Banking regulations require all financial institutions to identify their customers and obtain relevant information prior to entering business relationships with them.
Know Your Customer (KYC) is typically a policy put in place to conform to a Customer Identification Program (CIP) as provided under the Money Laundering Prohibition Act (MLPA), 2004 and reiterated in several CBN circulars to ensure that Financial institutions verify its customer’s identities and addresses before opening an account, issuing a cheque/pass book, entering into fiduciary transaction with, renting a safe deposit box or establishing any other business relationship with such customers.
Every bank is required to establish the identity of their customer and verify their legal status. Identifying legal entities, obtaining and verifying the identity of the authorized signatories as well as that of the owners of the account is mandatory. This also includes obtaining records of employment or business undertaken by the customer as well as ascertaining the purpose of the account being opened.
Know your customer policies are becoming increasingly important globally to prevent identity theft, fraud, money laundering and terrorist financing etc.
A robust “Know your Customer” policy will ensure that, a bank identifies the source of funds its customer’s deposits as well as the identity and background of the customer. In- case of corporate organizations, the shareholders and key principals involved in the entity or venture. KYC is beneficial to the financial institution as it mitigates the exposure to risk to the business by criminals seeking to launder the “Proceeds of Crime”.
It also ensures that the financial institution has sufficient knowledge of the customer’s financial position to enable the sale of products/services which are legally acceptable.
The basic elements of KYC policy shall be discussed under the following headings;
- Customer Acceptance Policy (CAP);
- Customer Identification Procedures (CIP);
- Monitoring of (customers) Transactions (MOT); and
- Risk Management (RM);
Customer Acceptance Policy (CAP)
This defines the terms under which customers can apply for account opening.
CAP is expected to forestall relationships with customers who have been sanctioned or facing charges for criminal activity or who are deemed high-risk customers and may use the bank for “money laundering” or other criminal activities.
Below are basic criteria for evaluating and segmenting the customers:
- The home country or the country of residence of the customer.
- The profession or nature of the customer’s activity.
- The origin of funds deposited by the customer.
- The type of transactions/products the customer engages in.
- The legal form (in the case of corporate/legal entities).
- Check customers’ against sanction list.
Finally the Customer Acceptance Policy (CAP) must define the type of customers the financial institution can or cannot do business with.
Customer Identification Procedures
Once the customer is deemed suitable for account relationship, the “Know Your Customer” policy must be applied. At this stage, the customer’s actual identity, business profile and business intentions must be ascertained.
The following are required:
- Sufficient information must be obtained on every customer.
- Collection of supporting customer documents as required by the law.
The information and documents collected from the customer as part of the CIP will assist in determining the overall customer profile. The customers’ data/supporting document must be updated throughout the life of the business relationship between the bank and the customer.
Monitoring of Accounts and Transactions
The ongoing monitoring of the customers’ account and transactions are crucial as an effective measure to mitigate the risk of money laundering.
The purpose of this process is to identify:-
- Transactions which, are associated with money laundering,
- Unusual transactions, i.e. transaction which does not have an
obvious financial or legitimate purpose.
- Suspicious transactions, transactions which are complex in nature.
- Update customer information on file.
In developing an effective monitoring system, procedures are put in place to obtain sufficient information on the activities of customers. IT systems are installed for ease of processing information.
The transactions which are identified as suspicious must be reviewed. Following the review, if there are doubts as to the legitimate origin of the funds, suspicious transaction report (STR) must be filed to the Nigeria Financial intelligence unit (NFIU) and/or Central bank of Nigeria (CBN).
Risk Management
KYC policies and procedures for risk management comprise management oversight, systems and control, segregation of duties, training and other related matters.
Robust policy/procedures will ensure that accurate profiling of customers is maintained throughout the Banks business relationship with its customers. In order to facilitate the effective implementation of KYC policies and procedures, responsibilities are allocated to various departments of the Bank in line with running a sound risk management program.
Risk lies not only in banking the funds of terrorists, traffickers, dictators, corrupt politicians and arms dealer but also in extending loans and finance to such individuals as well as many other fraudsters. KYC is precisely about mitigating such risks. It is about assessing who is seeking to do business with the Bank.
It is about understanding their situation and requirements as well as peculiar circumstances. The very essence of Risk Management in Compliance is the prevention of criminals from having access to financial services and ensuring that systems are constantly in place to safeguard the bank’s interest at all times without losing genuine business.