The examples and perspective in this article deal primarily with the United States and do not represent a worldwide view of the subject. (November 2024) |
Part of a series on |
Finance |
---|
Part of a series on financial services |
Banking |
---|
Know your customer (KYC) guidelines and regulations in financial services require professionals to verify the identity, suitability, and risks involved with maintaining a business relationship with a customer. The procedures fit within the broader scope of anti-money laundering (AML) and counter terrorism financing (CTF) regulations.
KYC processes are also employed by companies of all sizes for the purpose of ensuring their proposed customers, agents, consultants, or distributors are anti-bribery compliant and are actually who they claim to be. Banks, insurers, export creditors, and other financial institutions are increasingly required to make sure that customers provide detailed due-diligence information. Initially, these regulations were imposed only on the financial institutions, but now the non-financial industry, fintech, virtual assets dealers, and even non-profit organizations are included in regulations in many countries.
Know your customer requirements
[edit]In the United States, the Financial Industry Regulatory Authority (FINRA) Rule 2090 states that financial institutions must use reasonable diligence to identify and retain the identity of every customer and every person acting on behalf of those customers.[1] In enforcing this rule these organizations are expected to collect all information essential to knowing their customers. Information deemed necessary for enforcing Know Your Customer Requirements include the Customer Identification Program (CIP), Customer Due Diligence (CDD), and Enhanced Due Diligence (EDD).[2]
Customer Identification Program
[edit]Section 326 of the USA Patriot Act requires banks and other financial institutions to have a Customer Identification Program (CIP). Financial institutions must collect four pieces of identifying information about its customers including:
- Name
- Date of birth
- Address
- Identification number
Customer due diligence
[edit]The Bank Secrecy Act, the common name for the Currency and Foreign Transaction Reporting Act of 1970 and its amendments and other statutes, established the customer due diligence (CDD) rule as part of an effort to improve financial transparency and deter money laundering. The CDD rule enhances CDD requirements for "U.S. banks, mutual funds, brokers or dealers in securities, futures commission merchants, and introducing brokers in commodities.[3]" The CDD rule requires that financial institutions identify and verify the identity of customers associated with open accounts. The CDD rule has four core requirements:[3]
- Identify and verify the identity of customers
- Identify and verify the identity of the beneficial owners of companies opening accounts
- understand the nature and purpose of customer relationships to develop customer risk profiles
- conduct ongoing monitoring to identify and report suspicious transactions, and on a risk basis, to maintain and update customer information
Beneficial owner information is required for any individual who owns 25 percent or more of a legal entity and an individual who controls the legal entity.[3]
Enhanced due diligence
[edit]Enhanced due diligence[4] is required when initial identity checks have been completed and high-risk factors have been identified for an individual or a business. When these requirements have been met "enhanced" or additional due diligence above and beyond CDD is conducted which identifies the following information:[4]
- Source of wealth and funds check
- Additional identity research
- Risk identification and assessment
Know your customer's customer (KYCC)
[edit]KYCC or know your customer's customer is a process that identifies a customer's customer activities and nature. This includes the identification of the customer's customers and assessing the risk levels associated with their activities.[5]
KYCC is a derivative of the standard KYC process that arose because of the growing risk of fraud obscured by second-tier business relationships (e.g. a customer's supplier).[5]
Know your business (KYB)
[edit]Know your business or simply KYB is an extension of KYC laws implemented to reduce money laundering. KYB is a set of practices to verify a business. It includes verification of registration credentials, location, the UBOs (ultimate beneficial owners) of that business, etc. Also, the business is screened against blacklists and grey lists to check if it was involved in any sort of criminal activity such as money laundering, terrorist financing, corruption, etc. KYB is significant in identifying fake business entities and shell companies. It is crucial for efficient KYC and AML compliance.
