Not everything works the same way in the United States of America (USA) as it does for the rest of the world and (Know Your Customer) KYC verification USA is no different. True, most aspects of the KYC verification process are standard worldwide, but there are variations in the KYC documents list in the USA and US KYC requirements for different institutions.
The History of KYC Verification USA
The full adoption of KYC verification by the US Department of Treasury was decades in the making. It began with the establishment of the Financial Crimes Enforcement Network (FinCEN) in 1990 which serves as the USA’s Financial Intelligence Unit (FIU) whose mission is to safeguard the financial system from illicit use. As part of that mandate and the enforcement of the money laundering control act, identity verification and validation were brought into the spotlight.
Under the Bank Secrecy Act (BSA) from 1992 to 1998 changes were made to include Money Services Business (MSB) registration and Suspicious Activity Report (SAR) filings. When the Patriot Act was enacted in 2001, customer due diligence became more of a necessity than an option and US KYC requirements were made standard according to federal law. Through decades of anti-money laundering (AML) policies pushed the birth of KYC verification, US KYC regulations still needed another two decades to be fully integrated into mainstream AML compliance solutions.
At this stage, fraudsters were still outpacing US regulators and not every aspect of the financial industry was on board with the implementation of KYC. Not to mention, business clients were being swept under the radar and serious consideration for foreign assets, black-listed individuals, and counter-terrorism financing was still in its infancy. More work needed to be done and FinCEN needed to collaborate with other departments of the Treasury to strengthen its fight against money laundering and terrorism financing.
Enter the Office of Foreign Assets Control (OFAC) with its Specially Designated Nationals (SDN) list, sanction list, and list of Politically Exposed Persons (PEP). The Office of the Comptroller of the Currency (OCC) which charters, regulates, and supervises all national banks, federal savings associations, federal branches, and agencies of foreign banks assisted in the supervision of Customer Identification Programs (CIP) and Currency Transaction Reports (CTR). Under the oversight of the global Financial Action Task Force (FATF), these three regulatory bodies work together to enforce both federal and global anti-money laundering regulations.
What are the US KYC Regulations?
The Bank Secrecy Act of 1970 was one of the United States’ first modern steps into AML compliance regulations. It was drafted to prevent money from drug trafficking from entering the banking system by requiring banks to report deposits that total over USD 10,000 in a single day to FinCEN. The BSA also laid the foundation for the USA 2001 Patriot Act which gave regulatory bodies more enforcement power and introduced provisions for Combatting the Financing of Terrorism (CFT) laws.
After the draft of the Patriot Act in 2001, by 2003 KYC/AML compliance became the standard in US banks and financial institutions. Banks and other financial institutions via US KYC regulations were now required to:-
- Maintain a sound Customer Identification Program (CIP)
- Perform ‘name matching’ to compare customers names against federal and global watchlists
- Make a risk analysis of a customer’s expected behavior and the possibility of committing a financial crime
- Ongoing behavior monitoring to compare to their risk profile and the behavior of similar customers
And this worked until 2016 when regulators found the loophole that did not include provisions for business clients, their beneficiaries, and their customers. FinCEN then made swift adjustments that demanded CIP now include provisions for Ultimate Beneficial Owners (UBO’s) and Know Your Customers’ Client (KYCC). However, more US KYC regulations were still to come.
Under Section 314(a) of the BSA, FinCEN decreed that whenever institutions found any individual/entity that matched any global watchlist they must conduct a record search for any account currently maintained or have been active by the suspected individual/entity. And monitor any transactions carried out by and on the behalf of the suspected individual/entity during the past 6 months. This is done to identify current financial activities that can be attributed to the potential bad actor.
Once there are activities, the financial institution must report the following: –
- The name of the suspected individual, entity, or organization
- The suspected individual’s account number and/or the date and type of transaction
- Further identifying information provided by the customer or associated with the transaction, including social security number, taxpayer ID number, passport number, address, and birthdate.
Financial institutions DO NOT have to close accounts or refuse to do business with the suspected individual/entity. They DO have to treat the report as confidential and assign someone to regularly submit reports to FinCEN. As part of the information-sharing process required in Section 314(b), both financial institutions are required to be registered on FinCEN’s Secure Information Sharing System (SISS). Once there, the information shared must be used for the following reasons:-
- To identify and report money laundering or terrorist activities;
- Establish whether a transaction should be processed or whether an account should be maintained; or
- Assist with any associated information-sharing requirements.
If at the end of this process, an individual or entity is suspected of AML/CFT compliance offenses then the financial institution must file a SAR with FinCEN or contact the regulator directly. Failure to report can lead to criminal penalties which can include fines of $1 million or twice the value of the violating transaction, whichever is greater.
What are the US KYC Verification Requirements?
Aside from the complexities of understanding who is specifically responsible for what. You should also understand where your KYC solution fits in the grand scheme that is AML compliance. Know Your Customer is simply a mechanism that makes AML compliance solutions work. The basis of any KYC verification process is the creation of viable customer identification programs and it is the first of many US KYC requirements.
