Reducing online fraud in regulated industries

Blog

Reducing online fraud for regulated industries: iProov talks to NorthRow’s CEO Adrian Black

30 September 2020

iProov’s partner, NorthRow recently reached their 10 year anniversary, which is a significant  milestone. Congratulations! 

We took the opportunity to speak to NorthRow’s CEO, Adrian Black, to find out more about the history of one of the UK’s leading RegTech firms, understand the services they provide, and more importantly, why the NorthRow-iProov partnership is a powerful combination for remote onboarding.

So Adrian, how did you get into the fraud and compliance industry?

My last corporate job was at the Daily Mail Group. They run a lot of online businesses which means that online fraud has been a continuing problem. At the time of working there the Metropolitan Police had set up Operation Sterling, which was an anti-fraud initiative. They created industry-specific forums to share intelligence and fight online fraud. For three years I helped establish, and then chaired one of those fraud forums, working with the Police, the Information Commissioner’s Office, and other leading players in online automotive classified advertising. I was keen to get involved and influence the fight against online fraud. 

We developed an active and effective means of intelligence sharing which resulted in blocking fraudulent advertisements with a face value of around £250m in the first few years of operation. This success, in helping tackle automotive classified advertising fraud, led to meetings with other industry sectors and helped me identify an opportunity to tackle the fraud challenge that they also faced. It was clear that technology could provide an improved solution by automating intelligence sharing. So in 2010 I decided to start a new venture to use data to tackle this area of financial crime. I wrote the business plan, financial model and prototype software aimed at a range of classified advertising sectors, which then grew into the broad service we offer today to regulated businesses.

NorthRow provides remote client onboarding services to regulated businesses, including financial services, payments, lenders, retail, hospitality and property – can you explain how it works?

NorthRow provides technology to digitally transform complex client onboarding, monitoring and KYC remediation processes to improve the customers’ experience, reduce compliance spend and help to ensure regulatory obligations are met.

By automating much of the onboarding process NorthRow simplifies the complexity of compliance, enabling clients to perform Know Your Business (KYB) and Know Your Customer (KYC) verification efficiently.

A key differentiator for NorthRow is that we deliver our highly configurable solution via a single API that can be plugged into clients’ onboarding and monitoring systems, to support different stages and processes. One size doesn’t always fit all for this type of process so our single API is easily customised to help drive operational efficiencies and compliance obligations.

We offer a fully remote verification service called RemoteVerify that captures and verifies the biometrics and ID document of the end user for our clients. To ensure we offer our clients the best remote onboarding experience, we integrated iProov’s market-leading Flashmark facial verification technology. By adding Genuine Presence Assurance to RemoteVerify we have further enhanced the user experience and enable regulated businesses to know that each individual checked is not only a real person but also the right person and that they are genuinely present.

Why do regulated companies need to be diligent during onboarding?

I think there are three main reasons:

  • Firstly, they should be looking to reduce their own risk of losses from fraud. Fraud not only costs money in real terms but also in reputational damage that may have a far reaching impact which can be more severe than the fraud losses themselves.
  • Secondly, they should be diligent in reducing the risk of regulatory failures. The regulations exist to protect consumers and help tackle the corrosive effect of financial crime, especially from organized criminal gangs. 
  • Finally, they should care. They should want to try and reduce the overall harm and the impacts of fraud from an economic and societal sense.

Companies that view client due diligence as a simple tick-box exercise are not just at risk of failing to fulfil their compliance obligations to the regulators, but also the broader moral, economic and societal efforts.

Society should care about the reasons why we have regulations in place, and business leaders should build a culture within their teams that promotes a better understanding of the importance of compliance. 

Have you ever seen onboarding go wrong? What were the implications and what can other regulated companies learn from it?

Yes, I have seen a number of examples where businesses have tried to tick a box or  undertake the bare minimum requirements. Thankfully there have been improvements in awareness and enforcement so there are fewer cases. But just collecting identity documents is nothing like sufficient. 

In the past I have seen businesses that have adopted the ‘I’ve been sent a document, taken a copy and stuck it in a digital filing cabinet, so I’m fine’ mentality. Unfortunately these businesses have been exposed to fraud which has not only cost them financially in fines but also loss of revenue through reputational damage.

Once a criminal gang finds an organization that has left itself exposed, they sweep in and systematically attack over a longer period of time. And before they know it, the business has been exposed to fraud or have facilitated massive money laundering without even realising it. 

Fortunately the clients we work with have taken a proactive approach to protect their business and want to benefit from the digital transformation of their compliance processes.

At NorthRow we prevent that exposure to fraud by collecting and verifying all required documents, electronically and automatically in order to make the process more efficient. It’s not just about onboarding, but the entire process of periodic reviews, remediation and monitoring.

Regulated businesses should learn from past mistakes and place the entire lifecycle at the heart of its compliance strategy

An important part of the process is to have the capacity to complete an expert review only when you need to. Not all clients require review – just those that are high risk. By using a digital solution that can be tailored to the requirements of the organisation costs can be kept to a minimum and resources allocated to the right areas with an amber management approach which flags high risk clients. 

What were the key drivers when you were looking for a partner?

It’s not enough to collect documents. It’s also about asking: where has this document come from? Is it definitely associated with this individual? And therefore you need to see the individual. And to ‘see’ an individual who isn’t physically in front of you, you need to carry out a ‘Genuine Presence Assurance’ check. That’s why we partnered with iProov.

At NorthRow, we have to be experts in what we do. That means we want every one of our suppliers and partners to be class-leading in their own speciality. So we need high-performing, robust technology from our partners. But just as importantly, we want partners that care. We want partners who share values and enjoy working with us, where we can genuinely grow together. That was an early appeal of iProov, even before the technology. We like the company. We like the approach. We like the people and the tech’s great as well.

How does iProov enhance your service?

We can collect documents and images of people through our app. But we also need the Genuine Presence Assurance checks to enable us to deliver the additional level of verification to protect against sophisticated cyber criminals. iProov has really clever, patented tech that identifies impersonation attacks. The technology arms race is developing as cyber criminals continue to invest in clever tech. so we need to ensure we stay one step ahead. 

In the future I think there’s going to be an increasing need for protection against those more sophisticated replay or injection attacks, which iProov helps protect against. Really risk averse clients, of which there are many, really care about that. 

What do you think the future holds for remote onboarding and the iProov-NorthRow partnership?

Remote onboarding is just going to accelerate in my view. Demand has been steadily increasing and now it’s seeing exponential growth as a result of Covid-19. Initially, larger companies were reluctant to adopt, but now they have little choice as consumer demand is driving the market to deploy even more services online. 

I can hear the organized criminal gangs cheering as that makes their life so much easier – online activity facilitates increased crime. In our partnership with iProov, we can jointly meet the growing and accelerating demand for remote onboarding with a safe and robust solution that reduces the options for cyber criminals. And together, we can support our clients adapt to the current challenges and allow them to digitally grow their business and operate safely and remotely. That’s really important. 

Thank you to Adrian for speaking with us. If you want to learn more about remote onboarding with NorthRow and iProov, get in touch with us at enquiries@iproov.com.

Back to Resources

Get a demo