- Know Your Business (KYB) is an organization’s regulatory and legal obligation to verify the identity of any entity they do business with. This ensures the organization does not participate in money laundering, financing terrorism, or other financial crimes.
- KYB is similar to Know Your Customer (KYC) except with an extra layer of complexity because it focuses on verifying that the business and any ultimate beneficial owners (UBOs) are all legitimate.
- Fintechs, like banks or other financial institutions, are required to perform KYC and KYB checks to ensure that the businesses they are working with are legitimate and operating within the law.
When they were leaked in 2016, the Panama Papers revealed a hidden web of businesses being used to launder money, hide assets, and otherwise allow bad actors to cloak their illicit money moves behind shell companies.
The information revealed in the Panama Papers led to criminal charges, political fallout and international embarrassment. But perhaps most influentially of all, they led to sweeping worldwide financial regulation.
Financial institutions and related businesses had long been required to thoroughly verify the identity of individual customers in a process known as Know Your Customer (KYC). But the Panama Papers exposed a gigantic loophole for criminals. They were hiding financial crimes like money laundering in less heavily scrutinized business financial accounts.
Enter Know Your Business (KYB) compliance requirements.
KYB is a regulatory requirement that requires businesses to verify other business entities to ensure that funds are not being misused by money launderers, corrupt business owners, or shadow shareholders. Businesses must implement strong KYB processes to ensure that your company does not do business with another company involved in:
- Money laundering
- Financing terrorism
- Tax crimes
- Sanctions lists
- Fraud and other financial crimes
The history of Know Your Business compliance
In the US, anti-money laundering regulations as we know them today date all the way back to the Bank Secrecy Act (BSA) of 1970. As the country’s first anti-money laundering (AML) law, the BSA provided for common banking regulations we observe today, like tracking suspicious activity, scrutinizing foreign transactions, and reporting all cash transactions exceeding $10,000 per day.
The next significant development in fighting financial crimes through regulation came with the Patriot Act in 2001. Spurred by the 9/11 terrorist attacks, the Patriot Act required banks and related financial institutions to collect information on all individuals holding a current financial account or opening a new one.
But, as the Panama Papers revealed, the Patriot Act’s enhanced due diligence requirements still allowed for financial malfeasance between business bank accounts. To combat this, in 2016 the government issued Customer Due Diligence (CDD) Requirements for Financial Institutions.
The CDD Rule spelled out specific requirements for banks, fintechs and other businesses when onboarding business customers. This set of rules and best practices is now known as KYB.
Does my company need to implement KYB?
In the US, KYB processes are currently regulated by the Financial Crimes Enforcement Network’s (FINCEN) Customer Due Diligence (CDD) Final Rule. In short, this rule states that the following entities should implement KYB checks:
- Banks and other financial institutions (including fintechs)
- Mutual funds
- Securities brokers or dealers
- Futures commission merchants
- Commodities brokers
- Other financial institutions stipulated in the Bank Secrecy Act
Financial entities such as banks, lenders, and payment service providers are required to implement the CDD Rule.
What is the process for KYB compliance?
In order to remain compliant with anti-money laundering laws like the BSA, the Patriot Act and the CDD Rule, businesses onboarding other businesses must implement KYB checks.
The CDD Rule does not proscribe exactly how each bank, financial institution, fintech or other entity should conduct these checks, as long as they:
- Verify the business’s identity
- Identify and verify the business’s Ultimate Beneficial Owner(s)
- Understand the nature and purpose of customer relationships to develop a customer risk profile
- Maintain updated customer information and monitor risk on an on-going basis
To stay compliant with the CDD Rule, businesses must collect and verify the following information to onboard new customers.
- Name - The business’s registered, legal name.
- Address - The business’s operating address or addresses. A business’s operating address may be different from its registered address. For example, in the US, relaxed laws lead many corporations to register in Delaware, Nevada or Wyoming even when operating elsewhere.
- Taxpayer identification number (TIN) - For US-based businesses, this is generally an Employer Identification Number (EIN). An EIN is a unique number that a business uses to open a bank account, file taxes, and otherwise verify its unique identity.
- Business registration status - Is the business registered in the state where they claim they are? Are they in good standing with their registration state’s Secretary of State?
- Licensing documentation - Are businesses up to date and in good standing with any local, state or federal licensing boards required to perform their business function? Not all businesses are required to be licensed.
- Identities of ultimate beneficial owners (UBOs) and their personal details - If shareholders have 25% or more of beneficial ownership in the company, you must verify their identity by assessing their name, address, and valid government documentation such as a driver’s license or passport. You also must ensure that these individuals do not appear on international sanctions lists, are not suspected of funding terrorism, and otherwise have not proven to be bad actors
Performing this level of due diligence on each and every new business customer can sound daunting and expensive. In fact, the Financial Crimes Enforcement Network (FinCEN) estimated that implementing these compliance practices would cost banks, fintechs and other financial institutions from $1.5 to $10 billion dollars in total.
Thankfully, technology has automated the KYB process.
How to automate your KYB verification process
No company wants to inadvertently work with a dishonest business. A clear set of KYB requirements help keep honest businesses safe and operational while isolating the bad actors.
Enhanced due diligence meets regulatory requirements and is just plain good business. But jumping through identity verification hoops also slows down the speed of business onboarding.
That’s why businesses who need fast, accurate KYB verification work with Middesk.
As the leading business identity verification platform, Middesk enables innovative companies to accelerate customer onboarding while managing risk at scale. Middesk’s Verification solution applies modern data science and machine learning techniques with trusted data sources to verify business identities in real-time, improving coverage rates while cutting manual review times.
In other words, Middesk gives you the competitive edge by allowing you to onboard your customers quickly and accurately so you can spend less time on compliance and more time serving your customers.