KYC is a term that most individuals know about. Know Your Customer (KYC) is the primary pillar in the fight against financial crime and money laundering. Customer identification is the first step in other stages of the process.
By law, financial institutions need to perform KYC checks to authenticate the identity of a consumer and verify the risks they pose. Proper implementation of KYC procedures can help in preventing ID theft, money laundering, financial fraud, terrorist funding, and other instances of financial crime. Not complying with know your customer process can lead to huge fines for banks and financial institutions.
KYC laws and regulations first came into existence in the 1990s to prevent the flow of money laundering. After the 9/11 attack, the US made the regulations stricter regarding the laws following KYC as part of the Patriot Act. There have been several changes in the Know your customer process even before 9/11, and after the terrorist attacks, the changes gained much-needed momentum. Soon after the 9/11 attack, regulatory bodies implemented major changes to the KYC laws.
In the Title III of the Patriot Act, it is mentioned that financial institutions are mandated to follow the two different parts to comply with KYC regulations. The two regulations are:
- Customer Due Diligence (CDD)
- Customer Identification Program (CIP)
The KYC procedure is the first line of defense against identity fraud, money laundering, and financial fraud.
Here’s how KYC can help:
- Identity Theft: KYC laws and regulations help financial institutions build a solid proof of customer identity. By complying with KYC rules, banks and financial institutions can prevent the use of fake accounts and identity thefts from fake documents and stolen identity documents. Technologies like online bank account verification software and online document verification are great ways to comply with the rules.
- Money Laundering: Organized and unorganized criminal entities try to launder money to fund drug peddling, human trafficking, smuggling and so much more. Money laundering happens when individuals and criminal entities try to spread out the money in multiple accounts trying to make it look legal.
Financial Fraud: KYC regulation is designed to prevent all types of financial crimes. Banks can prevent the use of fake and stolen IDs to apply for a loan and open new bank accounts.
Difference Between AML and KYC Regulations
Most individuals and businesses end up using the terms KYC and AML interchangeably. While there are some things similar about KYC and AML regulations, there are also major differences. The difference between Anti-Money Laundering (AML) and Know Your Customer (KYC) regulations is that the AML is a set of rules and regulations that financial institutions must follow to prevent money laundering. KYC laws are more specific and help in authenticating a customer’s identity, which is an essential part of the overall AML regulations.
Financial institutions are responsible for making their own rules and regulations to develop their KYC programs. However, the AML regulation can vary based on geographical location or country, which also means that financial institutions have to develop KYC and AML standards based on geographical locations.
Who Needs to Know Your Customer Regulations?
KYC is mandated to be complied with by financial institutions while onboarding customers during and throughout the customer-business relationship. When a business accepts a new client, or when an existing client tries to take on a regulated product, standard KYC laws apply.
Financial Institutions that are mandated to comply with KYC rules and regulations are:
- Credit unions
- Wealth management firms and broker-dealers
- FinTech apps (financial technology apps), depending on the activities these apps provide
- Private lenders and lending entities
KYC regulations are becoming essential to prevent all types of financial fraud for any entity that deals in money. While banks are needed to comply with the laws to limit fraud, they also pass down that required to comply with KYC.
When is KYC Needed?
The common reasons for KYC regulation are:
- Unusual transaction activity
- New information or changes to a customer’s account
- Change in client’s occupation
- Change in the nature of a client’s business
- Adding new parties to an account
During the initial due diligence and ongoing customer monitoring, a bank might uncover certain risk factors like wire transfers, international transactions, and interactions with high-risk countries. A customer that has high risks of money laundering may face a higher level of scrutiny compared to low-risk customers.
Three Pillars of KYC Process
An ideal KYC program includes 3 components:
- CIP – Customer Identification Program
- CDD – Customer Due Diligence
- Customer Monitoring
A customer identification program includes financial institutions asking customers for identifying information. Every financial institution has its own rules for conducting CIP, and it’s often based on the risk level of the business.
Based on the type of business, customers will be asked for different information:
- Driver’s license
- Certified articles of incorporation
- Government-issued business license
- Partnership agreement
- Financial references
- Information from a customer reporting agency
- Financial statement/bank statement
Customer due diligence requires financial institutions to conduct detailed risk assessments of customers they’re onboarding. FIs have to examine the potential types of transactions a customer will make to be able to detect suspicious behavior. Institutions must identify and verify customer identity who owns 25% or more of a legal entity, and an individual who controls the entity.
There are 3 different types of Customer due diligence:
- Simplified Due Diligence (SDD)
- Basic customer due diligence (CDD)
- Enhanced due diligence (EDD)
Continuous monitoring means that financial institutions need to monitor their customer’s transactions regularly based on suspicious activities. This pillar of customer due diligence requires banks and financial institutions to monitor customers continuously.