Know Your Customer (KYC) - Protecting business and customers

KYC compliance requires consistent verification processes and thorough documentation. Here is how we approach compliance management.

In a globalized economy, businesses that handle money - especially banks - are more vulnerable to illicit activities. KYC laws exist to protect banks from fraud, money laundering, and terrorist financing. It’s not optional. Global standards have been put in place to limit access by criminals presenting as potential customers.

In the United States, banks are required to follow KYC regulations according to the 2001 Patriot Act. Financial institutions and other businesses that handle money are responsible for complying with KYC to decrease fraud, money laundering, and terrorist activities.

Years later, KYC is still important. In 2017, more than 2 million suspicious activity reports were filed, according to FinCEN data.

Understanding Know Your Customer

“Know Your Customer” is a set of regulations for businesses that handle money, and the meaning is in the name. The more familiar you are with your customer and their spending habits, the easier it is to spot suspicious activity. There are several key components of KYC, and we have broken them down - as well as why they matter - below.

Verifying customer identity

The first step to KYC compliance is to verify the identity of customers before they open an account. Businesses must have a written Customer Identification Program (CIP) that lays out how they confirm a new customer is who they say they are. The specifics of an individual CIP vary according to the size and type of business, but CIPs generally require the following information from customers:

• Name
• Date of birth (for individuals)
• Address
• Identification number

Banks verify customer information through documentation - a passport or government-issued I.D. works. They might also confirm with third-party sources, like a public database or another financial institution.

Verifying a customer’s identity prevents identity theft and fraud, but it’s also about making sure they’re not a known terrorist or criminal. A bank must also run a customer’s name against federal government lists of known or suspected terrorists or terrorist organizations.

Anticipating financial behaviors

Once you know who your customer is, the next step is anticipating and monitoring their spending habits. Modern databases and data science make this easier than it used to be.

Banks create a spending profile for each new customer that predicts the types of transactions they’ll be making. This is based on known characteristics and similar customers’ behavior. Then, if the customer behaves outside of the bank’s predictions, it’s easier to flag as suspicious.

CDD monitoring helps protect banks from losing funds to fraud, hits to their reputation, and compromised security. It also offers a side benefit for customers. Monitoring spending strengthens banks’ ability to alert customers to suspicious activity on their account.

You can find more information on CDD best practices here.

Monitoring risk

Early on, banks also assign a risk rating to each new account holder. This indicates how likely it is that the person will attempt fraudulent activity like money laundering. Compliance is the most common topic we discuss in conversations at Tallyfy - appearing in over 1,100 of our discussions - and this risk rating drives everything else in KYC processes. In discussions we have had with payroll processors and financial services teams, we have observed that organizations with well-documented risk rating procedures catch suspicious activity significantly faster than those using ad-hoc assessments. One pattern we see repeatedly: teams that reduced onboarding time by 64% also saw corresponding improvements in documentation accuracy because their quality assurance controls were built directly into the workflow.

If a customer is seen as too high-risk, the bank may decline to do business with them entirely. Based on their risk rating, the bank decides how often and how heavily to monitor the customer’s transactions. Common red flags may include repeated wire transfers, transactions with offshore accounts, and moving money internationally.

Higher-risk customers may be flagged for Enhanced Due Diligence (EDD) based on several factors. For instance, the customer might be a politically exposed person (PEP), meaning they’re in public office and vulnerable to corruption. Additional monitoring should be set for that person based on the level of risk they pose.

FinCEN regularly issues advisories with information on the latest threats and vulnerabilities to financial institutions.

Example Procedure

Client Onboarding

1Gather Basic Information

2Send Welcome E-Mail

3Conduct a Kick-Off Call

4Conduct a 1 month check-in Call

5Request Feedback

+1 more steps

View template

Example Procedure

Background Checks

1Contact candidate for written permission

2Receive signed consent from candidate

3Submit request to background check provider

4Handle candidate refusal (if applicable)

5Review background check results

+2 more steps

View template

Conclusion

KYC combines thorough initial work and ongoing due diligence to reduce financial institutions’ exposure to illicit activities and fraud. The more information you can gather from your account holders, and the more confident you are about their true identity, the better you can anticipate risk and catch suspicious activity - before it causes real damage. Financial services teams represent about 17% of our conversations at Tallyfy, and the institutions that treat KYC as a continuous process rather than a one-time checkbox exercise see dramatically better outcomes. Based on feedback we have received, the teams that struggle most are those collecting documentation through email and spreadsheets - missing information requires manual follow-ups, and multi-state compliance creates complex requirements that slip through the cracks without proper verification checkpoints.

Ready to transform your workflows?

Join thousands of teams using Tallyfy

Start Free Trial Book a Demo