Knowing your customers
Probably, you have recently heard or read about the concept KYC (Know Your Customer). The needs of identification and user registration have increased with the transposition of the offer of products and services of all kinds to the online shpere.
The KYC concept applies to all sectors of activity, but it is especially delicate in sensitive sectors such as those related to finance and investments.
What is KYC?
The acronym KYC, meaning “Know Your Customer”, is the name given to the process allowing a company to identify and verify the identity of its customers. This process includes different steps whose purpose is to ensure that the person who wishes to subscribe to a good or a service is who he claims to be.
What are the requirements of a KYC process?
The classic KYC process, which comes from the financial sector, generally includes three key steps, which are broken down according to the company’s risk assessment strategy. First of all, there is the identification program which consists of collecting customer information (such as first name, last name, address or date of birth) when subscribing. This process may also include the verification of identity documents and supporting documents, as well as the verification of the identity of the holder through a facial recognition system. These verifications can be deployed independently of each other, or coupled in a complete and secure client onboarding.
A KYC process to be in regulatory compliance
Financial institutions today have a legal obligation to integrate a KYC process into their client onboarding. KYC requirements differ by country, but in Europe the 5th Anti-Money Laundering and Counter Terrorism Financing (LCB-FT) Directive as well as the General Data Protection Regulation (GDPR) are the two texts that refer to customer knowledge. In addition to these regulations, there is the eIDAS regulation, which aims to increase confidence in electronic transactions and which defines the levels of security in terms of identification. Each country can also impose additional requirements, by transposing the directive and its requirements. This is for example the case of France where the ANSSI (the National Agency for the Security of Information Systems) has developed a set of requirements intended for Service Providers of Remote Identity Verification (PVID). Non-compliance with these regulations can generate very heavy penalties for the companies concerned.
Where did the KYC process come from?
It was in the financial sector that the latter was born, with the need to establish traceability of customers and their transactions. Indeed, to prevent banks from being involved in money laundering or illegal financial activities, it was necessary to put in place processes to control the identity of customers and the use of their capital. . It is the European LCB-FT (Fight against Money Laundering and Terrorism Financing) directive which today defines the regulatory measures in the financial sector and obliges its actors to integrate a know-your-customer process in the subscription to their goods and services. The purpose of this directive? Prevent financial crime, money laundering and the financing of terrorism.
Why is KYC necessary?
The purpose of the KYC process is therefore to verify the identity of a client and to ensure his probity and integrity in the face of anti-corruption legislation, but it does not stop there.
A KYC process to fight fraud and identity theft
KYC helps to fight against fraud and identity theft attempts. This in the financial sector but not only, it also plays an essential role in many other sectors of activity, such as the online gaming sector or telecoms. With the massive digitization of goods and services, fraud has become a real scourge and it affects a large number of companies. Indeed, as subscriptions are increasingly carried out remotely, online fraud, and more particularly identity theft, has increased sharply. Companies must therefore be vigilant and protect themselves against identity fraud by integrating a KYC process to verify and control the identity of their customers. The KYC then serves as a double protection. It protects both companies from potential fraudsters, who could jeopardize their business by involving them in litigation, but also customers. Verifying their identity makes it possible to avoid possible identity theft through document theft or quite simply the use of personal data. By protecting both parties, it becomes a reassuring tool for both users and companies.
A KYC process to create a relationship of trust
The KYC process concerns financial institutions that are legally subject to it, but not only. KYC can also be deployed to secure exchanges between players in many sectors. The collaborative economy, which connects individuals in the context of exchanges of goods or services, is the perfect example. By securing exchanges, the KYC process creates a relationship of trust between the actors, and this from the outset. This issue concerns companies who want to know who they have to deal with on the user side, but also customers who want to subscribe to a trusted service. Integrating a KYC process is reassuring and supports the professionalism and security aspect of a company. An asset that is becoming essential in a context of strong digitalization where subscriptions are increasingly done remotely.
