What is KYC?

Financial crime prevention is at the heart of Know Your Customer (KYC) due diligence, which involves checking customer and partner business identification to safeguard against illegal activities. In Australia, businesses mandated to comply with KYC safeguards operate under Anti Money Laundering (AML) and Counter Terrorism Financing (CTF) legislation, commonly known as the AML/CTF Act.

CreditorWatch offers a suite of customer onboarding solutions, such as Credit Reporting and Financial Risk Assessment to assist businesses in achieving KYC compliance and shielding themselves from potential threats.

What does KYC stand for? 

KYC reporting and compliance is required to be signed into the legislation of all member states of the international Financial Action Task Force (FATF), including Australia. The mission is simple: prevent the flow of money to illegal enterprises and activities and protect businesses and citizens from unscrupulous entities.  

The principles agreed to provide some key guidelines in the fight against terrorist organisations, money launderers and criminal organisations. KYC meaning and KYC policy will vary in different countries according to the particular frameworks they implement.  

As such, the Australian Transaction Reports and Analysis Centre (AUSTRAC) and the Australian Securities and Investments Commission (ASIC) oversee the KYC procedures domestically. Any business offering ‘designated services’ must complete its KYC customer identification process prior to the provision of the service, as outlined by the Anti-Money Laundering and Counter-Terrorism Financing Act 2006.

A ‘designated service’ is defined by the Australian Government as: 

A service that is listed in section 6 of the AML/CTF Act (because it has been identified as posing a risk for money laundering and terrorism financing) and which meets the geographical link. Designated services include a range of business activities in the financial services, bullion, gambling and digital currency exchange sectors. Entities that provide any of these services are reporting entities. Reporting entities have obligations under the AML/CTF Act. 

What is KYC verification? 

KYC verification simply means checking a customer’s identity, an important step of Customer due diligence (CDD). Following the KYC status check process, the reporting business must feel confident that the entity in question has provided truthful information regarding, at a bare minimum: 

For Individuals – full name and either residential address or date of birth. 

For client businesses – full company name and Australian Business Number (ABN)/Australian Company Number (ACN). The suite of Credit Reporting and Portfolio Health Checking tools on offer from CreditorWatch simplify and streamline this process according to your particular needs. 

Additionally, a KYC safe business will want to assure themselves on details including: 

• Operations in sanctioned regions or high-risk countries lacking in CTF or AML KYC regulation 
• Ultimate Beneficial Owner (UBO) 
• Shareholder and directorial structure 
• Interactions with Politically Exposed Persons (PEP) 
• Information pertaining to previous transactions 
• Purchasing history, including heavy reliance on cash 
• Any history of adverse ASIC events or media 

A Financial Risk Assessment from CreditorWatch will provide all of this information and more with a comprehensive analysis of a partner business’s financials and information across a number of years. The information gathered comes accompanied by succinct analysis from a qualified Chartered Accountant (CA) or Certified Professional Accountant (CPA).  

If you qualify as a reporting entity according to the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF ACT), you must fully document this process in order to comply with legislation. This verification/ and documentation process, termed authentication, can be conducted electronically, also known as eKYC, and doesn’t necessarily have to be paper-based. Efficient document verification is crucial to ensuring the accuracy and legitimacy of the information collected during the KYC process.

The detail in KYC requirements scales as the determined level of client risk rises. A relatively simple KYC identification process may be all that is required for most of your customers. Alternatively, if a customer is known to be a higher risk, a KYC analyst may need to dive deeper to determine whether or not they are safe for trading.  

Some industries, such as crypto or banking, are perceived as having higher risk because of the desired level of anonymity, the volume of trades, and the connection to criminal activity. KYC at a bank or financial services provider may require more checks and balances as a result. For example, the process of KYC at the Commonwealth Bank may be more extensive than in other sectors due to the heightened risk profile.  

Is there a simplified KYC option? 

A simplified KYC verification process is allowed by the regulators if the entity in question is:

• “a domestic (registered in Australia) company, listed on an Australian stock exchange 
• a majority-owned subsidiary of a domestic company listed on an Australian stock exchange 
• licensed and regulated by a Commonwealth, state or territory government regulator. 

Documents obtained from at least one of the following will confirm this and can be used as verification: 

• searching the relevant domestic stock exchange 
• a public document issued by the company (such as an annual report) 
• searching a relevant Australian Securities and Investments Commission (ASIC) database 
• searching the licence or other records of the relevant regulator.” 

Enhanced due diligence(edd) becomes crucial in certain scenarios where a higher level of scrutiny is necessary. This involves a more thorough examination of customer information and transactions, ensuring a more comprehensive risk assessment.

What is the future of KYC? 

As the technology improves, the authentication process will continue to move towards the digital space for a more streamlined identity verification workflow. In some instances, this may grow to include innovations including facial recognition technology, retinal scanning or biometric security. As a business, you should be considering moving away from paper-based verification in favour of smarter digital offerings from providers such as CreditorWatch.  

AML/CTF KYC recommendations are constantly subject to review and update by the member states of the FATF, as they respond to the evolving tactics used by criminal enterprises.  

What are the KYC process steps? 

For individual customers 

Step 1: Document their essential information. Ask for a driver’s license to confirm their name, proof of address, date of birth. 

Step 2: Verify that information; cross-check it against any available public records and private data sources.  

Step 3: Assess the risk level of the customer profile according to the verified information. 

Step 4: Report the KYC documentation to the relevant government body (ASIC or AUSTRAC) as required by legislation, or if requested.  

Step 5: Maintain a record of that customer’s information on your watchlist, in order to access it in future.

For client businesses 

The simplest way to ensure full KYC compliance for client businesses is by leveraging the extensive resources and digital tools available from financial institutions, such as CreditorWatch. 

Step 1: Utilise the onboarding platform ApplyEasy or our credit reporting and RiskScore tools to automatically collect and verify business information against both public records and our extensive subsets of business data. 

Step 2: Assess the risk profile of the client business according to which risk category they are assigned. The CreditorWatch credit risk tier grading system, ranking businesses from A1 to F, clearly outlines those that may pose a higher risk or need further KYC checks.    

Step 3: For high-risk clients, use a full Financial Risk Assessment to explore the true state of their balance sheet, income, and accuracy of critical information such as Ultimate Beneficial Ownership (UBO). 

Step 4: To ensure sustained compliance, businesses need to go beyond initial KYC processes and embrace the concept of ongoing monitoring. Ongoing monitoring involves regularly assessing and updating customer information to adapt to evolving risks and regulations, effectively identifying and flagging any instances of suspicious activity.

Take advantage of CreditorWatch’s 24/7 monitoring and alerts to automatically flag any updates or changes to client information that may affect KYC compliance in real-time. 

Step 5: Maintain records of customer information and report adverse findings to the relevant government body (ASIC or AUSTRAC) as required by legislation or if requested, further contributing to a comprehensive overview of each customer’s risk profile for ongoing compliance.

Step 6: Manage all client businesses moving forwards with CreditorWatch to eliminate the potential for manual information logging errors and unnoticed red flags, ensuring a robust and continuous customer identification program (CIP).

Ensure you’re compliant by leveraging CreditorWatch 

Identifying and verifying the information of client businesses doesn’t have to be a laborious process. You can ensure that all details are accurate, the risk analysis is accurate, and you’re immediately notified of any red flags by simply taking advantage of the CreditorWatch suite. Not only can you be compliant with regulatory requirements – you can streamline your debtor management and protect your business from risky entities and bad debt. 

Speak to our team of experts today and discover how our digital tools can enhance your onboarding process.