According to the European Union's 5th AML directive,[6] KYB is required for the following AML-regulated entities:
- Credit institutions
- Estate agents
- External accountants
- Financial institutions
- Gambling services
- Notaries
- Services auditors
- Tax advisors
- Trusts
- Investment firms
Electronic know your customer (eKYC)
[edit]Electronic know your customer (eKYC) involves the use of internet or digital means of identity verification.[7] This may involve checking information provided is valid by using systems to validate ID and proof of address documents or by checking information against government databases such as the official passport database of a country.[8]
Laws by country
[edit]- Australia: The Australian Transaction Reports and Analysis Centre (AUSTRAC), established in 1989, monitors financial transactions in Australia,[9][10] and sets client identification requirements.
- Canada: The Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), established in 2000, is Canada's financial intelligence unit. It updated its regulations in June 2016 regarding acceptable methods to determine the identity of individual clients to ensure compliance with AML and KYC regulations. A pending lawsuit is active in Canada challenging the constitutionality of the new legislation.[11]
- India: The Reserve Bank of India introduced KYC guidelines[12] for banks in 2002.
- Italy: The Banca d'Italia exercises regulation power for the financial industry, in 2007 set KYC requirements for financial institutions that operate on Italian territory.[13]
- Mexico: The "Federal Law for Prevention and Identification of Operations with Resources from Illicit Origin", promulgated in 2012 with president Felipe Calderon's administration and came into force in 2013 with the president Enrique Peña Nieto administration.[15]
- Namibia: Financial Intelligence Act, 2012 (Act No. 13 of 2012) published as Government Notice 299 in Gazette 5096 of 14 December 2012.[16]
- New Zealand: Updated KYC laws were enacted in late 2009 and entered into force in 2010. KYC is mandatory for all registered banks and financial institutions (the latter has an extremely wide meaning).[17]
- South Korea: Act on Reporting and Use of Certain Financial Transaction Information regulates due diligence in the country.[18]
- United Arab Emirates:The key guidelines overseeing KYC in the UAE are the Government Pronouncement Regulation No. (20) of 2018 On Anti Money Laundering and Battling the Supporting of Psychological warfare and Funding of Unlawful Bureau Choice No. (10) of 2019 Concerning the Carrying out Guideline of Pronouncement Regulation No.[citation needed]
- United Kingdom: The Money Laundering Regulations 2017[19] are the underlying rules that govern KYC in the UK. Many UK businesses use the guidance provided by the European Joint Money Laundering Steering Group along with the Financial Conduct Authority's 'Financial Crime: A guide for firms' as an aid to compliance.[20]
Criticism
[edit]Criticisms of this policy include:
- Know your customer places a costly burden on businesses operating in the financial industry, especially smaller financial companies, where compliance costs are disproportionately heavy.[21]
- Customers may feel the information requested to be intrusive and burdensome, and may choose not to enter the business relationship as a result.[citation needed] Relatedly, there may be privacy concerns with how the information is used.[22]
- Innocent, law-abiding individuals such as digital nomads are very likely disproportionately disadvantaged as living a nomadic life makes it increasingly difficult or even impossible to hold any formal banking relationship anywhere in the world due to lack of proof of address, bills, and/or debt documentation required by KYC.[23]
- Some citizens in other countries (Canada) are fighting back against the USA over-reach into their sovereign banking system and have challenged new USA law in their courts.[24][25]
See also
[edit]- Anti-money laundering
- Anti-money laundering software
- Bribery
- Certified copy
- De-banking
- Financial Action Task Force on Money Laundering
- Political corruption
- Politically exposed person
References
[edit]- ^ "2090. Know Your Customer | FINRA.org". www.finra.org. Archived from the original on 2024-09-03. Retrieved 2024-02-03.
- ^ "Know Your Client (KYC): What It Means, Compliance Requirements". Investopedia. Archived from the original on 2024-02-05. Retrieved 2024-02-03.
- ^ a b c "Information on Complying with the Customer Due Diligence (CDD) Final Rule". fincin.gov. February 3, 2024. Archived from the original on February 3, 2024. Retrieved February 3, 2024.
- ^ a b "What is Enhanced Due Diligence (EDD)?". Dow Jones Professional. Archived from the original on 2024-02-03. Retrieved 2024-02-03.
