What is KYC?

The Know Your Customer (KYC) process refers to the need for businesses to understand who their customers are and what kind of financial activity they are involved in. KYC is a foundation of AML/CFT compliance in jurisdictions all over the world: given its regulatory importance, firms should understand how to implement KYC effectively as part of their AML/CFT compliance solution. 

What is Know Your Customer / KYC?

The phrase “know your customer” may seem self-explanatory, but it carries important regulatory consequences. The term KYC describes the measures and controls that businesses must put in place to verify the identities of their customers and clients before, and during, a business relationship. The term can also reference the range of regulated bank practices that are used to verify clients’ identities.

Most banking institutions, credit companies, and insurance agencies require customers to provide personal information as part of the KYC process. That information is used to establish their identities, inform compliance risk assessments, and ensure that those customers are not involved in financial crimes such as corruption, bribery, money laundering, and terrorism financing. 

As the global cost of money laundering rises, KYC policies evolve to better detect criminal methodologies and prevent illegal transactions. Accordingly, effective KYC protects both financial service providers from costly compliance penalties, criminal liability, and reputational damage, and the individual customers that might otherwise be harmed by financial crime. 

Are you an early stage FinTech and need an AML solution?

Discover ComplyLaunch™, our automated solutions package for early stage FinTechs.

Learn more

The KYC Process

Data collection: Many financial institutions begin their KYC procedures by collecting basic data and information about their customers, ideally using electronic identity verification. Some countries refer to this process as a “Customer Identification Program”. Basic KYC data requirements include:

• Names
• Addresses
• Dates of birth
• Social security numbers

Verification: Once basic customer data is collected, banks may compare it to lists of individuals that are known for their association with criminal activity. These lists may include: 

• Lists of high risk jurisdictions
• Global sanctions and watch lists
• Politically Exposed Persons (PEP) lists
• Criminal registries of participants involved in bribery and corruption

Risk assessment: Banks should use the KYC information that they have collected to assess an individual customer’s risk of becoming involved in financial crime.

The results of a risk assessment should help a financial institution determine a customer’s risk profile, and make predictions about their future financial behavior. Banks may also use a customer’s established risk profile to consistently monitor their account activity, and better detect transactions that seem unusual or suspicious. 

Recommended by the Financial Action Task Force (FATF), risk-based KYC allows firms to balance their compliance obligations with their budgetary resources. Customers that are determined to present a higher risk may be subject to more intensive KYC measures, while lower risk customers may receive the minimal necessary scrutiny. 

Risk assessments also allow financial institutions to compare a client’s financial activity to that of their peers. When clients diverge from expected financial behavior, banks may use the profiles of clients that share similar occupations, financial backgrounds, and industry connections to determine the likelihood of criminal activity.

KYC Automation

KYC compliance requires significant resources. Rising numbers of global transactions and increasingly complex regulations mean that manual KYC processes are often unable to meet compliance needs, and subsequently expose companies to unacceptable levels of risk. 

Given the risks – which include financial penalties and criminal liability – it is crucial that companies implement an automated KYC solution. Automated KYC software offers a range of significant compliance benefits, including:

• Speed: Automated KYC tools accelerate the KYC process, facilitating faster customer due diligence, transaction monitoring and customer screening measures than would have been possible with manual checks.
• Accuracy: Software platforms increase the accuracy of KYC checks. The integration of databases, combined with algorithmic analysis, enable companies to reduce the rate of false positive AML/CFT alerts and enhance their remediation process. 
• Adaptation: The AML/CFT risk landscape changes constantly, as criminals develop new methodologies and governments introduce new regulations to counter them. Automated KYC tools help companies react to those changes: in particular, companies may implement horizon scanning, reacting to compliance challenges quickly, and ensuring new threats are addressed with minimal disruption to customer services.
• Experience: Automated KYC reduces administrative friction and enhances customer experiences during the compliance process. In particular, KYC software is capable of pre-screening customers against whitelists: databases of individuals and entities with risk characteristics that trigger AML alerts but that aren’t otherwise considered high risk.

Innovations in KYC

As the AML/CFT landscape evolves, so too do the compliance capabilities of banks and financial service providers. With that in mind, certain innovations have the potential to change the KYC landscape significantly. These include:

Know Your User: The ‘Know Your Customer’ process is predominantly focused on regulatory need, and represents a way for companies to avoid compliance penalties. In an increasingly tech-focused financial landscape, it is important that KYC measures fit the type of customers and transactions that a company handles. 

Explore the importance of knowing your user, as well as the intersection between fraud, AI and AML on our podcast:

With this in mind, the Know Your User (KYU) process better reflects the increase in online financial transactions. KYU emphasizes the need for a company to understand its online customers and create frictionless compliance experiences. KYU seeks to go beyond basic regulatory requirements by enriching compliance data: a KYU company might, for example, conduct KYC digitally, obtaining biometric data from customers in order to verify identities.

Machine Learning: Companies that collect large amounts of digital data as part of their KYC process may benefit from machine learning systems. Powered by artificial intelligence (AI) algorithms, machine learning systems enable companies to use established data to make decisions about the future behavior of their customers, and then adjust their compliance measures without any need for further human input. 

In practice, machine learning systems may be used to further automate KYC transaction monitoring, and to spot when customers diverge from their expected behaviors. Similarly, machine learning may be able to enhance false positive remediation by using digital data to make faster, more accurate decisions about suspicious transactions.