Know Your Customer/Client (KYC) processes were introduced in 2001 as part of the Patriot Act. They were further strengthened in 2016 by the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) rulings around customer due diligence (CDD). Globally, the European Union’s (EU) General Data Protection Regulation (GDPR) regulations took effect in May 2018. GDPR significantly restricts how institutions acquire and manage customer data. These regulations, along with the EU’s Second Payment Services Directive (PSD2), create additional hurdles for organizations in meeting anti-money laundering (AML) and CDD procedures within the KYC compliance framework. The ultimate aim of KYC is to confirm, with a high level of assurance, that customers are who they say they are and that they are not likely to be engaged in criminal activity. KYC is mandated for organizations — primarily financial institutions — and the implementation of KYC procedures, it’s an important signal that the business is trustworthy and cares about protecting its customers.