generated from coulomb/repo-seed
Add source notes on FinCEN CDD/BOI beneficial ownership and ISO 6523/ALEI registry identifier subtypes. Resolve OpenQuestions: Beneficial Ownership Relationship as dedicated type; Registry Identifier and Proxy Commercial Identifier as Reference layer specializations. Update glossary, conceptual model, terminology, downstream recommendations, and corpus index.
4.9 KiB
4.9 KiB
KYC AML and Commercial Identity Binding
Source Type
Regulatory framework synthesis. USA PATRIOT Act CIP, FinCEN KYC/AML, FATF digital identity guidance.
Domain
Financial regulation, customer identification, beneficial ownership, and ongoing commercial relationship monitoring.
Why This Source Matters
KYC/AML is where governments mandate commercial identity binding: institutions must verify who they transact with, retain evidence, and monitor behavior. This is the strongest practical force turning fluid identities into regulated, high-stakes counterparty records.
Key Concepts
- KYC (Know Your Customer): policies ensuring institutions know customers and risks.
- AML (Anti-Money Laundering): broader program preventing illicit finance.
- CIP (Customer Identification Program): US mandate to verify identity before account opening.
- CDD (Customer Due Diligence): risk assessment of customer relationship.
- EDD (Enhanced Due Diligence): heightened review for high-risk customers.
- Beneficial owner (BO): natural persons owning/controlling legal entity customers (historically 25% threshold; may be lowered for high risk).
- Ongoing monitoring: transaction surveillance after onboarding.
- Record retention: CIP records kept years after relationship ends.
- Sanctions / PEP screening: compare identities against government lists.
- Digital identity (FATF): guidance on digital ID assurance for KYC.
Relevant Terminology
| Term | Source meaning |
|---|---|
| KYC | Know-your-customer compliance program. |
| CIP | Customer identification at onboarding. |
| Beneficial owner | Natural person behind legal entity customer. |
| PEP | Politically exposed person (elevated risk). |
| Due diligence | Risk-based identity and activity review. |
| Ongoing monitoring | Continued scrutiny of customer activity. |
| Risk profile | Customer risk classification. |
| FinCEN | US Financial Crimes Enforcement Network. |
Modeling Assumptions
- Commercial relationship triggers identity rigor proportional to risk.
- Legal entity customers require beneficial owner identification — natural persons bound to organization customers.
- Identity verification is not one-time; monitoring continues across lifecycle.
- Evidence must be retained even after account closure.
- False identity has regulatory and criminal consequences — binding is external, not user preference.
- Friction is accepted where commercial stakes require it.
Identity-Canon Implications
- KYC onboarding creates Commercial Record + Commercial Commitment (regulated relationship) bound to Natural Person and/or Organization/Legal Entity.
- Beneficial owner maps to Natural Person linked via Beneficial
Ownership Relationship to Organization/Legal Entity customer (see
beneficial-ownership-kyc-boi.md). - CIP evidence maps to Evidence Source with Assurance Level.
- Ongoing monitoring produces Evidence Source events affecting Lifecycle State and Trust Relationship.
- Supports fluid-to-bound transition: anonymous lead → verified customer with retained proof.
- Account (bank/login) is insufficient alone; KYC binds the counterparty.
Terminology Conflicts
- Customer (KYC) vs. Customer (Stripe) vs. Customer (role): regulated counterparty vs. billing object vs. commercial role.
- CIP customer vs. Account holder: verified party vs. access credential.
- Digital identity vs. login identity: assurance-ranked ID vs. session user.
Candidate Canonical Mappings
| KYC/AML concept | Candidate canonical concept |
|---|---|
| Verified customer | Commercial Record + Actor binding |
| CIP evidence | Evidence Source |
| Beneficial owner | Natural Person + Beneficial Ownership Relationship |
| Risk profile | Assurance Level + metadata on Commercial Relationship |
| EDD review | Evidence Source (enhanced) |
| Sanctions hit | Lifecycle State / Trust Relationship revocation |
| Transaction alert | Evidence Source event |
| Record retention | Lifecycle/archival policy on Commercial Record |
Open Questions
- Standard
control_basisenum across US CDD and EU AMLD wording. - How to model BOI registry volatility in lifecycle without canon becoming legal advice?
Resolved (see beneficial-ownership-kyc-boi.md)
- Beneficial Owner → Beneficial Ownership Relationship (dedicated type, not Ownership subtype).
References
- Thomson Reuters, Customer Identification Program overview — https://legal.thomsonreuters.com/blog/overview-customer-identification-program-cip/
- Okta KYC definition — https://www.okta.com/identity-101/kyc/
- FinCEN, USA PATRIOT Act Section 326 — https://www.fincen.gov/resources/statutes-regulations/usa-patriot-act
- FATF Guidance on Digital Identity — https://www.fatf-gafi.org/en/publications/Fatfrecommendations/Guidance-on-Digital-Identity.html