Many financial institutions often blur the lines between KYC processes and AML practice, and as a result incur regulatory fines. KYC, as we have established, is just the identity verification process Identify the client. Its principal purpose is to better understand your customers and their financial dealings, thus managing risks efficiently.
While an AML program
consists of the following: Customer Due Diligence (CDD)
is a basic KYC process where customer's data such as proof of identity and address is gathered and used to evaluate the customer's risk profile. Enhanced Due Diligence
(EDD) is an advanced KYC procedure for high-risk customers. Generally, customers who are classified under the high risk category after CDD are prone to money laundering and financing of terrorism. Hence they are regulated and monitored as per stipulated norms.
EDD procedure includes verifying the Ultimate Beneficial Ownership information (UBO) and politically exposed persons (PEP). Transaction Monitoring is also a key element of EDD. See our articles Customer Due Diligence and Enhanced Due diligence for more details on these procedures
A financial institution should create AML policies according to AML rules and regulations in the country it operates in. Rules like the US Bank Secrecy Act
and the EU's 4th Anti Money Laundering Directive
. AML and KYC regulations vary across countries, however, the basis is to collect enough information for the purpose of identity verification and ensuring that their activities are legitimate.