The phrase “know your customer” has a very important meaning in the business world. The process of knowing your customer. KYC, is what businesses do in order to verify the identity of their clients.
According to Section 20A of the FIC Act, you may not deal with an anonymous client.
You therefore need to establish (obtain) and verify (validate) a client’s identity and complete a client due diligence to ensure you know your client (KYC).
This means that “regardless of the amount in the case of single transaction or whether a product or transaction is exempt from FICA KYC” the client’s identity documentation, proof of, source of funds and whether the customer is a Prominent Influential Person must always be obtained.
KYC evaluation starts when you welcome a new client into your business.
In your onboarding process, you should obtain consent from the client to verify information using a third party data sources. To comply with the Protection of Personal Information Act, 2013, a client needs to be aware of this and/or give consent for you to obtain this information.
Your KYC verification process will vary depending on whether you’re: (1) a Natural person, (2) a Sole trader, or (3) a Business.
Natural person: You’re a private individual
Sole trader: You have a business, and you’re personally liable for all aspects of the business, including any tax and financial debts
Business: You have a business that’s a separate legal entity, and your business is liable for any debts
Names, identity numbers, birthdays, and addresses can be very useful when determining whether or not an individual is involved in a financial crime.
Once this basic data is collected, financial institutions generally compare it to lists of individuals that are known for corruption, on a list of sanctions, suspected of being involved with a crime and a lists of Prominent Influential Person, or PIPs.
From there, one can identify how much of a risk the customer appears to be and how likely they are to become involved in corrupt or illegal activity.
Section 21.1 & 21.2 places an responsibility on all accountable and/or reporting institutions to carry out a proper client due diligence on all clients, new and existing, and the identity of third party acting on behalf of the client.
The consequences of Non-compliance
Administrative sanctions may take many forms – including, a caution, a reprimand and/or restricting the business activities of the institution and/or a financial penalty of up to R100 million- or 15-years imprisonment per instance of non-compliance.