Merchant onboarding is a core process for payment service providers, fintech platforms, and financial institutions. It is the foundation for a secure and efficient business relationship that eliminates risk while being compliant with regulations. Financial institutions, payment service providers, and marketplaces need to balance fast activation with strict compliance with regulatory requirements. Smooth onboarding not only improves the merchant experience but also protects against fraud, money laundering, and reputational risk.
This blog discusses best practices for onboarding merchants with an emphasis on three essential elements: Know Your Merchant (KYM), Ultimate Beneficial Ownership (UBO) verification, and security compliance.
What is Merchant Onboarding?
Merchant onboarding refers to the process of validating and configuring a business to receive electronic payments from a payment service provider or acquiring bank. It entails the collection and validation of business information, conducting risk and compliance screenings (such as KYC/AML), and configuring payment systems.
This process is crucial as it prevents only compliant and legitimate businesses from accessing payment networks, thereby reducing fraud and ensuring financial security. A seamless onboarding experience reduces merchant satisfaction and accelerates the go-live process, which directly affects revenue and customer trust.
Related Read: How to Streamline Merchant Onboarding using Payment Aggregators?
Merchant Onboarding Challenges
- Multiple document requests and manual checks can slow down the process.
- Meeting KYC, AML, PCI-DSS, and other legal standards can be difficult and resource-intensive.
- If the onboarding process is too complicated or slow, merchants may abandon it midway.
- Inaccurate or conflicting business information may cause delay or rejection.
- Technical hurdles in integrating merchant systems with payment channels can make onboarding complex.
- Finding and eliminating high-risk or fraudulent merchants without affecting good ones is an ongoing challenge.
Know Your Merchant (KYM) Protocols
- Establishing a KYM Framework: Develop a structured KYM framework that outlines procedures for verifying the identity, legitimacy, and business practices of merchants before onboarding or continuing any business relationship.
- Carrying Out Background Checks: Carry out detailed background checks on merchants, such as verification of business licenses, company records, ownership profiles, and previous engagement in suspicious or fraudulent activities.
- Compliance with AML Regulations: Maintain continuous compliance with Anti-Money Laundering (AML) regulations by tracking merchant transactions, detecting red flags, and keeping due diligence records up to date according to regulatory standards.
Ultimate Beneficial Owners (UBO) Identification
Ultimate Beneficial Owners (UBOs) refer to the natural individuals who finally own or control a business or legal entity, either directly or indirectly. A UBO generally has 25% or more shares or voting power or otherwise has control over the company by ownership, influence, or otherwise.
Strategies for Identifying UBOs
- Examine shareholder registers and corporate records to determine the natural persons with substantial ownership or control.
- Apply automated Know Your Customer (KYC) procedures to confirm identities and identify the chain of ownership, particularly for complicated corporate structures.
- Seek relevant information from corporate registers, beneficial ownership registers, and commercial databases.
- Request clients or counterparties to give a signed UBO declaration on onboarding or compliance verification.
- If the ownership is indirectly held through several layers or shell companies, identify ownership back to the natural individuals who ultimately enjoy the benefits.
- Periodically review and revise UBO data to reflect changes in control or ownership.
Security Compliance Essentials
- Understanding PCI DSS Requirements
Companies that process credit card transactions are required to adhere to PCI DSS (Payment Card Industry Data Security Standard) to ensure cardholder data security. It includes having secure networks, protecting sensitive data with encryption, handling access controls, monitoring systems frequently, and maintaining an information security policy.
- DPDP Compliance and Data Protection
The Digital Personal Data Protection (DPDP) Act requires organizations to handle personal data responsibly by ensuring transparency, purpose limitations, minimization, and consent-based data collection. Compliance involves the appointment of a Data Protection Officer (if necessary), grievance redressal mechanisms, and data breach prevention safeguards.
- Ensuring Data Integrity and Customer Trust
Data integrity ensures that data is accurate and consistent and that it is not changed by unauthorized persons. This is important in establishing customer trust because it assures users that their personal and financial details are processed securely, ethically, and by the relevant laws and standards.
Risk Mitigation in Onboarding
- Assessing Financial Risks: Conduct thorough background checks and financial due diligence on new clients or partners. Validate the source of funds and determine creditworthiness by analyzing financial statements and risk scores.
- Prevention of Reputational Harm: Screen customers against global sanctions, watchlists, and negative media lists. Refrain from dealing with individuals or parties associated with fraud, money laundering, or unsavory activities.
- Continuously Refining Compliance Practices: Keep pace with changing regulatory expectations and best industry practices. Review and update onboarding procedures and KYC/AML guidelines periodically.
Streamlining the Onboarding Process
- Effective Documentation Management: Have all documents necessary in a central system. This eliminates confusion and accelerates verification.
- Utilizing Technology for Automation: Utilize automation tools to automate repetitive onboarding processes. This enhances accuracy and reduces time.
- Training and Support for Merchants: Offer concise training materials and onboarding guides. Provide interactive support to assist merchants in getting started quickly.
Conclusion
An effective merchant onboarding process is crucial for trust establishment, compliance, and minimizing risk. Organizations can build a smooth yet secure onboarding process by having the best practices surrounding Know Your Merchant (KYM), Ultimate Beneficial Owner (UBO), and stringent security compliance in place. Yet, the balance must be achieved using the appropriate tools and technology.
Identity verification and document verification APIs are essential for streamlining and automating the onboarding process. These APIs assist in real-time verification of the authenticity of business representatives and owners, indicating potential risks and ensuring that uploaded documents are original and meet regulatory requirements.
FAQ
What does UBO mean?
UBO stands for Ultimate Beneficial Owner. It is the person or entity that has control or ownership of a company, either directly or indirectly.
What is a 25% UBO?
25% UBO is a person who owns or has control over 25% or more of the shares or voting rights of the company and is, therefore, required to be identified through the KYC process of compliance.
What is a UBO in KYC?
In Know Your Customer (KYC), a UBO refers to an individual who has ultimate control over a company or legal person, and identifying them will provide transparency and compliance with anti-money laundering requirements.
How does a beneficial owner differ from a UBO?
A beneficial owner is anyone who enjoys the benefits of ownership, while a UBO (Ultimate Beneficial Owner) specifically names the ones with significant control or ownership (typically 25% or higher) in a company.
What is Merchant KYC Verification?
Merchant KYC verification is the process of gathering and verifying information regarding a business and its owners to verify their identity to ensure legal and regulatory compliance.
