Know your customer – KYC – is a regulatory requirement and standard in banks and the financial services industry in general. It represents a customer onboarding process that an institution needs to fulfill according to KYC and AML regulations. KYC includes customer identification, verifying financial crimes and AML lists, and clients’ knowledge and risk tolerance assessment. Gathering customer information has two goals. The first one is to protect the financial institution by proving customers’ identity and informing them about which investment and risk profile the client correlates with, allowing the advisors to correctly serve the client. The second purpose is to protect the client by providing the necessary knowledge and limiting clients’ responsibility via due diligence.
All institutions need to comply with KYC identity checks and money laundering and terrorist financing lists checks as important fines and penalties are ruled against banks and institutions that neglect their customer identification program and KYC compliance. Indeed, besides the huge penalty costs, the impact of such events on reputation and trust is not directly measurable.
What is a KYC process?
How can financial institutions, banks, and other businesses perform a complete and compliant KYC process during the account opening and customer onboarding? The KYC process can be simplified into 5 steps enhancing compliance and avoiding fraud:
1 – Collect information
The collection of information regroups two main events.
First, you should collect personal information and data on the customer activities. This can be done via a personal meeting, forms, or digital forms. The goal is to receive enough information to be able to identify the prospect personally and without a doubt. This includes manual entry of personal data as well as uploading files such as ID, passport, proof of residence, debit/credit card, and corporation documents. Yet, the customer experience and engagement should remain positive and the speed of the process should remain as fast as possible.
Second, especially for account opening, you should inform your prospect and pursue a risk assessment base on a multitude of risk factors. This step is crucial as it protects both the investors and the financial institution. Digital forms and specific questions are usually used to assess the different risk levels and the matching customer risk.
2 – Check documents
Once the data collection is made, you need to check the identity of the customers and the validity of their documents. In order to compare the data, Artificial Intelligence should extract the data from the documents (ID, passport, debit/credit card, proof of residence, corporation documents, etc.) and double-cross it against the information manually entered. This comparison check is a basic, yet useful, pre-verification.
Another due diligence is to process the identity verification via video identification or digital signatures. Specialists in the fields will ask you to take real-life pictures to guarantee the truthfulness of your identity. Digital Signatures also enhance your security by demanding a 2-factor authentication.
3 – Validate information The third step is typically when the KYC process checks the customers’ links to AML – anti-money laundering – list, and other mandatory regulated lists. Regulators in all countries are considering this step closely when assessing banks’ and companies’ customer due diligence.
For example, in the United States, since 2001 and the Patriot Act, neglecting checks on potential terrorist funding is extremely problematic for financial companies.
4 – Start remediation
The remediation is a core stage of the KYC process. It automates checking your customers’ data and updating outdated information. The remediation can be based on specific events, such as address change, nationality change, and becoming 18 years old, or on periodic reviews (quarterly, monthly, …).
Remediation embodies sending to your clients’ similar forms or questions as in the first step, in order to check and update the information. The best CRMs and KYC automation can automate these procedures.
5 – Approval processes
Last but not least, once all information is entered and recorded, companies need to be able to accept or reject customers base on their answers, identity verification, and name check. Banking institutions usually use solutions that provide approval processes for account opening and customer onboarding.
SwiftXccess, as an all-in-one platform, possess best in class KYC digital forms and onboarding process coupled with an automation feature. Use pre-built onboarding forms to collect data across all digital channels.
Besides a complete onboarding feature, we also provide the remediation and approval processes build in-house. Automatic remediation can be launch from the audit trail depending on specific events or periodically. The approval process is also customizable as well as the logic for approval. For specific identity verification and customers’ name checks, we integrate our partners’ solutions.
How to automate customer due diligence and anti-money laundering checks?
Indeed, for part of the second stage and the third one, SwiftXccess connects with Regtech partners to provide seamless integration and complete KYC compliance. We also connect with fintech companies providing additional depth.
For additional insights during the onboarding process, Neuroprofiler provides you with the ESG preferences of your customers via behavioral analysis of a gamified process.
For ID verification, Onfido and Lexis Nexis produce complete software with video and ID analysis, confirming or disconfirming identity.
For name checks, Polixis integrate a report on the money laundering risks of each customer and their relation to any financial crime or terrorism financing.
Besides, combining KYC and cryptocurrencies is possible using software like Scorechain that checks in a comprehensive database of 700+ VASPs to assess the credibility of counterparts, assess and edit Risk-AML Scoring for extra due diligence.
Additional advice for financial institutions
KYC regulations are usually cumbersome and complex. Therefore a complete knowledge and understanding of these laws are necessary to conduct your business. Much of this risk can be mitigated using a solution like SwiftXccess to automate your KYC and remediation.
Additional care should be direct towards your business relationship and your service providers depending on how interconnected your business relationship is. A bank combining different third-party solutions might face charges if one relationship is not KYC compliant. Be aware of your country’s specific compliance requirements, and use SwiftXccess to automate your KYC remediation!