🧩 Know Your Customers

Get the Picture: The Complete KYC Cycle

Q1 2022 Quarterly Training

Lan’s Enterprise Limited Training Program

Presented by: Angela Ji

Do You Really Know Your Customers?

“You think you know me, but you don’t know me…”

The Reality: Knowing your customers is not a one-time event—it’s an ongoing journey of trust, vigilance, and verification.

Training Objectives

What you’ll learn today

Understand the 6-step KYC cycle and why it never ends
Identify when and how to perform Customer Due Diligence (CDD)
Recognize situations requiring Enhanced Due Diligence (ECDD)
Implement effective ongoing monitoring and transaction review
Maintain proper records for regulatory compliance

🌍 The Risk-Based Approach

One Size Does Not Fit All

KYC depth depends on customer risk level
Apply proportionate measures for low, medium, and high-risk profiles
Reassess risk whenever new information arises
Document rationale for every risk rating decision

KYC: It Never Ends

The 6-Step Continuous Cycle

👤 Identification – Verify who they are
🔍 CDD – Customer Due Diligence
⚠️ ECDD – Enhanced Due Diligence
🔄 Ongoing CDD – Keep information current
📊 Transaction Monitoring – Watch activity patterns
🧾 Account Review – Regular comprehensive assessment

Step 1: Identification

Making Sure Customers Are Who They Claim to Be

Two Key Timing Requirements:

Verify identity before starting the business relationship
Verify identity periodically over time

Core Principle:

Ensure customers are genuinely who they claim to be throughout the entire relationship.

Step 2: Customer Due Diligence (CDD)

Three Types of KYC

🧭 Onboarding KYC – Initial verification when relationship begins
🕒 Periodic KYC – Scheduled reviews at regular intervals
🔔 Perpetual KYC – Trigger-based reviews as events occur

Onboarding KYC: Identity Verification

Verification Methods

💻 Electronic Identity Verification (EIV) – Automated checks
👩‍💼 Verified by Staff – In-person verification
🧾 Certified by Trusted Referee – Third-party certification
⚙️ Sanctions & PEP Screening – Conducted at onboarding and continuously

Onboarding KYC: Information Requirements

For Individuals

Full legal name
Residential address
Date of birth
Source of funds and source of wealth (for medium/high-risk customers)

For Entities

Company incorporation documents
Directors and shareholders (>25%)
Beneficial ownership (UBO) – verify and record ownership structure
Business address

Onboarding KYC: Understanding the Relationship

Critical Questions to Answer

Nature of Business Relationship:

Why is the customer initiating this relationship?

Nature of Customer’s Business:

Purpose and existence within their market sector
Industry and business activities

Initial Risk Rating:

Geography factors
Industry risks
Entity type considerations

Periodic KYC: The Challenge

The Problem

“Periodic KYC updates can cause customer frustration and inefficiency if handled poorly.”

The Risk:

Reviews often get delayed or deprioritized.

The Consequence:

Non-compliance fines + reputational damage.

Periodic KYC: Review Activities

Four Key Activities

📇 Update Customer Information – Expired IDs, address, contact details
🧠 Sanctions & PEP Screening – Annual re-screening of all active customers
📈 Transaction Baseline Review – Compare actual vs. expected activity
🚨 SAR Escalation Process – Report to MLRO/Compliance Officer immediately

Perpetual KYC: Event-Based Review

Triggered by Specific Events

Unlike periodic reviews, perpetual KYC responds to:

Material changes in customer circumstances
Unusual transaction patterns
Alerts or red flags
Customer requests or ownership changes

Same focus areas as Periodic KYC — but event-driven.

Step 3: Enhanced Customer Due Diligence (ECDD)

When to Conduct ECDD

At onboarding – for high-risk customers
Periodically – for ongoing high-risk relationships
Due to trigger events – when circumstances change

ECDD at Onboarding

Ascertain Whether EDD Is Necessary

Key Factors:

Customer’s location (high-risk jurisdiction?)
Occupation or PEP status
Transaction type (complex, large, unusual?)
Expected volume/frequency
Payment methods (cash, wire, cryptocurrency?)

