Security and privacy is our DNA

Meo is built with a Privacy and Ownership by Design principles from the ground up, in order to secure sensitive customer data and ensure data ownership.
The procedures

We're committed to security

Our dedicated team diligently monitors all security aspects to ensure your data remains in safe hands

ISO27001 certification

ISO27001 is the international standard that lays out the specifications for implementing an information security management system (ISMS).

You are in control

Our system has been designed with you in control. Your data is yours, and yours only. Only you can give other people (or companies) access to see it. You can also easily revoke such access.

Secure storage

You have your own online data vault where all your data is stored using military-grade encryption (“aes-256-cbc”). Your data is safe from others.

Secure transmission

All your data is encrypted according to the highest standards (TLS v1.2+) when transmitted to and from our platform.

Confidentiality

Only you, and those you have explicitly given access to, can access your data. No one else can, not even Meo.

Blockchain

We use blockchain technology to manage data access in an innovative way where it cannot be disputed who has given (or withdrawn) access to whom to see certain user data. We have a patent pending on this innovation.

Secure hosting

We host our platform on DigitalOcean, the third largest cloud platform in the world. DigitalOcean is ISO27001:2013 and PCI-DSS certified, and SOC 1 type II and SOC 2 type II attested.

Security audits

We do regular security audits with credible and independent security experts to ensure that our platform stays hardened and secure.

24/7 watchdog

We log all access to our platform, and we monitor that services are up and running.

Backup

All data is backed up regularly and transported offsite, so even if an earthquake or flood hits our servers then your data won’t be lost.

No single point of failure

All services and data are fully mirrored, so even if a server or database breaks down then another stands ready to immediately take over.
Certification

Our security documents

For in-depth information on our security certifications, kindly refer to the documents.

ISAE 3000 certificate

Meo has been ISAE 3000 certified by KPMG since March 3rd, 2023.

ISO 27001 certificate

We became ISO 27001 certified by KPMG in March 2021.

Our security whitepaper

Read our Security Whitepaper to learn more about the security of our platform, organization and data.

See how Meo can help you win big for your clients.

Let us show you why Meo is the preferred choice for lawyers and law firms wanting to automate their AML processes.
Latest posts

Our blog

Interviews, tips, guides, industry best practices, and news.
Article

KYC vs KYB: addressing key challenges for AML regulated businesses

AML compliance presents ongoing challenges for regulated businesses. Two key approaches are used to address these issues: Know Your Customer (KYC) and Know Your Business (KYB). Exploring automated solutions could help you tackle your key pain points and meet your compliance goals more effectively.
Meo
October 3, 2024
5 min read

Anti-Money Laundering (AML) compliance presents ongoing challenges for regulated businesses: verifying clients, managing risk, and meeting regulatory requirements without overwhelming paperwork or operational slowdowns. Two key approaches are used to address these issues: Know Your Customer (KYC) and Know Your Business (KYB). Which of these two you employ depends on the nature of your business and your client base. Many organisations need to implement both KYC and KYB processes to fully meet their compliance obligations.

Common pain points in AML compliance

AML regulated businesses often face these key challenges:

  1. Slow onboarding: Client due diligence can delay business operations.
  2. Resource intensive: Compliance tasks often require significant staff time, diverting resources from core business activities.
  3. Changing regulations: Keeping up with AML regulations across different jurisdictions requires constant attention.
  4. Non-compliance risks: Failing to meet AML requirements can result in large fines and reputational damage.
  5. Excessive flagging: Over-cautious screening can delay legitimate clients unnecessarily.
  6. Information gaps: Traditional checks may miss key information, especially for complex business structures.
  7. Human error: Manual processes can lead to mistakes that compromise compliance efforts.

Understanding KYC: Know Your Customer

KYC verifies the identity of individual customers. It's a key part of customer due diligence (CDD) used across many industries, especially in financial services.

Key aspects of KYC:

  1. Individual focus: KYC deals with personal customers.
  2. Identity verification: Confirms a person's identity using documents like passports or driver's licenses.
  3. Personal background checks: May include credit history, employment verification, and sanctions list screening.
  4. Ongoing monitoring: Requires continuous tracking of customer activities and transactions.

