KYC, also known as ‘know your customer’ or ‘know your client’, is a set of legal policies and requirements for certain organizations across the globe. They are designed to help prevent financial criminal activities through various customer identification and verification processes.
Keeping up with KYC compliance in the expanding digital landscape is no small feat. As the threat of financial crime continues to rise, the list of regulatory requirements must grow in defense. Additionally, each country has its own set of compliance regulations, which creates another layer of complexity for those doing business across borders.
Where is KYC mandatory?
KYC is mandatory in most countries with varying degrees of requirements. It is part of a larger anti-money laundering (AML) framework that lays out certain steps organizations must take to prevent fraud, money laundering, identity theft, terrorist financing, and much more. Let’s take a look at a couple of examples to demonstrate KYC laws internationally.
Is KYC required in the USA?
Yes, KYC is required in the USA as a part of AML efforts. AML regulations in the USA go back to the Bank Secrecy Act (BSA) of 1970, which was the initial piece of legislation to combat money laundering in the USA. According to the BSA, businesses must maintain records and provide reports deemed useful in tax, criminal, and regulatory problems.
As financial fraudsters enhanced their techniques, Congress determined at various points in time that additional legislation would be necessary. This resulted in new acts, including:
- The Money Laundering Control Act of 1986, which made money laundering a federal offense.
- The Annunzio-Wylie Anti-Money Laundering Act of 1992, which enhanced penalties for financial institutions that were found guilty of money laundering.
- The Money Laundering and Financial Crimes Strategy Act of 1998, which amended federal law to require the creation and execution of a nationwide money laundering and related financial crimes strategy.
- The USA PATRIOT Act of 2001, which responded to the 9/11 terrorist attacks, implemented new measures to protect against terrorism and money laundering, and helped kickstart KYC requirements like the Customer Identification Program (CIP) and Customer Due Diligence (CDD).
- The Anti-Money Laundering Act (AMLA) of 2020, which broadened authorities on financial crime to keep up with globalization and advancing technology.
The AMLA of 2020 was one of the biggest updates to AML laws in the USA over the past few decades. It mandates a study of the application of innovative technologies, like blockchain and artificial intelligence (AI), to modernize AML legislation.
Does the UK have KYC?
KYC is also a requirement in the UK, which has some of the most robust AML and KYC regulations. The Financial Action Task Force (FATF), an international organization committed to combating money laundering, has even named the UK, “a global leader in promoting corporate transparency.”
Parliament began enacting legislation for AML and KYC in the early 2000s. A few examples of these are:
- The Terrorism Act of 2000, which required financial services to take numerous measures to stop the financing of terrorism, such as monitoring transactions, completing CDD, and complying with new reporting regulations.
- The Proceeds of Crime Act (POCA) of 2002, which covers a wide range of AML policies and further defined regulations and actions that must be taken to expose money laundering activities.
- The Money Laundering, Terrorist Financing and Transfer of Funds Regulations (MLR) of 2017, which increased responsibilities for private sector businesses operating in high-risk money laundering settings, such as requiring formal assessments on countering the financing of terrorism (CFT) and AML.
Does the EU have KYC?
Yes, the European Union has rules and regulations surrounding anti-money laundering and know your customer. The first Anti-Money Laundering Directive (also known as 1AMLD) was issued in 1991. Since then, the EU has issued five new directives that expand the scope of AML, KYC, and CFT requirements.
- 2AMLD was issued in 2001
- 3AMLD was issued in 2005
- 4AMLD was issued in 2015
- 5AMLD was issued in 2018
- 6AMLD was issued in 2020
In particular, 6AMLD aims to not only unify the definition of money laundering across the entire EU, but also close potential money laundering loopholes. Highlights of 6AMLD include:
- A unified definition of money laundering across all member bodies. This definition now includes specific mentions of offenses such as environmental and cyber crimes.
- Deeper cooperation and connection amongst EU member states, which includes a requirement that all member states criminalize certain serious offenses.
- Expanded regulations around the enabling or aiding and abetting of criminal activities for inciters, initiators, facilitators, and more.
- The ability to prosecute legal entities for money laundering activities, which may include criminal or non-criminal fines in addition to other sanctions.
- Harsher sanctions against individuals and legal entities that participate in money laundering, which includes minimum four-year prison sentence.
What is required for KYC?
KYC regulations call for customers to prove their identity in a variety of ways, like producing an ID card, completing facial or biometric verification, or demonstrating their identity with other documentation or database searches. Unfortunately, recent McKinsey research has found that many institutions are still completing these processes manually, which can get incredibly expensive and leave room for significant errors.
This is where Onfido makes a difference. Onfido is a comprehensive digital platform powered by AI and designed to help businesses know their customers online. Our solution allows you to create trust with your customers throughout the onboarding process while also adhering to KYC and AML regulations in more than 195 countries. A few features of our platform include: