APAC KYC Policies and Requirements:

A Comparative Overview and Basel

Committee Recommendations

Prepared by :
Lokesh Naik, AML Trainer
Table of Content
Introduction
Key Regulatory bodies
KYC Introduction
APAC KYC Requirements
Basel Comitee on KYC
Final Key Summary
Introduction
Recent studies show that in the past three years, more sanctions have been
placed on financial institutions in the APAC region than ever before. In 2018,
one bank was hit with a record-breaking fine of $534 million. To fight against
money laundering and terrorist financing, the G7 group created the Financial
Action Task Force (FATF) in 1989. Today, this organization includes over 38
members from different countries and regions.

Know Your Customer (KYC) laws have been put in place in many countries, and
some companies are required to follow them. However, these requirements
are not the same everywhere; they can vary from small differences to very big
ones. A company that operates in different countries needs to understand the
local rules in each place it does business. Only by doing this can a company
ensure that its KYC program meets the necessary standards.
Key Regulatory Bodies
Here’s a concise list of banking regulatory bodies for the specified countries:

Countries Banking Regulatories

India Reserve Bank of India (RBI)

china People's Bank of China (PBOC)

Japan Financial Services Agency (FSA)

Singapore Monetary Authority of Singapore (MAS)

Australia Australian Prudential Regulation Authority (APRA)

New Zealand Reserve Bank of New Zealand (RBNZ)

HongKong Hong Kong Monetary Authority (HKMA)

Philippines Bangko Sentral ng Pilipinas (BSP)

Pakistan State Bank of Pakistan (SBP)

KYC Introduction
APAC

The APAC region, with its vast and varied markets, presents unique
challenges and opportunities for financial institutions. In this context, KYC
processes are essential for navigating the complex regulatory
environments and managing the risks inherent in such a diverse economic
landscape. As financial institutions increasingly expand their operations
across borders, the need for stringent KYC protocols has become more
pressing. Effective KYC practices help ensure that businesses operate
within legal frameworks, protect against financial crime, and foster a
secure environment for both customers and institutions, thereby
contributing to the stability and growth of the entire region.
INDIA
KYC Regulations

In order to prevent banks and other financial institutions from being used as a channel for Money Laundering (ML)/ Terrorist Financing (TF)
and to ensure the integrity and stability of the financial system, efforts are continuously being made both internationally and nationally, by
way of prescribing various rules and regulations. Internationally, the Financial Action Task Force (FATF) which is an inter-governmental
body established in 1989 by the Ministers of its member jurisdictions, sets standards and promotes effective implementation of legal,
regulatory and operational measures for combating money laundering, terrorist financing and other related threats to the integrity of the
international financial system. India, being a member of FATF, is committed to upholding measures to protect the integrity of international
financial system.

In India, the Prevention of Money-Laundering Act, 2002 and the Prevention of Money-Laundering (Maintenance of Records) Rules, 2005,
form the legal framework on Anti-Money Laundering (AML) and Countering Financing of Terrorism (CFT). In terms of the provisions of the
PML Act, 2002 and the PML Rules, 2005, as amended from time to time by the Government of India, Regulated Entities (REs) are required
to follow certain customer identification procedures while undertaking a transaction either by establishing an account-based relationship
or otherwise and monitor their transactions.
Continued.
Officially Valid Documents for Individuals

1. Passport
2. Driver’s license
3. Proof of possession of an Aadhaar number
4. Elector’s Photo Identity Card (EPIC) issued by the Election Commission of India
5. Any other government document that has been approved in consultation with a regulator

Officially Valid Documents for Entities

1. Registration certificate
2. Local municipal license/certificate
3. Recent income tax return for the entity or for the sole proprietor
4. Utility bills dated within the last two months
5. CST/VAT/GST certificate, government import/export license
6. Proof of professional license issued by an organization such as the Institute of Chartered Accountants of India, food and drug control
authorities, Medical Council of India (MCI), etc.
CHINA
KYC Regulations

Financial institutions will now be expected to improve their due diligence procedures and identify the Ultimate beneficial Owners (UBOs) of
accounts that are opened and maintained. All clients and other business entities must follow this procedure. Financial institutions must also
have a continuous monitoring process for all transactions. This is mandatory to align financial operations with the People’s Bank of China
(PBOC), China Securities Regulatory Commission, and China Banking and Insurance Regulatory Commission’s amended draft of the 2007
guidelines. The draft is not just being revised for banks and financial firms. Non-bank financial institutions will also be forced to follow the
rules as well. The updated restrictions will also apply to third-party payment companies, distributors, agents, and online lending companies.

