The mandatory nature of KYC processes ensures that financial institutions check their customers are real and are not linked to crime. These processes also ensure that these institutions are continually monitoring the level of risk that each customer poses.

When onboarding new customers, the KYC process makes sure that companies are identifying money laundering, terrorism financing, and other illegal corruption schemes. This means that companies can actively stop dirty money from flowing through the financial system.

As KYC is so important, heavy penalties can be applied to companies that fail to properly implement KYC procedures. Between 2008 and 2018, estimates suggest that businesses in the US, Europe, the Middle East, and the Asia Pacific were issued with fines totaling $26 billion for non-compliance.

steps in the KYC process

The KYC process includes three distinct steps: customer identification, customer due diligence, and continuous monitoring. For the KYC process to be complete and to ensure regulatory compliance, each of these steps must be followed closely. Let’s take a look at what each of the steps involves in greater detail, with a particular focus on KYC in banking.

Customer identification

The first element of any successful KYC process is a thorough customer identification program (CIP).

A CIP is vital for preventing fraud and identity theft. It’s also mandated by the Financial Action Task Force (FATF) and the Patriot Act in the USA. The process involves a business conducting a series of checks that identify and Ondato verification the identity of the user.

In order to pass the customer identification process, the customer in question must provide the business with a number of personal details. For example, in order to open a new individual finance account in the US, an individual must provide the bank with their:

  • Full name
  • Date of birth
  • Full address
  • An identification number

When this information has been gathered, the institution must then also verify the identity of the account holder ‘within a reasonable time’. This means that a business must not only verify that the information provided and the identity is real, but they also must verify that the person providing the information is the owner of the information supplied.

To be successful, the measures a business uses for CIP purposes must be consistent. Due to this, before implementation, the steps must be clarified and codified so they provide continual guidance to staff and executives. This will also help the business meet regulatory standards.

The exact CIP processes you’ll need to implement will depend on a number of factors, including:

  • The type of account or service you offer
  • The method by which accounts are opened or services are accessed
  • The size of your company
  • The location of your company
  • Your customer base, including the types of products and services used by customers in different geographic locations

The process of conducting these checks used to be time consuming because individuals would need to schedule appointments to meet someone in-person. Now, however, the creation of the eKYC process means that KYC can be completed online.

As part of the verification process, pieces of software can be used to check supplied information across databases. Other pieces of software can be used to scan selfies supplied by the person providing the information. These images can be checked against the image on the supplied document and can determine whether the image matches. The same image can also be checked for liveness and realness in real-time.

The automation of these processes has reduced the time it takes to complete a customer identification program. While the onboarding process used to take days or weeks, it can now be completed in a matter of minutes or even seconds.