multi-factor authentication
Cybersecurity Thought Leadership World-Region-Country

Persona: Critical Facts About Know Your Business (KYB) in 2022

While KYC, or know your customer, is a well-established framework known across many industries and most countries, its younger sibling know your business (KYB) has not shared the limelight. However, KYB is just as important for financial companies that wish to remain compliant — and any company that wants to protect themselves against fraud and ensure trust and safety on their platform.

Rick Song, CEO of Persona, an identity infrastructure that enables companies to verify their customers are who they say they are, and carry an individual’s identity across an entire business, spoke to The Fintech Times to establish how and why KYB differs from KYC and in turn why it is so crucial for businesses.

Rick Song, CEO of Persona
Rick Song, CEO of Persona

Simply put, Know Your Business is the process of vetting organisations you want to or are currently doing business with, whether they’re a supplier, customer, or partner.

KYB is similar to KYC in that both are regulations that require financial institutions to verify that customers are who they say they are to help curb fraud and prevent money laundering. However, while KYC focuses on identifying individuals, KYB requires identifying and vetting both businesses and the people behind those businesses (also called their ultimate beneficial owners or UBOs).

Now that you know the basics, here are a few other facts and benefits you should know about this lesser-known identity regulation.

KYB can help combat fraud

Two to five per cent of the global GDP is laundered every year, and an estimated 90 per cent of money laundering goes undetected. While KYC regulations were put in place to combat money laundering in 2002, the US Treasury Department’s FinCEN didn’t introduce KYB regulations until much later — 2016 to be exact. Until then, US banks and financial institutions didn’t have to vet the organisations they did business with.

This meant criminals could easily set up shell companies to commit fraud or use legitimate businesses to hide their identities.

KYB makes it harder for criminals to use these tactics. As KYB requires you to screen each organisation you work with, it can help you weed out businesses that are high-risk, illegitimate, on sanctions lists, and/or associated with dubious activity, such as suppliers that ship counterfeit parts.

On the flip side, it gives you high certainty that those who pass your KYB checks are legitimate and trustworthy — and that you can conduct business interactions with them safely.

KYB isn’t something you should set and forget

Like KYC, you can’t just verify business customers during onboarding, as that only gives you a snapshot of the company at one point in time. Just because a customer or supplier passes your KYB checks the first time doesn’t mean they will in a year.

To remain compliant, you need to continue to be vigilant and make sure each business you work with remains clean over the course of your relationship with them. That means conducting ongoing monitoring, periodically checking that your partners have not appeared on sanctions lists and watchlists, and maintaining updated customer information.

Manual KYB is time-consuming and error-prone

KYB is much more intricate than KYC. Remember: with KYB, you need to verify both the business entity and its UBOs. If a business you want to work with has multiple UBOs, you’ll need to KYC each individual before proceeding.

To complicate matters further, businesses themselves are much more complex to verify than individuals, as they can span multiple geographic borders, tax regimes, and regulatory environments. Often, verifying these entities requires you to either ask the business to submit information or manually search for disparate data and official documents in different public and private systems, like state or national business records. This is particularly difficult in the United States, where there is no singular source of official business data.

Then, once you’ve tracked down all the information you need, you usually have to play Sherlock Holmes and hunt for traces of trouble.

Unsurprisingly, handling the KYB process manually — from searching legal filings to chasing down documents from UBOs and cross-checking reams of financial statements — can waste a ton of time. It’s very difficult to conduct KYB manually and feel confident that you are compliant without the minutiae and processes bogging down your lawful business.

This is where automatically validating information against various data sources can come in handy. Automating KYB also reduces negligence and mistakes due to fatigue or unclear priorities, with the benefit of leaving an auditable trail of actions.

A risk-based approach to KYB

In an ideal world, KYB would help you catch 100 per cent of businesses and situations you want to avoid. However, that’d require incredibly thorough investigations of each business and UBO and 24/7 monitoring, which just isn’t feasible in real life.

Instead, it can help to adopt a risk-based approach to onboarding and working with companies, which allows you to make sales and purchases as safely as possible without taking unacceptable risks. With a risk-based approach to KYB, you can eliminate some (smaller) risks with 95% certainty and other, more important, risks with 100 per cent certainty.

For example, letting a North Korean company open a new business checking account at your institution is an unacceptable risk, while purchasing chocolate from a Venezuelan company that declares it has no government links might be an acceptable risk.

Clear KYB standards, combined with the right degree of KYB automation, will maximise risk protection while minimising friction for the businesses you do want to work with.

Author

Related posts

Over 81 Million Cyber Attacks in Kenya, South Africa and Nigeria in H1’21

Francis Bignell

Women in Fintech: Smashing the Glass Ceiling with Zumo, Oxygen Digicel Group and Urban Jungle 

Francis Bignell