That’s all well and good — something that most people can sign off on is that it should be hard to fund horrible stuff like organised crime and terrorism. But it turns out that really knowing your customer is trickier than you might think. Because even if it’s pretty clear that social media platforms and big tech companies are collecting ALL THE DATA about you, a proper KYC process needs more than predictable data — it needs hard facts. Luckily we are here to tell you all you need to know to comply with the AML regulation.

KYC checklist for customers (consumers)

You'll need either of these:

• National identification number
• Date of Birth (with supporting documents)

And all these:

• First Name
• Last Name
• Address (proof of residence)
• Country/Citizenship
• PEP/RCA and Sanction screening

So from here you have a couple of routes. Either you can do it by yourself or you can use a KYC-provider that will do it for you.

KYC process: do it yourself

National identification number/Date of birth

First of all you’ll need to figure out your customers National Identification Number, if there is one in the market you’re doing business in. Otherwise the date of birth will sometimes also work. Collecting any of those aren’t really that hard, the customer knows that by heart so it’s easy enough to fill in. The problem is verifying the information. To do that you need to require some sort of photo identification, preferably a passport.

Full name

You have to make sure that you have the full legal name of your customer. Again, this must be verified by a certified passport or some form of e-identification.

Country/Citizenship

Which country are they living in? Yet again passport is the easiest route to confirm this together with proof of residence.

Address (Proof of residence)

Where do they live? Getting an address is a bit trickier since you cannot use the passport for confirmation but will have to use a third party provider to do a lookup. This can prove fairly difficult if the name is very common or expensive if you have to rely on a specialized third party provider.

PEP/RCA and Sanction screening

This one's a doozy... PEP stands for Politically Exposed Person and RCA is Relatives and Close Associates. The Financial Action Task Force defines a PEP as such:

1. A current or former senior official in the executive, legislative, administrative, military, or judicial branch of a government (elected or not)
2. A senior official of a major political party
3. A senior executive of a government-owned commercial enterprise, being a corporation, business or other entity formed by or for the benefit of any such individual
4. An immediate family member of such individual; meaning a spouse, parents, siblings, children, and the spouse’s parents or siblings
5. Any individual publicly known (or actually known by the relevant financial institution) to be a close personal or professional associate.

A PEP is not automatically disallowed from doing business with you but they are considered higher risk clients due to the fact that their position in society exposes them to the temptations of bribes and the like. Which in turn makes money laundering more likely amongst PEP than the average citizen. There are lists of PEPs that you can check against, but it will require a lot of work and they are constantly updated so you will need to constantly monitor your user base.

KYC process: let someone do it for you

The easiest way to make sure that you are compliant and are getting all the KYC-information that you need is to use a KYC-provider. There are a number of alternatives out there but if you want to get the most bang for your buck we’d recommend going for a payment service provider that also cover the KYC-check. That way you keep integration to a minimum and only have one point of contact for all sensitive data. Side note: you do know that Zimpler include KYC for free don’t you?

If you want to know more about how Zimpler can help you achieve your goals contact us.