‘Know your customer’ (KYC), also called ‘know your client,’ is the process that many regulated institutions need to fulfill in order to protect themselves and their customers. Its main aim is to prevent fraud, money laundering, and other forms of illegal activity.
While its focus is largely on financial institutions, KYC has implications that apply to many other industries, including healthcare, eCommerce, and even gaming. The importance of ‘know your customer’ cannot be understated, not just because of the protection it provides, but because in many cases it is a regulatory requirement. Read on to learn more about KYC compliance, and typical KYC process steps.
How do you comply with KYC?
The specifics of KYC compliance will vary depending on your institution and location. If we take financial services as an example, someone who wants to open a bank account may be required to provide a collection of KYC documents that prove their identity and their address. These documents may include a form of government-issued identification, such as a driver’s license, passport, or residence permit.
Requesting multiple documents to confirm identity is key, especially because it has become much easier for identity thieves to falsify documents or procure private information. Different institutions may ask for different documents depending on their requirements, and certain customers may be required to provide more information depending on their assessed risk level. Additionally, institutions in different countries may require different forms of verification.
Is KYC mandatory?
Yes—KYC is not only mandatory, but a legal requirement for financial institutions worldwide. However, these requirements do vary depending on the country. For example, the United States outlines requirements for ‘know your customer’ in the Patriot Act via two concepts: Customer Identification Programs (CIP), and Customer Due Diligence (CDD).
In short, CIP legally requires banks to verify their customers’ identities via a set of crucial documents, and CDD supports that process by following up on customers as they are onboarded. This process of following up continues after the onboarding process as well, as banks must periodically review their customers’ credentials. Through continued evaluation, banks can further verify that customers are who they say they are and confirm that the source of their funds is legitimate. This not only protects banks, but the customers as well.
Our compliance manager's guide for KYC and AML covers identity verification in the US, UK, and EU. It also covers the anatomy of successful KYC/AML programs, and key considerations when building them.
What is the KYC process?
In general, the KYC process can be rendered down to four basic steps:
- Verification: Here, the customer proves their identity and address through a series of approved documents.
- Customer Due Diligence (CDD): In this step, follow-ups and additional screenings are conducted depending on the risk level of each customer.
- Risk Assessment: Next, the customer is scored based upon the potential risks and is ruled either fit or unfit for onboarding.
- Continued Monitoring: Lastly, periodic verification and/or reassessment of the customer occurs to ensure their identity can continually be verified and their risk potential stays low.
The specifics of each of these steps will largely depend on your institution and its specific circumstances. Thankfully, there are resources available to help navigate this process, and companies like Onfido can help with each step in the KYC process. Onfido’s platform leverages artificial intelligence (AI) for an automated, end-to-end KYC verification process that keeps you up to date with security standards while reducing the cost of customer acquisition.
Build no-code identity verification workflows in Onfido Studio — read this blog to learn how to get started.