Something of a Babylonian confusion, this modern collection of buzzwords: Know Your Customer (KYC), Customer OnBoarding (COB), Customer Due Diligence (CDD), Anti Money Laundering (AML) and the General Data Protection Regulation (GDPR).

The financial sector was hit with many new or updated regulations in past years, and these new regulations haven’t simplified the field. These changes include:

  1. New and updated Anti-Money Laundering Directives 4 & 5 to prevent money laundering in Europe
  2. Payment Services Directory (PSD2) which includes measures to prevent payment fraud and the misuse of financial tools.
  3. MiFID II for more transparency in the investment business.
  4. General Data Protection Regulation (GDPR) for improved handling of personal data.

“The SCOPE client portal allows you to share information with clients and replaces existing CRM systems with ease. With the SCOPE client portal, financial institutions can concentrate on their core business activities – winning and keeping clients” – Quote from Peter Drucker


The Cloud-based software architecture and the increasing availability of relevant information on the internet, such as the mandatory UBO registers for all European countries, opened a big window of added compliance support (RegTech) software. We were suddenly confronted by a wealth of new marketing buzzwords, further complicating matters. Therefore, what is really happening? Think of Know Your Customer (KYC) as a shipping container. Everyone knows what a shipping container looks like, but no one knows its contents.

Some background information:

  1. KYC, as a concept, originates in sales; the idea behind this is that we can sell more to a customer if we address the needs of the individual customer.
  2. CRM hijacked KYC; CRM involves the gathering of information concerning individual customers and contact persons to better address their needs.
  3. Customer Due Diligence is an integral part of your KYC, but it is not the same as KYC.
  4. Customer OnBoarding is a process by which a customer establishes a relationship with the financial institution and provides all of the necessary information for the bank to open an account digitally.

KYC in RegTech is the whole package – everything a Financial Institution should know about a new or existing customer. What the Financial institution should know and register about a customer is determined by:

  1. The AML Directives
  2. MiFID II
  3. GDPR

AML/CDD is a process in which relevant information about the existing or new customer is collected and evaluated for any potential risk for the organization or money laundering/terrorist financing activities. AML/CDD identifies the customer and gathers thorough knowledge of their network and all activities. AML/CDD applies to Financial Services, Real Estate, Lawyers, Trusts, Accountants and Tax Advisors. AML/CDD also applies to art dealers for transactions over 10K.

Also read: The SCOPE CDD Cloud Solution

MiFID II is about transparency in doing business. Financial institutions are required to collect extensive client information. This is a KYC process. Know your customer to provide sound, individual advice. Financial institutions must be able to explain the suitability and appropriateness of their offer. We are moving into a situation in which Financial institutions

are required to measure the clients’ psychological risk tolerance and their ability to bear losses.

The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU).

The GDPR came into effect on 25 May 2018. This law transforms the way organizations within the EU handle the personal data of their clients. The GDPR creates, clarifies, and harmonizes data security legislation across all EU member-states – but also affects organizations from external countries wishing to do businesses within Europe.

This is where it gets a bit funny: AML/CDD requires Financial institutions to collect extensive personal information, and the GDPR serves to protect the data gathered. In essence, the GDPR limits how businesses can collect, use, and store the personal data of their customers and clients – it also creates implications for institutions with AML obligations.

So, KYC, CDD, COB, AML and GDPR; The SCOPE Cloud-based client portal deals with all these challenges in one solution.

The SCOPE client portal is GDPR-resistant; many of the GDPR software requirements, such as Privacy by Design and Privacy by Default, are built into the software. As GDPR also has consequences for your organization, we cannot claim 100% compliance.

The SCOPE Client portal also supports MiFID II-compliant KYC, including psychological risk tolerance testing from FinaMetrica.

Last but not least, the SCOPE client portal has built-in CDD/AML capabilities which utilize reliable data from well-known information suppliers. Everything you need to log is being logged and auditable.