Know your customer (KYC) is a set of guidelines financial institutions must follow to collect and verify the identity of their customers in order to protect against financial crime and fraud. The process consists of Customer Identification Programs/Procedures, Customer Due Diligence, and ongoing customer monitoring. KYC can be conducted either in-person or online.
In 1970, the US government found itself increasingly concerned about the proliferation of organized crime, drug trafficking, and money laundering in the country. In an effort to stop this crime, Congress passed the Bank Secrecy Act (BSA), which would become one of the country’s most critical tools in both domestic and global AML efforts. By requiring financial institutions to assist government agencies in detecting and preventing money laundering, it effectively established the AML standards we use today.
Those standards were expanded with the passage of the USA PATRIOT Act, which introduced Know Your Customer (KYC) regulations, including Customer Identification Program/Procedure (CIP) and Customer Due Diligence (CDD) and made them mandatory for all banks in the US under the BSA.
So what exactly is KYC, and how do CIP and CDD fit into the KYC process?
KYC is a set of guidelines financial institutions must follow in order to establish the real, true identities of their customers. The KYC process typically consists of three steps: Customer Identification Program/Procedure, Customer Due Diligence, and ongoing monitoring. Let’s take a closer look at each step below.
Step 1: Customer Identification Program/Procedure (CIP)
This six-step KYC process establishes and verifies the customer’s identity. Financial Institutions have the freedom to customize their CIPs, but any program must accomplish the following:
Step 2: Customer Due Diligence (CDD)
This phase of the KYC process focuses on understanding the amount of risk a customer poses, and conducting investigations into a customer’s identity commensurate with their level of risk. There are three different types of CDD:
Step 3: Ongoing Monitoring
Truly knowing your customer means doing more than just a one-time deep dive into their background. Customer situations change, so it’s important to do regular monitoring of every customer, regardless of whatever level of risk they posed when they first opened an account. It’s extremely important to monitor for red flags and suspicious transactions, and file SARs when appropriate, both to remain compliant and to intervene and stop any potential financial crime.
As with Customer Identification Procedures, financial institutions have flexibility for how to collect the information required for their KYC program so long as it meets all of the legal requirements to ensure a customer’s identity is accurately established.
Here are the three main ways KYC information is collected:
KYC isn’t important just because it’s a legal requirement. It’s the first step financial institutions take in familiarizing themselves with their customers and securing their business against potentially being used to facilitate financial crime. Financial institutions are doing their part in the global fight against money laundering, trafficking, and fraud when they establish a thorough, repeatable KYC process and continuously monitor for activity that could be signs of financial crime.
Subscribe to receive new content from Hummingbird