How well do you know your customers? Are you comfortable with your processes and checks to make sure that they are safe to deal with? If not you can face possible fines, penalties and damage to you and your company’s brand, if you become involved in money laundering or terrorist financing through the activities of one of your customers. More importantly, knowing your customers is fundamental to protecting your organisation from fraud or losses incurred from illegal funds and transactions.
What is KYC?
Know Your Customer, or KYC as it is known means conducting thorough background checks on potential customers for pre-onboarding risk assessments. Businesses use it to identify and verify the identities of clients to make sure they meet regulatory requirements. Meeting KYC standards is an important part of adhering to modern anti-money laundering (AML) and combating the financing of terrorism (CTF) policies.
Corporate KYC is an expansion of standard KYC regulations. Instead of focusing on individuals, corporate KYC is a set of procedures to verify businesses. It also plays a significant role in fulfilling KYC and AML requirements and is often known as Know Your Business (KYB).
What are the Requirements?
Although KYC regulations vary across different countries and jurisdictions, there are a few directives that can commonly be found globally:
- Developing customer identification processes
- Identifying customers through their official identity documents
- Understanding the nature of customer’s activities (to confirm finds are legitimate)
- Verifying corporate entities through documentation and verification of owners
- Assessing money laundering risks associated with the customer
- Take AML compliance measures if necessary
Who is impacted by KYC Requirements?
Initially, KYC procedures were only brought into place for financial institutions. But nowadays KYC is considered a key obligation for non-financial institutions as well. Typically, it is seen as being extremely important in the following sectors:
- Financial institutions
- Fintech companies
- Credit unions
- Gamblin entities and casinos
- Wallet providers and crypto exchanges
This list is by no means exhaustive, and KYC should be used by any business to protect themselves, reduce the risk of fraud and money laundering through their business and make sure they do not fall foul of regulations.
Significant KYC Laws
Again, laws can vary, depending on where you operate. Here are a few of the major laws in different countries around the world:
Banking Secrecy Act (BSA) which is an American law requires the reporting entities (primarily banks) to take necessary measures for customer verification and to report suspicious activities to FinCEN. Banks are required to adopt customer identification programs according to the provisions of the US Patriot Act.
France uses the Anti-money laundering Act (AMLA) specifies the customer identity verification laws for financial businesses.
The Money Laundering Act (MLA) of the UK defines customer verification regulations for reporting entities.
Proceeds of Crime and Terrorist Financing Act (PCMLTFA) is a Canadian law that sets the KYC requirements and processes for reporting entities.
The AML/CTF Act of Australia implemented by AUSTRAC defines the KYC and AML compliance guidelines for verification of individual and corporate customers.
The Primary Components of KYC
Customer Identification Program (CIP)
The KYC process includes obtaining and checking Personally Identifiable Information (PII). This part of the process is known as a Customer Identification Program. CIP is a necessary element to curb money laundering, counteract terrorist financing and protect against various other criminal activities that could be caused by improper identification of a customer.
There is no one size fits all solution to CIP, it’s up to companies to decide which PII they choose to verify according to policy, but some examples include:
- Client’s full name
- Client’s date of birth
- Client’s address
Customers would need to present official documents such as a passport, ID card or driver’s licence. As well as these three common examples, other types of PII can be requested and processes should be tailored accordingly.
For verification purposes, verifiers may also run PEP (Politically Exposed Person) and Sanctions checks against worldwide watch lists.
Customer Due Diligence (CDD)
Customer due diligence (CDD) is the act of performing background checks and other screening on the customer to ensure that they are properly risk-assessed before being onboarded.
CDD is at the heart of AML and KYC initiatives. It is designed to help prevent financial crimes like money laundering, terrorist financing, human and drug trafficking, and fraud.
There are several requirements that make up the CDD process:
- Identifying and verifying customers – Ensure customers are who they say they are
- Identifying business information – Find out information about the customer’s business model, source of funds and beneficial ownership.
- Creating customer risk profiles – Sort customers into different risk levels to indicate the amount of risk they pose.
- Risk assessments – The higher the risk, the more assessment and due diligence that is needed.
- Ongoing monitoring of customers and their transactions – CDD does not stop after the customer is onboarded. Some sort of system should continue t monitor high-risk customers, suspicious transactions and changing customer profiles.
KYC is one of the most important areas to look after in your business, to make sure that you are protected and to help fight against financial crimes and the funding of illicit activities. Here at Sekuritance, we have a single platform for every compliance need within a business, including end to end KYC, KYB and AML applications all under one umbrella.
Our Sekur.Transact module will use KYC tools to identify who your customers are and whether they are of good standing to transact with your business. Find out just how we can protect you and your business from potential harm, visit www.sekuritance.com today and find out more.
The Sekuritance RegTech platform provides a single platform for every eGRC need, including end-to-end AML/CTF, CECL, FCPA, vendor management, beneficiary onboarding, investor check, card processing MFA checks, blockchain wallet checks, cyber-risk assessments, and other RegTech or Business Process Management requirements.
Stay tuned for more info and follow us on: