Key parts of those compliance demands are Know Your Customer (KYC), and within that, due diligence. In this blog, we’ll explore the basics of KYC and due diligence, how they support anti-money laundering (AML) functions, and what businesses need to do to meet their responsibilities.
With every passing year, regulations and compliance demands around finance get tighter and tighter all over the world. Companies and finance organizations are bearing increasing responsibility to ensure that they correctly and fairly deal with customers, and ensure that they are not accidental facilitators of crime or fraud.
Key parts of those compliance demands are Know Your Customer (KYC), and within that, due diligence. In this blog, we’ll explore the basics of KYC and due diligence, how they support anti-money laundering (AML) functions, and what businesses need to do to meet their responsibilities.
Firstly, it’s important to make the distinction between KYC and due diligence, as the two are often conflated and confused.
KYC is a legal obligation on financial institutions to conduct certain background checks on the identity, the financial status and history of a customer, and whether they are an individual or a business. Alongside this verification, KYC procedures assess the potential risks to the business of dealing with that customer, based on a detailed analysis of their financial activities.
Due diligence exists as one of the core sections of the KYC process, alongside the Customer Identification Program (CIP). This ensures that organizations accurately verify exactly who a customer is, and what they are doing from a financial perspective. As their activities can change over time, this process is a continuous one, so that financial bodies can ensure that malicious activity can be spotted if it emerges further down the line.
The range of entities that are required to conduct KYC and due diligence is extensive and may vary from one country to another. In the main, financial institutions (banks, credit unions and FinTech companies), cryptocurrency-related enterprises like wallet providers and exchanges, and gambling businesses will all be required to comply.
While financial impropriety, fraud and organized crime have been around for centuries, the advent of the digital age - particularly digital banking - has made these activities much more widespread.
Many malicious organizations use financial institutions to launder money or to process funds that can be used to finance terrorism. Not only are these activities obviously illegal, but financial organizations also have an ethical and moral responsibility not to facilitate these activities, so that people, businesses and money can be kept safe and secure.
At a more individual level, fraud can have devastating effects on members of the public, whether they’re hit on their payment cards, checks or when banking online. In 2018, the cost of fraud in the United States reached more than $25 billion - approximately $75 for every person in the country.
The importance of KYC and due diligence procedures have been magnified by the impact of the COVID-19 pandemic. The resulting economic turbulence is likely to result in an increase in criminal financial activity, and both KYC and due diligence activities can play a leading role in shutting down that activity before it can have any harmful effects.
It’s worth noting that KYC and due diligence requirements vary (at least to a certain extent) between different countries and territories. For example, in European Union countries, the AMLD5 framework sets out rules and guidelines that businesses must adhere to. In the United States, a similar framework of rules and recommendations is set out by the Financial Action Task Force.
Although the rules themselves may vary, the principles that guide them are more or less the same. As a result, there are three main functions that are normally expected from a due diligence process:
The level to which due diligence is carried out depends on the nature of the customer and business, and the level of risk that is likely to be posed. The normal customer due diligence (CDD) process encompasses a basic level of information and verification, including any beneficial ownerships and risk profiles, relationships with customers and ongoing transactions.
Where there is a minimal risk of money laundering, or money being used to finance terrorism, the due diligence process can be simplified. However, high-risk customers may have to be subjected to an enhanced process, where a more detailed level of information is collected and processed, to ensure any risks are identified and mitigated. In many cases, requirements around enhanced due diligence are enshrined in law by different governments and authorities.
For more information, check out our post on how to achieve KYC compliance.
When establishing KYC and due diligence procedures for a new organization — or reviewing the current effectiveness of an existing one — these four tips should help ensure that you’re on the right track:
Veriff’s identity verification technology is ideal for helping businesses like yours meet KYC and due diligence requirements. To find out more, book a consultation with Veriff today.