The goal of every KYC verification process is to identify and verify the identity of the customer or business entity as accurately as possible, that wishes to do business with you or the financial institution. While maintaining records for ongoing transaction and behavior monitoring to keep suspected criminals, terrorists, and illegal organizations from entering the financial system. To do this, the basic KYC Verification USA requirements for customer due diligence (CDD) are; To verify ID user name, date of birth, and address and validate ID by matching with Identification Number/ Social Security Number (SSN) drivers license or passport.
Sometimes, basic customer due diligence isn’t enough. Especially during B2B customer onboarding where you need to be sure you are onboarding the real owner and can identify any high-risk customers they serve. That’s why customer due diligence has three levels:
- Simplified Due Diligence (SDD) – For low-risk customers with a simplified procedure.
- Basic or Standard Customer Due Diligence (CDD) – Standard procedure for average or moderate levels of risk. Performed for most clients.
- Enhanced Due Diligence (EDD) – For high-risk individuals, entities and organizations. Can be a lengthy and complex procedure that requires additional documentation and information.
- Since KYC verification is part of AML compliance solutions, AML compliance requirements also come into play, which means:-
- The development of internal anti-money laundering policies, procedures, and controls
- The appointment of an AML compliance officer to oversee the AML program
- Ongoing anti-money laundering training for employees
- Regular independent oversight and auditing for the AML program
Because one KYC solution alone was not sufficient to meet all the needs of AML compliance, KYC verification procedures were adapted to make the process more relatable to the customer journey and risk. For B2B customer onboarding, Know Your Business (KYB) was the standard and in the case of potentially high-risk customers, KYCC was included as an added measure. E-KYC was the answer to easier data management, real-time identity verification, customer onboarding, and regulatory reporting.
As important as it is to have a KYC solution, the cost of AML compliance and the enforcement of an effective KYC verification process is often a huge deterrent to US KYC regulations. Banks, financial institutions, and businesses want to be compliant, but with compliance costing between 5 to 44 dollars per bank account, that cost is often transferred to the customer. Who in turn, doesn’t like the intrusive US KYC requirements anyway.
Choosing KYC Verification Services in the USA
One of the saving grace of KYC services is the use of AI-assisted technology that cuts costs and still provides a smooth customer onboarding experience even during B2B customer onboarding. This factor should be the main selling point when choosing KYC services. Manual KYC is dead and if anyone selling KYC services in the USA is still trying to revive it, let it die with them.
FinCEN is the USA’s central regulatory body when it comes to KYC/AML compliance, but the OCC and OFAC aren’t the only government bodies they share duties and information with. Almost every US financial body is involved in US KYC regulations from the Internal Revenue Service (IRS) to Federal Deposit Insurance Corporation (FDIC) and non-governmental financial institutions. For your KYC verification process to access and collaborate with all these agencies, AI-assisted automated KYC would be your only option for automated ID verification and ID validation.
When choosing KYC services, real-time access to all these institutions and global watchlists can be the difference between onboarding a real customer or a fraudster. KYC services that can only provide access to a few watchlists and institutions and have dated information put your company at risk for a fee instead of saving money on criminal penalties. Not only that, during B2B customer onboarding, if they can’t correctly identify UBO’s or a business’s potentially black-listed customer, your reputation and employees can be at risk for supporting terrorism and trafficking activities.
Get Global ID Verification and KYC Verification USA with IDMERIT
Basic customer due diligence in the USA doesn’t differ from other countries across the globe. However, in the US, Canada, United Kingdom (UK), and the European Union (EU) enforcement of KYC verification is more aggressive than in other parts of the world. In Russia, the Middle East, and parts of Africa and Asia, basic customer due diligence is the only step in KYC verification. There is very little consideration for enhanced due diligence, KYB and KYCC are almost unheard of.
Global ID verification solution and collaboration which is a requirement of the BSA is not being enforced by these countries. Thereby, forcing the US and other compliant countries to double down their efforts on KYC/AML compliance to protect their economies and citizens. This makes KYC verification USA seem more intrusive than it is. In reality, with the inclusion of AI-guided automated tools, KYC in the USA is faster and easier than in those recalcitrant countries.
With IDMERIT’s KYC services, you get access to all the necessary up-to-date global watchlists for higher positive match rates and automated KYC tools like IDMscan. This works for faster real-time identity verification using biometric scans and document verification. Through our IDMkyX platform of API’s which is GDPR compliant and globally approved, your AML compliance certification process is guaranteed easy and safe for both you and your US customers.
Businesses are still getting fined and compliance costs are rising all because they didn’t choose the right KYC services provider. Watchlist screenings, ongoing transaction screening, and behavior monitoring account for 50% of these costs. Using our automated KYC-ready API’s, like IDMaml, you can still monitor watchlists and for behavioral changes without driving up the cost of AML compliance.
There is only one step you need for KYC verification USA, talk to our US experts!
And get compliant with a complete KYC solution from IDMERIT.