KYCC vs KYC: What are the differences?

KYC procedures require companies to establish customer identity, understand the nature of their activities to determine whether the source of their funds is legitimate, and assess money laundering risks associated with customers in order to monitor their activities. 

KYCC takes requirements even further by examining who customers are doing business with, the source of their funds and the legitimacy thereof, and the risk that these third parties are laundering money. Regulators are highlighting beneficial ownership and the complex paths taken by criminals to hide money through layering. 

Investigations into corporate structures, as spotlighted by the Pandora Papers, have made it clear that companies will go to considerable lengths to hide their wealth and avoid taxes through convoluted shell companies. 

KYC processes comprise three stages: customer identification, customer due diligence and ongoing monitoring: 

  • Customer identification is the process of establishing and verifying a customer's identity using reliable data and documentation, including verifying their name, date of birth, address, taxpayer identification number and more. 
  • Customer due diligence is a background check that determines the risk associated with a customer, including the risk of money laundering and terrorist financing. This would also usually include running a customer name against PEP and sanctions list and investigating their beneficial ownership relationships. 
  • Ongoing monitoring is the frequent review and evaluation of existing and new information regarding a customer, usually applicable to higher-risk customers.

Know Your Customer's Customer (KYCC) is the process of identifying, verifying and investigating the identity and activities of your customer's clientele. This is an extra layer of compliance and helps businesses build a more comprehensive risk profile for their customers. Understanding the complex relationships between customers and the entities or people they do business with can help organizations avoid money laundering and reputational damage. 

KYCC and Regulations

Regulators have realized the importance of KYCC. Policies are increasingly expanding to include beneficial ownerships, suppliers and associates within KYC processes. 

The Fifth Anti-Money Laundering Directive (5AMLD), which came into force in early 2020, serves as a primary resource for banks and fintech companies to refer to when creating CDD processes. The 5AMLD brought in directives related to virtual currencies, high-value transactions, high-risk countries, Politically Exposed Persons and Beneficial Ownership (BO), which shows a clear interest in KYCC. 

The Sixth Anti-Money Laundering Directive (6AMLD) came into force in December 2020 for entities operating outside the EU, which also demonstrated the importance of combating financial crimes through improved cooperation and extended criminal liability. 

In the UK, under AMLD6, ultimate beneficial ownership registries must be made publicly accessible, and AML screening for Persons with Significant Controls (PSC) is required. (A UBO or Ultimate Beneficial Owner is the ultimate beneficiary when an institution initiates a transaction). 

According to AMLD6, if UBOs cannot be recognized, enterprises must confirm the most senior entity within the organization and keep records of all transactions. UBO relationships cannot be established until the correct customer due diligence procedures have been followed and genuine proof acquired. 

KYCC is not just a legal compliance issue. In order to manage an institution's risk against money laundering, it's important to establish who the beneficiary of clients' activities are, whether it's another owner, entity, partner, customer or supplier. To err on the side of caution, businesses should extend the same steps and procedures taken to establish the identity and risk of each customer to their entire network of connections. 

KYCC Solutions and Best Practices

New technologies and processes can deliver more effective KYCC risk management. Some countries have already introduced central KYC depositories where resources are pooled between institutions so that third-party registration data can be shared. Unfortunately, these initiatives are still in their infancy, and there is no firm indication that they will prove successful.  

As the complexity of financial relationships develops, the requirements to track and monitor them will expand as well. Regulators will continue to clamp down on money laundering, tax evasion and terrorist financing; financial institutions have to implement robust KYCC strategies to meet these new challenges. 

KYCC has already evolved beyond a recommendation and has become the norm. Businesses must be prepared to dig deeper into their client profiles and reach new levels of investigation. Until there are reliable databases available, the best approach is to require additional documentation from any higher-risk customer to prove their UBO structures.  

sanctions.io helps organizations with always updated Sanctions and PEP data for comprehensive AML screening needs. Get in touch with our team or just take a look yourself at our data and technology by signing up for our 7-day free trial.