Answers to your questions about The KYC Registry
How has the SWIFT community been involved in The KYC Registry?
The SWIFT community has been instrumental in the development of The KYC Registry. A KYC Registry working group was set up with representatives from 12 of the largest correspondent banks. They set up the Registry’s processes and defined a standard set of KYC data and document specifications to cover the requirements of different jurisdictions – and they are taking the lead in adding their own data to the Registry.
Who is eligible to use The KYC Registry?
The KYC Registry accepts information from correspondent banks and fund distributors and custodians. All SWIFT users registered to use it are able to access the Registry. Non-SWIFT users are not able to access it.
What KYC information does the Registry cover?
The Registry focuses on Know Your Customer information for financial institutions. It holds information about institutions, not about individuals or private customers. The Registry provides a standardised set of data and supporting documentation relevant to KYC and Customer Due Diligence (CDD) requirements, including:
- Category I – Identification of the customer, including legal name, addresses, and regulator. Documentation includes licenses, Proof of Regulation and Certificate of Incorporation
- Category II – Ownership and management structure, including Board of Directors lists and list of shareholders over 10%, with full names and identifying data. Documentation includes Group structure, Memorandum/Articles of Association, Annual Reports, Declaration of UBO, Shareholder listings and organisational charts
- Category III – Type of business and client base: products and services, operating geographies and customer verticals
- Category IV – Compliance information: Enhanced AML Questions, plus AML documentation (AML controls, Wolfsberg Questionnaire, US Patriot Act, response to negative news)
- Category V – Tax Information: TIN, GIIN and FATCA data, and support documentation.
A full list is available when you sign up to use The KYC Registry or upon request at email@example.com.
How has the documentation set been defined?
The standard set of KYC data and document specifications was defined with the KYC Working Group of 12 leading correspondent banks to cover the baseline requirements of the world’s leading supervisory authorities. The Registry also provides the flexibility for users to contribute additional information that may be important in certain of their markets.
Individual institutions remain responsible for meeting the requirements in their markets.
Is The KYC Registry secure?
Security and data protection have been at the core of SWIFT’s business for more than 40 years. SWIFT maintains appropriate technical and organisational measures to protect data in The KYC Registry against accidental or unlawful destruction, accidental loss, alteration, unauthorised disclosure or access. SWIFT has controls in place that are designed to ensure adequate security, covering asset management, human resources security, physical security, access control and application security, system operations and management, networks and communications, security incident management, business continuity management etc. Its corporate security policy and standards are based on principles of ISO/IEC 27002:2005 (Code of Practice for Information-Security Management). SWIFT reviews its security measures on a regular basis
How does The KYC Registry deal with privacy laws?
Can fund distributors and custodians use The KYC Registry? What information can they access and share on the Registry?
Yes, fund distributors and custodians can now contribute their KYC information to the Registry and will also be able to access and use available data, if their counterparty gives approval.
As for all Registry users, fund distributors and custodians can only access a participating institution’s data if the institution agrees. Fund distributors and custodians retain ownership of their own KYC information and have full control over which counterparties can view their data.
What is the pricing model for The KYC Registry?
Pricing is based on data usage. There is no charge for institutions to contribute data or share their KYC information with their counterparties via the Registry. Access to counterparties’ KYC information is on a ‘pay-as-you-go’ basis, so you only pay for information you access.
Unit pricing is a single standard fee. Once access is authorised to that record set, all users at the institution may access and view the full record set at no extra cost.
Which languages does The KYC Registry support?
The data entry is performed in English with the exception of some fields which require names in the local language. Documents can be provided in any language; however an English translation is required for all non-English documents.
The following languages are officially supported for validation of documents: English, French, Spanish, Dutch and German. When a document is uploaded in one of the supported languages, SWIFT will validate both the original document and its English translation (if provided). If a document is uploaded in a non-supported language, SWIFT will publish the document without validation and will only validate its English translation (if provided).