What is Know Your Customer (KYC)?

Know Your Customer (KYC) refers to the policies and procedures put in place by businesses to manage risk and verify the identities of customers, clients and suppliers.

KYC processes are particularly relevant to the financial industry, ensuring compliance with national and international regulations targeting criminal activity such as money laundering, terrorism financing, fraud and corruption.

Therefore, KYC compliance is about customer due diligence.

  • Researching company data and investigating senior executives and directors.
  • Verifying the individual or company doesn't appear on any sanctions lists or watchlists.
  • Checking the individual isn't listed as a politically exposed person (PEP), potentially opening them up to corruption or bribery.

To achieve KYC compliance, banks and other financial services companies need to have in place stringent KYC policies incorporating the following four key elements:

  • A customer acceptance policy: The criteria for determining whether a customer or client can be accepted to open an account – or if the level of risk requires additional due diligence.
  • Risk management: The criteria for classifying customers as low, medium or high risk.
  • A Customer Identification Program: The verification of documents to effectively know your customer.
  • Ongoing monitoring: Monitoring of client or customer accounts for any unusual or unexpected financial transactions that might require their risk profile to be reassessed.

Why KYC matters

Around the world, banks and financial institutions are required to comply with a variety of laws and regulations targeting financial crime. For example, in the UK, KYC regulations within the financial industry are enforced by the Financial Conduct Authority (FCA).

But while the fines can be severe, banks and other financial institutions shouldn't approach their KYC obligations purely as an issue of regulatory compliance. >KYC compliance also benefits the organisation as it relates directly to risk management.
A good KYC policy or process can help financial institutions better understand their customers and their financial practices, making it easier to assess, manage and mitigate risk to the organisation.

KYC checks help to protect the organisation from fraud, money laundering, bribery, human rights violations and other forms of corruption and financial crime.

By conducting thorough KYC checks, you can dramatically reduce the financial, reputational, regulatory and strategic risks to your company from customers and other entities.

Worldwide Company Identity Verification

KYC compliance isn't just about the identity verification of customers, but the verification of companies as well. In today’s global economy, organisations need to be certain that the companies they do business with – and the individuals within them – are indeed what and who they say they are.

A number of KYC technology solutions on the market include both customer verification and worldwide company identity verification. The KYC process and tools your company adopts need to be thorough. But they also need to be quick, so you can verify the company's identity – along with the individual contacts – and satisfy your KYC customer acceptance policy before the business opportunity is missed.

Checking Sanctions and Watchlists

KYC requirements also involve the checking of national and international sanctions lists and watchlists. 

Individuals or organisations that engage in illegal activities can have sanctions levelled against them. Such activities might include:

  • Money laundering
  • Terrorism and terrorist financing
  • Drug trafficking
  • Human-rights violations
  • Arms proliferation
  • Violation of international treaties

Separate to lists of sanctions, watchlists specify individuals, groups or organisations that require close surveillance, usually for legal or political reasons.

Typically, governments or other international authorities establish these lists. Among the international sanctions and watchlists are Her Majesty’s Treasury in the UK, the FBI and the Office of Foreign Assets Control (OFAC) in the US, and Interpol.

Sanctions and watchlist checks, therefore, are specialised searches accessing a number of international, government or regulator databases to identify individuals who are prohibited from engaging in certain activities or industries.

Checking PEP Lists

Similar to sanctions lists and watchlists, your KYC processes also need to include searches of available lists and databases to verify customers aren't designated as politically exposed persons (PEPs).

A PEP is a person who either holds a prominent public function – such as a government politician or top military official – or has close family, personal or business ties with someone who does.

Just because a customer is listed as a PEP doesn't mean they are untrustworthy or likely to be engaged in any illegal activity. However, compared to other customers, a PEP's position and potential influence increases the risk of involvement in crimes such as corruption, bribery and money laundering.

If you identify that a customer is listed as a PEP, your company can then undertake additional or enhanced due diligence, backed by documented audit trails to ensure ongoing KYC compliance.

Components of the KYC Process

The KYC process involves four key components, each providing an essential layer in the construction of a robust and effective customer identification framework. These components include the Customer Identification Program (CIP), Customer Due Diligence (CDD), Enhanced Due Diligence (EDD), and Ongoing Monitoring.

Customer Identification Program (CIP)

The Customer Identification Program (CIP) forms the first line of defence in the KYC process. It requires financial institutions to collect, record, and verify basic identification information from customers before establishing a financial relationship. This ensures compliance with the Money Laundering Regulations (MLR) and helps prevent financial fraud, terrorism financing, and money laundering.

