Know Your Customer or simply KYC is a process by which legal entities (obliged entities) verify the identity of their customers and business partners and assess their suitability for a business relationship and identify the risks of possible illegal intentions.
What is the KYC process?
Know Your Customer or simply KYC is a process by which legal entities (obliged entities) verify the identity of their customers and business partners and assess their suitability for a business relationship and identify the risks of possible illegal intentions.
In the course of the KYC process, the obliged entities carry out the verification of the due diligence measures of the customer relationship, including the verification of the person, the beneficial owner, the purpose and nature of the business relationship, and the risk factors that require the application of enhanced due diligence measures in the customer relationship (politically exposed person, transactions, sanctions) with the aim of complying with anti-money laundering (AML) and laws and regulations and those countering the financing of terrorism (CFT).
The purpose of the KYC process is to detect, eliminate, and combat money laundering, corruption, and the direct or indirect financing of terrorism, and to prevent and limit cooperation with countries or organisations subject to international sanctions.
There are an estimated 10,000 companies in Estonia that must regularly assess the risks of money laundering and terrorist financing and perform the KYC process for both their new and old customers. The list of entities who must perform the KYC process is long: banks, financial institutions, insurance undertakings, virtual money and digital payment institutions, notaries, lawyers, auditors, accountants, etc.
Performing the KYC process in Estonia today
Today, all obliged entities carry out KYC procedures in their own way. There is no uniform approach and standard. The same data is collected over and over again, a lot of data is collected on paper, and the data obtained is not machine-readable. The state has most of the data that would be needed to perform the KYC process, but this data is not accessible.
Every person and company comes into contact with the KYC process, for example, when opening a bank account, making a transaction at a notary, buying goods with a lease, making money transfers via the Internet, concluding an insurance contract, paying large amounts in cash, buying and selling real estate, etc.
Usually, in order to perform the KYC process, the entity has to fill out a questionnaire, and they are often also required to submit certain documents and evidence. The obliged person then analyses the received data, collects additional data, compares data, and, in some cases, enters additional data into their database. In reality, however, most of the data is already available in various national registers and databases, and if this data was made available for KYC purposes, there would be no need to ask individuals for additional data and documents. Financial institutions have said that they are currently spending millions of euros a year just collecting and entering KYC data.
KYC data exchange service
A KYC profile (API request) is created in the eesti.ee information portal, through which the necessary data for the KYC profile of the person is automatically collected in real time from various national (in the future also other) databases. The fact of making a request is logged, but the content of the request is not saved. The request is run again each time.
The person identifies themselves in the eesti.ee portal and then starts a KYC request about themselves. The response to the request is issued in both PDF and machine-readable form and is provided with a timestamp. The person then decides to whom they transfer this data. In addition to the above, based on the consent service of the Information System Authority, the possibility to request KYC data by the obliged person directly is being developed. However, this means that the data subject must have given the corresponding consent. The person can monitor with whom they have shared data and withdraw their consent to data sharing at any time.
Effects of the KYC data exchange service
With the KYC data exchange service, we improve the capacity of data-related processes in the Estonian business environment and enable a change of possibilities.
This change brings the opportunity and motivation to digitise the processes in many other sectors and thereby make these processes free of human labour and more optimised. Starting from the financial sector, it is possible to influence a large number of ordinary people as well as a large number of public sector representatives at the same time. By solving a known and important problem in a field which is related to the prevention of money laundering and terrorist financing, it is possible at the same time to apply the same already developed process or a smaller part thereof in other sectors.
In addition, the solution developed in Estonia can be exported as a functioning and proven best practice, primarily in neighbouring countries, then in the Nordic countries and throughout Europe. The above gives our companies an advantage to move to the export market with existing digitised processes and to develop new services and technological solutions for the faster implementation of data-related processes or to create new business based on them in several different sectors.
Schedule
2022-2023
Budget
TBA