Common KYC users:

  • Banks and financial institutions
  • Insurance companies
  • Cryptocurrency exchanges
  • Online gambling platforms
  • Some retail and e-commerce businesses

Understanding KYB: Know Your Business

KYB verifies and analyses the businesses you work with. It's crucial for B2B relationships and AML regulated entities dealing with corporate clients.

Key aspects of KYB:

  1. Business entity focus: KYB examines companies, partnerships, and other business structures.
  2. Company verification: Confirms a business's legal existence, registration details, and operational status.
  3. Ownership structure analysis: Investigates who owns and controls the business, including ultimate beneficial owners (UBOs).
  4. Business activity assessment: Examines the business's operations, industry, and typical transaction patterns.
  5. Risk profiling: Evaluates potential risks associated with the business, including jurisdictional and industry-specific factors.
  6. Ongoing monitoring: Tracks changes in ownership, business activities, or risk profiles over time.

Common KYB users:

  • Law firms
  • Accounting firms
  • Corporate banking
  • Business lending institutions
  • Payment service providers
  • Professional services firms
  • Commercial real estate agencies

How automated KYB addresses AML compliance pain points

Streamlined onboarding for complex clients: Business clients often have intricate structures that can slow down the onboarding process. KYB employs streamlined verification processes specifically designed for business entities. This can significantly reduce onboarding times, sometimes from weeks to days, without compromising on thoroughness.

Enhanced risk assessment: Traditional checks might miss crucial information about business clients. KYB provides a more complete picture by analysing business structures, activities, and associations in detail. This thorough approach leads to more accurate risk assessments, helping businesses make informed decisions.

Reduction in false positives: Overzealous screening often flags legitimate clients, causing unnecessary delays. KYB's nuanced understanding of business clients enables more accurate risk scoring. This precision helps reduce false alarms, allowing businesses to focus on genuine risks while processing legitimate clients more efficiently.

Alignment with evolving regulations: AML regulations are constantly changing, and recent trends emphasise understanding business clients and their ownership structures. KYB naturally aligns with these regulatory directions, helping businesses stay compliant with current and emerging requirements.

Optimised resource allocation: Compliance tasks can drain significant staff time from core business activities. KYB leverages automated processes for business verification and monitoring. This automation frees up staff to focus on higher-value work, improving overall operational efficiency.

Effective ongoing monitoring: Tracking changes in client status over time can be challenging. KYB systems typically include automated alerts for changes in business status, ownership, or risk profile. This ongoing monitoring helps businesses stay on top of changes without constant manual checks.

Clarity on complex ownership structures: Identifying ultimate beneficial owners (UBOs) in complex business structures is often difficult. KYB provides tools for mapping and analysing these structures, making UBO identification more straightforward and accurate.

Core needs of AML regulated businesses

AML regulated businesses aim to:

  1. Verify clients efficiently and thoroughly
  2. Assess and manage risks accurately
  3. Maintain compliance without excessive resource use
  4. Quickly adapt to regulatory changes
  5. Minimise compliance-related business disruptions
  6. Build trust with regulators and clients

KYB helps regulated entities meet these needs by providing a thorough and efficient approach to business client due diligence. This enables AML regulated businesses to fulfill compliance obligations without sacrificing efficiency or growth opportunities.

The value of knowing your business

Understanding clients deeply is essential in today's business environment. KYC remains valuable for individual customer relationships, but KYB provides a more thorough solution for AML regulated businesses primarily dealing with corporate clients.

By tackling key pain points and helping businesses meet their core compliance needs, KYB allows regulated entities to:

  • Onboard clients faster and more confidently
  • Make decisions based on thorough risk assessments
  • Use resources more efficiently
  • Anticipate and meet regulatory requirements
  • Develop stronger, more trusted business client relationships

As AML regulations and business structures become more complex, the ability to truly "know your business" grows increasingly important. KYB approaches and technologies can help AML regulated businesses turn compliance into a competitive advantage, supporting growth while upholding high standards of integrity and risk management.