Customer Due Diligence (CDD)

Customer Due Diligence (CDD) is a crucial step in the Know Your Customer process where further information is obtained about the customer to assess their risk profile. It includes checking the customer's source of wealth, purpose of the transaction, and expected transaction behaviour. The CDD process is not only critical in complying with the regulatory obligations under MLR but also helps financial institutions to manage risks effectively.

Enhanced Due Diligence (EDD)

Enhanced Due Diligence (EDD) is a more rigorous process undertaken for customers who pose a higher risk, such as politically exposed persons (PEPs) or customers from high-risk jurisdictions. This process often involves in-depth background checks, source of funds investigations, and ongoing monitoring to mitigate potential risks. Performing EDD is a key requirement under the MLR and plays an important role in preventing illicit financial activities.

Ongoing Monitoring

Ongoing Monitoring refers to the continual assessment of a customer's transactions and behaviour to ensure it aligns with their established risk profile. This component is crucial as it aids in the early detection of suspicious activity, allowing financial institutions to promptly report any anomalies to the authorities. Ongoing monitoring is a vital part of maintaining compliance with the MLR.

KYC Documents

Around the world, banks and financial institutions are required to comply with a variety of laws and regulations targeting financial crime. For example, in the UK, Know Your Customer regulations within the financial industry are enforced by the Financial Conduct Authority (FCA).

But while the fines can be severe, banks and other financial institutions shouldn't approach their KYC obligations purely as an issue of regulatory compliance. KYC compliance also benefits the organisation as it relates directly to risk management.

A good KYC policy or process can help financial institutions better understand their customers and their financial practices, making it easier to assess, manage and mitigate risk to the organisation.

KYC checks help to protect the organisation from fraud, money laundering, bribery, human rights violations and other forms of corruption and financial crime.

By conducting thorough KYC checks, you can dramatically reduce the financial, reputational, regulatory and strategic risks to your company from customers and other entities.

A KYC glossary: Related terms

KYCC

Know Your Customer's Customer. Your customer or client may also have customers or clients, and those relationships could pose money laundering risks. For example, shell companies are often used to shield the identities of those who ultimately benefit from financial transactions. 

Evolving legislation in some jurisdictions, such as the EU's Sixth Anti-Money Laundering Directive, suggests KYCC is likely to become increasingly necessary.

KYB

Know Your Business (KYB). Instead of verifying the identity of individual customers or people, KYB is restricted to performing due diligence around companies – and the individuals representing those companies – with whom you hope to form a business relationship.

eKYC

Electronic Know Your Customer. Refers to digitised KYC processes where customer identity is verified electronically or online. 

eKYC is particularly popular in India, where 99% of adults have a digital identity or Adhaar number administered by the Government.

AML directive

Anti-Money Laundering Directive. Six AMLDs have so far been issued by the European parliament to be implemented by member states through legislation, with the most recent coming into effect in December 2020. However, not all EU member states have implemented the AMLDs. 

In April 2021, the European Commission published a set of new regulatory proposals, including the formation of a centralised AML Authority and the unification of disparate AML and KYC rules throughout the region.

KYC Checks

Know Your Customer checks. The KYC process and methodology businesses use to verify customers, which can include the verification of identity documents as well as facial recognition and biometric verification.

Challenges and Solutions of Implementing Know Your Customer

Implementing a robust KYC process is not without its challenges, often involving resource-intensive procedures, technological hurdles, and regulatory complexities. However, the advent of modern solutions, including automated KYC processes and collaboration with third-party providers, promises to alleviate these difficulties.

One of the main challenges with traditional Know Your Customer procedures is their resource-intensive nature. Verification of customer identities and backgrounds often require substantial time, labour, and financial resources. On top of this, manual processes can be prone to human errors that may lead to non-compliance and subsequent penalties.

Technological challenges also arise in terms of integrating advanced systems and data analytics to aid in KYC processes. For some institutions, especially smaller ones, this technological leap can be daunting and costly.

Further, the dynamic and often complex regulatory environment can create additional hurdles. Laws and regulations vary across jurisdictions, and staying up-to-date with changes is vital yet challenging.

To combat these issues, automation has emerged as a compelling solution. Automated Know Your Customer processes reduce manual effort, increase efficiency, and significantly lower the risk of errors. Technological advancements now offer tools that can seamlessly integrate with existing systems, providing capabilities such as real-time data analysis and risk profiling.

Collaborating with specialised third-party providers can also prove advantageous. These firms have the expertise, technology, and infrastructure to efficiently handle KYC processes, helping businesses to stay compliant with regulations while freeing up their internal resources. Such strategic partnerships, such as those offered by Nexis Solutions, not only solve the KYC conundrum but also allow businesses to focus more on their core operations.

 

Explore our Due Diligence & Compliance Solutions

Learn more

Get in touch

E-Mail: information@lexisnexis.com
Telephone number: +31 (0)20 485 3456