- 28 Nov 2023
Compliance and Ops Support (Ground Control)
- Updated on 28 Nov 2023
Synctera’s Ground Control service offers operational support for compliance processes, ensuring compliance with many policies, procedures, and regulatory requirements. Ground Control will allow you to hit the ground running without hiring your own compliance operations staff immediately. Note that you will still generally need a Compliance Officer to manage your company's overall compliance program.
The services include:
- KYC and KYB manual reviews
- Customer & Business Watchlist alerts
- Fraud and AML Monitoring
- Reg E Dispute Management
The Synctera Ground Control team can also advise you on how to build out your own compliance and operational capabilities in a way that meets your long-term needs.
Benefits of Synctera Ground Control
- Increase speed to market by avoiding the bottleneck of getting your banking and compliance operations functions completely in place before you launch
- Minimize disruptions to your customer onboarding process and overall customer experience by having efficient processes to resolve disputes and KYC, BSA/AML, and fraud issues
- Take your time to build the appropriate compliance operations, processes, and expertise into your business, so that you have a strong foundation to keep you safe as you scale
To be eligible for Ground Control, you must use Synctera’s standard integrated service provider partners and have an executed agreement with Synctera. A Company that uses service providers outside Synctera’s standard offering are not eligible for Ground Control. Industries deemed high-risk by the Sponsor Bank may require additional review to qualify for Ground Control.
How it works
Synctera Cases is a proprietary case management system built to help Companies and Sponsor Banks manage compliance and operations for their financial products. Synctera Cases provides a great way to track essential workflows and streamline operations, creates an audit trail, reduces manual tracking, and has access and role flexibility that allows Companies to work with Business Process Outsourcing (BPO) partners as desired.
Synctera Cases is how the Ground Control team will communicate with the Company. When a Company is enrolled in Ground Control, all Cases must only be actioned by the Ground Control team. If action is required by the Company, the Ground Control team will escalate the case by assigning it to the Company. If a case is assigned to the Company, an automated notification will be sent via email.
Suppose the Ground Control team requires additional information while reviewing a KYC case. In that scenario, notes outlining what is required to resolve the KYC case will be added and assigned to the Company. An automated email notification will notify the Company that action is required, and the case must be resolved within 5 calendar days. For a detailed overview of each Case type and their workflows, please click here.
Synctera Know Your Customer (KYC) is powered in partnership with Socure, a leader in digital identity verification that uses artificial intelligence and machine-learning techniques to verify identities in real-time. In addition to identity verification, Socure automatically checks global watchlists and risk scores associated with email, phone, address, and synthetic fraud.
The real-time checks have a pass/fail outcome. If a customer fails the automated KYC check, a case is created on the Synctera Console and reviewed by the Ground Control team within one business day. The Ground Control team investigates alerts and escalates to the Company or bank when applicable.
Synctera's KYC has various customer verification modules.
- Email, Phone, Address Risk: predict the risk associated with these data inputs and their correlation to an identity based on hundreds of data elements and risk intelligence attributes, including deliverability and tenure.
- Fraud: analyzes every dimension of identity and provides a score based on the likelihood of a given identity being fraudulent.
- KYC: uses a social security number, date of birth, and other customer information to verify customer identity.
- Global Watchlist: provides screening and ongoing monitoring that identifies risk by matching individuals against sanctions and enforcement lists, including OFAC, and Politically Exposed Persons (PEP).
- Alert list: List of known fraudulent users and specific identifying traits, as reported by Socure and its customers.
- DocV: is required and confirms the authenticity of a government-issued ID, matches the Personal Identifiable Information (PII) extracted from the ID against the input information, and matches the ID headshot to a consumer-submitted selfie using facial biometric analysis.
Synctera Know Your Business (KYB) is powered in partnership with Middesk, an identity verification provider that automates business customer onboarding. Anytime a business customer is run through KYB, we verify the business name, address, taxpayer identification number (TIN), business registration status, licensing documentation, watchlists, and identities of ultimate beneficial owners. If the business cannot be verified, the system automatically creates a new KYB case for review and investigation.
Synctera Fraud Monitoring
Synctera Fraud provides a monitoring solution that safeguards Companies and banks from regulatory non-compliance and financial losses. Feedzai powers our real-time fraud monitoring rules and are fully customizable to support many regulations and risk parameters. Any rule customization requires sponsor bank review and approval.
Once set up, Synctera sends real-time transactions and customer information for analysis through pre-configured rules and risk models. The transaction is approved or flagged for manual review or rejection. When flagged, a case is created within the Synctera Console for each flagged transaction. The Ground Control team investigates and, when applicable, sends an alert to the Company within one business day. The alert will notify the Company to connect with their customer to verify the transaction. All documentation demonstrating the review of potentially suspicious or fraudulent activity and the factors contributing to the decision that activity was not suspicious or fraudulent are documented within the Synctera Console case. Activity may be deemed suspicious because it matches financial crime typologies or stands out as anomalies in customer behavior.
Financial institutions must deploy a range of procedures to comply with anti-money laundering (AML) regulations, including monitoring transactions and reporting on suspicious activity. Synctera Anti-Money Laundering (AML) helps prevent financial crime by automating and streamlining AML workflows, from AML checks and transaction monitoring to case management and report filing. Synctera AML automatically performs AML checks on customers and accounts and screens transactions for suspicious activity.
