Know your customer (KYC) guidelines and regulations in financial services require professionals to verify the identity, suitability, and risks involved with maintaining a business relationship with a customer. The procedures fit within the broader scope of anti-money laundering (AML) and counter terrorism financing (CTF) regulations.
KYC processes are also employed by companies of all sizes for the purpose of ensuring their proposed customers, agents, consultants, or distributors are anti-bribery compliant and are actually who they claim to be. Banks, insurers, export creditors, and other financial institutions are increasingly required to make sure that customers provide detailed due-diligence information. Initially, these regulations were imposed only on the financial institutions, but now the non-financial industry, fintech, virtual assets dealers, and even non-profit organizations are included in regulations in many countries.
​
Know your customer requirements
​
In the United States, the Financial Industry Regulatory Authority (FINRA) Rule 2090 states that financial institutions must use reasonable diligence to identify and retain the identity of every customer and every person acting on behalf of those customers.[1] In enforcing this rule these organizations are expected to collect all information essential to knowing their customers. Information deemed necessary for enforcing Know Your Customer Requirements include the Customer Identification Program (CIP), Customer Due Diligence (CDD), and Enhanced Due Diligence (EDD)
​
Customer Identification Program
​
Section 326 of the USA Patriot Act requires banks and other financial institutions to have a Customer Identification Program (CIP). Financial institutions must collect four pieces of identifying information about its customers including:
-
Name
-
Date of birth
-
Address
-
Identification number
Customer due diligence
​
The Bank Secrecy Act, the common name for the Currency and Foreign Transaction Reporting Act of 1970 and its amendments and other statutes established the customer due diligence (CDD) rule as part of their efforts to improve financial transparency and deter money laundering. The CDD rule enhances CDD requirements for "U.S. banks, mutual funds, brokers or dealers in securities, futures commission merchants, and introducing brokers in commodities. The CDD rule requires that financial institutions identify and verify the identity of customers associated with open accounts. The CDD rule has four core requirements:
-
Identify and verify the identity of customers
-
Identify and verify the identity of the beneficial owners of companies opening accounts
-
understand the nature and purpose of customer relationships to develop customer risk profiles
-
conduct ongoing monitoring to identify and report suspicious transactions, and on a risk basis, to maintain and update customer information
Beneficial owner information is required for any individual who owns 25 percent or more of a legal entity and an individual who controls the legal entity.