According to “Notice of the People's Bank of China on Further Strengthening the Anti-Money Laundering Work of Financial Institutions”
issued in 2008, financial institutions shall strengthen the maintenance and management of client identity data to ensure the accuracy and
validity of client identity data.
Continued.
Officially Valid Documents for Individuals

Individuals: financial institutions are required to verify the customer identification information via a site visit in a face-to-face meeting; they
should enquire with the public security bureau and check the online citizens’ identity information system owned by the PBOC.

Details to be Collected on Corporates

Corporates: financial institutions are required to verify the customer identification information via a site visit in a face-to-face meeting. In
addition, they should enquire with the state administration of industry and commerce.
JAPAN
KYC Regulations

The Act on the Prevention of Transfer of Criminal Proceeds, enacted in 2007 and revised in 2011 and 2013, serves as the basis for Japan’s
Know Your Customer legislation. The law mandates that a customer’s identity be confirmed by cross-referencing name, address, and date
of birth with government-issued identification. Japan’s Financial Services Agency (FSA) enforces Know Your Customer regulations.

Typically, the documents required are similar across countries but are subject to specific national requirements.

1. Passport
Individuals
2. Driver’s license
3. My Number

1. Incorporation certificate
Entities 2. Articles of Incorporation
3. Utility bills dated within the last two months
4. Identification and KYC of Directors/Beneficial Owners
SINGAPORE
KYC Regulations

The Monetary Authority of Singapore (MAS) released a notice in 2007 titled Prevention of Money Laundering and Countering the Financing
of Terrorism that lays out the rules for Know Your Customer (KYC) procedures in Singapore.

Every customer’s full name (including any aliases), social security number, residence address, date of birth, and nationality must be verified
by financial institutions. Documents and other non-centralised data sources, such as applicable databases, can be checked for accuracy.

Typically, the documents required are similar across countries but are subject to specific national requirements.
AUSTRALIA
KYC Regulations

The Anti-Money Laundering and Counter-Terrorist Financing Act was enacted in Australia in 2006. It, along with subsequent laws, lays out
what is needed regarding Know Your Customer and customer due diligence checks. In particular, it mandates collecting and verifying
customer data before providing financial or transactional services for all firms subject to KYC reporting rules. AUSTRAC is the authority in
charge of enforcing the law in Australia.

To understand Australian banking KYC rules and regulations, a good starting point is reviewing the guidelines provided by the Australian
Transaction Reports and Analysis Centre (AUSTRAC). AUSTRAC is the primary regulator for Anti-Money Laundering (AML) and Counter-
Terrorism Financing (CTF) in Australia, and its website offers comprehensive resources that detail the specific KYC requirements for financial
institutions. These guidelines outline the steps banks must take to verify customer identities, monitor transactions, and report suspicious
activities.

Additionally, the Australian Prudential Regulation Authority (APRA) plays a significant role in overseeing KYC compliance within the financial
sector. Exploring the standards and practice guides available on APRA’s website will provide you with in-depth knowledge of the
expectations placed on banks and other financial institutions regarding customer due diligence and risk management.

Typically, the documents required are similar across countries but are subject to specific national requirements.
NEW ZEALAND
KYC Regulations

In New Zealand, KYC (Know Your Customer) requirements for banks are governed by the Anti-Money Laundering and Countering Financing
of Terrorism Act 2009 (AML/CFT Act). This legislation mandates that banks must carry out customer due diligence (CDD) to verify the
identity of their customers before providing financial services. The CDD process involves collecting and verifying personal information, such
as full name, date of birth, and address, through reliable and independent documentation, like a passport or driver’s license for individuals,
and registration documents for businesses.

Banks are also required to maintain accurate records of all CDD and EDD processes, including copies of identification documents and
records of transactions, for at least five years after the business relationship ends. Additionally, they must report any suspicious activities to
the New Zealand Financial Intelligence Unit (NZFIU). Compliance with these KYC requirements is essential for banks to prevent financial
crimes and to ensure they are operating within the legal frameworks established by New Zealand’s AML/CFT laws.

Typically, the documents required are similar across countries but are subject to specific national requirements.
HONG KONG
KYC Regulations

In Hong Kong, KYC (Know Your Customer) requirements for banks are primarily governed by the Anti-Money Laundering and Counter-
Terrorist Financing Ordinance (AMLO). Banks are required to conduct customer due diligence (CDD) before establishing a business
relationship or carrying out occasional transactions above a certain threshold. This involves verifying the customer’s identity, understanding
the purpose of the account or transaction, and assessing the risk associated with the customer. For individuals, this typically means
providing identification documents such as a passport or Hong Kong ID card, along with proof of address. For corporate customers, banks
must verify the identity of the company, its directors, and beneficial owners

Enhanced due diligence (EDD) is required for higher-risk customers, such as politically exposed persons (PEPs) or those from jurisdictions
with weaker AML/CFT controls. Under EDD, banks must collect additional information, closely monitor the customer’s transactions, and
ensure that the source of funds is legitimate. Banks are also obligated to maintain comprehensive records of all KYC activities and report
any suspicious transactions to the Joint Financial Intelligence Unit (JFIU). Compliance with these KYC requirements is crucial for maintaining
the integrity of Hong Kong’s financial system and preventing financial crimes.

Typically, the documents required are similar across countries but are subject to specific national requirements.
PHILIPPINES
KYC Regulations

In the Philippines, KYC (Know Your Customer) requirements for banks are regulated by the Bangko Sentral ng Pilipinas (BSP) under the Anti-
Money Laundering Act (AMLA) and its implementing rules. Banks must conduct customer due diligence (CDD) to verify the identity of clients
before establishing a business relationship or carrying out significant transactions. For individuals, this includes collecting valid identification
documents such as a government-issued ID, proof of address, and, in some cases, the customer’s Tax Identification Number (TIN). For
corporate entities, banks must verify the company’s registration, identify the beneficial owners, and understand the nature of the business.

Enhanced due diligence (EDD) is required for higher-risk customers, such as those involved in large or complex transactions, politically
exposed persons (PEPs), or clients from countries with weaker AML/CFT frameworks. Under EDD, banks need to gather additional
information, including the source of funds, and maintain closer monitoring of the customer’s transactions. Banks are also required to keep
detailed records of all CDD and EDD activities for at least five years and report any suspicious transactions to the Anti-Money Laundering
Council (AMLC). Compliance with these KYC requirements is essential for preventing financial crimes and ensuring the integrity of the
Philippine financial system.

Typically, the documents required are similar across countries but are subject to specific national requirements.
PAKISTAN
KYC Regulations

In Pakistan, KYC (Know Your Customer) requirements for banks are regulated by the State Bank of Pakistan (SBP) under the Anti-Money
Laundering and Counter-Terrorism Financing (AML/CFT) regulations. Banks are required to conduct customer due diligence (CDD) to verify
the identity of their customers before opening accounts or processing significant transactions. This involves collecting and verifying
identification documents, such as a Computerized National Identity Card (CNIC) for individuals, and registration documents for businesses.
Enhanced due diligence (EDD) is necessary for high-risk customers, including politically exposed persons (PEPs) and those from higher-risk
jurisdictions. Banks must also maintain detailed records of all KYC processes and report any suspicious activities to the Financial Monitoring
Unit (FMU) to prevent financial crimes and ensure compliance with national and international AML/CFT standards.

