KYC and AML — the difference and best practices

The rapid growth of the FinTech industry led to an increased demand for regulations especially in fighting financial crimes. As we know , Anti-money laundering (AML) and Know your customer (KYC) are prevalent in the financial world. But what do they really mean to you? And what are the differences between KYC and AML?

KYC or "Know Your Customer" can be defined as the process of verifying a customer's identity. In KYC, each client is required to provide credentials such as ID documents in order to use a company's service. For example, investors must be verified before they participate in an ICO and people before opening a bank account.

Since Fintech companies provide financial services, they are mandated by AML regulations to verify their customer's identity before offering their services. These are necessary measures to ensure that the institutions are doing business with legitimate entities.

What is Anti-money laundering (AML) ?

AML practice is broader than KYC, and it refers to measures used by financial institutions and governments to prevent and combat financial crimes especially money laundering and terrorism financing.

A financial institution's AML policy forms part of its wider AML compliance program and should be developed to comply with the requirements of its local AML regulations.

Many financial institutions often blur the lines between KYC processes and AML practice, and as a result incur regulatory fines. KYC, as we have established, is just the identity verification process Identify the client. Its principal purpose is to better understand your customers and their financial dealings, thus managing risks efficiently.
While an AML program consists of the following:

• KYC procedure : Customer Due Diligence (CDD) and Enhanced Due Diligence(EDD).
  
  
• Risk-based AML policies
  
  
• Ongoing Risk Assessment and Ongoing Monitoring,
  
  
• AML compliance training programs for staff
  
  
• Internal Controls and Internal Audits
  
  

Customer Due Diligence (CDD) is a basic KYC process where customer's data such as proof of identity and address is gathered and used to evaluate the customer's risk profile.

Enhanced Due Diligence (EDD) is an advanced KYC procedure for high-risk customers. Generally, customers who are classified under the high risk category after CDD are prone to money laundering and financing of terrorism. Hence they are regulated and monitored as per stipulated norms.

EDD procedure includes verifying the Ultimate Beneficial Ownership information (UBO) and politically exposed persons (PEP). Transaction Monitoring is also a key element of EDD.


See our articles Customer Due Diligence and Enhanced Due diligence for more details on these procedures.

A financial institution should create AML policies according to AML rules and regulations in the country it operates in. Rules like the US Bank Secrecy Act and the EU's 4th Anti Money Laundering Directive. AML and KYC regulations vary across countries, however, the basis is to collect enough information for the purpose of identity verification and ensuring that their activities are legitimate.

Using AML software in an organization's AML strategy is far more beneficial in terms of costs and efficiency. Anti-money laundering solutions analyze customer data and review it for discrepancies. Software can also quickly detect suspicious activities like rapid increases in funds or withdrawal of large sums of cash in the customer's accounts.
Automated or electronic KYC procedures begin by collecting client's essential data using Electronic Identity Verification (eIDV). There are usually 3 steps involved:

1. Select the proof of identity document type (passport, national identity card or drivers license).
2. Upload a photo of the selected document.
3. Upload a photo of them holding the selected proof of identity.

With advancements in electronic verification procedures like Sumsub Mobile SDK, the KYC process can be accelerated. It has gotten more convenient, reliable and secure for both customers and businesses.

Complying with AML and KYC laws has become a rule every bank has to follow. Failure to comply with these laws results in hefty fines and other penalties by regulators, as well as a huge blow to the reputation of the offending financial institution.

For your convenience, we have laid out guidelines for establishing a good AML compliance program here.

KYC in ICO and Blockchain

Likewise, the KYC procedure is becoming a standard for cryptocurrency exchanges and token crowdsales. It is still a controversial point, because the reason most people are attracted to crypto is its anonymous nature of transactions. However, customer identification is obligatory on most cryptocurrency exchange platforms, because anonymous trading accounts are forbidden in many countries. Therefore, the advantages of implementing KYC in ICO and blockchain are:

• Avoiding legal and reputational issues.
  
  
• Combating criminal acts (money laundering).
  
  
• Ensuring the safety of investors' assets.
  
  
• Establishing credibility with banks.
  

PS: We have a guide provided by our top experts on How to Choose a KYC / AML Provider for Token Sale and ICO here. For more information on our services, contact us here!