In collaboration with the bank and Company, Synctera configures the appropriate AML monitoring rules and operational workflow according to the bank’s risk appetite and policies. Once configured, Synctera in real-time, sends Feedzai customer, account, and transaction data and will also do a batch process at the end of the day with all the information aggregated to Feedzai for processing. Feedzai’s platform automatically executes AML checks based on predefined rules and agreed-upon thresholds during configuration. When further investigation is required, a case is automatically created in the Synctera Console for investigation by the Ground Control team.
To meet regulatory timelines, all AML-related investigations must be completed no later than 30 calendar days from the initial suspicious activity detection date. The Ground Control team completes the investigation within one business day to allow sufficient review time for the bank. The Company will be notified if it must be escalated to the sponsor bank’s AML officer or close the case. When escalated to the bank, the case will be reassigned to the bank’s AML officer and, if required, submit a Suspicious Activity Report (SAR), which is trackable within the Synctera Console.
Synctera Dispute Management
In the US, Regulation E (”Reg E”) assigns regulatory responsibilities to banks and provides certain rights to customers when a customer claims an electronic funds transfer error. Banks and Companies are responsible for promptly reviewing and investigating a customer’s request within specified timing constraints. These claims are called disputes. The Ground Control team does not manage disputes not subject to Reg E, such as business or B2B.
Synctera manages complex administrative and regulatory dispute requirements, from error resolution to chargeback management. These are tracked within the Syncera Console using the Case Management tool to follow the resolution process and automatically track regulatory timeframes. In addition, a dedicated team undergoes rigorous dispute compliance, data security, and financial services training to manage disputes from intake to investigation to customer communication. After initial training, we complete training annually and throughout the year for upskilling and refresher to keep up with any regulatory changes.
When a customer identifies an unfamiliar transaction or wants to initiate a dispute due to a merchant error, the customer may contact your customer support. When a request is received, you should open a case within the Synctera Console to capture dispute data such as merchant name, amount, date/time, and reason for the dispute.
After the initial dispute review, the Ground Control team may request documentation that may assist in the dispute investigation and establish follow-up correspondence via email for progress tracking and the application and removal of provisional credits. You are responsible for actual communication and updates with your customer. Ground Control may provide guidance.
Regulation E Timeframes
10 Business Days – Existing Customers
Existing customers are those with accounts open for more than 30 days. If the first disputed transaction is >30 (more than) days from the customer establishing their account, a provisional credit is due 10 business days after dispute filing. The provisional credit is granted temporarily while the investigation takes place and is communicated to the customer in writing via email. Once the investigation is complete, the customer is notified in writing via email if the credit will be final or reversed. If reversed, the customer is given a 5 business days notice.
Example: First Funding = 01/01/2022, Dispute Transaction, 03/01/2022
20 Business Days – New Customers
New customers are those with accounts open less than 30 days. If the first disputed transaction is <30 (less than) days from the customer establishing their account, a provisional credit is due 20 business days after dispute filing. The provisional credit is granted temporarily while the investigation occurs and is communicated to the customer in writing via email. Once the investigation is complete, the customer is notified in writing via email if the credit will be final or reversed. If reversed, the customer is given a 5 business days notice.
Example: First Funding = 01/01/2022, Dispute Transaction, 01/15/2022
60 Calendar Days – Past Time Frame
These are claims reported by a customer past 60 Calendar Days from the Periodic Statement. These past time frame disputes are no longer eligible for provisional credit, and depending on the Dispute Category (Unauthorized/Error Allegation) and resolution outcome of the investigation, the customer may not receive full credit back.
45 and 90 Calendar Days – Final Resolution
The length of time allowed to complete the investigation of a dispute depends on the type of dispute. There are 45 calendar days to resolve ATM, Bill Pay, and Pay Friends transactions. There are 90 days allowed for all other transactions.
Opting Out of Ground Control / Compliance Operations Support
A Company may choose to opt out of Synctera Ground Control if they have their own resources and expertise to manage its compliance and cases. This is an important requirement as mismanagement of cases can lead to compliance issues, regulatory scrutiny, and financial penalties. The Company would take on the core responsibilities for the following:
- Know-Your-Customer (KYC) / Know-Your-Business (KYB) reviews
- Transaction fraud monitoring
- Anti-Money Laundering (AML) monitoring [Note that generally Sponsor Banks will not allow you to conduct your own AML monitoring]
- Consumer disputes management (Reg E)
A Company using its own resources requires Sponsor Bank approval to ensure the team is qualified and has sufficient expertise. Note that all work will remain within the Synctera platform. At a minimum, the Company must provide the Sponsor Bank with the following:
Team and Qualifications
- Compliance operations team and organizational structure – include background or resume of the team. The required team size and roles depend on the Company's size and complexity.
- Outsourced vendors - the Company may rely on qualified external vendors. If so, provide background information on the team and a copy of the vendor contract.
- If applicable, rules and configurations associated with non-Synctera tools such as KYC flow, document verification settings, and fraud rules
Required During Implementation
- BSA/AML, Reg E Disputes, and Fraud procedures documentation - describes how KYC, AML, disputes, and fraud cases are investigated, managed, and resolved.
- Quality management - description of how the team's performance will be monitored or tested on an ongoing basis, such as external reviews or sampled testing. This should factor in the Sponsor Bank’s service-level agreements.
- Third party risk management - Gathering vendor information and performing assessments for third party risk management.
If the Company has been using Ground Control but chooses to offboard, it should also provide the following:
- Plan and timeline on when it will conduct its offboarding along with the appropriate documents and information covered above.