KYC (= Know your Customer) and KYB (= Know your Business) form the basis for enrolling a customer for any payment service, be it an individual or a business. This is the procedure for verifying the identity of an individual or all of the constituents of a company (its legal representatives, its articles of association, etc.), and assessing the risks inherent in providing it with information. payment services. This verification aims to be in compliance with the AML law (Anti-Money Laundering Laws) punishing crimes, fraud and financial offenses, in particular corruption or the financing of terrorism.
1. Is your client who they say they are?
Before anything else, it is imperative to verify the identity of your client. In general, he provides identity papers such as his identity card, passport or driver's license depending on the country, as well as an invoice attesting to his home address. You will have their last name, first name, date of birth, photo and address. Once you have these elements, you must be able to prove that the person providing this information is the one who subscribes to the service. When this step is carried out in a physical situation (at a counter, for example), it is the person in charge of collecting the items who must approve that the person in front of him is indeed the one indicated on the documents. When the subscription is done online, a digital biometric verification, for example with a selfie of the face of the individual is essential. This procedure called "eKYC" has advantages specific to the digitization of this type of procedure (reporting, evolution, speed, costs, etc.). Your procedure for verifying the data and documents provided must be strict and extremely secure as this is the 1st stage of verification. Indeed, if the information provided is false or the individual providing the information is not what he claims to be, this will constitute a 1st flaw in your procedure. Note that the storage and processing of all of this information is subject to the GDPR, which aims to protect personal data. You must therefore be in good standing with the procedures imposed by this European regulation while respecting your KYC procedure.
2. Is your customer reliable?
Once the information collected has been validated, your role will be to verify the information. The goal is to identify whether the individual is at risk or not. You will need to make sure that your business does not provide payment services to criminals, terrorists, or politically exposed persons (PEPs). Depending on its level of potential risk of fraud, embezzlement or money laundering, an investigation may be triggered to request further information with regard to the legislation in your country.
3. Does your customer remain reliable over time?
It's one thing to check your customer's reliability once. It is another thing to check it continuously, at a regularity set by you. We are talking about "On Going AML". Depending on your client's activity and your risk assessment strategy, you may be required to set up alerts based on "suspicious" elements such as the registration of people on sanctions lists, activities unusual cross-border or risky areas, unfavorable media mentions or sudden and abnormal activities.
4. Who to contact to do the KYC of my clients?
Now, with the emergence of Fintech, demands for KYC have also exploded and many companies are offering these outsourced services. Before entering into a contract with one of them, make sure that its procedure is compliant, secure and detailed and that it gives you access to a result in line with your risk strategy. Don't forget to ask the cost of On Going AML integration, and validate GDPR compliance.
A Program Manager can also assist you with this type of procedure.