When I started my career years ago in the ethics and compliance sector, it wasn’t completely clear what the difference was between Due Diligence (DD) and Know Your Customer (KYC).

‍

To be honest, it’s still rather unclear and difficult today to understand how and why the two are not the same.

‍

It’s because DD and KYC can often be used interchangeably - even by those who work with them on an every day basis - because both are essential tools for combating financial crimes and ensuring compliance. They share a common purpose: identifying, assessing and mitigating risks associated with business relationships or transactions. Both are essential parts of compliance frameworks, especially when it comes to preventing financial crimes - such as fraud, money laundering and the financing of terrorist groups.

‍

But, at the end of the day, DD and KYC do represent distinct processes - each with unique purposes and scopes. And understanding their differences is key for effective implementation.

‍

KYC: The Foundation of Customer Identification

KYC is a regulatory requirement that focuses on verifying the identity of customers before establishing or continuing a business relationship. Its primary goal is to ensure that financial institutions and businesses know who they are dealing with, and KYC processes typically involve collecting and verifying basic information - for example, identification documents, proof of address and information about the customer’s source of funds and wealth. KYC is the starting point for any compliance framework, providing a baseline understanding of the customer’s legitimacy, and as you’ll see below, KYC can actually be considered to be a subset of Due Diligence.

‍

Due Diligence: A Broader Risk Assessment

Due Diligence goes beyond the initial identification step of KYC - as DD is a much deeper investigation into a customer, vendor or counterparty to assess their risk profile with a wider range of related tasks and activities. DD processes evaluate factors like financial history, business activities, beneficial ownership structures and connections to high-risk jurisdictions. Note that DD is not limited to onboarding; it extends to ongoing monitoring, enhanced scrutiny for high-risk clients and investigations into potential red flags. 

‍

The relationship between KYC and DD

Simply put, KYC is a part of DD. KYC provides the "who," while DD examines the "why" and "how" of a business relationship. And together, they form a complete, robust framework for protecting businesses and maintaining regulatory compliance.

‍