Exploring automated KYB solutions could help you tackle your key pain points and meet your compliance goals more effectively.

Article

Measuring compliance effectiveness in AML-regulated industries

Organisations in AML-regulated industries must gauge how effectively they’re building a culture of compliance. This is crucial for meeting regulations, managing risks, and maintaining client trust. Consider these key metrics that help measure and strengthen compliance efforts.
Meo
September 20, 2024
5 min read

Organisations in AML-regulated industries need to gauge how well they're building a culture of compliance. This matters for meeting regulations, managing risks, and keeping clients' trust.

To assess the effectiveness of a compliance culture, a combination of quantitative and qualitative metrics can be used:

Quantitative metrics

  • Mean time to issue discovery (MTTD):
    this measures how quickly compliance issues are identified within the organisation.
  • Mean time to issue resolution (MTTR):
    this tracks how long it takes to resolve compliance issues once discovered.
  • Compliance expense per issue:
    calculated by dividing the total fines received for compliance violations by the number of issues handled by the compliance department.
  • Average cost of compliance-related lawsuits:
    this metric helps assess the financial impact of compliance failures.
  • Regulatory compliance rate
    measures the adherence to applicable laws and regulations.
  • Training completion rates:
    tracks employee participation in compliance training programs.
  • Number of whistleblower reports:
    monitors the frequency of internal reporting of potential compliance issues.
  • Cost of compliance:
    assesses the financial resources allocated to compliance activities.
  • KYC accuracy rate:
    measure the percentage of KYC checks completed without errors or omissions.
  • Time to complete KYC processes:
    track the average time taken to complete KYC checks and how it changes with the automated system.
  • System adoption rate:
    monitor how quickly and thoroughly employees adopt new automated KYC systems.
  • Client onboarding time:
    measure changes in client onboarding time as compliance processes improve.

Qualitative metrics

  • Ethics and integrity index:
    measures employee perceptions of the organisation's ethical culture and leadership behaviour.
  • Compliance risk assessment results:
    evaluates the firm's ability to identify and mitigate compliance risks.
  • Employee knowledge and understanding:
    surveys that measure employees' comprehension of compliance policies and procedures.
  • Cultural beliefs and values:
    surveys focusing on the overall compliance culture and employee attitudes.
  • Leadership assessments:
    evaluate how well leaders model and communicate compliance expectations.
  • Client feedback:
    gather client opinions on the organisation's compliance practices and how they perceive the firm's commitment to integrity.
  • Case studies:
    analyse specific instances where strong compliance culture prevented issues or led to positive outcomes.

Survey-based metrics

Many organisations use compliance culture surveys to gather data on:

  • Employee attitudes and perceptions regarding compliance
  • Workforce understanding of compliance policies
  • Effectiveness of compliance communication and training
  • Leadership commitment to compliance as perceived by employees

These metrics provide a comprehensive view of a firm's compliance culture, allowing for benchmarking against internal historical data, industry peers, and national averages. Regular measurement and analysis of these indicators can help organisations identify areas for improvement and demonstrate the effectiveness of their compliance programs.

Better compliance with automated KYC systems

By combining automated KYC systems with these metrics, AML-regulated businesses can:

  1. Track improvements in compliance processes over time
  2. Identify areas where additional training or resources may be needed
  3. Demonstrate the value of compliance initiatives to leadership and stakeholders
  4. Create a data-driven approach to enhancing compliance culture

Regular review and analysis of these metrics can guide the organisation's efforts to strengthen its compliance culture and ensure that automated KYC systems are delivering the intended benefits.

_____________________

Sign up here to get more news, updates and event invitations from Meo!

Article

Self-evaluation: Does it make sense for you to invest in a KYC system?

Considering the shift from manual to automated KYC processes? This guide helps you evaluate your current methods against the potential of automation.
Meo
September 12, 2024
5 min read

Both the legal and financial industries are experiencing a significant shift in how Know Your Customer (KYC) processes are managed.

Manual methods, once a standard, are being replaced by automated systems. This change comes from increased global business, more regulations, and complex financial crime.

Clients want faster service.

Regulators impose large fines for mistakes.

