KYC is a process of actions undertaken by financial institutions to enable them to assess if a current or potential counterparty exposes them to any regulatory or reputational risk, ultimately the questions being addressed are:
- Who is the financial counterparty?
- Can I do business with them?
- Should I do business with them?
In business, we need to take active steps to mitigate anti-money laundering/KYC risks stemming from financial crime, bribery & corruption /counter-terror financing perspectives. Bodies such as the Financial Action Task Force (FATF – inter government body) and the Financial Crimes Enforcement Network (FinCEN – US Department of Treasury) have previously focused on drug trafficking and money laundering, but after the devastating effects of 9/11, terrorist financing was thrust into the spotlight creating a long-term impact on financial institutions and their governing processes.
Regulators require that financial institutions have a risk based approach, meaning that depending on the type of customer, product & services, geo country risk level, associated parties and sanctions/PEPS and adverse media, they must be able to demonstrate to authorities that the extent of their CDD is appropriate to the risk perceived by the current or potential customer. As a result, industry bodies are moving toward promoting best practices and standards across the banking industry to help avoid de-risking and promote financial inclusion.
There are four main areas of KYC that need to be included in order to satisfy regulatory requirements:
- Identify the counterparty with relevant documents, data or information obtained from a reliable and independent sources;
- Identify the beneficial owner and take a risk-based and adequate measures to understand the ownership and control structure of the customer;
- Obtain information on the purpose and intended nature of the business relationship;
- Conduct ongoing monitoring of the business relationship to certify that transactions, business and risk profile and documents, data or information held are kept up-to-date.