Know your customer (KYC) and electronic identity verification (eIDV) checks are effective methods for quickly screening users during onboarding. But a mature anti-money-laundering program requires a separate method of monitoring transactions and users after they onboard.

KYC systems are excellent at verifying information about a user based on a set of provided data. It can compare that information to catch sanctions violations, verify addresses, and detect either maliciously or mistakenly incorrect information.

However, consider the case of a shell company. A newly created shell company might be an LLC with an address, a claimed line of business, and a TIN. How does that differ from a legitimate LLC someone might create when starting a small business? If someone wants to start an e-commerce business and have it headquartered at their apartment, how does that differ from a newly formed small business with no warehouse, minimal operational costs, and no website? Further, if someone is a criminal intending to launder money and has not been caught, what information could be used to exclude them from your platform during the KYC process?

That some bad actors slip through the checks isn’t a bug in the KYC process, it’s a feature. Building up your userbase by catering to new users is necessary, and so it’s ridiculous to say that we should block a certain class of users because some small fraction of that class might be malicious. It stifles growth and creates too much friction. But once a user has been onboarded, we can sort the legitimate users from the illegitimate by looking for anomalies in their transaction history, profile updates, behavior, and device signatures.

It is only after users join that we could start to uncover suspicious transaction patterns. In one case, we were able to deduce that certain electronics that have both civilian and military uses were being exported to countries neighboring Russia. These dual-use electronics can be repurposed by adversaries to create weapons that endanger our national interests. This business was doing some pretty dangerous stuff and yet, they rightfully gained access to a bank account based on its KYC profile. They were just a two-person computer hardware company and at the time they stated they would not be doing business internationally. But by investigating the counterparties on their transactions we could see what was really going on.

Onboarding and transaction monitoring form a symbiotic relationship. Each of these pieces is important in its own way. KYC checks typically occur at onboarding and then at some periodic interval, providing context and laying a solid foundation for future investigations. Transaction monitoring can take advantage of the information gleaned during KYC/eIDV and find all the bad actors who make it onto the system. Together, KYC and transaction monitoring are necessary components of building a stronger, more comprehensive compliance program.