KYC or Know Your Customer is a process that financial institutions and fintech firms must go through before allowing clients to send or receive money in their program. If you’re in the fintech tech world, your clients must be approved through either KYC or KYB and Due Diligence protocols.
Unfortunately, managing KYC and KYB can be tricky. Here’s a brief overview of what KYC and KYB means to fintech firms and how to prepare for it.
What are KYC and KYB?
KYC and KYB stand for Know Your Customer and Know Your Business. KYC and KYB are mandatory regulations set up by the financial governing bodies that require anyone within the financial industry, and anyone granting financial services to users, to check for customer identity.
In simple terms, the process includes an identity verification check, typically through government databases, to ensure that the customer, whether that is an individual or a business, is who they say they are. The client submits their name, address, and government identification and it is up to the fintech app to run this information through the requisite identity checks. Bank verification might include running an ID verification card, face verification, biometric variation, or a document verification like a utility bill or proof of address.
A similar process exists for KYB, which aims to verify the identity of the owner and other stakeholders using public registers and automated anti-money laundering (AML) systems. Company data that needs to be verified for KYB compliance might include:
- Company registration
- Business license updates
- Direction and owner identities
Requirements may range from addresses to passwords, date of birth, driving license, and bank statements. KYB checks are performed on national databases for Disqualified Directors, PEP, sanctions, and Adverse Media checks, although these will depend on the country, nature of business, the value of transactions, and any suspicious reports that pop up.
KYC is typically required during the client-onboarding process to ensure that the customers are real, that their funds are not coming from problematic sources, and that the client does not present too much of a risk to the bank.
If a bank finds that a client does not pass KYC, for whatever reason, the bank can refuse to open an account for the client or work with them in a business relationship.
Who Must Perform KYC and KYB?
Any financial institution, merchant acquirer, payment company, or business that deals with money transfers is required to perform a KYC or KYB check. This includes fintech companies that provide financial services.
If you are a fintech company that wants to only provide a specific financial service business-to-business, you would only be involved with KYB regulation. However, some KYC protocols may be required to verify the account operators.
Some fintech firms forego providing financial services to either individuals or businesses or typically just businesses to offload some of this extra work, as it requires a different set of verification processes and database checks. However, this is up to the financial institution and its eligibility requirements.
How KYC and KYB Applies to Fintech Firms
KYC is a fraud prevention requirement for fintech firms that grant users access to sensitive networks and payment networks.
KYC and AML non-compliance will lead to a risk of exposure to financial crimes like money laundering and terrorist financing activities. If due diligence of KYC and KYB is not performed, this could be potentially damaging to the brand and baseline profits, especially since penalties come with non-compliance.
Fintech firms must have KYC and KYB prepared at onboarding and continually monitor each client. Both these processes can be extremely time-consuming and costly, but with the support of fintech API partners, some of this burden can be offloaded.
Importance of KYC and KYB for Fintech Firms
The KYC check is a set of protocols put in place by government financial overseers to protect the national payment systems against fraud and financial crime. It’s weird to think about KYC as something that has the power to prevent and identify terrorism financing, illegal corruption schemes, and money laundering, but it does.
KYC regulation is one of the most basic safeguards against these dangerous financial crimes and yet it is so simple. Failure to comply with KYC in the appropriate manner can result in heavy penalties, and repeated infractions against a fintech firm and/or a financial institution can cause the body to lose its eligibility to send money along the ACH network and other payments systems.
Without KYC requirements in place, the US national payment system would have limited oversight powers over the people who have access to the networks. Financial criminals could gain a foothold into the network, weakening the system and stealing money through their exploits.
In the US, Europe, Asia Pacific, and the Middle East, we have seen a KYC crack down. Between 2008 and 2018 alone, there have been $26 billion USD in fines issued for non-compliance with KYC, which include AML compliance and sanctions.
On top of the financial costs, most firms experience a loss of reputation for failing to comply with KYC/KYB and AML regulatory compliance. Criminals launder between $1.6 and $4 trillion USD every year, according to the United Nations. This amounts to 2 to 5% of the entire global GDP. KYC and other customer due diligence processes, including national laws like AML laws, are there to stop these funds flows and stop major financial crimes.
How Fintech Firms Can Check KYC and KYB
Fintech firms need to ensure all their clients pass through KYC. If you work with a payment partner like Sila, know that you will have access to Sila’s KYC API, which means that the KYC technology is already prepared for Sila customers and all they need to do is implement it and use it. The KYC data is offloaded from the user to Sila’s verified third-party, so compliance for data privacy and data handling are also taken into account.
When it comes to the roles and responsibilities of fintech firms, be prepared to manually verify certain documents, educate clients around KYC responsibilities, and provide proper communication around failure to pass KYC.
The two main checks that a fintech firm will need to do for KYC are proof of identity and proof of address. These checks are different for KYB, or businesses, which also require the business’ official registered name, its address, the company stakeholders, ID documentations, beneficial owners, and KYC for each individual managing the account. This data will typically be submitted through global corporate registries, government registers and public records, global PEP and Sanctions databases.
What Happens for KYC and KYB After Client Onboarding?
Just because a user is cleared through the initial KYC or KYB verification at onboarding, this does not mean that the KYC process is complete. Ongoing monitoring will need to verify that the businesses and individuals are still compliant within your KYC protocols.
Fintech firms need to have automated KYC compliance for risk management purposes. When automated, fintech startups can be alerted to potential infractions, suspicious activity, non-compliance, or key changes to individuals or entities. Ongoing transaction monitoring is a regulatory requirement to ensure that no major changes have been made to individual or business money sources. KYC may simply need to be checked every 6 months or every year, and you need to have a system set up that reminds you to perform these checks. Ongoing improvements to your KYB and KYC procedure may need to be completed as well.
When you need your business to function smoothly, then you need automated KYC support and embedded compliance to keep your fintech firm compliant. Luckily, even bootstrapped businesses can work with the Sila API, which enables eligible customers access to a power ACH API, KYC API, bank account linking API, and smart contract money sending technology.
Ready to see what we have to offer? Reach out to our sales team today or check out our demo!