What is the difference between KYC and AML?

AML non-compliance forces regulatory bodies to discipline companies through the penalty system.

The set of general rules on compliance is packed with acronyms such as AML, KYC, KYCC, CFT and others.

Each reflects particular requirements to be met to strengthen the financial control and due diligence.

While someone doesn’t see any difference between AML/KYC, it exists.

There is a widespread belief that KYC is a subset of AML standards. However, some experts consider it to be an independent area of due diligence activities.

Let’s see who is right.

KYC: the need for compliance

What does KYC mean?

According to Wikipedia, KYC is is the process of a business verifying the identity of its clients and assessing the potential risks of illegal intentions for the business relationship.

In simple terms, Know Your Customer (KYC) is about demonstrating Customer Due Diligence (CDD), i.e. verifying the identity of a customer. So, it’s hard to tell the difference between KYC and CDD because the latter is an integral part of the former.

Banks and other financial companies verify clients’ information to ascertain that it is safe to establish relationships with them.

Companies from all the industries and of all the sizes perform KYC as a means of anti-bribery.

Financial middlemen have the right to demand full information from their clients to confirm their incorruptibility.

Long story short, KYC is needed for understanding clientele better, monitoring financial transactions and preventing bribery and corruption.

Is there any difference between CDD and KYC? There is. KYC checks are done at the first stage of establishing business relations when we vet the potential clientele. Customer Due Diligence is an ongoing control of suspicious activity aimed at laundering the proceeds of crime.

Both are integral parts of AML programmes and require appropriate staff training to provide their effective implementation.

Plus, systems and software used for KYC/CDD checks must be updated on a regular basis to deliver relevant information and meet all the established security standards. 

Know Your Customer policy consists of Customer Due Diligence and Enhanced Due Diligence.

The latter process means gathering extra information from clients with a high-risk rating.

Companies performing financial activity have been conducting EDD policies since the launch of the USA PATRIOT Act that is still valid. It’s vital to understand the differences between CDD and EDD in order to elaborate robust programs.

• EDD rules are more reliable and efficient as they demand more proof and detailed information.
• Companies should prepare detailed documentation of the whole EDD process and provide regulators with immediate access to the data collected.
• It’s recommended to employ specialists with competence in EDD and strong analytical skills.
• The sources of the EDD information should be scrutinised for their reliability.
• EDD implies taking into account KYC reasonable assurance according to which no client can be 100% free from risks regardless of the information used in the research and efforts made by analysts. All this makes the KYC process cheaper and less time-consuming.
• When conducting EDD, one should consider all the kinds of information, including adverse evidence as it can influence the overall risk rating.
• Just like in the KYC procedures, if anything suspicious is detected, a company or institution should report it immediately to the regulatory bodies.

So, the main difference between due diligence and enhanced due diligence lies in the processes they cover. CDD aims at collecting data about customers’ identity and contact information as well as measuring their risk.

EDD is used for high-risk customers, aka those who are more likely to implement related to money laundering and terrorism financing activities due to the nature of their business or transactions.

There is a checklist for companies to improve their CDD and EDD practice.

1. CDD actions should be taken before doing business with new clients. First of all, you should learn where the company of your client is located, what business model they use, and what their interests are. It’s a good idea to carry out a client’s identification beforehand and check whether or not it matches your risk profile.

2. Financial advisors are to help you with performing due diligence. However, they should be vetted as well. It’s essential to carefully select agents and advisors as at the end of the day you will be the only person responsible for your CDD.

3. At this stage make sure that the info you collected is actual and relevant. It is not only about main documents; sometimes additional data is needed for assessing the business risk of your customer. A well-organised and scrupulous documenting process is vital for mitigating risks.

4. Now answer the question “Do I need EDD?. The answer is “Yes if you deal with the accounts of the high transaction value or work with risky customers and counterparts. Within the EDD framework, it’s advisable to identify a customer’s location, occupation, business profile, behavioural pattern and payment method.

5. Last but not the least. Keep all the CDD and EDD records in case regulators require them. Your storage system must be secure and updated on a regular base.

AML essentials: what you need to know

Money Laundering is the process of disguising the proceeds from unlawful activities so that they seem to be generated legitimately.

From the above, it’s clear that the main difference between KYC and AML is the following:

AML is a broader term that describes the framework responsible for monitoring and control of all the suspicious actions to avoid money laundering.

KYC stands for client verification and identification process implemented with different tools and software.

Besides, AML is more about governmental procedures and measures, while KYC refers to the way companies and businesses comply with these standards.

Oftentimes, the sense of both terms is mixed. For instance, companies can use AML software to detect frauds and measure clients’ risk, which refers more to KYC procedures. 

What the criminals may do to launder money:

• Run money through a legal cash-based business.
• Deposit money on several accounts or transferring it to foreign countries.
• Buy cash instruments.
• Invest money in securities through brokers or dealers.

Anti-Money Laundering or AML is defined as a system of legislation and regulations aimed at preventing money launderers from taking illegal actions.

Money laundering goes hand in hand with terrorist financing. Let’s compare them.

The important difference between AML and CFT (Combating the Financing of Terrorism) lies in the intention of both.

AML actions are intended for preventing and combating cleaning gains and money from illegal activities. The ideology of CFT is to investigate, analyse, deter and prevent sources of funding for activities aimed at achieving political, religious, or ideological goals.  

Another difference is the source of funding. Money laundering always involves the proceeds of illicit activity. Terrorist financing implies using sources to meet illegal political purposes but not necessarily with the money generated in an illicit manner.  

The AML actions help reduce the crime level.

