Understanding Your Customers - 3 Simple Steps to KYC

By AiPrise
1, Sep 2023
4 min read

What is KYC?

Know Your Customer (KYC) is a fundamental process for businesses that helps ensure compliance with laws and regulations, while protecting against fraud. KYC stands for “Know Your Customer” and is the process of identifying customers and assessing their suitability. Effective KYC involves taking steps to verify a customer’s identity, financial activities, and risk posed by them.

The process usually begins with collecting customer information such as name, address, date of birth, verifying it against a trusted source such as utility bills or government-issued documents. It also involves conducting background checks to detect any potential red flags associated with the customer, such as past criminal activity or terrorist links. By doing this, businesses can better understand who their customers are and assess any risks they may pose.

Compliance officers are the ones responsible for creating a KYC and compliance program for a fintech. These programs should at least do:

  • Verify the identity of new customers
  • Detect high-risk customers
  • Prevent illegal activities such as money laundering or fraud

Customer Identification Program (CIP)

A Customer Identification Program (CIP) is a set of procedures that financial institutions follow to verify the identity of their customers. The goal of CIP programs is to ensure that customers are who they say they are. CIP programs are required by the USA Patriot Act and the Bank Secrecy Act to prevent illicit activities such as money laundering and terrorist financing.

A compliant CIP has three major components to due diligence:

  • Planning and implementation
  • Oversight and accountability
  • Independent auditing

The minimum requirements to open an individual financial account are clearly mentioned in the CIP:

  • Name
  • Date of birth
  • Address
  • Identification number

Procedures for identity verification include documents, non-documentary methods (these may include comparing the information provided by the customer with consumer reporting agencies, public databases, among other due diligence measures), or a combination of both. Compliance officers need to clarify and codify the CIP program and provide continued guidance to staff and executives.

Every institution has a risk based approach and may consider factors such as:

  • The types of accounts offered by the bank
  • Documents accepted by the bank or institution
  • The types of identifying information available
  • The fintech's size, location and customer base

Customer Due Diligence

CDD is at the heart of Anti-Money Laundering (AML) and Know Your Customer (KYC) initiatives. It also facilitates tax reporting, investigations, and compliance.  An effective customer due diligence program includes collecting a variety of customer information throughout the course of a company-customer relationship.

There are three levels of due diligence:

  • Minimal Due Diligence - There are situations where the customer is just signing on to the platform and wants to explore it by funding the account with a very small amount. In this case, you do not need to do the Full Due Diligence.
  • Full Due Diligence - This is the standard process that must be followed before the customer gets access to the entirety of the platform with no limits.
  • Enhanced Due Diligence - For higher risk customers, additional checks are required to mitigate the associated risks. This includes collecting proof of address, proof of funds, employment proofs, among others.

Reasons to take CDD seriously:

  • Fines: Enforcement actions related to AML have been on the rise. Since 2009, regulators have levied billions of dollars in AML-related fines globally. Most of these have been leveled against U.S. firms.
  • Reputational Risk: AML incidents put a financial institution's reputation on the line.
  • Poor Customer Experience: Compliance staff must have multiple touch points with a customer to gather and verify information.

Some steps to include in your Customer Due Diligence program include:

  • Ascertain the identity and location of the potential customer, and gain a good understanding of their business activities. This can be as simple as locating documentation that verifies the name and address of your customer.
  • When authenticating or verifying a potential customer, classify their risk category and define what type of customer they are, before storing this information and any additional documentation digitally.
  • Keeping records of all the CDD and EDD performed on each customer, or potential customer, is necessary in case of a regulatory audit.

Continous Monitoring

Ongoing monitoring is a key component of the Know Your Customer (KYC) process. KYC is a risk-based approach to verifying a customer's identity and assessing their risk level. Ongoing monitoring helps organizations identify and mitigate potential financial crimes by:

  • Detecting and reporting suspicious activity
  • Ensuring that a firm's knowledge of their business relationships remains current
  • Scrutinizing transactions to make sure they are consistent with the expected behavior and purpose of the business relationship

There may be a requirement to file a Suspicious Activity Report (SAR) if the account activity is deemed unusual.

How AiPrise can help?

AiPrise can help you centralize your decision making, CDD, Ongoing monitoring and EDD all in one place. Contact us and book a demo today to learn more.