What is a KYC and why is it important?

Knowing who your customer is and adopting protocols to prevent financial crime are ongoing challenges for financial institutions. Significantly, financial institutions must comply with an increasingly complex set of regulations for customer identity verification called KYC. KYC, also known as “Know Your Customer" or "Know Your Customer”, is a set of procedures to verify the identity of a customer before or during financial transactions.

Compliance with KYC regulations can help keep at bay money laundering, terrorist financing and other common fraud schemes. By first verifying a customer's identity and intentions at account opening, and then understanding their transaction patterns, financial institutions are able to more accurately identify suspicious activity.

Financial institutions are subject to increasingly strict standards when it comes to KYC laws. They have to spend more money to comply with KYC or face heavy fines. These regulations mean that almost any company, platform or organization that interacts with a financial institution to open an account or transact will have to comply with these obligations. In this article we talk about everything you need to know about KYC regulations.

What is KYC in banking?

KYC stands for Know Your Customer and is a standard due diligence process used by financial institutions and other financial services companies to assess and monitor customer risk and verify a customer's identity. KYC guarantees that a customer is the one that he claims to be.

Under KYC, customers must provide credentials proving their identity and address. Verification credentials may include ID card verification, face verification, biometric verification, and/or document verification. For proof of address, utility bills are an example of acceptable documentation.

KYC is a critical process to determine customer risk and whether the customer can meet the institution's requirements to use its services. It is also a legal obligation to comply with anti-money laundering laws (AML). Financial institutions must ensure that customers do not engage in criminal activity by using their services.

Banks can refuse to open an account or terminate a business relationship if the customer does not meet the minimum KYC requirements.

What is eKYC?

In India, eKYC is a process in which the customer's identity and address are electronically verified through Aadhaar authentication. Aadhaar is India's national biometric eID system. eKYC also refers to capturing information from identifiers (OCR mode), extracting digital data from government-issued smart IDs (with a chip) with physical presence, or using certified digital identities and facial recognition for online identity verification.

This type of KYC verification is also used for cryptocurrency trading apps.

Why is the KYC process important?

The KYC procedures defined by the banks involve all the actions necessary to ensure that their customers are real, to assess and monitor the risks. These customer onboarding processes help prevent and identify money laundering, terrorist financing and other illegal corruption schemes.

The KYC process includes ID card verification, face verification, verification of documents such as utility bills as proof of address, and biometric verification. Banks must comply with KYC regulations and anti-money laundering regulations to limit fraud. The responsibility for KYC compliance rests with the banks.

In case of non-compliance, heavy penalties can be applied. In the United States, Europe, the Middle East and Asia-Pacific, a total of approximately 26 billion fines have been levied for non-compliance with AML, KYC and sanctions laws over the past ten years (2008-2018) – not to mention reputational damage done and not measured.

Who needs KYC?

KYC is required for financial institutions that deal with customers when opening and maintaining accounts. When a business onboards a new customer or when a current customer acquires a regulated product, standard KYC procedures generally apply.

Financial institutions that must confirm to KYC protocols include:

• Banks
• credit unions
• Wealth management companies and brokers
• Financial technology applications (applications fintech), depending on the activities in which they engage
• Private lenders and lending platforms

KYC regulations have become an increasingly critical issue for almost every institution that interacts with money (so, pretty much every business). Although banks are required to comply with the KYC to limit fraud, they also convey this requirement to the organizations with which they do business.

What are the three components of KYC?

The three components of KYC include:

• Customer Identification Program (CIP) : the client is who he claims to be
• Customer Due Diligence (CDD): assess the client's level of risk, including review of a company's beneficial owners
• Ongoing monitoring: verify customer transaction patterns and report suspicious activity on an ongoing basis

Customer Identification Program (CIP)

To comply with a customer identification program, a financial institution asks the customer for identification information. Each financial institution conducts its own CIP process based on its risk profile, so a customer may be asked to provide different information depending on the institution.

For an individual, this information could include:

• A driving license
• A passport

For a business, this information may include:

• Certified Articles of Incorporation
• Business license issued by the government
• Partnership Agreement
• Instrument of trust

For a business or individual, additional verification of information may include:

• Financial references
• Information from a consumer reporting agency or public database
• A financial statement

Financial institutions must verify that this information is accurate and credible, using documents, non-documentary verification, or both.

Customer Due Diligence (CDD)

Customer due diligence requires financial institutions to conduct detailed risk assessments. Financial institutions examine the types of potential transactions a customer will make so that they can then detect abnormal (or suspicious) behavior.

On this basis, the institution may allocate to the client a risk rating that will determine the degree and frequency of account monitoring. Institutions must identify and verify the identity of any natural person who owns 25% or more of a legal entity, and a natural person who controls the legal entity.

Although there is no standard procedure for performing due diligence, institutions can design it at three levels:

• Simplified Due Diligence (“SDD”). For low value accounts, or where the risk of money laundering or financial terrorism is low, a full CDD may not be necessary.
• La Basic Customer Due Diligence (“CDD”). At this level of due diligence, financial institutions are expected to verify a customer's identity and risk level.
• Enhanced Due Diligence (“EDD”). High-risk or high-net-worth customers may require the collection of more information so that the financial institution has a better understanding of the customer's financial activities and risks. For example, if a customer is a Politically Exposed Person (PEP), they may be at higher risk of money laundering.

Continuous monitoring

Continuous monitoring means that financial institutions must constantly monitor their customers' transactions. This is with a view to detecting any suspicious or unusual activity. This component takes a dynamic and risk-based approach to KYC.

When suspicious or unusual activity is detected, the financial institution is required to submit a Suspicious Activity Report (SAR) to the FinCEN (The Financial Crimes Enforcement Network) and other law enforcement agencies.

KYC verification: innovative approaches are welcome

In November 2018, U.S. agencies, including the Federal Reserve, issued a joint statement that encouraged some banks to become increasingly sophisticated in their approaches to identifying suspicious activity and experimenting with artificial intelligence and digital identity technologies .

European Supervisory Authorities promoted new solutions to address specific compliance challenges earlier this year. They suggest maintaining a common approach for consistent standards across the EU.

They provide for several types of verification, such as "an integrated computer application that automatically identifies and verifies a person from a digital image or video source (facial biometrics)” or “a built-in security feature that can detect images that are or have been tampered with (for example, face morph) so that these images appear pixelated or blurry. »

The use of biometrics may be challenged by local or regional regulations. These financial regulations are: GDPR in the EU, CCPA in California, to name a few.

Conclusion

KYC regulations have far-reaching implications for consumers and financial institutions. Financial institutions are required to follow KYC standards when working with a new customer. These standards were put in place to combat financial crime and money laundering. These standards also cover the financing of terrorism and other illegal financial activities.

Article to read: Why is company staff training important?

Money laundering and terrorist financing often rely on accounts opened anonymously. The increased emphasis on KYC regulations has led to an increase in the reporting of suspicious transactions. A risk-based approach with KYC can help eliminate the risk of fraudulent activity. It can also ensure a better customer experience.

Leave us your opinion in the comments to allow us to update this article