KYC stands for Know Your Customer or Know Your Client, and can be defined as a process of identifying and verifying a customer’s identity and activity, not only at onboarding but throughout the duration of the relationship.
KYC is crucial for compliance with anti-money laundering regulations. It is essentially the customer due diligence that regulated entities, such as banks, are required to undertake to assess and monitor the risk associated with a customer.
KYC (Know Your Customer) processes are critical in combating money laundering and serious crimes associated with it. They form part of anti-money laundering (AML) and counter-financing of terrorism (CFT) regulations.
KYC checks are compulsory, banks are required to perform them for every customer. Only when minimum KYC requirements are met can a bank open a new account or continue a customer relationship.
KYC is not just an administrative process completed at the beginning of the customer journey. KYC verification requires continuous profiling throughout the customer’s life, known as perpetual KYC.
The aim of perpetual KYC is to identify (ideally in real-time) when unexpected changes in transactional behaviour occur. As part of the KYC verification process, it is crucial to understand the cause of the change – and more importantly, if it is potentially suspicious.
The aim of KYC verification at onboarding is to confirm a customer’s identity and establish the associated risk of doing business with them. Who exactly are they? With the pandemic closing banks and forcing onboarding teams to work from home, this area of KYC has seen the most innovation in the shortest time.
The pandemic has both forced and encouraged the rapid adoption of new tech that uses the internet or digital identity verification, like video streaming. Yet, identity verification at onboarding is just the first step of KYC. Sophisticated money launderers know how to overcome these initial KYC checks. For example, using “money mules” to access already verified bank accounts is a common tactic. Similarly, purchasing old or distressed companies that already have a verified banking history is another method.
Tactics like these mean that even seemingly low risk customers can intentionally or unintentionally launder money. This is why ongoing customer monitoring is an essential part of KYC.
Due to limitations in legacy technology systems and processes, most banks undertake periodic, manual KYC reviews in line with the risk attached to the customer at onboarding.
Adopting a risk-based approach, they periodically look back and check if the customer has been behaving in line with expectations. High risk customers are typically reviewed once a year while low risk customers are reviewed once every three to five years. The frequency of periodic KYC reviews is determined by risk policies and risk appetite.
One of the big issues with periodic reviews is they leave plenty of time for money laundering to go undetected.
There are several other issues:
The ongoing monitoring of customers for KYC verification is otherwise known as perpetual KYC.
Perpetual KYC is the practice of conducting client reviews following the near real-time detection of anomalous patterns of customer behaviour. These reviews are not periodic; they are trigger-based to allow resources to be focused on customers presenting the highest risk.
Perpetual KYC brings a totally new approach to KYC. It means:
Perpetual KYC eliminates the need for periodic KYC reviews. In doing so, it mitigates the risk of criminal activity remaining under the radar for months or even years.
By continuously monitoring transactions, perpetual KYC refreshes checks provides peace of mind by raising an alert if an activity does not fall in line with what is expected. Perpetual KYC reduces the risk, but it also optimises the use of compliance teams and resources. As well as improving the client experience, perpetual KYC demonstrates effective risk management to regulators
Perpetual KYC can be achieved through the use of Napier’s Client Activity Review.
KYC is integral to the financial industry because it forms part of the mandatory customer due diligence that global money laundering and terrorist financing watchdog, Financial Action Task Force (FATF), recommends as a preventative measure for combating money laundering and terrorist financing
FATF makes the case for several instances when customer due diligence is necessary, such as when establishing a new relationship or when there is a suspicion of money laundering or terrorist financing.
FATF sets out the customer due diligence measures as follows:
Numbers 1 to 3 above need to be covered at onboarding, while number 4 needs to be part of the ongoing customer review.
FATF stipulates a risk-based approach to ensure measures to prevent or mitigate money laundering and terrorist financing are proportionate to the risks identified.
KYC processes are the first line of defense to protect against the risk of money laundering and terrorist financing.
Following onboarding, the focus must be on maintaining ongoing due diligence. Napier recommends this is achieved through the adoption of perpetual KYC, where customers are continually monitored rather than periodically reviewed. With perpetual KYC, reviews are only triggered following the near real-time detection of anomalous patterns of customer behaviour.
Achieving perpetual KYC is simple with Napier’s Customer Activity Review. This innovative software is part of Napier’s Intelligent Compliance Platform and layers on top of any existing anti-money laundering (AML)/KYC system to monitor the customer’s transactional activity against their pre-established profile.
The Customer Activity Review aggregates data from all third-party KYC streams and transaction monitoring systems to ensure a comprehensive 360° view of the customer and their behaviour.
As part of its Intelligent Compliance Platform Napier also provides options for real-time:
The Risk-Based Scorecard is Napier’s customer risk assessment tool, which generates a real-time risk level for each customer, in line with an organisation’s risk-based approach, policies and procedures. It captures more information than a traditional KYC system and forms part of perpetual KYC.
Napier’s approach to the KYC process isn’t about building a whole new system. The Intelligent Compliance Platform can stitch disparate, third-party systems together to enable intelligence-driven KYC reviews that are triggered by changes in the customer’s transactional behaviour and risk-score. The result is a single easy-to-use platform that measures risk and detects suspicious behaviour.