Typically, the documents required are similar across countries but are subject to specific national requirements.
Key Differences in APAC KYC
Requirements
KYC policies for banks across India, China, Japan, Singapore, Australia, New Zealand, Hong Kong, the Philippines, and Pakistan share a
common goal of ensuring customer identity verification and preventing financial crimes like money laundering and terrorism financing.
However, the specific requirements and regulatory frameworks vary by country. For instance, in India, KYC is regulated by the Reserve Bank
of India (RBI) and often involves the use of Aadhaar and PAN for identity verification, while in China, the People's Bank of China (PBOC)
mandates strict identity checks with a focus on monitoring cross-border transactions. Similarly, in Japan, the Financial Services Agency (FSA)
oversees KYC under the Act on Prevention of Transfer of Criminal Proceeds, emphasizing strict record-keeping and due diligence.

In countries like Singapore and Australia, KYC practices are robustly enforced by the Monetary Authority of Singapore (MAS) and AUSTRAC,
respectively, with a strong focus on international standards and risk-based approaches. Both countries require banks to verify customer
identities and conduct enhanced due diligence (EDD) for higher-risk clients, particularly politically exposed persons (PEPs) and complex
transactions. New Zealand follows a similar approach under the AML/CFT Act, regulated by the Reserve Bank of New Zealand (RBNZ),
where customer identity verification and risk assessment are key components of KYC, with mandatory EDD for high-risk customers.

In Hong Kong, the Anti-Money Laundering and Counter-Terrorist Financing Ordinance (AMLO) governs KYC requirements, with a focus on
customer identity verification and EDD for high-risk situations, including cross-border activities. The Philippines, under the regulation of the
Bangko Sentral ng Pilipinas (BSP), and Pakistan, overseen by the State Bank of Pakistan (SBP), also enforce strict KYC protocols, with a
strong emphasis on local identification systems like CNICs in Pakistan. Despite these variations, the underlying principle across all these
jurisdictions is the importance of thorough identity checks, risk assessment, and ongoing monitoring to maintain the integrity of their financial
systems.
 BASEL Comitee on KYC
The Basel Committee on Banking Supervision emphasizes the critical importance of effective KYC (Know Your Customer) practices as part
of a comprehensive approach to managing financial crime risks. According to the Basel Committee's guidelines, banks must implement
robust KYC procedures to verify the identities of their customers, understand the nature of their activities, and assess the risk they pose. This
includes conducting due diligence during the onboarding process and maintaining ongoing monitoring to detect and report suspicious
activities. The guidelines stress that KYC measures should be integrated into the broader anti-money laundering (AML) and counter-terrorist
financing (CTF) frameworks to ensure that financial institutions can effectively combat illegal activities and maintain the integrity of the
financial system.

Furthermore, the Basel Committee underscores the necessity for banks to adopt a risk-based approach to KYC. This means tailoring KYC
measures based on the level of risk associated with different customers, transactions, and geographic locations. Banks are expected to
conduct enhanced due diligence for high-risk customers, such as politically exposed persons (PEPs) and those from high-risk jurisdictions.
The Basel Committee's recommendations aim to provide a standardized approach to KYC that can be adapted to local regulations while
ensuring that banks are equipped to manage and mitigate risks associated with financial crimes effectively.
 Final Key Summary of KYC
Requirements
KYC (Know Your Customer) policies globally focus on verifying customer identities and preventing financial crimes such as money
laundering and terrorist financing. Requirements vary by country: India and Pakistan use national IDs like Aadhaar and CNIC, while China
emphasizes strict identity checks and cross-border monitoring. Japan, Singapore, and Australia enforce comprehensive due diligence, with
enhanced scrutiny for high-risk customers. New Zealand and Hong Kong require robust identity verification and risk assessment, adhering to
international standards. The Philippines and Pakistan also emphasize local identification systems and detailed record-keeping. The Basel
Committee advocates for a risk-based approach to KYC, emphasizing the integration of these measures into broader AML/CFT frameworks
to effectively manage financial crime risks.
Thank You
So Much

Phone Number : Mail Address :

+91 843 197 6788 [email protected]