60 million Americans have experienced identity theft, according to 2018 research. Furthermore, the average cost of a data breach worldwide in 2019 was $3.92 million USD. This impacts the victims as well as the businesses involved because customers will no longer have confidence in their services.
What is KYC?
KYC or Know Your Customer is a process that financial institutions are required to go through in order to identify their customers. It is crucial for all financial institutions in the United States because it helps them maintain risk management and anti-money laundering procedures.
With the rise of global trade and the increasing movement of business in the digital realm, there is an increasing need to adopt KYC practices in verticals such as Real Estate, Crypto, E-Commerce, Gaming and E-Healthcare.
Some of the reasons why KYC is important to organisations:
- KYC helps compliance with risk management and anti-money laundering procedures.
- KYC provides a better understanding of customer needs and expectations.
- It helps with fraud detection, preventing terrorist financing, money laundering, and other criminal activities.
- It helps with compliance requirements set by regulators like SEC, FINRA, FCA and so on. KYC provides accurate data to identify high-risk individuals and prevents them from opening a bank account.
KYC laws in the US
According to the law, financial institutions must use KYC to verify a customer’s identification and pinpoint risk concerns. KYC procedures aid in preventing financial crimes such as identity theft, money laundering, financial fraud, financing of terrorism, and others. Penalties for non-compliance may be severe.
For the purpose of combating money laundering, KYC standards were established in the 1990s. In the wake of the 9/11 attacks, the US passed the Patriot Act, which included stricter legislation regarding KYC. Prior to 9/11, these changes were planned, but the terrorist attacks gave them the political impetus they needed to become law.
Financial institutions must fulfil two requirements under Title III of the Patriot Act) in order to adhere to the stricter KYC obligations: the Customer Identification Program (CIP) and Customer Due Diligence (CDD). In addition, ongoing monitoring is required to fulfil KYC requirements stated under Law.
Customer Identification Program (CIP)
The CIP is an anti-money laundering program that requires banks and other financial institutions to identify their customers. The CIP program was created by the Financial Action Task Force and applies to all financial institutions, including banks, brokerages, mutual funds, futures commission merchants and introducing brokers in the United States.
The program requires financial institutions to verify the identity of the customer, keep records of these verifications for five years and report any suspicious transactions. Financial institutions are required to establish a CIP program that includes minimum requirements such as:
- Establishing a risk-based customer identification process
- Maintaining a list of customers’ names and addresses
- Maintaining copies of identifying documents
- Maintaining records of customer verification procedures
- Reporting any suspicious transactions to the Financial Crimes Enforcement Network (FinCEN)- Sharing information with other financial institutions and law enforcement
Customer Due Diligence (CDD)
CDD is a process that is used by financial institutions to conduct detailed risk assessments on their customers. CDD has two main goals: to prevent criminals from using the financial institution for money laundering and to prevent politically exposed persons from using the financial institution for corrupt practices.
The process of CDD involves different levels of due diligence, depending on the customer’s risk profile. Customer due diligence is important because it helps banks protect their reputation and prevents them from getting involved in illegal activities.
The KYC process must be continual. Financial institutions should monitor their client’s transactions on an ongoing basis and update the information they have on them. This is key to complying with the US’s KYC requirements, which are among the strictest in the world.
This element adopts a flexible, risk-based approach to KYC. The financial institution is required to send a Suspicious Activities Report (SAR) to FinCEN and other pertinent law enforcement agencies if suspicious or unusual activity is discovered.
KYC in the US with IdentityCheck for easy customer onboarding
Using the latest AI-powered verification solutions it is possible to verify the identity of a government-issued identity document. This is analogous to being handed an identity document in person and verifying by yourself if the image on the document matches the person in front. Ensuring that the document does not look or feel fraudulent and/or is not expired.
IdentityCheck is such a solution, and additionally, the same process can be extended to over 10,000 document types in over 200 countries around the world. This makes your processes scalable globally from day 1.
Pricing for such plans is simple and affordable and you can start in minutes. Sign up here, free, no credit card required.
Here is the high-level process for a person undergoing verification:
- They receive an email containing their unique verification link
- Upon visiting the link, they receive a QR code which they can scan with their smartphone
- Following on-screen prompts, they will then take a picture of their identity document (front and back) and a selfie
In addition, KYC checks can be supported for virtually every US state with documents such as driving licences and identity cards. See the list below for a comprehensive list of supported states and regions.
Alabama, Alaska, American Samoa, Arizona, Arkansas, California, Colorado, Connecticut, Delaware, District of Columbia, Florida, Georgia, Guam, Hawaii, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, Missouri, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, North Dakota, Northern Mariana Island, Ohio, Oklahoma, Oregon, Pennsylvania, Puerto Rico, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, US Virgin Island, Utah, Vermont, Virginia, Washington, West Virginia, Wisconsin, and Wyoming.
In both regulated and unregulated industries, the term KYC can indicate several things in different settings. We have made an effort to offer a nuanced perspective on how KYC processes might be embraced and how they differ from one another in this article. The Know Your Business (KYB), Politically Exposed Person (PEP) and Sanctions monitoring, Anti Money Laundering checks, and other topics will be covered in detail in the upcoming sections.