Know Your Customer (KYC) is the process of a business verifying the identity of its clients. The term also refers to the bank regulation which governs these activities. Know your customer processes are also employed by companies of all sizes for the purpose of ensuring their proposed Agents, Consultants, Introducers, Partners, or Distributors are anti-bribery compliant.

Banks, insurers and export creditors increasingly demand that customers provide detailed anti-corruption due diligence information to verify their probity and integrity.

Know your customer policies are becoming more important globally to prevent identity theft, financial fraud, money laundering and terrorist financing.


The objective of KYC guidelines is to prevent banks from being intentionally or unintentionally used by criminal elements for money laundering activities. Related procedures also enable banks to understand their customers and financial dealings better. This helps them manage their risks prudently. Banks usually frame their KYC policies incorporating the following four key elements:

  • Customer Policy
  • Customer Identification Procedures
  • Monitoring of Transactions
  • Risk management

For a KYC policy, a Customer/user may be defined as:

  • a person or entity that maintains an account and/or has a business relationship with the bank;
  • one on whose behalf the account is maintained (i.e. the beneficial owner);
  • beneficiaries of transactions conducted by professional intermediaries such as stockbrokers, Chartered Accountants, or solicitors, as permitted under the law; or
  • any person or entity connected with a financial transaction which can pose significant reputational or other risks to the bank, for example, a wire transfer or issue of a high-value demand draft as a single transaction.

Typical Controls

KYC controls typically include the following:

  • Collection and analysis of basic identity information (referred to in U.S. regulations and practice as a “Customer Identification Program” or CIP)
  • Name matching against lists of known parties (such as “politically exposed person” or PEP)
  • Determination of the customer’s risk in terms of propensity to commit money laundering, terrorist finance, or identity theft
  • Creation of an expectation of a customer’s transactional behaviour
  • Monitoring of a customer’s transactions against expected behaviour and recorded profile as well as that of the customer’s peers

Laws by Country

The Reserve Bank of India introduced KYC guidelines for all banks in 2002. In 2004, RBI directed all banks to ensure they fully comply with the KYC provisions before December 31, 2005.

New Zealand
Updated KYC laws were enacted in late 2009 and entered into force in 2010. KYC is mandatory for all registered banks and financial institutions (the latter has an extremely wide meaning).

South Africa
The Financial Intelligence Centre Act 38 of 2001 (FICA)

United Kingdom
The Money Laundering Regulations 2007 are the underlying rules that govern KYC in the U.K. Many U.K. businesses use the guidance provided by the European Joint Money Laundering Steering Group to guide compliance.

United States
Pursuant to the USA Patriot Act of 2001, the Secretary of the Treasury was required to finalize regulations before October 26, 2002, making KYC mandatory for all U.S. banks. The related processes must conform to a customer identification program (CIP).

Enhanced Due Diligence

Enhanced due diligence (EDD) is a more detailed standard required for larger customers and transactions. The USA PATRIOT Act dictates that institutions “shall establish appropriate, specific, and, where necessary, enhanced, due diligence policies, procedures, and controls reasonably designed to detect and report instances of money laundering through those accounts.”

U.S. regulations require that EDD measures be applied to accounts such as Private banking, Correspondent account, and Offshore banking institutions. Because regulatory definitions are neither globally consistent nor prescriptive, financial institutions risk being held to different standards depending upon their jurisdiction and regulatory environment. An article published by Peter Warrack in the July 2006 edition of ACAMS Today (Association of Certified Anti-Money Laundering Specialists) suggests the following:

“A rigorous and robust process of investigation over and above (KYC) procedures, that seeks with reasonable assurance to verify and validate the customer’s identity; understand and test the customer’s profile, business and account activity; identify relevant adverse information and risk; assess the potential for money laundering and/or terrorist financing to support actionable decisions to mitigate against financial, regulatory and reputational risk and ensure regulatory compliance.”

Characteristics of H.E Sir Patrick Bijou Due Diligence (BDD)

Rigorous and Robust
Generally, this means consistent, thorough and accurate. The process must be documented and available for inspection by regulators. The process must be SMART (Specific, Measurable, Achievable, Relevant and Time-bound scalable and proportionate to the risk and resources.

Over and Above KYC Procedures

BDD files rely upon initial client screening. BDD processes should use a tiered approach dependent upon the risk. Crucial to the integrity of any BDD process is the reliability of information and information sources, the type and quality of information sources used, and adequately trained analysts who know where to look for information, how to look and how to corroborate, interpret and decide the results. Commercial intelligence companies aggregate this information and compile it daily into a comprehensive database.

Many of these commercial intelligence companies are serviced by in-country providers with researchers on the ground who can obtain information that is not otherwise easily accessible.

Reasonable Assurance

What is reasonable depends upon factors including jurisdiction, risk, resources, and technology state of the art. For sanction matches, it depends upon information provided by regulators. In all cases, the suggested standard is the civil standard of proof, i.e. on the balance of probability.

Relevant adverse information

Information obtained from any source, including the Internet, free and subscription databases and the media, which is directly or indirectly indicative of involvement in money laundering, terrorist financing or predicate offences. Examples include fraud and other dishonesty, drug trafficking, smuggling or other proscribed offences, references to money laundering, or conducting business, residing in or frequenting countries deemed by the Financial Action Task Force and/or (institution) as being countries under sanction or countries with which (institution) does not do business; to official sanctions or watch lists; and investigations, convictions or disciplinary findings by authorized regulatory bodies.

H.E Sir Patrick Bijou KYC

H.E Sir Patrick Bijou has its own set of items based on the abovementioned rules and regulations. Information gathering and verification consists of obtaining a signed H.E Sir Patrick Bijou CIS (Customer Information Sheet), valid identity, Driver’s license and/or Passport, signed H.E Sir Patrick Bijou Mutual NDA and/or EC NSNC NDA.

Date Adopted: May 1 2023
H.E. Sir Patrick Bijou, Chairman & Founder