of 5AML (also known as the GwG), which requires an onerous video KYC process that prescribes in great detail what a customer must do to pass identification and verification. While this process works relatively well in the German market, it hurts conversion in other European markets. Other examples of additional requirements imposed by national law include Spain (requires enhanced liveliness detection), France (requires a secondary ID document), and Italy (requires seven additional risk checks).
Passporting vs. branches
As legendary VC investor Michael Moritz stated, “Weirdly enough, payments is an easier business in Europe than the U.S. because of the EU. Once sanctioned in one member state, you have freedom to roam elsewhere.”
If a financial institution passports its license to all EU member states, the regulations of its home country apply. In practice, this creates a plaid of regulatory standards within one market. For example, a German bank onboarding customers in Germany will be bound by video KYC, whereas a Dutch bank onboarding customers in Germany using a passported license will be bound by Dutch regulations—and not video KYC.
A fintech (or any non-EU financial institution) seeking to be regulated in Europe should take this into account when selecting its headquarters. However, the reputation of the national regulator also needs to be considered. When Fourthline was planning its post-Brexit regulatory strategy, the reputation of the Dutch Central Bank as a strict, trustworthy and fintech-minded regulator was one of the key reasons for selecting Amsterdam.
While passporting allows for hypergrowth across Europe, it may not be the solution for every EU market.
For certain players, local regulation may still apply or you may elect to be regulated nationally. For example, some banks opt for branches (which are subject to local regulation) in order to issue bank accounts with a national indicator (e.g., an IBAN in the Netherlands starts with NL while an Italian IBAN begins with IT).
Weirdly enough, payments is an easier business in Europe than the U.S. because of the EU.Michael Moritz, VC investor
This is done because many employers are restricted from paying salaries to a foreign bank account (thus hindering the use of a primary bank account that is held with a foreign bank). Additionally, certain financial products, including consumer finance, can only be sold if specific national laws related to consumer protection are adhered to.
When designing an internal KYC process or selecting a vendor, it is vital to think about potential future markets— and choose a solution that supports your ambition.
KYC from a cultural perspective
While it is important to understand the legal and regulatory differences within Europe, it is just as critical to take cultural differences into account. The way your clients interact with you in different countries can impact conversion both positively and negatively. A few real-life examples highlight the challenges that can arise:
In Italy, up to 70% of customers use a paper ID to pass KYC. This requires a completely different authenticity check than for the latest-generation passports with a machine-readable zone. The paper documents vary greatly (as municipalities issue their own versions)—and require detailed knowledge to prevent fraud and highly specific AI and machine-learning models to enable automation. A financial institution that opted for a video KYC solution that did not support paper ID saw a very high drop-off rate in the sign-up funnel and had to hastily replace its KYC vendor.
While we all want a seamless KYC process with a great user experience and near-instant success, there will always be a small subset of clients who need help and support in order to pass. Assisting them (through in-house customer service or a KYC vendor’s operations team) requires an understanding of sign-up patterns across different markets. Data from 27 countries shows a significant variance in the sign-up flow of new clients distributed over the 24 hours of a day. While nighttime sign-ups are limited in all European markets, peak hours vary by country. Italian and Spanish clients will eagerly sign up at 11:00 p.m., while Dutch and Belgian customers seem to be fast asleep by that time (and tend to open accounts in the early morning). An effective and operationally efficient KYC support process takes these behavioral variations into account.
Additionally, conversion can be impacted by the type of phone that is used, as a latest-generation iPhone will take better pictures than an old Android phone (with image quality directly impacting the verification process). While overall, the split between iOS and Android phones is roughly equal, we have observed significant differences by country and age group. For instance, the iPhone dominates Northern European markets with 67% of sign-ups, while Android reigns in Southern Europe with 73% of sign-ups. Ensuring that your app, as well as your vendor’s SDK, work equally well across the most popular devices of your target customer base will maximize conversion.
Conclusion: Building a hyper growthproof KYC flow requires advance planning
Thinking about individual national implementations of the 5AML directive may not be top of mind when planning your company’s path to global domination. However, selecting the right partner to support you with a KYC solution that streamlines compliant growth across jurisdictions is vital for any financial institution. Fourthline is proud to support financial institutions across all 27 EU member states, with locally compliant solutions and deep knowledge of relevant ID documents and cultural nuances.
Download the white paper Glocal KYC: Not all EU countries are created equal