Request Demo

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

KYC, AML, and CFT: What They Are and Why They Matter

Join the Merkleverse

Know your customer (KYC) and anti-money laundering (AML) regulations are essential for any financial institution to prevent fraud, combat money laundering, and reduce financial crime risk. Companies must perform thorough due diligence on their customers to ensure that they aren’t engaging in any illicit activities. One of the key steps in this process is Customer due diligence (CDD). CDD is just one aspect of KYC procedures involving the collection and verification of customers, including their identity, address, source of funds, and the purpose of their transactions. One of the most important aspects of CDD is counter financing of terrorism (CFT).

What is KYC?

Know Your Customer (KYC)
KYC stands for "Know Your Customer" and refers to the process of banks and other financial institutions verifying the identity of their clients to ensure they do not pose a risk to the business. The goal of KYC in crypto is to prevent money laundering, terrorist financing, and other financial crimes.

Banks and other financial institutions are required by law to collect KYC information from their customers. In the United States, this is regulated by the Bank Secrecy Act (BSA) and in the European Union, it is regulated by the Fourth Anti-Money Laundering Directive (4AMLD).
 In May 2019, the Financial Crimes Enforcement Network (FinCEN) issued a revised set of regulatory guidelines which currently oversee the implementation of the BSA with respect to virtual currencies. The BSA is the nation's first and most comprehensive federal anti-money laundering and counter-terrorism financing (AML/CFT) statute. Under the updated FinCEN guidelines, money service businesses (MSBs) are required to develop, implement, and maintain an effective written anti-money laundering program. MSBs also have to comply with the recordkeeping, reporting, and transaction monitoring obligations outlined in Chapter 10 of the U.S. Department of Treasury’s Money and Finance regulation.

In Singapore, the Payment Services Act (PSA) serves as  the key legislation governing  crypto . One key focus area is AML/CFT, which is dealt with by Notice PSN02. The PSN02 guidance, which came into effect on January 28th, 2020 puts in place robust AML/CFT guidelines and regulations to detect and stop the illegal flow of cryptocurrency funds through Singapore. The regulation includes implementing measures such as KYC processes including beneficial ownership - defined as the natural person or persons "who ultimately own or control a legal entity or arrangement, such as a company, a trust, or a foundation" -, account reviews, and suspicious transaction monitoring and reporting.

Recent FCA guideline- Crypto Asset AML/CTF regime:
 The UK’s money laundering regime requires crypto asset firms set up in the UK to register with the FCA. Only firms with appropriate Know Your Customer (KYC), source of funds and proof of funds checks, can be registered to ensure that no illicit money is coming through the system.

What is AML? 

AML refers to the steps that financial institutions and other firms must take to prevent criminals from depositing or transfering funds that came from illicit activity. In particular, AML regulations are designed to stop terrorist financing and proceeds from crimes like human trafficking. AML compliance is a requirement for all financial institutions to ensure that their customers are legitimate and that their transactions are not being used to launder money.

The BSA requires financial institutions to maintain records of all transactions and to report suspicious activity to the FinCEN.

What is CFT?

Crypto Forecast

CDD is a set of measures banks and other financial institutions must take to identify their customers, assess their risks and monitor their transactions. One component of customer due diligence, ongoing due diligence (ODD), is the process of continually reviewing and monitoring a customer's financial and transactional activities to identify odd or suspicious trends that could indicate potential financial crime.

In order to assess the risk of customer activities, ODD requires careful examination of transaction size, pattern, frequency, transaction geography, and sender/receiver profiles. This is especially important for regulated areas like financial services and casinos that are exposed to financial crime. Many KYC and AML regulations mandate financial institutions to implement a CFT program.

In the context of crypto exchanges, CFT involves conducting Know Your Customer (KYC) checks during the transaction life cycle. Furthermore, continuous monitoring of customer activities by regularly reviewing transactions for any signs of criminal activity is required as well. In case of suspicious activity, Virtual Asset Service Providers (VASPs) are required to file Suspicious Activity Reports with FinCEN or other relevant law enforcement agencies. This is in line with US and FATF regulations, which require financial institutions to have a robust AML and CFT program in place to prevent money laundering and terrorist financing.

What is CFT and How Does it Impact KYC/AML Regulations?

CFT Regulation
The financial sector is a major target of financial terrorism and is subject to KYC in order to adhere with AML transaction monitoring regulation. CFT regulations include preventive measures, financial intelligence, investigation, sanctions, and international cooperation. These measures are designed to detect, prevent and disrupt the financial support of terrorist activities. By implementing CFT regulations in financial institutions, it helps to protect the international financial system from being used for money laundering or terrorist financing activities.

Increased surveillance of crypto transactions is leading to the detection of more terrorist financing cases, according to a UN official. The report goes on to say that crypto-funded terrorist attacks accounted for nearly 5% of all terrorist attacks a few years ago, and has grown to around 20%.

Under CFT, financial institutions must conduct adequate due diligence to identify and verify their customers, as well as monitor transactions for suspicious activity in compliance with KYB AML regulations. This risk assessment process involves risk-based customer identification, risk-based customer due diligence, risk-based AML transaction monitoring, risk-based reporting, and risk-based customer communication.

The risk assessment model is an important part of the KYB AML regulations, as it ensures that institutions are adequately identifying risk factors associated with their customers and ensuring proper compliance with the necessary regulations. This helps to reduce the risk of money laundering and terrorism financing, which are major concerns under KYC/AML regulations.

Furthermore, CFT is a tool that helps to minimize the risk of financing activities associated with money laundering and terrorism. As a result, it plays an important role in KYC/AML cryptocurrency regulations, allowing organizations and governments to identify suspicious financing activities and take measures to prevent them. This, in turn, helps reduce the risk of money laundering and other financing related crimes.