- ^ a b PYMNTS (2018-01-03). "Businesses Can't Just KYC, They Must Also KYCC". PYMNTS.com. Archived from the original on 2019-04-24. Retrieved 2019-04-24.
- ^ "Directive (EU) 2015/849 of the European Parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC (Text with EEA relevance)". data.europa.eu. Jun 5, 2015. Archived from the original on July 23, 2015. Retrieved Oct 21, 2022.
- ^ HIRAOKA, DAIKI; HOTTA, AKAFUMI. "Japan's Toppan beefs up ID security with Taiwan developer purchase". asia.nikkei.com. Archived from the original on 31 December 2020. Retrieved 31 December 2020.
- ^ "Stolen and Lost Travel Documents database". www.interpol.int. Archived from the original on 2023-09-26. Retrieved 2023-09-15.
- ^ "Search results". www.legislation.gov.au. Archived from the original on 2024-09-03. Retrieved 2017-03-07.
- ^ "Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007 (No. 1)". www.legislation.gov.au. 7 December 2016. Archived from the original on 3 September 2024. Retrieved 7 March 2017.
- ^ "Canadian citizens' challenge to FATCA enforcement will be further appealed | STEP". www.step.org. Archived from the original on 2021-09-30. Retrieved 2021-09-30.
- ^ "'Know Your Customer (KYC) Guidelines - Anti-Money Laundering Standards". Archived from the original on 2012-08-01.
- ^ d'Italia, Banca. "Banca d'Italia - Provvedimento recante disposizioni attuative in materia di adeguata verifica della clientela". www.bancaditalia.it. Archived from the original on 2016-11-18. Retrieved 2016-09-12.
- ^ "金融機関等による顧客等の本人確認等に関する法律". www.shugiin.go.jp. Archived from the original on 2021-09-30. Retrieved 2021-09-30.
- ^ "LEY FEDERAL PARA LA PREVENCIÓN E IDENTIFICACIÓN DE OPERACIONES CON RECURSOS DE PROCEDENCIA ILÍCITA" (PDF). www.diputados.gob.mx (in Spanish). Archived from the original (PDF) on March 21, 2021. Retrieved Oct 21, 2022.
- ^ "Financial Intelligence Act 2012" (PDF). www.fic.na. Archived (PDF) from the original on November 8, 2022. Retrieved Oct 21, 2022.
- ^ "Anti-Money Laundering and Countering Financing of Terrorism Act 2009 No 35 (as at 11 May 2021), Public Act Contents – New Zealand Legislation". legislation.govt.nz. Archived from the original on 30 September 2021. Retrieved 30 September 2021.
- ^ http://moleg.go.kr/english/korLawEng?pstSeq=57338&pageIndex=12 [bare URL]
- ^ "Money Laundering Regulations 2017". www.gov.uk. 15 March 2017. Archived from the original on 3 December 2022. Retrieved Oct 21, 2022.
- ^ Gill, M. (2004-07-01). "Preventing Money Laundering or Obstructing Business?: Financial Companies' Perspectives on 'Know Your Customer' Procedures". British Journal of Criminology. 44 (4): 582–594. doi:10.1093/bjc/azh019. ISSN 0007-0955. Archived from the original on 2024-09-03. Retrieved 2021-09-19.
- ^ Leitch, Will (1 November 2003). "Patriot Act a Beastly Burden for Small B/Ds". www.wealthmanagement.com. Archived from the original on 24 May 2019. Retrieved 24 May 2019.
- ^ Pasley, Robert S. (2002). "Privacy Rights v. Anti-Money Laundering Enforcement". North Carolina Banking Institute. 6 (1): 147.
- ^ Proposed Rules Archived 2019-05-24 at the Wayback Machine Federal Register December 7, 1998
- ^ "ADCS | Alliance for the Defence of Canadian Sovereignty". www.adcs-adsc.ca. Archived from the original on 2024-01-18. Retrieved 2021-09-30.
- ^ Leopold, Jason; Garrison, Jessica (6 October 2017). "US Intelligence Unit Accused Of "Domestic Spying" On Americans' Finances". BuzzFeed News. Archived from the original on 24 May 2019. Retrieved 24 May 2019.