Know your customer (KYC) is among the many policies and procedures that banks around the world have to follow as part of anti-money laundering (AML) efforts. The international regulations associated with AML protect governments, organizations, institutions, and even consumers against financial crimes. KYC requirements for banks in particular mandate that KYC protocols are followed for every customer who wants to open or has opened a bank account. These requirements verify the identity of customers to ensure that they are who they say they are.
There are many steps banks need to take to follow AML and KYC requirements and severe consequences if they don’t.
What is the purpose of KYC in banking?
KYC in banking aims to protect financial institutions, and the countries where they’re located, from money laundering, terrorist financing, identity theft, and fraud. Banks can practice and enforce KYC by:
- Verifying the identity of customers and beneficial owners of businesses associated with an account.
- Collecting additional information to better evaluate a customer’s profile and identify any specific risk factors.
- Monitoring transactions and other activities on accounts.
When banks go through the KYC process, they will typically rate customers as low, medium, or high-risk. These designations may change over time based on transactions made. They also give banks a sense of how often to require customers to re-verify their information.
Is KYC needed every year?
Whether a bank needs KYC every year varies depending on how you look at it. Banks do need to go through the KYC process for every new customer who creates an account with them. And because financial institutions also have to regularly monitor accounts for suspicious activity, they do go through at least part of the process more frequently than every year.
However, making current customers go through a KYC update of information, such as resubmitting identification documents, does not have to happen every year unless the customer poses a high risk to the bank. The need to review customers annually can be caused by a number of factors. On the one hand, there’s a periodic review taken depending on the customer’s risk status (low /medium / high). On the other hand, there’s also an element of KYC being triggered by events such as ongoing politically exposed persons (PEPs) and sanctions monitoring flagging changes to a customer’s footprint.
Period reviews and KYC re-verification are done annually for high-risk customers, every 2 years for medium-risk customers and every 3-5 years for lower-risk customers. There is a little more relaxation on the approach for low-risk customers, but some banks only do so when there’s an event that triggers it.
What happens if you don’t do KYC for a bank account?
Banks that do not comply with KYC requirements and regulations face severe consequences. On the lowest level, these institutions put themselves at higher risk of fraud, which can cost millions of dollars. As instances of money laundering and fraud increase at a particular institution, the institution is less likely to acquire new customers or retain current ones.
Additionally, non-compliant banks also face legal ramifications. Below are just a few of the punishments set by regulating bodies in different countries:
United Kingdom’s Financial Conduct Authority (FCA)
- Withdrawing a firm’s authorization
- Issuing fines
- Bringing criminal prosecutions against institutions, such as false claims and unauthorized business
United States’ Financial Crimes Enforcement Network (FinCEN)
- Issuing fines
- Imprisoning any employee involved with a non KYC bank account for up to five years
Canada’s Financial Transactions and Reports Analysis Center (FINTRAC)
- Issuing fines of up to $100,000
- Prosecuting institutions for crime
One way that banks and other financial institutions can ensure that they remain compliant with KYC regulations is to take action when new or existing customers do not follow the necessary steps to verify their identity. For example, banks can turn down new customers who don’t complete the process. Alternatively, they can freeze the accounts of existing customers so that they can’t make any transactions until they complete the KYC process on their end.
Banks can also simplify KYC compliance by using Onfido for customer identity verification.
Verify KYC documents and data with Onfido
To accurately determine the risk level of customers, you need a solution that verifies customer identity. Onfido’s Real Identity Platform is an award-winning AI-powered solution. It combines document and biometric verification, trusted data sources, and fraud detection signals. We help hundreds of financial services businesses navigate compliance, stop fraud, and reduce operational costs. Our orchestration platform, Onfido Studio, makes building no-code workflows and tailored verification experiences simple for both you and your customers.
Read our compliance manager’s guide to KYC and AML to learn about the regulatory landscape, and best practices for building identity verification workflows.