What is the difference between AML and KYC blog image

How impactful is money laundering across the globe? The International Monetary Fund (IMF) estimates that 2% to 5% of global GDP consists of laundered funds. Anti-money laundering (AML) regulations have been adopted worldwide at local and global levels to make it harder to launder money, and combat financial crimes and terrorist financing.

AML works hand in hand with know your customer (KYC) processes to protect our economy from the consequences of laundered money. In this article we’ll look at AML compliance, AML and KYC meanings, and the difference between KYC and AML.

What is AML and KYC?

Anti-money laundering (AML) and know your customer (KYC) generally refer to policies, rules, and regulations aimed at stopping criminals from masking their identity and committing financial crimes. AML specifically refers to regulations intended to stop criminals from disguising illegally obtained funds as legitimate income. 

As a part of these wider AML procedures, KYC is a specific required process that involves identifying and validating a client's identification both when they create an account and at certain moments thereafter. This identity verification ensures that their clients are indeed who they say they are. 

KYC procedures also require that banks and brokers check new clients' names against databases of criminal suspects, people and businesses that are subject to sanctions, and "politically exposed persons" (PEPs). A PEP is defined by the FFIEC as “foreign individuals who are or have been entrusted with a prominent public function, as well as to their immediate family members and close associates.” Continuous examination of each client's potential for money laundering is necessary for customer due diligence (CDD), and those clients who are recognized as having higher non-compliance risks should receive a more thorough investigation.

Are KYC and AML two different things?

While KYC and AML are technically two different terms, it’s more accurate to say that KYC is the basis for AML procedures and regulations. Both KYC and AML are aiming to achieve the same thing, which is to prevent fraud, money laundering, and terrorist funding. So in that sense, KYC and AML are not two separate things, but the main processes in which banks avoid malicious customers.

What is the AML and KYC role in banking?

Banking organizations must adhere to strict AML guidelines to identify money laundering. This is the objective of AML procedures, which often start with KYC — identifying their customers, and checking they are permitted to access their services. 

Many bank personnel are required to go through regular training on how to spot and keep an eye on suspicious customer activity. It's also typical for financial institutions to have specialized departments to monitor fraud and money laundering.

What does KYC mean in money laundering?

Customer identification, customer due diligence (CDD), and enhanced due diligence (EDD) are the three typical steps in KYC processes.

    • Customer acceptance policies: Financial institutions establish their acceptance policies, providing detailed descriptions at every stage of the process for improved risk mitigation and protection.
    • Customer identification. The customer is identified by verifying identity documents and personal information.
    • Customer due diligence. The customer is identified by comparing submitted data to databases or other solutions, such as document and biometric verification. Organizations can perform several checks during due diligence:
      • Collecting KYC documents like name, address, and official identification
      • Reviewing the customer’s financial activities
      • Performing additional KYC and AML verifications for high risk customers
    • Ongoing monitoring: Financial institutions need to continuously monitor customers and their transactions based on their risk level. Institutions may also be required to keep track of:
        • Individuals on sanction lists
        • Politically exposed persons (PEPs)
        • Inconsistent spikes in activity
        • Unusual out of area or cross-border transactions
        • Adverse media mentions

Additionally, according to the U.S. Treasury’s Financial Crimes Enforcement Network, covered financial institutions are required by the CDD Rule to create and maintain documented policies and procedures that:

  • Identify and verify the identity of customers
  • Identify and verify the identity of the beneficial owners of companies opening accounts
  • Understand the nature and purpose of customer relationships to develop customer risk profiles
  • Conduct ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information

Similarly, for all financial services in the UK, the Financial Services and Markets Act 2000 (FSMA) serves as the fundamental regulatory framework. There is also comparable legislation in European Union anti-money laundering and countering the financing of terrorism (AML/CFT) rules. 

How can you meet KYC compliance?

At Onfido, we help over 900 businesses know their customers anytime, anywhere. Our Real Identity Platform is an end-to-end identity verification platform that automates identity verification to enable KYC compliance and fraud prevention. Our solution combines our award-winning document and biometric solutions, trusted data sources (including watchlist monitoring), and passive fraud signals with a drag-and-drop orchestration platform, Onfido Studio. 

Interested in an interactive tour?

Take the guided tour of our platform — and learn how to build workflows in Onfido Studio.

Take the tour