The KYC Verification Process: 3 Steps to Compliance

Learn how User Migration with Okta reduced unexpected password resets and reduces helpdesk calls and support issues.

KYC, or Know Your Customer defines a set of guidelines to accurately verify the identity of customers. The KYC verification process helps to prevent identity theft and fraud. 

KYC also falls within the scope of AML (anti-money laundering) regulations, which aim to curb money laundering and financial fraud as well as keep financial institutions from entering into potentially criminal business relationships with terrorists.

KYC compliance is required throughout industries, but it is most relevant for financial institutions and online businesses. One of the key components of KYC is identity verification. With KYC verification, organisations can ensure that the person or entity they are building a business relationship with is actually who they say they are. 

What is KYC verification?

The objective of KYC verification is to ensure that a customer is who they claim to be. This aims to protect customers by preventing identity theft and fraud as well as protect financial institutions by preventing money laundering and terrorist funding. Sometimes called the KYC check, KYC verification is the process of identifying and verifying a potential customer’s identity during onboarding. 

KYC is a set of guidelines outlined by the United States Financial Crimes Enforcement Network (FinCEN). It is a mandatory requirement for financial institutions and many other businesses. Elements of a KYC procedure typically include the following:

  • Customer acceptance policy (CAP)
  • Customer identification procedure (CIP)
  • Transaction monitoring
  • Risk management

Under KYC, the CAP details the regulations required to accept a customer and enter into a business relationship with them. This includes determining their risk threshold, exploring financial interactions, and outlining the eligibility criteria and necessary documents that should be provided by the customer during onboarding.

Know Your Customer verification mostly falls under the CIP component of KYC. To verify a customer, it is minimally required to collect the following information:

  • Name
  • Date of birth
  • Address
  • Identification number

Documents such as a government-issued ID (driver’s license or passport) and public utility bills can be used for KYC verification. Other methods of identity verification can include the use of biometrics and face verification. Additional methods can include comparing the information the customer provides during onboarding with public databases, consumer reporting agencies, and watchlists. 

The exact practices of Know Your Customer verification are determined by the risk profile of the organisation in line with risk management policies. Verification methods are required to be reasonable, and organisations must make their best effort to ensure that customer identities are properly validated. 

Who uses KYC verification?

Any institution that is required to be KYC compliant will need to use KYC verification. This can include both financial and non-financial institutions and online businesses. 

Ultimately, KYC verification is used by an organisation to verify the identity of their customers. Banks, Fortune 500 financial firms, credit unions, credit card companies, fintech, real estate, and insurance companies all use KYC verification. 

Know Your Customer verification is performed both during a customer’s first interaction with an entity — when they are opening an accoun