Automated KYC systems offer a way to address these issues.

Considering the shift from manual to automated KYC processes? This guide helps you evaluate your current methods against the potential of automation.

Estimate how much time you spend:

When you get a new client

How long does it take for one of you to:

  • Write an email/ ring and ask for information?
  • Follow up (if the client doesn't reply)?
  • Check ID?
  • Check PEP status?
  • Check for sanctions/adverse media?
  • Make the matter and client risk assessment?
  • Store the information in the correct location?

What is the salary of the person that executes these tasks?

If it's a corporate client:

  • Do everything mentioned above to verify the beneficial owners?
  • Make sure that you know all the beneficial owners?
  • Verify the company information in official registers?
  • Check the company for sanctions/adverse media?

And what does it require from your clients?

Consider the client's perspective:

  • Multiple requests for information, often redundant
  • Lengthy wait times during the onboarding process
  • Frustration with repeated follow-ups
  • Potential loss of business opportunities due to delays
  • Confusion about the extent of information required
  • Concerns about data privacy and security

To ensure that these steps are being followed:

  • Ongoing monitoring of your clients?
  • That the manual procedures are updated on a regular basis?
  • Ongoing control of the manual procedures?
  • Correct documentation of risk assessments when the relationship is initiated and if it changes?
  • That verification of data can be documented?
  • An overview of all your clients' risk profiles
  • An overview of the number of clients that are PEP
  • That all client relations have been approved
  • That you know and remember when you need to re-verify your clients' data
  • That there isn't any personal information on clients saved in emails?
  • That all client data is archived and timely deleted
  • That you know exactly who has access to what information and can document who has or has had access.
  • That you can tell your clients which data you handle and why.

How likely is it that you'll make a mistake or forget a step when you are busy?

When there is an audit

  • How much time do you need to prepare for an audit when you have to document what you do and the evidence is lying in emails and folders of various colleagues?
  • Can you pull a list with the client overview that the authorities require at an audit? List of high, medium and low risk, different jurisdictions etc.
  • Can you provide that data on the clients that are selected for control?

Now that we are at it, have you remembered to make your Firm-wide risk assessment and document your policies and procedures? - if it isn't written down and reviewed annually, then it doesn't count.

What tasks could you spend your time on instead?

Consider the consequences

If your clients aren't satisfied

  • How many will choose another firm where the client onboarding is easier?

If you don't pass an audit

  • What will it mean for your reputation, if you get a sanction, a fine and that it is publicly known?
  • A sanction can also result in your company being put on public risk lists and then your business partners will require an enhanced AML control of your company before they can work with you.

If it goes all wrong

  • What will it mean if the criminals get hold of you and you unknowingly participate in money laundering and/or terrorist financing?
  • How big a fine will you get?
  • What will it mean to your reputation?
  • Who of you will in the worst case risk going to jail, if your policies, procedures and controls aren't good enough?

The benefits of an automated KYC system

✓ Increase onboarding conversion rates by 60%
✓ Reduce the costs of running AML compliance operations by 75%
✓ Improve your compliance team productivity 3-4 times on average
✓ Give your clients a good first impression with a professional onboarding
✓ Stop the criminals, avoid fines and stay GDPR and AML compliant

Automated systems cut time spent on repetitive tasks. This frees your team to focus on complex risk assessments and strategic compliance planning. KYC policies are applied consistently, with real-time updates and comprehensive audit trails.

These systems boost your defence against financial crime. They generate audit trails for regulatory inspections and detect suspicious activities faster through real-time monitoring. This limits criminal exploitation, protects your reputation, and helps avoid regulatory penalties.

Your team can concentrate on high-risk cases and compliance planning. KYC policies are applied uniformly across all clients, reducing human error—a common audit issue. As regulatory scrutiny and fines increase, automated KYC strengthens risk management and maintains smooth operations.

Consider how automation could enhance your workflows, improve accuracy, and boost your team's ability to meet growing regulatory demands.

Not sure if an automated KYC system is right for you? Contact us. We're here to advise based on your specific needs.

_____________________

Sign up here to get more news, updates and event invitations from Meo!