Know Your Customer procedures and checklist are necessary to help businesses validate the identities of their customers, be aware of the sources of their funds, keep track of their transactions, and report suspicious activities in a fast, effective, and wasteless manner. The main idea behind the KYC process is to properly manage customer lifecycle including identification during customer onboarding and take the appropriate actions to prevent money laundering, terrorism financing, and related crimes. A documented Know Your Customer procedures and checklist will reduce business risk and exposure to regulatory fines imposed by financial crime enforcement agencies against companies that fail to implement KYC policies and Customer Identification Program (CIP). Documented KYC procedures are mandatory for a vast number of financial businesses dealing with mass transactions, especially banks.
Know Your Customer Requirements and Compliance
Know Your Customer (KYC) is a process of identifying and verifying the identity of clients who open accounts with financial institutions. The goal of KYC is to prevent the illegal use of the financial system for money laundering or terrorist financing purposes.
The KYC requirements are set by regulations in most countries, notably by the Financial Action Task Force (FATF) which is an intergovernmental global body that develops and promotes policies to protect the global financial system against money laundering, terrorist financing, and other related threats.
To support Know Your Customers (KYC) compliance, businesses must provide their customers with specific information about their business and what they do, to get client agreement for how they will use their personal information, and how they will protect client data.
Who Should Comply with KYC Requirements?
In general, all companies that have clients engaged in financial transactions are subject to KYC compliance. However, not all of them need to ensure KYC compliance in the same way or detail. Banking, insurance, lending, and similar financial institutions will be obliged under law to apply more detailed compliance procedures than other types of financial or non-financial services providers.
KYC compliance criteria may be different by:
• The location of your company (headquarter)
• The market you serve (B2C or B2B)
Why is KYC Compliance Important?
It is critically important to comply with KYC regulations and requirements because a failure of doing so may result in heavy fines or, even worse; closure of your company. You might also end up being responsible for supporting money laundering or terrorist financing crimes if you neglect proper risk management. Compliance with the KYC procedures will protect your business from facing non-compliance charges from government regulators.
KYC Non-Compliance Fines and Penalties
Non-compliance with KYC is subject to fines and penalties based on specific violation criteria and the country in which your business operates. In general, it will be around $5000–$10,000 for each document not properly checked plus additional fines if money laundering or terrorism financing is involved which can be categorized as financial crime and lead to jail time.
The Identity Theft Factor
Every year, identity theft is becoming more prevalent and sophisticated. An identity theft victim spends countless number of hours trying to resolve issues that arise after an identity has been stolen. And businesses spend wasteful hours to investigate identity theft cases and attempt to collect stolen funds and reduce their allowance for identity theft losses.
TransUnion estimates that over half of unauthorized activity occurs in the first 30 days after a breach, while financial institutions are still attempting to verify whether or not identity theft was involved.
No matter how big or small your company may be, you must have proper KYC procedures in place for checking customers’ identities and backgrounds to remain compliant with regulations while your business continues to grow and build trust with clients.
Know Your Customer Procedures
There are generally two steps in KYC compliance:
- Collecting and verifying your customer’s identification information.
- Monitoring transactions to detect and report suspicious activities.
The following is an example of KYC procedures that may guide you when developing KYC processes for your business according to your company’s needs.
- All customers (new and existing) must be identified with full name, address, date of birth, occupation, nationality, etc.
- Name matching using various directories available with alternative methods like telephone calls or e-mails to validate identity.
- Corporate customers’ organizational charts and backgrounds can be used to identify senior management, owners, or shareholders.
- For the companies involved in high-risk activities such as casinos, front companies, financial institutions, etc., additional due diligence may be required.
- All documents must be collected and checked by qualified staff.
- A proper procedure should exist for updating and maintaining KYC records (checklists and forms).
- Regular training sessions should be held to inform all employees about any changes in procedures and legislation surrounding KYC compliance.
- A privacy awareness program should be implemented to show how company data is handled to protect customer privacy as required by various laws such as GDPR.
Know Your Customer Checklist
The following list may be used to create a checklist as part of a comprehensive know your customer program:
- Identify your customers and types of identification information they need to provide.
- Determine techniques and systems to help verify client identity including official identification documents and databases.
- Know where your customer comes from, review the risk associated with this place/region before opening an account, and assess the regional legal requirements. For instance, some countries prohibit using services provided by international companies (i.e., VPN). In such cases, you can’t accept any new customers coming from these channels unless they use an address located out of that region.
- Track your business relationships and continuously assess the risks associated with new customer onboarding and existing customer tracking.
- Know the purpose of your customer activities and their source of funds to exclude them from being involved in money laundering or other criminal activities.
- Keep a record for customer onboarding, tracking, and reporting. Keep a history of all events to ensure everything is documented correctly and protected legally. It may be required later as evidence against potential claims by law enforcement agencies or other parties.
- Identify the red flags for suspicious activities and determine follow up steps when a customer meets the criteria, so your staff know how to proceed (i.e., asking for additional supporting documentation).
- Implement a KYC policy and procedures, make sure the employees know how to implement this policy and follow the necessary steps to avoid mistakes.
In conclusion, Know Your Customer (KYC) is not just about compliance with customer identity verification and documentation. Regulatory compliance may be the main reason behind an effective Know Your Customer procedures and checklist, however, preventing identity theft, reducing criminal activities, and minimizing the risk of terrorism are secondary objectives for businesses. Once specific KYC procedures and checklist are developed for your business needs, employees must be trained to learn how to properly follow the policies and procedures that you have established for them in order to enforce the KYC rules and avoid violations of company policies which can lead to potential legal problems in the future from law enforcement agencies.