According to the KYC requirements as set out in the Rules that accompany the AML/CTF Act, there are basically two major requirements to Know Your Customer:

• collect your customer information
• verify these details with reliable and independent data sources

You will have to collect and verify KYC details for all your customers, including both organisations and individuals.

For organisations, details on the organisation have to be collected and verified with documents from the appropriate registration bodies. The information that has to be collected for each type of organisation (e.g. business partnership, private/public company, public/private foreign company, trust, association etc) can include the beneficial owner, registered office, principal place of business, name of each director etc (for a complete list of the details required for each organisation type see the Rules accompanying the AML/CTF Act).

For individuals, the minimum information that needs to be collected includes:

• name
• date of birth
• address

For verification, the customer’s name and either the residential address or date of birth have to be verified by means of:

• original or certified primary photographic identification or
• both primary non-photographic identification and an original or certified secondary identification document

It appears that the KYC verification procedures for individuals can be less rigorous than the hundred point check currently used by many organisations. KYC checks for individuals should not be too difficult for those organisations that can perform face-to-face over-the-counter verification of the appropriate documents.

It should be stressed that the Rules outline the minimum KYC requirements for low to medium risk customers. Reporting entities need to have an AML program in place that assesses the risk posed by customers.

The key to a risk-based Act is that the onus is squarely on you to assess the risk and take the adequate steps.