The transparent virtual account
Virtual accounts are a great idea that’s been missing one vital ingredient: transparency. Here we look at the opacity that’s made them unpopular with many regulators and large banks.
…and show how we fixed it.
vIBANS: too easy to be safe?
Many excellent companies offer virtual accounts, and it’s by no means our intention to call them into question. If you work with a reputable, regulated business, it’s highly unlikely you’ll encounter any problem. But there are serious flaws in the implementation of virtual accounts that open opportunities for wrongdoing. As a result, you may find that transactions may be rejected by risk officers, limiting your ability to make and receive payments.
Field 59 of a SWIFT MT103 message usually carries the IBAN that identifies the institution related to the transaction. It’s a unique code that not only shows the originator, it also includes information about their jurisdiction. The first two characters identify the country, for example GB shows that this institution’s region is the UK.
Virtual accounts can be identified in the same way, but there’s a problem. While IBANs are set by SWIFT, the virtual IBAN, or vIBAN can be set by the operator of the account. Not only does this raise the possibility of duplication, it allows bad operators to disguise the origin of a transaction. So a sanctioned region could be passed off as a AAA-rated jurisdiction.
But that’s not the only problem…
Dynamic vIBANS
Virtual IBANs exist are as easy to destroy as they are to create. This is particularly true for dynamic IBANs, which exist for one payment only. That means that it’s possible for fraudsters to set up a virtual account under a dynamic vIBAN - which at first glance can look like a normal “Real” IBAN. They can then simply take the payment and disappear.
If you prefer watching and listening to reading, then this video gives you an overview of how we’ve re-imagined virtual accounts to make them dependable and transparent while retaining - and frequently improving - their advantages of self-reconciliation, flexibility and rapid settlement.
Let’s be completely clear about this…
The CertiQi virtual account works within our overruling ethos of full transparency. It uses a specialised extension of our eKeyiD ecosystem to provide a separate and distinctive identifier for each virtual account, without obscuring the identity of the master account. In a SWIFT MT103 message, it’s identified in Field 59 by its IBAN, exactly as it would be in a straightforward transaction with the master institution. The CertiQi platform assigns each virtual account its own identity - an eViD. This sits in Field 70 of the same message, alongside the current transaction’s eKeyiD. Both codes are extremely compact, consuming less than half of Field 70’s capacity while unlocking unlimited gigabytes of information. The codes are easily embedded in other platforms, including Fedwire, and we offer a range of APIs for integration with enterprise systems like Bankware.
All this means that there’s no danger of mistaking the prime financial institution behind the transaction, but virtual account holders can make and receive payments direct to and from their named accounts. and because the transaction’s eKeyiD is inseparably attached, every detail of compliance and transactional data accompanies the payment along its entire journey.
Find out more
If you’re interested in offering your customers trustworthy virtual accoutns that are flexible, quick to set up and self-reconciling, then get in touch and we’ll give you the full story.