KYC procedure: checking the identity of customers

With the multiplicity of online services available today, the KYC (Know Your Customer) procedure has become one of the key steps in defining business-user relationships. It is a fundamental process for authorizing an individual to become a registered user or customer of a given organization in a secure manner and in compliance with applicable regulations.

KYC facilitates customer onboarding for companies, in addition to its essential role in identity fraud prevention and Anti-Money Laundering (AML) controls. It is an approach whose integration and development by companies and institutions impact their operations and the growth of their activities.

Definition of KYC (Know Your Customer)

KYC stands for Know Your Customer, a mandatory procedure to verify the identity of users of an online platform or product, but also essential during customer onboarding to collect the necessary information.

The digital transformation of companies and the intensive use of the Internet imply the definition of new regulations for exchanges to prevent identity theft and secure transactions. The KYC was therefore initiated to verify the identity of customers, while the KYB (Know Your Business) procedure makes it possible to identify the legal representative of a company and the KYS (Know Your Supplier) to validate its suppliers.

The digitization of KYC procedures is subject to the 5th anti-money laundering directive (5AMLD or AML5), as well as to the eIDAS regulation (Electronic Identification And Trust Services). This regulation provides the necessary legal guarantees and the necessary protection to implement the digital onboarding procedures of users in a secure manner.

While KYC is useful for conducting sensitive processes in all industries, it is a particularly important approach to combating online fraud in financial and banking institutions and related industries such as insurance, investment firms, trade, real estate, etc.

Identity documents for the KYC procedure

The KYC (Know Your Customer) procedure

According to a study conducted by Euler Hermes, DFCG 2020, there were more than 7 out of 10 companies that were victims of fraud in 2019. In 10% of the cases, the average loss is more than 100,000 euros. This is a worrying situation, hence the need to apply security measures such as the KYC procedure.

Identity documents for the KYC procedure

For fraud prevention, certain documents must be provided by the customer at the time of identification. For an individual, a copy of a valid ID and proof of address less than 3 months old are required. When it is a legal entity, the following documents will be collected:

  • The KBIS extract of less than 3 months
  • A copy of the company’s articles of association
  • The identity document of the legal representative
  • The accounting balance sheets
  • The declaration of the statutes in the JO for the associations
  • Certified annual corporate accounts, etc.

These documents may be requested for proper enforcement. However, it is sometimes difficult for companies to obtain all of them, especially VSEs and SMEs that make less than 8M euros in sales per year. They can then claim the confidentiality of the publication of their results in accordance with the MACRON law (Art-213), 57% of the companies now having recourse to this right.

When should the KYC procedure be applied?

For optimal protection, the KYC procedure should always be applied when registering a new customer, as this allows you to avoid financial fraud. However, this verification is not mandatory in certain conditions where the risk is lower. The KYC regulation will then be completed when:

  • The transaction is over 250 euros
  • The total amount of transactions in one calendar year is more than 2500 euros
  • The level of transfers is above 1000 euros

When transactions exceed these thresholds, you must ask your customers and business partners to provide the documents listed above to ensure their identity.

The importance of KYC verification for banks and companies

KYC is a legal obligation. Entering into force since June 2017, it is Directive (EU) 2015/849 that is responsible for the regulation of the European financial system. In France, the Autorité de contrôle prudentiel et de résolution (ACPR) ensures that the directives are effectively applied by financial actors.

The importance of KYC for banks and companies

Fighting corruption and fraud

KYC is a set of regulations that require companies to collect information about the identity of their customers to ensure compliance with applicable anti-corruption laws. This will make it easier to detect fraudulent transactions. It is a means of fighting money laundering and terrorist financing. Whether it is a bank or a company, implementing this identity verification solution allows to avoid being directly involved in a financial tax fraud or corruption case.

Avoid financial penalties

As the application of KYC is a legal obligation, banks and companies are exposed to heavy consequences in case of failure to comply: criminal and administrative sanctions that may even engage their civil liability.

In charge of monitoring activities, the ACPR regularly issues sanctions (reprimands, fines and warnings) based on the fight against money laundering and terrorist financing. Out of 8 sanctions imposed in 2017, 6 were related to wrongful KYC procedures, involving a total amount of €25.86 million.

Apart from the legal penalties, a conviction of this type also damages the reputation of the companies involved. Indeed, public opinion is very sensitive to issues related to money laundering and terrorist financing. The sanctions of the ACPR being made public, the stock of a bank or the stock exchange value of a company can suddenly fall after such a case. Companies may also lose credibility with rating agencies.

The benefits of artificial intelligence for KYC

Artificial intelligence can automate the digital identification process, reduce risk and save time in the application of the KYC process. By integrating these technologies, companies are able to recognize, extract, aggregate and exploit data from a person’s or company’s complete file more quickly.

Optical character recognition (OCR)

Optical character recognition is a set of computer processes that translate printed or typed images and text into text files. The execution of this task is done with OCR software.

For the KYC, it will be used to detect the printed or handwritten text and identify the essential contents such as addresses, dates, SIRET N°, RCS… which will be transformed into characters readable by a computer. Here, each text field is extracted in seconds, a record time compared to several minutes on average for manual entry. Customer acquisition takes less time because data integration is much faster.

Biometric identification

Biometric identification is a technology that validates a person’s identity when they wish to perform an action online. It is an identification that is already operational in some banks and generalized in the neo-banks. The principle is simple: the user’s ID is analyzed using OCR and then verified against internal and external databases, or a selfie photo that the customer is asked to provide during online onboarding for facial recognition.

RPA (Robotic Process Automation)

RPA is used to program software bots that take care of manual KYC tasks. It is a way to automate the onboarding procedure to save a lot of time when implementing the KYC of corporate clients. Combined with OCR and information retrieval from external databases, RPA not only increases productivity, but also improves KYC compliance.

To conclude, KYC is a mandatory step for banks and large companies according to European regulations. It is a solution that verifies and validates the identity of each client in order to limit the risks of corruption, tax fraud, terrorist financing or money laundering. In practice, this is a long and laborious process that the integration of artificial intelligence makes easier.