Know-Your-Customer (KYC): Digital Identity Verification

Verifying the identity of your customers is not just a smart move - it's a required one.

Today's businesses are built on non-face-to-face relationships. There is no guarantee that the person who approaches you is who they say they are. Moreover, you don't know what they might be involved with. KYC helps you protect your firm, follow the law, and improve customer experience. It's a win-win.

KYC (Know Your Customer)

What is KYC (Know-Your-Customer)?

KYC (Know-Your-Customer) is the process performed by companies to verify the identity of their clients. The process allows organizations to ensure that a potential customer is trustworthy. This means that they can prove their identity and the legality of their business.

The identification process must comply with the Customer Due Diligence (CDD) measures. KYC involves running background checks based on the client's risk level. If the client has a higher risk profile - for instance, a Politically Exposed Person (PEP) - a more rigorous CDD is required (Enhanced Due Diligence).

What is corporate KYC?

Corporate KYC, also known as KYB (Know-Your-Business) applies to legal entities instead of individual consumers. Business-to-business companies need to verify the identity of the real person they are doing business with. That is the person who ultimately owns or controls such companies-customers, also known as Ultimate Beneficial Owner (UBO).

How does the KYC process work?

1. Data collection & CDD

The process starts with collecting the clients' personal information and official documents. In the case of KYB, information about the business' management personnel is collected to understand the ownership's structure and identify beneficial owners.

2. Screening & risk assessment

Individual customers and UBO's IDs are verified against trusted sources such as AML watch lists and EU sanctions lists. A risk rating is applied, taking into account risk factors relating to customers' countries, products, services, or delivery channels.

3. Monitoring & reviewing

The risk assessment is to be periodically reviewed and updated. This means regular checks must be performed on the status of existing clients. Any changes in their situation and risk profile must be flagged.

4. Analysis & reporting

The findings are collected in an auditable KYC report and retained for record-keeping obligations. The reports are subject to ongoing tracking to oversee financial transactions and verify cross-border activities.

KYC process

What are the KYC requirements?

The KYC requirements are the rules to be followed in carrying out the identification process. Such rules are established by the Anti Money Laundering (AML) laws, and are known as Customer Due Diligence (CDD) measures.

Identification and risk assesment

1. Identification and risk assessment

The first requirements concern the determination of the customer's identity and risk-profile:

Identification of the customer and the beneficial owner, and verification of their identity

Collection of information on the purpose and intended nature of the business relationship

Ongoing monitoring of the business relationship to ensure that the data held is up-to-date

2. Record-keeping

The identification processes and the risk assessments must be documented, kept up-to-date, and made available to relevant authorities.

Therefore, copies of the identifying documents must be stored for a period of five years after the end of the business relationship with the customer.

Record-keeping
Reporting

3. Reporting

All suspicious transactions must be reported to the Financial Intelligence Units (FIU).

Companies must inform the FIU whenever they suspect that funds are the proceeds of criminal activity. In such cases, organizations must promptly respond to FIU's requests for additional information and provide them with all necessary documents.

Is KYC mandatory for all businesses?

KYC is mandatory for the entities AML laws apply to.

More and more firms are implementing policies for ensuring they are doing business legally with trustworthy entities. Therefore, KYC compliance is rapidly becoming the norm for all industries.

In conclusion, KYC is not mandatory for all companies. Nevertheless, it is highly recommended to protect your business from financial crime.

Entities subject to AML legislation

What are the documents required for KYC?

The most commonly used documents are passports, national IDs, driver's licenses, and health cards displaying the Social Security Number.

In the case of Corporate KYC, registeration number, company name, address, status, and key management personnel information are collected to identify UBOs.

Is KYC a one-time process?

No, KYC is an ongoing activity.

The KYC procedure must be performed before establishing a business relationship or carrying out a transaction. Therefore, it’s an integral part of the client onboarding process. However, KYC requirements don’t fade away when the new client has been onboarded.

Companies have to conduct regular identity checks on their customers to re-verify their risk-profile and ensure constant compliance throughout the business relationships.

How often should KYC be updated?

KYC updates and reviews of the business relationship should not only be performed when trigger events occur - such as when a certain transaction threshold is reached. Very few customers report changes to their legal status. This affects the ongoing accuracy of the data held by companies. Therefore, it's highly recommended to update all KYC information at least once a year.

What is eKYC,and what are its benefits?

eKYC is the digital version of the KYC process. With eKYC, the entire identity verification process is digital. Naturally, this helps businesses:

Minimize time and costs

Eliminate bureaucracy

Improve user experience

Ensure regulatory compliance

The traditional KYC process poses numerous challenges:

the need for a physical meeting to share KYC documents

the length of the process

the risks of storing and misplacing sensitive documents

Sharing personal information via insecure electronic channels poses a huge security risk. eKYC was developed as a significantly more secure alternative and is now used by companies everywhere.

Traditional KYC challenges

Optimize business operations

An eKYC solution helps you reduce manual tasks, get rid of inefficiencies, and speed up processes. Automation offers further benefits such as customization, integrations with existing software, and progress status.

Improve customer experience

Modern customers require easy and immediate access to the services they need. Delays and long processing time can jeopardize customer relationships. Therefore, a fully digital KYC ensures a better customer experience.

Ensure compliance and security

Awareness about where the data is stored and who has access to it is the basis of AML-compliance. A digital solution will increase the reliability and quality of your data. Moreover, it will let you export it in an auditable KYC report to document compliance.

What is the best KYC software?

Regulatory changes and rising compliance costs have accelerated the adoption of digital KYC solutions.

Penneo's digital KYC solution - CLA by Penneo - makes things easier for both parties involved.

You will safely identify your clients through an automated, encrypted software in full compliance with AML measures.

Your customers will complete the identity check in a few minutes directly from their computer or smartphone.

Best KYC software

CLA by Penneo: Secure KYC in a few easy steps

CLA by Penneo KYC process

What our customers have to say about us

Frederik from Sandgrav Solutions

"By using the system CLA by Penneo, I manage time consuming processes way quicker. Thereby I save time for my customers and I personally save time as well. The time I save by using the system, I can spend it on sales and business development which create value for my company."

Frederik from Sandgrav Solutions
Lone Vinge from Talstærk

"I was extremely surprised at how intuitive and manageable the process is organized and how simple it is to set up and work with the customers in there."

Lone from Talstærk
Jesper from Martinsen

"Before, we often received a copy of passport or driving license by e-mail. However, we have acknowledged that this process is less secure and, furthermore, was not in line with the Personal Data Regulation's requirements for handling sensitive data."

Jesper from Martinsen
Previous Next

More on KYC and client onboarding

Are you prepared for an unexpected inspection?

 

Our system helps you keep track of your obligations when the authorities come knocking.