What is KYC and what are the requirements?
KYC or know your customer is a set of guidelines financial institutions like payment service providers follow to verify the identity, risks, and suitability of a potential customer (Business).
The goal of know your business is to identify suspicious behavior such as money laundering and financial terrorism before it happens. Think of KYC as a preventive measure.
The process got its start in the 1970s in response to unchecked financial crimes. The regulations put in place over the years have required firms to monitor client behavior regularly. And there is no exception for not complying.
Any company, including banks, insurance companies, and creditors with exposure to client risk must develop a KYC strategy for engaging with customers. Failing to do so can result in monetary fines and additional penalties.
So, what are the requirements associated with know your customer? Here’s a quick look at what you need to know.
The framework for know your business involves three basic steps. These steps are the customer identification program (CIP), customer due diligence (CDD), and enhanced due diligence (EDD).
Skipping one of the three steps can result in non-compliance penalties.
1. Customer Identification Program
At the very least, firms must find and verify four pieces of identifying information about a client. These include the name, date of birth, address, and identification number of the business.
Most financial institutions take additional steps during their screening process. Many will make sure that clients do not appear on government sanction lists, politically exposed person (PEP) lists, or known terrorism lists. If a business name appears on a list, it usually requires enhanced due diligence.
2. Customer Due Diligence (CDD)
Customer due diligence is the process of classifying all the information collected during the Customer Identification Program.
Financial institutions examine the nature and beneficiaries of existing relationships to ensure all activity is consistent with historical customer information.
The goal is to obtain enough information to verify a customer’s identity and assess their riskiness. Since financial crime happens quickly, firms frequently monitor this information for unusual spikes in activity or changes to sanction lists. Most clients pose little to no risk, but the few who do are subject to enhanced due diligence.
3. Enhanced Due Diligence (EDD)
If a customer is believed to pose a risk, the financial institution will take extra steps to get a better understanding of their motivations. A high-risk business may include those with political exposure or relationships with designated persons. Even someone in a high-risk country can raise a red flag for compliance.
In theory, firms must demonstrate an understanding of any risks clients identified by a standard customer due diligence program may pose. Some of the information required to perform enhanced due diligence includes a source of asset verification, detailed management reports, and relevant third-party research.