• Within the AML procedures, inconsistent or suspicious transactions are investigated, and individuals involved in criminal activity are detected. Every financial transaction is thoroughly documented, which simplifies revealing the identity of a penetrator.
• The criminal activity is based entirely on cash flows fueled by the money laundered. By shutting down the cash flows, regulators make it impossible for terrorists, smugglers, and other criminals to finance their operations.
• AML is of the utmost importance when it comes to preventing the embezzlement of property. AML investigations help to return the stolen money to victims uncovered when reviewing financial transactions. Even if it doesn’t help to identify the robber or nullify the fact of a crime, it fosters returning money to the owner.

The practice of combating money laundering dates back to 1989 when G-7 Summit decided to establish the FATF.

The FATF is the guardian of financial safety and security.

It is in charge of monitoring the actions taken by national and global institutions, keeping abreast with money-laundering trends and exploring new techniques and tendencies.

The main duty of the FATF is to develop recommendations for financial organisations and firms to follow up.

Every country has its requirements for local businesses to observe.

Some countries use a top-down model following the FATF recommendations while others apply a bottom-up approach by harmonising their standards with global demands.

The International Monetary Fund (IMF) is another financial organisation taking part in the combating money laundering.

The IMF controls the economic performance of the countries, members of the European Union. Its greatest concern is the influence of money laundering on the effectiveness of the whole EU economy.

It holds an international forum for sharing the best practices of AML.

The IMF believes that perpetrators benefit from the weaknesses of national economies and use them for creating and maintaining criminal schemes.

The main goal of the international forum is to find solutions that will help to eliminate the risks of money laundering and develop common AML policies.

Moreover, the IMF evaluates the level of compliance with AML standards performed by each country. It identifies strong and weak points of local AML policies, provides technical assistance, develops recommendations on strengthening local financial markets and gives tips on meeting FATF requirements to financial institutions.

The AML legal framework is daunting, and its laws and rules are quite challenging. In order not to fail, businesses need to create a feasible compliance program, including the following steps.

Step 1. Stay abreast with ever-changing AML and anti-terrorism rules and regulations

Don’t forget to critically review your programs and improve them. An excellent AML program requires sufficient resources and has a great impact on a business.

Step 2. Know Your Customer is a must.

AML and KYC always go hand in hand. Recently regulators have considerably strengthened the CDD standards and companies find them pretty hard to implement.

To ease the KYC process, you should reconsider your risk-management and transaction monitoring practices. Then make sure that you fulfil all the KYC/AML legislative requirements and, if not, do your best to align your CDD system with the demands.

Step 3. The success of an AML plan depends on your management team

Executives have to set an example, which means their actions mustn’t raise any questions or concerns.

A company’s compliance objectives need to be as important as its financial goals.

Step 4. Know your partners

Regulatory bodies make firms assess the risk of their vendors, counterparts and affiliates very carefully.

It’s necessary for a company to assess the risks of both its internal processes and external contacts with business partners and clients.

It is far more reasonable than merely ending well-established relationships.

Step 5. Information security is at the heart of any compliance system

Most of the IT systems built by companies are fragmented and do not comply with increasing AML requirements.

As a result, business owners try to find a way around, worsening the situation.

That’s why it is essential that financial entities conduct a systemic evaluation of IT systems and their ability to cope with vast amounts of information.

The major difference between AML and KYC policies

We hope that this brief overview of KYC/AML policies will shed light on their difference.

Check out the comparative table below, illustrating the main characteristics of the two.

AML and KYC Regulations

Startups entering the FinTech industry should be prepared for the challenges of following the AML and KYC compliance regulations.

Automated KYC/AML checks: our approach

Here are a few of our clients operating in the crowdfunding domain who needed automated solutions to fulfil AML/CDD checks in their compliance practice.

CapitalRise

It’s an online middleman in the real estate investment world raising funds for institutional-grade property.

Founders invest their own money into every single project on the platform to share the risks and benefits with other co-investors.

CapitalRise runs full background, criminal and credit checks as part of their due diligence process through GB Group KYC service.

Here’s what Uma Rajah, CEO of CapitalRise, mentioned in her interview:

Automation makes that process quicker, and the speed is really important for borrowers wanting to acquire a site. 

Shojin

Shojin, another real estate co-investing platform from the UK, also has KYC and AML offline checks implemented through MangoPay.

They vet both investors and borrowers before providing them with access to the platform.

The bespoke due diligence process is developed by the team of the company experts.

Invest My School

Being a player on the crowdfunding educational sector, this company raise funds for schools seeking money for educational projects.

When working on the Invest My School website, we implemented automatic KYC and AML checks to verify identity and investors’ eligibility for lending.

HomeGrown

KYC status checks are among the key features of HomeGrown site; It’s a place where investors and established property developers meet and new projects see the world.

HomeGrown partners with GBG payment gateway provider in implementing KYC procedures.

All the investors and developers should pass the identity check before they’re allowed to join the platform.

LenderKit

LenderKit is our own development project, an enterprise-level crowdfunding platform with a bunch of essential features for your crowdfunding business.

Among the others, the toolkit includes automated flows and identity checks to make the clients’ onboarding process smooth and effective.

KYC/AML and due diligence checks are conducted via our partners – Goji Investments, MangoPay, GC Partners and Lemon Way.

These payment gateway providers offer top-notch transaction security and management.    

Understanding AML, KYC and CDD difference: the takeaway

1. The fact that billions of dollars are laundered annually has made governments, banks and other financial intermediaries take notice. That’s why they have increased their efforts to safeguard financial systems and counter money-laundering.
2. The first thing you as a business owner need to do is to Know Your Customer. The crucial part of creating and maintaining efficient KYC programs is technology. It significantly influences the precision and relevance of customer information.
3. There is a vast range of digital solutions which are to help you with collecting and storing customer information. Optimising AML and KYC programs will give you the edge over competitors and a chance to contribute to global AML activities.