LegalGELegalGE
...

Know Your Customer Procedures

Is CDD mandatory for all clients?

Yes, Standard Customer Due Diligence (CDD) is mandatory. Enhanced Due Diligence (EDD) applies to high-risk clients like PEPs or those from high-risk jurisdictions.

Can I verify clients manually?

Manual verification is allowed but inefficient and prone to error. Automated solutions are recommended and often expected by the regulator for scaling.

What defines a "High Risk" country?

Jurisdictions identified by FATF or the Georgian National Bank as having weak AML/CFT regimes are considered high risk.

How to handle PEPs (Politically Exposed Persons)?

You must establish the source of wealth and funds for PEPs and obtain senior management approval before establishing a business relationship.

Reading Time

3 min

Published

...

Know Your Customer (KYC) Procedures represent a fundamental part of Anti-Money Laundering (AML) efforts. "Know Your Customer" is not just about requesting a passport copy; it is a complex process aimed at establishing who your client truly is, the nature of their business, and the source of their funds. In Georgia, for VASPs (Virtual Asset Service Providers) and financial institutions, adhering to strict KYC procedures is mandatory. The National Bank pays special attention to Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) for high-risk individuals.

KYC procedure services include full technical and legal support for setting up the client onboarding process. The service covers:

  • Identification and Verification: Implementing remote identification methods (video verification, biometrics) in compliance with legislation.
  • Beneficial Owner (UBO) Identification: Procedures for revealing the real owner of corporate clients, often challenging due to complex ownership structures.
  • Sanctions Screening: Automated checking of clients against UN, EU, US, and Georgian internal sanctions lists.
  • Politically Exposed Persons (PEP) Management: Identifying individuals with PEP status and imposing Enhanced Due Diligence (EDD) on them.
  • Risk Profiling: Classifying clients into low, medium, and high-risk categories.
  • Ongoing Monitoring: Periodically updating client data and analyzing transactional behavior.

In practice, neglecting KYC leads to serious problems. For example, a crypto company performs simple verification (ID card only). It turns out one client is a sanctioned individual using a stolen identity. This triggers an international scandal and severe regulatory backlash. Another case: During corporate onboarding, a company fails to identify the real beneficiary, who turns out to be a politician involved in corruption. A third scenario: A company uses third-party KYC software that does not comply with Georgian personal data protection laws, leading to fines from the Data Protection Inspector.

Georgian legislation, specifically the Law on Prevention of Money Laundering and National Bank regulations, strictly defines KYC requirements. Article 10 obliges accountable persons to identify the client before starting a business relationship. Special requirements apply to remote verification, where "Liveness" checks are mandatory.

The process begins with drafting a KYC policy and selecting appropriate software (e.g., Sumsub, Veriff, Shufti Pro). Lawyers ensure that the technical process ("User Journey") aligns with legal requirements. KYC Questionnaires are also developed to determine the Source of Funds.

Specialists featured on Legal.ge will help you implement an efficient and lawful KYC system. This protects you from fraudsters, sanctions violations, and regulatory fines. Know your customer and protect your business with the help of Legal.ge.

Updated: ...

Specialists for this service

Loading...