As more financial institutions look at the “perpetual KYC” concept, they must also understand what the 'know your customer (KYC)' process truly means.
As accelerated digital transformation during the last two years brought the adoption of online services by banking customers to 85%, banks have struggled to keep pace with both existing and tightening financial crime prevention compliance standards, such as Know Your Customer (KYC) regulations. Financial crime compliance costs have risen sharply in the last three years to an average of $27.8 million annually for institutions with holdings greater than $10 billion, representing a 95% increase over 2019 outlays.
At the same time, spiking compliance expenses seem to be having a markedly underwhelming effect on the effectiveness of financial crime prevention mandates, as a 2022 Q3 poll of financial institutions found that 76% of organizations assess their own KYC processes as either poor (29%) or mediocre (47%) in practice. As more financial institutions look to the newly coined “perpetual KYC” concept as a solution to underperforming processes, decision-makers in the industry must understand the broader context from which the current buzz around KYC has emerged.
In 1970, the U.S. enacted the Banking Privacy Act, a law that began requiring banks and other financial institutions to perform identity confirmation and verification for new customers to prevent certain criminal activities that rely on access to financial services. These processes – dubbed KYC in later iterations of the law – originally targeted money laundering activities by domestic organized crime.
The legal significance of KYC for federal compliance for banks has since undergone reinvention a handful of times. The first time was in 2001, when the Patriot Act merged the law enforcement domains of anti-money laundering (AML) and anti-terrorism financing to enhance the capabilities of federal agents to identify potential terrorist networks by their financial footprints. More recently, federal law enacted in 2018 redefined the customer due diligence (CDD) portion of existing KYC regulations to place an enhanced legal burden on financial institutions to verify the identities of all beneficial owners holding controlling stakes in companies doing business with U.S. financial institutions.
North American countries – the U.S. in particular – experienced by far the largest regional increase in non-compliance punitive actions against financial institutions in the first half of 2022, with total fines coming in at $1.453 billion – an uptick of 220% from the same timeframe in 2021. Under the circumstances, decision-makers in the banking industry should prioritize achieving a granular understanding of KYC compliance throughout their organizations.
KYC procedures exist to prevent or at least reduce the ease of financial crimes such as money laundering, identity fraud, and terrorism financing. Existing federal KYC regulations attempt to accomplish this by requiring that financial institutions maintain a compliance record demonstrating reasonable attempts to verify customer identities and report suspicious activities. These regulations do not specifically enumerate exactly what steps must be taken, as the prevailing federal position is that doing so invites organizations to attempt to satisfy only the bare minimum and ignore the spirit of the law.
Nevertheless, the nongovernmental, independent Financial Industry Regulatory Authority (FINRA) publishes KYC guidelines for financial institutions. These are found in FINRA Rules 2090 and 2111:
Most financial institutions employ a three-step process to satisfy FINRA’s KYC guidelines.
To reduce the risk of KYC oversights by accident or insufficient employee training, many banks have adopted KYC checklists for employees with account creation and modification responsibilities. At a minimum, KYC checklists include:
Learn more about the KYC Checklist components here »
As regulatory compliance with KYC and other financial crime prevention measures becomes more complex and costly, financial institutions are seeking new solutions in technology. FileInvite’s SOC 2 Type 2 compliant file sharing and document portal platform eases KYC compliance for your employees and customers. Offering a single secure repository for client KYC documentation, FileInvite removes the risk and hassle of document collection through insecure email attachments and delivered hard copies.
Ready to see the impact FileInvite could make on your organization? Request a demo to see FileInvite in action.
Learn about the elements of Know Your Customer (KYC) checklist form, the importance of a KYC analyst and how to process online digital KYC with...
Learn how you can comply with the Know Your Customer (KYC) requirements for a seamless and compliant lending process.
Learn how AML and KYC bolster financial security and work together as a robust defense against the exploitation of financial systems.