Know your customer (KYC) processes have become a standard for businesses of all sizes and industries. In its classical form, KYC is comprised of three stages:
- Customer Identification
- Customer Due Diligence
- Ongoing Monitoring
While KYC is more than enough in order to secure your business’ comprehensive onboarding system, there’s an extra layer of security. Say hello to Know Your Customer’s Customer (KYCC).
Before we dive into this specific iteration of compliance, let’s first make sure we are on the same page regarding traditional KYC, by clarifying its three main stages.
What Is Customer Identification?
Customer identification is the process of establishing and verifying a customer’s identity by using reliable data, information and documentation. Some of the components that need to be identified in this process are name, surname, date of birth, address, taxpayer identification number.
What Is Customer Due Diligence?
In simple terms, customer due diligence is a background check that aims to determine the risk associated with the customer in question. This risk is usually tied to illegal activities such as money laundering or terrorist financing.
A normal customer due diligence process would see the customer’s name being run against PEP and sanctions lists as well as investigating their beneficial ownership relationships.
What Is Ongoing Monitoring?
Ongoing monitoring involves the frequent review and evaluation of existing and new information regarding a customer you have a business relationship with. Due to the resources and complexity associated with ongoing monitoring, this is usually a process applied to high-risk customers.
Now that we’ve dealt with the traditional version of KYC, let’s dive into KYCC and see when and why it’s necessary.
What Does Know Your Customer’s Customer (KYCC) Actually Mean?
Know Your Customer’s Customer (KYCC) is the process of identifying, verifying and investigating the identity and activities of your customer’s clientele. This is considered to be an extra level of compliance, a step towards building a more comprehensive risk profile for your customers.
Understanding the complex relationship between your customers and those that they do business with will allow you to stay away from shady business dealings such as money laundering and reputational damage.
Think of your customers as the tip of the iceberg. This is what you see. It’s what’s easy to understand and digest.
As we all know, the biggest and most dangerous part of the iceberg is the bottom part. That bottom part is your clients’ clients, their suppliers, their partners, the beneficial owners and every single entity that exists within their business ecosystem. That’s where the real danger lies.
To Know Your Customer’s Customer has been introduced as an idea about 5-6 years ago. At that point it was more of a recommendation, more of a suggestion for companies. What changed the general stance and mood towards KYCC were the increasing scandals that led to the continuous revision of regulations.
One could argue that since the Panama Papers megascandal, KYCC came into the spotlight. Allowing the owners of shell companies to hide their identities and revealing the complex structure of businesses that facilitated money-laundering, were the two gaping loopholes in the KYC process.
What the Panama Papers scandal made obvious was that KYC alone might not be enough to ensure peace of mind. Knowing who is in control of a company is, essentially, knowing who the company is transacting with.
KYCC: How Policies Are Gearing Towards It
Some could say that the birth of KYCC brought about these policies whereas others might say that these policies are the reason KYCC is starting to become a necessity.
The Fifth Anti-Money Laundering Directive (5AMLD) came into force on January 10, 2020. It is the fifth installment of the European Union Anti-Money Laundering Directives (AMLDs) which serve as the primary resources all banks and FinTech companies should refer to when creating their customer due diligence processes.
What the 5AMLD brings to the table in comparison to previous iterations are elements related to virtual currencies, high-value transactions, Beneficial Ownership (BO), high-risk third countries and Politically Exposed Persons (PEPs).
Each and every iteration of these directives shows a clear interest and direction towards KYCC. Europe is making a concerted effort to identify the complex relationships between principal clients and their business structure.
The 6AMLD will come into force on December 3, 2020 for EU members and on June 3, 2021 for entities that operate outside the EU. The main changes proposed by 6AMLD will be:
- Clearer definitions of crime and their penalties
- Extend criminal liability to legal persons and companies, with more severe punishments
- Businesses will be required to cooperate with one another in the prosecution of money laundering-related crimes, not allowing the withholding of information
- Businesses will be required to protect customers from cybercrime and tackle terrorism finance
- Contribute to the fight against cybercrime and money laundering
As it becomes very apparent once again, Europe is gearing its legislation and policies towards deeper, more detailed KYC.
FATF 40 Recommendations
Forty recommendations on money laundering is a document released by FATF in the 90s including global standards for AML and CTF. It covers criminal justice, law enforcement, cross-border cooperation, and it is frequently revised to stay up-to-date with the needs of modern business.
KYCC is starting to become the norm and less of a recommendation. Businesses are asked to dig deeper on the clients they work with and reach new levels of inquiry and investigation. Onboarding a client is no longer as simple as name, surname and picture.
The only solution to this problem is obviously high-end technology. Platforms that can do the dirty work for you. Algorithms that can ensure safety and peace of mind.
Our team is always open for a discussion. Do not hesitate to reach out.