Know Your Customer (KYC)
The process of identifying and verifying the identity of a customer at onboarding and over the lifecycle of the relationship - the entry point to any AML programme.
Definition
Know Your Customer (KYC) is the regulatory obligation to identify a natural or legal person before entering a business relationship and to keep that identification up to date for as long as the relationship lasts. It is the operational floor of any AML/CFT programme: without reliable customer identification, transaction monitoring, sanctions screening and reporting all collapse.
What a KYC file contains
A standard KYC file for an individual typically includes:
- Identity documents (passport, national ID) - captured and verified, often using a liveness check.
- Proof of address - utility bill, bank statement, government letter within a defined recency window (usually 3 months).
- Tax information - TIN/NIF, FATCA/CRS classification.
- Source of funds and source of wealth declarations.
- PEP / sanctions / adverse-media screening result.
- A computed customer risk score driving the depth of CDD or EDD.
Corporate customers go through the heavier KYB process, which adds beneficial ownership, corporate documents and authorised-signatory verification.
Regulatory anchor
KYC obligations are derived from FATF Recommendations 10 and 22, transposed in the EU through AMLD4/5/6 (and from 2027 the AML Regulation). In the United States the equivalent is the Customer Identification Programme (CIP) under section 326 of the USA PATRIOT Act and FinCEN's CDD Final Rule.
Common failure modes
Other recurring weaknesses include over-reliance on document OCR without cross-check against authoritative registries, missing or stale UBO data, and unreconciled discrepancies between declared and observed activity.