Every bank and financial institution is required to have a Know Your Customer (KYC) process in place to protect itself from becoming unknowingly involved in an illegitimate customer’s financial crime. A KYC process includes having a Customer Identification Program (CIP) in place and practicing Customer Due Diligence (CDD).
What Is KYC Verification and Why Does It Matter?
A financial institution’s Know Your Customer process is their method of verifying customer identity and determining if there are any potential risks in conducting business with that entity. Knowing your customers keeps your bank from being tied up in illegal schemes and financial crimes, such as:
- Money laundering: Anti-Money Laundering (AML) procedures alert your bank to behavior that may indicate a customer is disguising illegally obtained money as legitimate.
- Terrorism funding: Combating the Financing of Terrorism (CFT) involves investigating and analyzing sources of funding for activities intended to achieve political, religious, or ideological goals to prevent terrorism financing.
- Financial fraud: Financial fraud includes bribery, embezzlement, identify theft, credit card fraud, tax evasion, and more.
There is no single set of standards or Know Your Customer AML requirements used across financial institutions. Instead, it is up to each bank to establish their own written KYC procedures. To create an effective KYC process that protects your institution — while minimizing friction between your bank and its customers — you need three things: a thorough Customer Identification Program (CIP), Customer Due Diligence (CDD) and a strategy for ongoing monitoring.
Customer Identification Program
KYC verification requires a thorough Customer Identification Program (CIP). A CIP is the method by which your institution confirms the identity of its customers and makes sure they are telling the truth about who they are when opening an account. “Customer” can refer to an individual, a corporation, a legal trust, a partnership, or any other legally recognized entity. The purpose of a CIP is to enable your bank to collect enough information to form a reasonable belief that the customer is who they say they are, and that their financial objectives are not suspicious.
The government requires that each bank has a written CIP in place. This information should be verified through documentation, such as government-issued identification cards or partnership agreements, and non-documentable methods, such as obtaining financial references.
The minimum amount of information a bank must acquire from an individual opening a new account is:
- The individual’s legal name
- The individual’s date of birth
- The individual’s complete address
- The individual’s legal identification number
Depending on a bank’s established risk assessment, additional information might be required.
A financial institution’s Customer Identification Program must have a procedure for determining whether a customer is on any federal government lists, such as the list of known or suspected terrorists. Banks and financial institutions should inform customers that the information being collected is being used to verify their identity. The government also requires a bank’s CIP to retain this and all other CIP information in record-keeping during the account’s duration, and for a minimum of five years after a customer closes an account.
Customer Due Diligence
Effective Know Your Customer compliance means practicing Customer Due Diligence (CDD). In 2018, The Financial Crimes Enforcement Network listed four core requirements of the CDD rule and asked that financial institutions establish and maintain these written policies to:
- Identify and verify customer identity
- Identify and verify the identity of business owners or companies
- Understand customer relationships to develop risk profiles
- Maintain accurate and up-to-date customer information while continuously monitoring accounts to identify suspicious activity, and taking the necessary steps to report suspicious transactions
One way to practice CDD in your KYC process is to use a system of CDD levels before each new account and transaction:
- Simplified Due Diligence (SDD): SDD is used for customers with low risk for criminal activity. At this level, banks need to only collect necessary customer information without detailed risk assessments. However, the financial institution must continue to monitor the SDD accounts for suspicious activities.
- Basic Customer Due Diligence (BCDD): BCDD is the second level of Customer Due Diligence and requires a more thorough investigation of the customer opening the account.
- Enhanced Due Diligence (EDD): EDD uses expert analysis and continuous monitoring to keep a close watch on accounts of particularly high value, or accounts that have shown signs of suspicious activity or risky transactions in the past.
Written and established CIP and CDD are not enough for a successful KYC procedure. For a Know Your Customer process to be effective, ongoing monitoring is essential. Ongoing monitoring includes having a plan in place to keep accurate and up-to-date information on all account holders.
For effective AML monitoring, financial institutions should watch accounts for suspicious activity or warning signs of illicit behavior, including:
- Significant or inconsistent changes in account activity
- A sudden structural shift in business operations, including new ownership, or a change in geographic location
- Law enforcement inquiries or requests about a customer
KYC in the Digital Age: How Electronic and Mobile Platforms Can Help
Although a written KYC procedure is required at every bank and financial institution, there is no set standard or universal list of requirements a bank must use. This can lead to costly non-compliance fines for the institution and is often the cause of friction between a bank and its customers. In the digital age, this is a space for opportunity and change.
New technologies, including electronic and mobile platforms, can help bridge the gap between maintaining KYC and AML compliance, and creating a better customer user experience.
For example, an Electronic Know Your Customer process, or eKYC, can use technology to:
- Help evaluate how likely a device is to be used to commit fraud
- Speed up the time it takes to onboard new customers
- Automatically check for typos, errors, or mistakes that can cause problems later on
- Easily generate reports and track trends or changes in user behavior
- Automatically update CIP and CDD programs as new federal regulations emerge
- Integrate with other bank applications and software
Hydrogen’s Molecule Is Here to Help
Knowing your customers, practicing Customer Due Diligence, and having an ongoing strategy in place for monitoring existing accounts, will keep your bank and its customers safe. Hydrogen’s Atom platform uses the newest data infrastructure, and highest quality third-party KYC vendors, to create your optimal eKYC process.
Hydrogen’s Molecule platform uses decentralized blockchain components to further streamline the customer identification process, as well as:
- Manage on-chain identities of any client using the blockchain
- Create and manage security tokens that require strong KYC
- Tie eKYC data in Atom to on-chain payments and remittances
Contact us today to learn more about what Hydrogen can do for your bank’s eKYC process.