KYC (Know Your Customer) is the process used by financial institutions and other regulated entities to identify and verify customers before providing services. It involves collecting and validating identity information and assessing customer risk as part of wider AML and financial crime compliance frameworks.

Is KYC the same as AML?

No. KYC focuses on identifying and understanding the customer, while AML focuses on detecting, preventing and reporting suspicious activity such as money laundering and terrorist financing. KYC is one component of AML and financial crime compliance.

How is KYC used in crypto?

KYC in crypto is applied by VASPs and exchanges to identify users behind wallets and accounts. It combines traditional identity checks with on-chain risk assessment, sanctions screening and Travel Rule data requirements. It is essential for licensed and compliant crypto businesses.

What is the best certification for KYC and crypto compliance?

Professionals who want to specialise in KYC and crypto compliance can pursue the C2KO – Certified Crypto KYC Officer and C3O – Certified Crypto Compliance Officer by AC3O. C2KO focuses on crypto onboarding and KYC, while C3O provides a full-scope view of crypto AML, KYC, Travel Rule and VASP compliance.

Home › Compliance Glossary › What is KYC?

What is KYC? 2025 Beginner Guide

KYC (Know Your Customer) is the process used by banks, fintechs, insurers, and now crypto platforms to identify and verify their customers before providing financial services. It is the foundation of AML (Anti-Money Laundering), sanctions compliance, fraud prevention and overall financial crime compliance (FCC).

In simple words: KYC means making sure you know who you are dealing with, where their money comes from, and what they intend to do with it.

KYC vs AML – What’s the Difference?

Many people confuse KYC and AML, but they are not the same:

KYC: Focuses on identifying the customer and understanding their profile.
AML: Focuses on detecting and reporting suspicious activity, including money laundering and terrorist financing.

You can think of KYC as the entry gate – who do we allow in? AML is the surveillance system – what are they doing after they’re inside?

What Are the Objectives of KYC?

A good KYC framework aims to:

Verify identity: Make sure the customer is who they claim to be.
Understand the customer profile: Occupation, income, geography, products they need.
Assess risk: Low, medium or high risk based on behaviour, country, and product use.
Meet legal requirements: Comply with AML laws, sanctions regimes and regulatory expectations.
Prevent abuse: Reduce fraud, money laundering, terrorist financing and other illicit activity.

What Information Is Collected in KYC?

KYC requirements vary by country, but most institutions collect:

Full legal name
Date of birth
Residential address and proof of address
Nationality / country of residence
Government-issued ID (passport, national ID, driving licence, etc.)
Occupation and employer details
Source of funds / source of wealth for higher-risk customers
Contact details (phone, email)

For legal entities (companies, trusts, NGOs), KYC extends to beneficial owners (UBOs), directors, signatories and sometimes key controllers.

KYC Process – Step-by-Step

Customer onboarding: Customer applies for an account, product or service.
Data collection: KYC form completed, documents submitted (ID, address proof, etc.).
Verification: Manual or electronic checks to confirm identity and document authenticity.
Screening: Sanctions, PEP (Politically Exposed Persons) and adverse media checks.
Risk assessment: Risk rating based on geography, customer type, products, and expected behaviour.
Approval / conditions: Account approved, rejected or approved with additional controls (limits, enhanced monitoring).
Ongoing KYC: Periodic reviews, event-driven reviews and updates to KYC data.

How Do CDD and EDD Relate to KYC?

CDD (Customer Due Diligence) and EDD (Enhanced Due Diligence) are levels of KYC:

CDD: Standard KYC for typical customers with normal risk.
EDD: Deeper checks for customers with higher risk – for example, PEPs, high-risk industries, high-risk countries, complex structures.

Regulators expect institutions to apply risk-based KYC – not the same level of checks for every customer, but more effort where the risk is higher.

KYC in Crypto – An Extension of Traditional KYC

As crypto has become regulated, VASPs and exchanges now apply KYC much like banks do. However, crypto KYC must also handle wallet addresses, on-chain risk scoring, Travel Rule data sharing and cross-border customers.

If you want a deeper explanation focused only on the virtual asset world, read: What is Crypto KYC? →

Who Works in KYC? Typical Roles

KYC Analyst / KYC Associate
Onboarding Specialist
CDD / EDD Analyst
KYC Quality Checker / 4-Eye Reviewer
KYC Team Lead / Manager
Crypto KYC Officer (for VASPs and exchanges)

These roles exist in banks, payment companies, fintechs, VASPs, brokerages and even Big4 / consulting firms. Most employers now prefer candidates who combine KYC knowledge with AML and crypto awareness.

How to Build a Strong KYC & Crypto Compliance Career

If you want to move beyond basic KYC checklists and become a serious compliance professional, you need structured, globally recognized training. That’s where AC3O’s certifications come in.

AC3O – ONRIGA-Accredited Crypto Compliance Certifications

AC3O (Global Association of Certified Crypto Compliance Officers) is a global authority in virtual asset compliance education, accredited by the Organization for Next-gen Regulatory Intelligence & Global Accreditation (ONRIGA).

C3O – Certified Crypto Compliance Officer (Gold Standard): Full-scope crypto compliance – KYC, AML, Travel Rule, VASP licensing, DeFi/NFT risk and investigations. View C3O →
C2KO – Certified Crypto KYC Officer: Specialises in crypto KYC, CDD/EDD and onboarding for exchanges, wallets and VASPs. View C2KO →
C2AO – Certified Crypto AML Officer: Focused on crypto transaction monitoring, red flags and SAR/STR management. View C2AO →

For most professionals who want to stay future-proof, the best strategy is:

Build a solid KYC foundation (traditional banking & fintech).
Add crypto compliance credentials like C3O to stay relevant as the industry shifts to virtual assets.

Start with the C3O Certification →