The BSABSA - The Bank Secrecy Act (BSA) is U.S. legislation aimed toward preventing criminals from using financial institutions to hide or launder money. The law requires financial institutions to provide documentation to regulators whenever their clients deal with suspicious cash transactions involving sums over $10,000. is a U.S. law requiring financial institutions in the United States to assist U.S. government agencies in detecting and preventing money laundering and terrorist financing.
Because it applies to our bank sponsor partners, Bond is contractually obligated to adhere to it because the banks outsource their BSA obligations to Bond (and Brands).
The BSA has been amended several times, including the USA PATRIOT Act of 2001, which requires that financial institutions comply with the stricter Know Your Customer (KYC) rules:
- Customer Identification Program (CIP) - bank required to form a reasonable belief that it knows the true identity of each customer
- Customer Due Diligence (CDD) - bank required to gather relevant info about the customer & evaluate for any potential risk for the organization or money laundering/terrorist financing activities
- Enhanced Due Diligence (EDD) - the process of gathering data & info to verify the identity of customers, but with additional information required to mitigate the risk associated with the customer
Until 2016, one major loophole in KYC remained; banks weren’t required to ID the stakeholders and beneficiaries of the businesses they served.
In practice, this meant that seemingly legitimate businesses could shelter bad actors’ identities while performing illegal, high-value transactions on their behalf.
The regulatory fix, titled “Customer Due Diligence Requirements for Financial Institutions,” is what we know as Know Your Business (KYB).
Banks are required to conduct due diligence on the beneficial owners of the business. There are two methods that are assessed to determine this:
- Ownership: Any individual, if any, who directly or indirectly, through any contract, arrangement, understanding, relationship, or otherwise, owns 25% or more of the equity interests of a legal entity customer.
- Control: A single individual with significant responsibility to control, manage, or direct a legal entity customer. This includes, for example, an executive officer or senior manager, or any other individual who regularly performs similar functions.
There must be at least one individual identified for each of the ownership and control methods, but they can be the same person. In all cases, each legal entity will have between one and five beneficial owners (for for the control method and between none and four under the ownership method).
This is our most commonly asked question. It depends on the type of program (commercial or consumer) and the specific sponsor bank you've chosen to work with. The examples below are for illustrative purposes only and in reality, might be slightly different when you onboard your program with Bond.
Additionally, we support several methods for identity verification through a series of vendors based on what information your customer may or may not have, as well as the user experience you want to provide as you balance onboarding time versus risk.
Fastest onboarding time
Highest approval rates
Note that credit checks are only applicable to credit card products. If you are performing a KYC on a customer for the purposes of a deposit product such as a prepaid card, credit checks are not performed, and there is no pull on the customer's credit.
The non-documentary verification method requires that the customer has a critical identifier such as an SSN (social security number).
Other pieces of documents such as an ITIN (individual taxpayer-identification numbers) cannot be used instead. This is often an indication that your customer should be treated as a business rather than a person. With business information including an ITIN, your customer can go through a KYB flow.
For the scenario where the customer does not have an SSN and cannot be treated as a business (for example, an international student) you can use documentary verification.
The CIP guidelines do not include any specific requirements to perform ongoing KYC/KYB validations. Instead, banks are expected to take a risk-focused approach and reverify identity on certain high-risk customers or in conjunction with suspicious activity monitoring.
When you are switching to Bond and the existing bank is not one of Bond's sponsor banks, we are creating a new relationship with the customer and the bank and we need to run KYC again.
That said, by designing simple and informative screens in your app, you might be able to reduce this burden for your end-users. We're happy to let you know about it when you contact your designated Compliance representative.
Updated 5 months ago