Zurück zum Glossar

Know Your Customer (KYC) / Know Your Business (KYB)

You wouldn't let somebody drive your car without making sure they had a valid driving license. Or let a stranger into your home without checking they are who they say they are.

KYC and KYB — know your customer and know your business — apply this concept to financial services. They're the processes through which you confirm individuals and corporations are who they say they are, before you do business with them.

KYC and KYB are legal requirements, and non-compliance has serious consequences: fines, reputational damage, and, in some jurisdictions, even prison time for senior officers and others who, either deliberately or through carelessness, breach the rules.

But, robust KYC and KYB aren't just about avoiding fines and other enforcement actions. They also have compelling business benefits:

  • Preventing and detecting fraud, money laundering, tax evasion, and other financial crimes and, so, lowering your risk
  • Enhancing customer trust in your brand
  • Greater efficiency and cost-savings — because, in financial services as in other sectors, it's better to prevent problems than fix them

KYC vs KYB

While KYC and KYB are based on the same idea — that you should thoroughly vet potential customers — they're slightly different. KYC is due diligence on an individual. KYB, on the other hand, is due diligence on a corporation: the entity itself and the people behind it.

Requirements differ between jurisdictions, but the Financial Action Task Force (FATF), which the US, UK, Germany, France, Italy, Japan, and Australia, as well as the European Commission and the Gulf Cooperation Council are a part of, has set out core principles and standards.

Know Your Customer (KYC) Know Your Business (KYB)
Verify individual's identity using official ID and documents, such as recent bills, that prove their residential address Identify and verify the business and its ownership structure
Understand their financial affairs, including source of funds, and how and why they'll be using your products or services Identify and verify the business' ultimate beneficial owners. That is, the individuals that own a significant portion of the business or control it through other means like side agreements. Individuals are typically considered ultimate beneficial owners if they own 25% or more, but the threshold is lower in some countries
Assess whether they're low, medium, or high risk Check business history and financials for red flags, such as unusual relationships, links with politically-exposed persons, and legal or reputational issues

Interesting facts

  • The US Bank Secrecy Act, enacted in 1970, is widely credited with creating modern KYC. The law — still in force today — requires financial institutions to have systems in place to detect and report suspicious transactions, including verifying customers' identity.

    The concept spread globally during the 1980s, following a spate of high-profile financial scandals and the rise of international organized crime groups. Today KYC is an ongoing requirement — meaning it needs to be carried out before the start of a business relationship, and at regular intervals for the duration of that relationship. As a financial services firm, you also have to monitor transactions for suspicious activity.

    Most regulators advocate a risk-based approach, with more stringent checks and monitoring for individuals and businesses from certain countries, that work in particular sectors, are connected with politically-exposed persons, or have other circumstances that might make them more at risk of exposing your organization to financial crime.

  • The Financial Action Task Force, formed in 1989, leads global action against money laundering and the financing of terrorism.

    Countries the FATF deems "non-cooperative", that is, have inadequate rules in place and are unwilling to strengthen them are added to a blacklist. Blacklisting leads to the risk of economic sanctions, including restrictions on conducting international transactions and no proper access to foreign investment and aid.

    The FATF also has a grey list. Greylisted countries are countries that have inadequate rules in place, but are working to strengthen them.

  • Where KYC dates back to 1970, KYB is a relatively new concept. It emerged in 2016 after the Panama Papers scandal, which revealed how politicians, public officials, celebrities, and other wealthy individuals got around KYC rules by hiding behind corporations in friendly jurisdictions.

Further reading

  • The FATF sets out global KYC and KYB standards in its so-called 40 recommendations. These are regularly reviewed and updated, and non-compliance can result in countries being grey-listed or black-listed, depending on whether or not they're committed to enhancing their rules.

  • In the EU, Regulation 2024/1624 created a "single rulebook" for KYC and KYB. This means the same rules around individual and corporate customer due diligence apply in all 27 EU member states.

Weitere Information