Know your customer checks – what are your responsibilities?

Know your customer (KYC) checks are required in most national jurisdictions. In the UK, failure to comply with KYC and anti-money laundering (AML) responsibilities can result in high penalties. Only last year the UK’s Financial Conduct Authority (FCA) fined Commerzbank over £38 million for AML lapses - and FCA fines have topped £160 million.

KYC processes must be robust. So how can you make sure your processes are?

In this article, you will learn more about KYC checks, the stages involved, and what a services company’s KYC responsibilities are.

What are KYC checks?

A KYC check is the customer due diligence process that a financial or professional service provider must apply to all individual or business clients. The objective is to identify the parties in the relationship or transaction, and to assess the risk that they are engaged in illegal activity.

This enables the bank, insurer, accountant or lawyer to take appropriate action, which could be simply accepting the applicant as a very welcome client. Or at the other extreme, potentially reporting them to law enforcement and tax authorities.

The four stages of KYC checks:

1. Customer identification, which for a company typically means identifying the beneficial owners.
2. Verification of the customer’s identity. Having identified the customer, the service provider must then actually prove the customer is who they say they are. Is the potential customer a politically exposed person (PEP) that requires further scrutiny?
3. Understanding what the customer does and where their money is coming from. What other parties are they transacting with? Do they need customer due diligence?
4. Monitoring the customer’s transactions and relationships on a continuous basis. This step is often overlooked after customer onboarding.

Suppliers, and possibly the extended supply chain, should be subject to the same level of KYC checks, as they also represent a risk. KYC has even made itself integral to the cryptocurrency space, where blockchain enables secure audit trails.

The FCA publishes a detailed handbook explaining the requirements of KYC for financial firms in the UK.

What are a services company’s KYC responsibilities?

Financial and professional services companies are responsible for creating and implementing fit-for-purpose policies and procedures, and ensuring they are complied with. The latter element means companies must have some form of oversight and internal audit function within the service provider.

Financial and professional services companies are responsible for:

• Understanding their statutory responsibilities under the regulations that apply to their sector or profession. The risks and challenges facing a mortgage lender are different to those a fintech is likely to encounter, although all financial services providers have a similar, core baseline of KYC and AML responsibilities.
• Creating the necessary processes within the business to implement the four main stages of KYC and AML checks. For example, a mid-sized wealth manager might choose to use a secure digital platform to manage the identity verification and document signing process. This approach would satisfy the statutory requirement of having a process in place, but does not require a significant investment in new employees to manage it.
• Applying those processes rigorously, including ensuring that relationships are monitored once clients are onboarded – continuous monitoring is a key requirement. The KYC/AML requirements do not end with identity verification. Customer circumstances will change over time, and their activities may become riskier.
• Putting into place a reporting and audit process, which can be used to demonstrate the above three stages have been implemented. Digital reporting and audit tools are acceptable, and efficient, alternatives to manual paper-based reporting. When hosted within a secure digital environment, demonstrating compliance and audit trails to regulators becomes an efficient and swift process.

How to find guidance about KYC responsibilities

To better understand their KYC responsibilities, financial and professional services providers have many sources of advice and guidance from regulators. The FCA publishes its handbook. The UK tax authority HMRC provides extensive guidance on the responsibilities of any business covered by the money laundering regulations.

The regulatory body for solicitors and barristers, the Law Society, provides extensive AML support. Accountants and tax advisers have several professional institutes with regulatory oversight that publish regulations and provide support. These include the Association of Chartered Certified Accountants (ACCA), Institute of Chartered Accountants in England and Wales (ICAEW) and Chartered Institute of Taxation.

A technology platform is the ideal solution for automating many of the customer due diligence processes and creating a secure and auditable space in which service providers and customers can interact.

BONAFiDEE’s digital engagement platform enables organisations and individuals to engage online in a safe, compliant and fully evidencable way. To find out more about digital signature and customer verification solutions, download our guide, or contact our team.