Reference: AML/CFT Act Section 22

ECDD Periodically

Risk Level Changes Over Time

Trigger Scenarios:

Low/medium risk customer shows high ML/TF risk
High-risk customer remains consistently high risk
Dealings with high-risk jurisdictions increase

References:

AML/CFT Act Section 31
Enhanced CDD Guideline Sep 2020 (sections 26–29)

ECDD Due to Trigger Events

Red Flags Requiring Immediate Review

Low-risk customer appears on PEP or criminal list
Change in beneficial owner (UBO)
Address update to higher-risk country
Shift in transaction geography or complexity

Reference: Enhanced CDD Guideline Sep 2020 (sections 30–31)

The Importance of Record Keeping

Compliance Must Be Seen to Be Done

Critical Practice:

Keep detailed records of all CDD and ECDD performed on:

Each customer
Each potential customer

Retention:

Maintain records for at least 5 years after relationship ends (or as required by law).

Step 4: Ongoing Customer Due Diligence (OCDD)

Keeping Customer Information Current

Ensure customer and UBO data is:

Reviewed regularly
Kept up to date
Enhanced when necessary

Components: Transaction monitoring + ECDD

OCDD: Three Approaches

1. 📅 Frequency-Based

Detected through:

Internal audit programs
Independent external audits
Regulatory reviews

2. 🔔 Event-Based

Triggered by:

Transaction alerts
High-risk jurisdictions
Dormant reactivations
ID expiration notifications

OCDD: Real-Time Process

Transaction-by-Transaction Scrutiny

Ensure transactions are consistent with:

Customer profile and business activities
Expected patterns and volumes
Verified source of funds and wealth
Updated documentation and records

Step 5: Transaction Monitoring

Building the Complete Picture

Three Components:

📚 Historical & Current Data – Customer information and records
⚙️ Rule-Based Alerts – Automated system detections
🚨 SAR Reporting – Formal escalation mechanism

Tip: Use automated systems calibrated to customer risk profiles.

Get the Picture: Building the Baseline

Comprehensive Customer Profile

Baseline Establishment:

Expected behavior defined at onboarding
Supporting documents (contracts, business plans)
Historical transaction patterns
Ongoing review of material changes

Identifying Suspicious Activities:

Alerts trigger investigation
Deviations from baseline must be explained or escalated

Step 6: Account Review

How Well Do You Know Your Customer?

Two Types of Reviews:

👥 Account Manager Review – day-to-day oversight
🧮 Compliance Review – independent verification

Account Review: Our Responsibility

What We’re Expected to Do

“We are not required to determine whether a crime has been committed.”

We are required to:

Apply KYC procedures consistently
Conduct ongoing due diligence
Monitor transactions effectively
Prevent becoming unintentional accomplices

Reputation: The Ultimate Asset

Warren Buffett’s Wisdom

“It takes 20 years to build a reputation and five minutes to ruin it.”

Our Commitment:

Protect reputation through diligent KYC
Prevent financial crime
Maintain regulatory compliance
Safeguard our customers and business

Key Takeaways

Remember These Points

🔄 KYC Never Ends – continuous 6-step cycle
🧭 Three Types of CDD – onboarding, periodic, perpetual
⚠️ ECDD When Risk Increases – at onboarding, periodically, or on triggers
🧾 Document Everything – compliance must be seen to be done
📊 Monitor & Review – build the full customer picture

🧠 Interactive Discussion

Test Your Knowledge

Scenario Questions:

A customer changes their address to a high-risk jurisdiction — what KYC is triggered?
A low-risk customer now transacts heavily across borders — what’s your response?
A customer’s ID expires — which step of the KYC cycle applies?