Regulations

What is KYC? (Know Your Customer)

Find out everything about the know your customer (KYC) process and why it must be continuous throughout the customer relationship.

KYC stands for Know Your Customer or Know Your Client, and can be defined as a process of identifying and verifying a customer’s identity and activity, not only at onboarding but throughout the duration of the relationship.

KYC is crucial for compliance with anti-money laundering regulations. It is essentially the customer due diligence that regulated entities, such as banks, are required to undertake to assess and monitor the risk associated with a customer.


Why is KYC important?

KYC (Know Your Customer) processes are critical in combating money laundering and serious crimes associated with it. They form part of anti-money laundering (AML) and counter-financing of terrorism (CFT) regulations.

KYC checks are compulsory, banks are required to perform them for every customer. Only when minimum KYC requirements are met can a bank open a new account or continue a customer relationship.


How does the KYC process work?

KYC is not just an administrative process completed at the beginning of the customer journey. KYC verification requires continuous  profiling throughout the customer’s life, known as perpetual KYC.

The aim of perpetual KYC is to identify (ideally in real-time) when unexpected changes in transactional behaviour occur. As part of the KYC verification process, it is crucial to understand the cause of the change – and more importantly, if it is potentially suspicious.

KYC verification at onboarding

The aim of KYC verification at onboarding is to confirm a customer’s identity and establish the associated risk of doing business with them. Who exactly are they? With the pandemic closing banks and forcing onboarding teams to work from home, this area of KYC has seen the most innovation in the shortest time.

The pandemic has both forced and encouraged the rapid adoption of new tech that uses the internet or digital identity verification, like video streaming. Yet, identity verification at onboarding is just the first step of KYC. Sophisticated money launderers know how to overcome these initial KYC checks. For example, using “money mules” to access already verified bank accounts is a common tactic. Similarly, purchasing old or distressed companies that already have a verified banking history is another method.

Tactics like these mean that even seemingly low risk customers can intentionally or unintentionally launder money. This is why ongoing customer monitoring is an essential part of KYC.

Periodic reviews for KYC verification

Due to limitations in legacy technology systems and processes, most banks undertake periodic, manual KYC reviews in line with the risk attached to the customer at onboarding.

Adopting a risk-based approach, they periodically look back and check if the customer has been behaving in line with expectations. High risk customers are typically reviewed once a year while low risk customers are reviewed once every three to five years. The frequency of periodic KYC reviews is determined by risk policies and risk appetite.

One of the big issues with periodic reviews is they leave plenty of time for money laundering to go undetected.

There are several other issues:

  • The seemingly endless stream of information requests associated with periodic KYC refreshes make for a poor client experience.
  • KYC becomes a massive burden for businesses, with costs and inefficiencies that are both unsustainable and disproportionate.
  • Error rates tend to be high, creating added risks and costs to an already inefficient and ineffective system.
  • Business growth becomes hampered since time-consuming KYC reviews are at an opportunity cost. Time would be better spent pursuing revenue growth.

Ongoing monitoring for KYC 

The ongoing monitoring of customers for KYC verification is otherwise known as perpetual KYC.

Perpetual KYC is the practice of conducting client reviews following the near real-time detection of anomalous patterns of customer behaviour. These reviews are not periodic; they are trigger-based to allow resources to be focused on customers presenting the highest risk.

Perpetual KYC brings a totally new approach to KYC. It means:

  • Being proactive rather than reactive
  • Continuously monitoring customers
  • Switching from periodic KYC reviews to those that are triggered by anomalous patterns of customer behaviour

Perpetual KYC eliminates the need for periodic KYC reviews. In doing so, it mitigates the risk of criminal activity remaining under the radar for months or even years.

By continuously monitoring transactions, perpetual KYC refreshes checks provides peace of mind by raising an alert if an activity does not fall in line with what is expected. Perpetual KYC reduces the risk, but it also optimises the use of compliance teams and resources. As well as improving the client experience, perpetual KYC demonstrates effective risk management to regulators

Perpetual KYC can be achieved through the use of Napier’s Client Activity Review.


What is KYC in banks and the financial industry?

KYC is integral to the financial industry because it forms part of the mandatory customer due diligence that global money laundering and terrorist financing watchdog, Financial Action Task Force (FATF), recommends as a preventative measure for combating money laundering and terrorist financing

FATF makes the case for several instances when customer due diligence is necessary, such as when establishing a new relationship or when there is a suspicion of money laundering or terrorist financing.

FATF sets out the customer due diligence measures as follows:

  1. Identifying and verifying the customer’s identity using reliable, independent source documents, data or information
  2. Identifying and verifying the beneficial owner. For legal persons and arrangements, this should include understanding the ownership and control structure
  3. Understanding the purpose and intended nature of the business relationship
  4. Conducting ongoing due diligence on the business relationship, including scrutiny of transactions undertaken throughout the course of the relationship to ensure transactions are consistent with that expected

Numbers 1 to 3 above need to be covered at onboarding, while number 4 needs to be part of the ongoing customer review.

FATF stipulates a risk-based approach to ensure measures to prevent or mitigate money laundering and terrorist financing are proportionate to the risks identified.


KYC processes are fundamental to customer due diligence and compliance

KYC processes are the first line of defense to protect against the risk of money laundering and terrorist financing.

Following onboarding, the focus must be on maintaining ongoing due diligence. Napier recommends this is achieved through the adoption of perpetual KYC, where customers are continually monitored rather than periodically reviewed. With perpetual KYC, reviews are only triggered following the near real-time detection of anomalous patterns of customer behaviour.

How to achieve perpetual KYC

Achieving perpetual KYC is simple with Napier’s Customer Activity Review. This innovative software is part of Napier’s Intelligent Compliance Platform and layers on top of any existing anti-money laundering (AML)/KYC system to monitor the customer’s transactional activity against their pre-established profile.

The Customer Activity Review aggregates data from all third-party KYC streams and transaction monitoring systems to ensure a comprehensive 360° view of the customer and their behaviour. 

As part of its Intelligent Compliance Platform Napier also provides options for real-time:

  1. Client screening
  2. Transaction screening
  3. Transaction monitoring
  4. Customer risk assessments

The Risk-Based Scorecard is Napier’s customer risk assessment tool, which generates a real-time risk level for each customer, in line with an organisation’s risk-based approach, policies and procedures. It captures more information than a traditional KYC system and forms part of perpetual KYC.

Napier’s approach to the KYC process isn’t about building a whole new system. The Intelligent Compliance Platform can stitch disparate, third-party systems together to enable intelligence-driven KYC reviews that are triggered by changes in the customer’s transactional behaviour and risk-score. The result is a single easy-to-use platform that measures risk and detects suspicious behaviour. 


Introducing Napier

If you would like to a demo of how Napier can guide your company on its AML compliance journey, you can contact us here or request a demo of our solutions. 

Contents./