Consolidated KYC Risk Management

This version

BCBS  | 
20 August 2003
Status:  Closed

The consultative paper 'Consolidated know-your-customer (KYC) risk management' is a supplement to the Basel Committee's 'Customer due diligence for banks' issued in October 2001. It examines the critical elements for effective management of KYC policies and procedures in banks' foreign branches and subsidiaries.

The adoption of effective know-your-customer (KYC) standards is an essential part of banks' risk management practices. As discussed in the Customer due diligence for banks (CDD) paper, banks with inadequate KYC standards may be subject to significant risks, especially legal and reputational risk. Sound KYC policies and procedures not only contribute to a bank's overall safety and soundness, they also protect the integrity of the banking system by reducing the likelihood of banks becoming vehicles for money laundering, terrorist financing and other unlawful activities.

The CDD paper outlines four essential elements necessary for a sound KYC programme. These elements are: (i) customer acceptance policy; (ii) customer identification; (iii) on-going monitoring of higher risk accounts; and (iv) risk management. To be truly effective, these elements should be adopted on a consolidated basis, encompassing the parent bank or head office and all foreign branches and subsidiaries.

Jurisdictions should facilitate consolidated KYC risk management by providing an appropriate legal framework which allows the cross-border sharing of information. Legal restrictions that impede effective consolidated KYC risk management processes should be removed.

A global risk management programme for KYC should incorporate consistent identification and monitoring of customer accounts globally across business lines and geographical locations, as well as oversight at the parent level, in order to capture instances and patterns of unusual transactions that might otherwise go undetected. Such comprehensive treatment of customer information can significantly contribute to a bank's overall reputational, concentration, operational and legal risk management through the detection of potentially harmful activities.

Comments on issues outlined in 'Consolidated KYC risk management' are invited and should be submitted to relevant national supervisory authorities and central banks. Comments may also be sent to the Secretariat of the Basel Committee on Banking Supervision at the Bank for International Settlements, CH-4002 Basel, Switzerland by 30 October 2003. Comments may be submitted via e-mail to or by fax to +41 61 280 9100.