April 25, 2023

Navigating Bank Secrecy Act compliance: Keys to a strong customer identification program

Did you know that the concept of Know Your Customer (KYC) isn't part of the regulatory standard for Anti-Money Laundering (AML)? So why does it seem like every modern compliance program is talking about it? Kelly Gentenaar, AML Officer at Plaid, recently sat down with Senior Managing Director of FTI Consulting, Sepideh Rowland, and WisdomTree’s Head of Financial Crimes and Compliance, John Davidson, to discuss the importance of a risk-based approach to customer management and how businesses can best utilize KYC and AML.

This webinar was produced by The Association of Certified Anti-Money Laundering Specialists (ACAMS) and intended for financial institutions, fintechs, and government agencies.

Driving the conversation:

  • KYC and why it matters

  • Getting started with AML regulations 

  • Best approaches for customer identification programs

  • How to leverage digital identity verification

Key takeaways:

  • Know Your Customer (KYC) is not a regulatory term in the US, so it lacks an agreed upon definition. [3:20] KYC is generally intended to mean understanding the purpose and nature of the customer in relation to their accounts at your institution. It’s important not just when a customer opens an account, but as the account usage evolves over time.

“KYC is not a regulatory term in the United States. Therefore, it lacks an agreed upon definition,” said Gentenaar. “If you say KYC make sure the person you’re talking to has the same definition.“

  • AML regulations require financial institutions to apply a risk-based approach. [27:00] Grasp the inherent risks associated with each of your products, services, geographies, and customers. Determine how risk is defined for each and every one of these. Then consider how to use your controls to mitigate your risk.

“The ground floor of building a compliance program is understanding your risk,” said Rowland.

  • AML relies on several processes to verify identity and reduce fraud. [30:00] These include: customer identification program (CIP), customer due diligence (CDD), enhanced due diligence (EDD), and ongoing due diligence (DD). Companies use different processes for each customer, depending on their source, use of funds, transaction activity, and level of risk. 

“CIP represents to me a great anti-fraud device upfront to keep bad actors from getting into your institution, probably the only chance to do that,” said Davidson. 

  • Identity verification processes are the front door for getting to know your customers. [52:30] Verification processes are a necessary building block for a strong customer management process. They help comply with financial regulations, prevent fraud, and increase user trust and safety.

  • Any customer-facing digital business can benefit from a risk-based approach to customer management. [52:30] That includes lots of industries beyond financial services including real estate technology, online retailers, marketplaces, and social media platforms. 

“We want to make sure that the customer we’re working with, regardless of what type of institution or organization we are, is who they say they are,” stated Gentenaar.   

Go deeper: Learn more about Plaid’s capabilities