Reasonable Methods in KYC Verification

The term KYC stands for "Know Your Customer" or "Know Your Client." A method by which a company should confirm a customer's identity in order to assess their authenticity and trustworthiness. Banks, insurance firms, and other financial institutions are the most likely to employ this method to verify the credibility of clients.


In the 1990s, KYC was first implemented in the United States. Following the 9/11 attacks, the rules were tightened.


The need for KYC has arisen as a result of the global nature of today's economic world and the growing need to monitor money entering the economy. Governments all around the world may try to restrict different types of illicit activity and protect their stakeholders by monitoring where and how the funds are coming from. The term "KYC" applies to the measures taken by a financial institution (or business) to:


  • Establish consumer identification 
  • Understand the essence of the customer's actions (the primary aim being to ensure that the customer's funds are legitimate)
  • Assess the money laundering risks associated with the client in order to keep track of their activities.

The following elements are required to build and run an effective KYC program: Customer Identification Program (CIP), Customer Due Diligence, and Ongoing monitoring.


1) Customer Identification Program (CIP)

The CIP in the United States requires that someone making financial transactions have their identity checked. The CIP, which was used in the Patriot Act, aims to prevent money laundering, terrorist financing, corruption, and other criminal acts. Other jurisdictions have similar provisions; the Financial Action Task Force (FATF), a pan-government body dedicated to combating money laundering, has agreed to guidelines from over 190 jurisdictions around the world. Identity checking protocols are among the guidelines.

The aim is for obliged companies to be able to correctly classify their clients.


A risk assessment, both at the administrative level and at the level of procedures for each account, is a key component of an effective CIP. Although the CIP gives guidelines, it is up to each organization to assess the precise level of risk and the appropriate policies for that level of risk. The CIP explicitly defines the minimum conditions for opening an individual financial account:

  • Name
  • Date of birth
  • Address
  • Identification number

2) Customer Due Diligence

One of the first assessments taken by any financial institution is whether or not a new customer can be trusted. Customer due diligence (CDD) is an important part of successfully handling the threats and defending the company from suspects, terrorists, and Politically Exposed Persons (PEPs) that could pose a threat. Due diligence is divided into three levels:

  • Simplified Due Diligence (SDD) is used where the possibility of money laundering or terrorism financing is low and a complete CDD isn't needed. Accounts of a minimal value, for example.
  • Basic Customer Due Diligence (“CDD”) is information gathered by all consumers in order to check their identities and assess the risks associated with them.
  • Enhanced Due Diligence (EDD) is the collection of extra data for higher-risk consumers in order to get a better view of their activities and mitigate related risks. While certain EDD considerations are clearly embodied in a country's law, it is ultimately up to a financial institution to assess the vulnerability and take steps to ensure that its clients are not bad actors.

3) Ongoing monitoring

It's not enough to search the client once; Banks and financial institutions need to have software in place to keep track of them on a regular basis. The Ongoing Monitoring role oversees financial transactions and accounts based on risk levels established as part of a customer's risk profile.


High-risk customers should be checked periodically for the threat of crime. On the other hand, Continuous Monitoring is applied to periodically check these high-risk customers on the Sanctions and PEP lists. At the same time, the Ongoing Monitoring Process protects businesses from risks such as non-compliance and reputation loss. Other reasons to keep an eye on, depending on the consumer and the risk reduction plan, include: 

  • Activity spikes
  • Out of town or suspicious cross-border behaviors 
  • Inclusion of individuals on sanction lists 
  • Negative media mentions

If the account activity is considered irregular, Banks and financial institutions will be required to file a Suspicious Activity Report (SAR).


In the meantime, with Sanction Scanner's Ongoing Monitoring tool, businesses can plan the control period according to their risk profile; all client tracking checks are then performed automatically by the Sanction Scanner. In addition, businesses can reduce false positives by selecting the Sanctions, Watchlist, and PEP lists they want their customers to scan.


Know Your Customer (KYC)

Corporate accounts, like customer accounts, require KYC protocols for verification, due diligence, and supervision. Although the mechanism is identical to Know Your Customer (KYC) for particular consumers, the criteria are different; however, purchase rates, transaction sizes, and other risk factors are normally more pronounced, necessitating more involved procedures.


Mobile KYC

KYC technologies are being powered ahead by new technical advancements. From biometric data to artificial intelligence, technology is making it easier to classify clients, conduct due diligence tests, and maintain constant surveillance.


Combining mobile data with conventional data sources can help push KYC to the next stage, providing an extra layer of security to help provide a secure, instant, and effortless user experience while still ensuring enforcement and fraud prevention.


In the mobile world, connecting with actual consumers and combating fraudsters is difficult. Although Banks and financial institutions have a variety of data and authentication tools, using mobile data to ensure that specific requirements are fulfilled by genuine customers provides an extra layer of security. Simply put, it's yet another platform for reducing fraud risk, improving KYC standards, and, most importantly, ensuring a seamless experience for mobile subscribers.


Electronic KYC verification (eKYC)

eIDV, or electronic identity verification, was implemented to offer accessibility to consumers while further strengthening the financial institution's ability to track standards. These are non-documentary approaches, which means they don't need any hard copies. These are legitimate and have some of the best risk management mechanisms available.


One of the approaches involves matching information received from the customer with information obtained from consumer reporting organizations, online directories, and other outlets to validate the customer's identity. One of the processes used in eIDV is this.


Other approaches include calling the client to verify their presence, checking references from other financial entities, doing a purchase history background check, and obtaining financial statements. Banks and financial institutions may also use a combination of documentary and non-documentary techniques. For example, they may qualify applicants using on-demand ID verification and eIDV procedures. This would help provide an additional layer of security while maintaining the comfort factor.


Perform the most appropriate control processes for your business with the Sanction Scanner Know Your Customer tool. Don't be afraid of AML compliance and risks anymore.

Previous Post
Financial Conduct Authority (FCA) AML Fines
Next Post
What Do Banks Do When They Encounter a Suspicious Activity?