Index
Get the latest news right in your inbox
The KYC process involves a series of steps to validate data and documentation of a potential customer's identity and other financial information. "Know your customer" is the standard that must be met by law by those businesses that, given the characteristics of their activity, are exposed to risks related to fraud, money laundering, terrorist financing, and other issues that affect any business related to finance.
The economic activity of users is closely related to the provision of certain products and services. In particular, those offered by banks, insurance companies, and other FinTech, InsurTech, and WealthTech business models. States and governments, both to prevent tax fraud and to create secure environments for companies and customers to interact with each other, have regulated the process and given indications of the documentation and data that KYC forms must request.
Know your customer: identity verification in onboarding
One of the most important financial risks has to do with identity theft. This method of fraud is used to open accounts in the name of false persons, front men or other real persons without their authorization. This is used for money laundering and, also through tax engineering, to avoid tax obligations or to cover up illegal activities.
On the other hand, identity theft is an increasingly common practice. Whether through hacks, phishing techniques or the theft of personal data using a variety of methods, criminals are using their ingenuity to steal money, carry out fraudulent transactions or buy products with customers' virtual credit cards. IT security and identity verification systems are necessary in an increasingly complex and challenging environment.
Establishing fraud prevention and risk management policies and tools is necessary not only in the financial industries, but an insurance for the sustainability of any business, regardless of the sector to which it belongs. Thus, the KYC standard is reaching, for example, the telecommunications industry to address SIM Swapping and ensure that new customer registration processes occur with guarantees and total security.
Although it may seem that integrating these systems is expensive and costly, thanks to the development of SaaS identity verification and electronic signature platforms, businesses of all sizes and characteristics can obtain extreme security and comply with the most demanding regulatory requirements.
In large companies, these transformations previously involved change processes that took a long time and affected a large part of the systems infrastructure, as well as having a significant impact on IT teams and budgets due to the need to rely on large consulting firms for their development. Now, the best KYC systems can be integrated with simplicity and in a pay-per-use format, without conditioning the productivity or sustainability of the products or divisions that need to incorporate these technologies.
KYC steps
KYC is part of what is known as the digital onboarding process. This concept encompasses all the operations necessary to register a user as a customer, register and validate their information, confirm their identity and sign the contracting of products and services. All these parts must be shown to be legal, and binding, and provide title and access.
Thus, Know Your Customer (KYC) is emerging as a process within a process. KYC consists of corroborating that the user is who he claims to be. To this end, the following checks are carried out:
- Provision of identity documentation (passport, driving license, national identity document, or residence permit). This is done digitally and remotely through any device with an internet connection and camera. Hundreds of checks and anti-fraud tests are performed live to not only collect and store the document but also to verify that it is real and not altered, modified, expired, or forged.
- Proof of life is provided and cross-referenced with the information obtained from the identity documentation. In this process, generally carried out by streaming video, the user is asked at the same moment to show his face to the camera and make some gestures. This tells us that the user is who he/she claims to be and prevents any kind of attack related to identity theft. The most advanced technologies are fully deepfake-proof and detect the environment to ensure compliance with the highest AML standards.
After this, once verified in seconds thanks to the best digital identification platforms, the contracting process is carried out with electronic signature tools. This validates the operation and the opening of the customer account can be done in a few moments.
Documentation and information requested on a KYC Form
A KYC form is a document that gathers all the personal, risk, financial and economic activity data of a future client. It is a series of questions asked by the financial institution, insurance company, trading platform or any company of which you are going to be a client that generally collects information about the origin of the funds that you are going to deposit in the account.
There are KYC forms for individuals and for legal entities. However, in the latter case, we talk more about Know Your Business (KYB) and Due Diligence than Know Your Customer. This collection and validation of sensitive information in the KYC form is also called CDD (Client Due Diligence).
The information must be collected by law. That is, businesses in the BFSI areas (Banking, Insurance and Financial Services) are obliged to have this information about their customers. Moreover, it is not only requested during the onboarding processes but updates of this data will be requested from time to time. Failure to do so may result in the bank or financial platform blocking the account and not allowing to operate with the available money.
KYC Data Form
The data that make up a complete KYC form is, as a general rule, the following:
- Basic personal data: Name and surname, date of birth, nationality, residence, email, telephone, and other similar data. Address and in some cases census registration will also be checked.
- Identity documentation: The tax identification number and (digital) copies of national identity cards and passports as well as checks that the tax address corresponds to the one shown on these documents. Subsequently, questions are asked about periods of residence abroad.
- Questions for risk analysis: Here a statement is requested as to whether or not the person belongs to PRP (Persons with Public Responsibility) lists. On this, if yes, questions will be asked about the years in office and whether the person is a proxy of a PRP. This is because of anti-corruption rules in many states. In the United States, it is known as FACTA and there are specific models.
- Financial data: It must be stated what are the expected annual income levels and what is the origin of the same. Also, questions are asked not about the recurring income but the origin of the funds to be deposited in advance.
- Employment status: Basic questions about the client's economic activities, whether he/she is self-employed or employed, the company he/she works for, and the position he/she holds. Also about the professional sector and type of activity. In some cases for credit cards and others, a payslip or proof of income is requested. Sometimes it is also asked if you have tax obligations outside your country of origin.
- Purpose: In this section, you usually specify the reason why you are going to use these financial services. Saving, investment, expenditure... It is an estimate of the type of operations that are intended to be carried out habitually with this account, such as making transfers abroad.
All these data can be integrated within the same KYC audit document, or adapted together and sealed with electronic signatures and qualified certificates in very high-risk models.
As a general rule, companies prefer to create their own forms in the interface of their apps and web platforms. They then add the identity validation process. As we have seen previously, KYC is an operation dedicated to identity verification. The term "KYC form" is sometimes misused, as, in reality, all this data is part of AML (Anti Money Laundering) controls and not KYC itself.
KYC in banks, finance, and insurance companies: AML requirements
AML (Anti-Money Laundering) regulations apply in all countries and markets worldwide. Each state has its own AML regulations and the standards are defined by its own public bodies. These often adopt the recommendations of international institutions to develop their own jurisdiction.
The Sixth Anti-Money Laundering Directive (6AMLD) is the AML regulation par excellence not only in the European Union but also worldwide. Due to the advanced nature of its proposal and the fact that it is a cross-border standard, many countries outside Europe have taken it as a reference to create their own laws or update them.
On some occasions, we see how recent invoices or direct debit receipts are requested as well as bank statements of previous accounts from where the funds to be added to the new one come from. This serves both as a method of legitimization in addition to KYC identity verification and to determine a risk analysis of the customer's profile.
