BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

Five Misconceptions About KYC Compliance

Forbes Technology Council

CEO at Kyckr.

Are your Know Your Customer (KYC) processes working? Or have you fallen trap to misconceptions that can not only make your processes more difficult but put your organization and customers at risk?

KYC is a legal requirement for financial institutions to verify the identity of customers and a necessary measure to monitor and assess customer risk. A typical process follows KYC and Anti-Money Laundering (AML) policies and procedures by collecting, identifying and verifying customer ID, wealth and funding and by performing checks to identify and mitigate any financial crime risks.

However, many compliance directors and money laundering reporting officers believe that their current KYC program is adequate when, in fact, it falls short of what is required. This puts institutions at risk of breaches, heavy regulator fines and even reputational damages.

Here are five common misconceptions about KYC compliance and the truths that dispel these misconceptions so you can keep your customers and your institution safe.

1. KYC is the same for everyone.

A “one size fits all” approach to KYC often leads to problems, as there is no “one size fits all” when it comes to regulations and standards. Obligated entities must adhere to domestic and international regulations depending on customers, products, operations and jurisdictions. Additionally, standards in AML compliance vary from countries with stricter regulations to jurisdictions with weak or deficient AML laws.

The level of KYC and customer due diligence you perform must be proportionate to the level of risk presented to your business. If you have more high-risk customers, they must undergo enhanced due diligence and verification of source of wealth—not the same KYC you apply to medium- or low-risk customers. While KYC is different for every business, the common goal is to comply with AML norms and prevent financial crime.

2. It’s only collecting documents.

Some may mistakenly think KYC is as simple as collecting someone’s passport. But in order to run an effective and compliant KYC program, you must monitor activities, perform risk assessments and understand the source of funding.

Additionally, screening against regulatory, legal and criminal watchlists goes beyond simple ID document collection as well. While KYC is the first step, it must be done correctly. Otherwise, it may end up causing more harm than good.

3. Fraud and AML are two separate issues.

Banks and financial institutions usually operate two complex and large operational units in detecting and preventing financial crime: fraud and AML. While they have historically sat in different departments, regulators recognize fraud and AML are intrinsically connected to the extent that their boundaries may be somewhat blurred.

Fraud is a loss issue in real time. In contrast, AML is retrospective over a time period to detect suspicious activity. But it’s not only the convergence of fraud and AML that’s a big problem. Criminal gangs with diversified operations can be involved in drug trafficking, human trafficking and other nefarious activities that include both fraud and money laundering.

While some types of fraud may show distinct typologies, crime is typically connected in multiple ways and must be tackled holistically. Identifying and verifying the beneficiaries is a good starting point.

4: Google is sufficient for customer due diligence.

Google has become an incredible tool in this modern age. However, timely access to information is key in KYC and customer due diligence (CDD) compliance. How much time is wasted scrolling through Google when performing an adverse media check? Do you review the top ten matches only? How much time do you spend reviewing pages that lack relevant information?

Not all information is available via Google. For example, it may not be possible on Google to gain access to corporate documents or legal records from a local municipality in China or another foreign country, where you need to be physically present to collect documents. KYC and AML compliance is a data-hungry, multi-faceted discipline requiring clean, accurate, structured data to feed its engine—and search engines aren’t sufficient.

Regulated firms require access to accurate and legally authoritative information and often use multiple sources, repositories and libraries through which they can retrieve primary and secondary source data used in KYC and CDD investigations. Therefore, it’s imperative to use recent data directly from the source to ensure you are not exposed to regulatory risks. Use source data so that you also don’t breach AML law by using outdated or unreliable data that did not fully reveal risks or—even worse—missed a red flag that may be indicative of criminal activity.

5. Customers are not impacted by lengthy KYC.

In a fiercely competitive landscape, financial institutions and fintechs compete over speed of execution, customer experience and costs. Customers want to spend as little time as possible completing KYC processes and expect the process to run smoothly and quickly.

However, lengthy, clunky and cumbersome KYC checks can adversely impact firms, and outdated KYC procedures and a poor customer experience can lead to financial losses.

Swift onboarding is now a key factor that is swaying customers towards or away from you. It’s estimated the average time taken to onboard a customer is 26 days. Alarmingly, over 73% of financial institutions (download required) reported losing customers due to friction in the onboarding process. Lowering the conversion rate and high abandonment impacts top-line growth and the P&L statement. Customers and prospects expect KYC to be streamlined and easy to complete.

Debunking The Misconceptions

Have you fallen into the trap of any of these misconceptions? Recognizing and debunking these misconceptions about KYC compliance can unlock more robust and effective strategies and tactics for preventing money laundering and other nefarious activities. Above all, recognizing the truth about AML will also help to boost your revenue and keep your customers happy.


Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?


Follow me on LinkedInCheck out my website