The International Trade Blog Export Compliance
The Importance of KYC and KYS: Building Trust and Minimizing Risks
On: April 12, 2023 | By: Stephanie Martinez | 4 min. read
In today's business landscape, it is more important than ever to know your customers and suppliers to mitigate risks and build trust. This is where Know Your Customer (KYC) and Know Your Supplier (KYS) come in. KYC and KYS are critical processes that companies across multiple industries should implement to verify the identity and assess the risk of their customers and suppliers.
Let's take the example of a manufacturing company, Maker Corp., that is looking for a new supplier of raw materials for its production line. They are approached by a new supplier, Input Corp., who offers competitive pricing and claims to have a good reputation in the industry. Maker Corp. decides to conduct a KYS process to verify the supplier's identity and assess potential risks associated with doing business with it. During the KYS beneficial ownership verification process, Maker Corp. discovers that the sole ultimate beneficial owner of Input Corp. is a Russian individual on the U.S. sanctions list. This presents a potential risk of violating sanctions laws and tarnishing Maker Corp.'s reputation. Based on this information, Maker Corp. decides not to proceed with the supplier and looks for an alternative source of raw materials.
This example highlights the importance of implementing KYC and KYS processes to identify potential risks and avoid legal and reputational consequences. By verifying the supplier's identity, Maker Corp. was able to make an informed decision and protect its business interests.
The value of KYC and KYS processes is not limited to the manufacturing industry. Companies across multiple industries, including finance, healthcare and retail, can benefit from implementing these processes.
What is Know Your Customer (KYC) and Know Your Supplier (KYS)?
KYC and KYS are processes that companies use to verify the identity of their business partners and assess the potential risks associated with doing business with them. The KYC process involves collecting and analyzing information about a customer's identity, source of funds and business activities. The goal of KYC is to prevent fraud, money laundering and other illegal activities by ensuring that companies only engage with legitimate customers. Likewise, KYS is a critical component of supplier risk management that helps businesses verify the identity and legitimacy of their supplies. The goal of KYS is to ensure that a company’s suppliers are reliable, trustworthy and compliant with legal and regulatory requirements.
What are the steps for KYC and KYS?
The KYC and KYS process typically involves several steps, including:
- Customer and Supplier Identification: The first step is to identify the prospective customer or supplier that the company plans to work with. This involves requesting that the business partner provide information such as its company name, registered address and business tax identification number. The identification process is the initial step to verify if the business partner really exists, operates in the claimed industry, and is legitimate.
- Due Diligence: The due diligence phase of the KYC and KYS process involves assessing third-party information about the supplier to further verify their identity and legitimacy. This can include reviewing public records online, conducting a background search, verifying the entity’s financial status (for example, through a credit check or by evaluating its securities filings), and reviewing corporate public records for its legal status. Beneficial ownership verification is also a key concept in the due diligence process and refers to requesting information or using public and third-party data to identify the individuals and entities that ultimately own or control a company. Some industries are required by certain jurisdictions to collect and verify beneficial ownership information pursuant to anti-money laundering laws. In the U.S., for example, the Financial Crimes Enforcement Network (FinCEN) implemented the Customer Due Diligence (CDD) rule requiring financial institutions to identify and verify the beneficial owners of their customers, specifically identifying any individual who directly or indirectly owns 25% of more of the equity in a legal entity or has significant control.
- Risk Assessment: Once identification information has been collected, the next step is to assess the level of risk associated with that customer or supplier. Some of the factors to evaluate are geographic location, industry, financial stability and history of legal or regulatory issues. A screening or comprehensive due diligence tool can be used to help gather this information and can provide information such as history of fraud or corruption, money laundering risks, debarment from government contracts, sanctions or export control restrictions, law enforcement flags or negative media that would expose your company to reputational, financial, cybersecurity or legal risk.
- Documentation: After collecting, researching and evaluating all these data components, it is critical for companies to maintain documentation of the review for audit purposes. Decisions made regarding risk determination and approval or rejection of the customer or supplier should be clearly documented. One effective way to do this is to create an approval process using a due diligence tool that is integrated with the company’s sales and ERP systems. This helps automate the process while maintaining a record of the decision rationale.
- Monitoring: Monitoring is ongoing due diligence of customers and suppliers to ensure new risks are detected and mitigated. By monitoring changes in their customers’ or suppliers’ ownership structures, risk profiles and financial profiles, companies can identify red flags, minimize their risk exposure and validate that they are still compliant with changing regulations. Monitoring can be structured as a periodic review, based on initial risk assessment of the customer or supplier. It can also be integrated into restricted party screening processes. For instance, a low-risk business partner may not require a full due diligence review on an annual basis, but rather only when automated screening suggests a new reason for review. In contrast, a high-risk customer may need to be reviewed on an annual basis, regardless of whether any new risks have been specifically identified through screening.
In conclusion, KYC and KYS build strong relationships with customers and suppliers based on trust and transparency while minimizing risks and allowing companies to thrive in a competitive market. By conducting thorough due diligence, companies can avoid potential legal and reputational consequences and protect their bottom line.
Like what you read? Subscribe today to the International Trade Blog to get the latest news and tips for exporters and importers delivered to your inbox.
About the Author: Stephanie Martinez
With over 15 years of experience in compliance, including a decade focused on Know Your Customer/AML compliance, in addition to project and change management, anti-boycott, and global trade compliance with multinational companies, Stephanie Martinez is a seasoned expert in the field. She is passionate about understanding her clients’ businesses inside and out to identify improvement opportunities while effectively managing risk and compliance priorities.
Stephanie Martinez is a consultant for Amalie Trade Compliance Consulting, a boutique consulting firm that focuses on practical and sustainable compliance solutions and services that create business efficiencies while mitigating compliance risks. Stephanie’s broad range of experience and in-depth knowledge of compliance regulations and best practices allow her to provide valuable insights to her clients.