generated from coulomb/repo-seed
Add source notes on FinCEN CDD/BOI beneficial ownership and ISO 6523/ALEI registry identifier subtypes. Resolve OpenQuestions: Beneficial Ownership Relationship as dedicated type; Registry Identifier and Proxy Commercial Identifier as Reference layer specializations. Update glossary, conceptual model, terminology, downstream recommendations, and corpus index.
105 lines
4.9 KiB
Markdown
105 lines
4.9 KiB
Markdown
# KYC AML and Commercial Identity Binding
|
|
|
|
## Source Type
|
|
|
|
Regulatory framework synthesis. USA PATRIOT Act CIP, FinCEN KYC/AML, FATF digital
|
|
identity guidance.
|
|
|
|
## Domain
|
|
|
|
Financial regulation, customer identification, beneficial ownership, and ongoing
|
|
commercial relationship monitoring.
|
|
|
|
## Why This Source Matters
|
|
|
|
KYC/AML is where governments **mandate** commercial identity binding: institutions
|
|
must verify who they transact with, retain evidence, and monitor behavior. This is
|
|
the strongest practical force turning fluid identities into **regulated,
|
|
high-stakes counterparty records**.
|
|
|
|
## Key Concepts
|
|
|
|
- **KYC (Know Your Customer)**: policies ensuring institutions know customers and risks.
|
|
- **AML (Anti-Money Laundering)**: broader program preventing illicit finance.
|
|
- **CIP (Customer Identification Program)**: US mandate to verify identity before account opening.
|
|
- **CDD (Customer Due Diligence)**: risk assessment of customer relationship.
|
|
- **EDD (Enhanced Due Diligence)**: heightened review for high-risk customers.
|
|
- **Beneficial owner (BO)**: natural persons owning/controlling legal entity customers
|
|
(historically 25% threshold; may be lowered for high risk).
|
|
- **Ongoing monitoring**: transaction surveillance after onboarding.
|
|
- **Record retention**: CIP records kept years after relationship ends.
|
|
- **Sanctions / PEP screening**: compare identities against government lists.
|
|
- **Digital identity (FATF)**: guidance on digital ID assurance for KYC.
|
|
|
|
## Relevant Terminology
|
|
|
|
| Term | Source meaning |
|
|
| --- | --- |
|
|
| KYC | Know-your-customer compliance program. |
|
|
| CIP | Customer identification at onboarding. |
|
|
| Beneficial owner | Natural person behind legal entity customer. |
|
|
| PEP | Politically exposed person (elevated risk). |
|
|
| Due diligence | Risk-based identity and activity review. |
|
|
| Ongoing monitoring | Continued scrutiny of customer activity. |
|
|
| Risk profile | Customer risk classification. |
|
|
| FinCEN | US Financial Crimes Enforcement Network. |
|
|
|
|
## Modeling Assumptions
|
|
|
|
- **Commercial relationship triggers identity rigor** proportional to risk.
|
|
- **Legal entity customers require beneficial owner identification** — natural
|
|
persons bound to organization customers.
|
|
- **Identity verification is not one-time**; monitoring continues across lifecycle.
|
|
- **Evidence must be retained** even after account closure.
|
|
- **False identity has regulatory and criminal consequences** — binding is external,
|
|
not user preference.
|
|
- **Friction is accepted** where commercial stakes require it.
|
|
|
|
## Identity-Canon Implications
|
|
|
|
- KYC onboarding creates **Commercial Record** + **Commercial Commitment** (regulated
|
|
relationship) bound to **Natural Person** and/or **Organization/Legal Entity**.
|
|
- **Beneficial owner** maps to **Natural Person** linked via **Beneficial
|
|
Ownership Relationship** to Organization/Legal Entity customer (see
|
|
`beneficial-ownership-kyc-boi.md`).
|
|
- CIP evidence maps to **Evidence Source** with **Assurance Level**.
|
|
- Ongoing monitoring produces **Evidence Source** events affecting **Lifecycle State**
|
|
and **Trust Relationship**.
|
|
- Supports fluid-to-bound transition: anonymous lead → verified customer with retained proof.
|
|
- **Account** (bank/login) is insufficient alone; KYC binds the **counterparty**.
|
|
|
|
## Terminology Conflicts
|
|
|
|
- **Customer (KYC)** vs. **Customer (Stripe)** vs. **Customer (role)**: regulated
|
|
counterparty vs. billing object vs. commercial role.
|
|
- **CIP customer** vs. **Account holder**: verified party vs. access credential.
|
|
- **Digital identity** vs. **login identity**: assurance-ranked ID vs. session user.
|
|
|
|
## Candidate Canonical Mappings
|
|
|
|
| KYC/AML concept | Candidate canonical concept |
|
|
| --- | --- |
|
|
| Verified customer | Commercial Record + Actor binding |
|
|
| CIP evidence | Evidence Source |
|
|
| Beneficial owner | Natural Person + Beneficial Ownership Relationship |
|
|
| Risk profile | Assurance Level + metadata on Commercial Relationship |
|
|
| EDD review | Evidence Source (enhanced) |
|
|
| Sanctions hit | Lifecycle State / Trust Relationship revocation |
|
|
| Transaction alert | Evidence Source event |
|
|
| Record retention | Lifecycle/archival policy on Commercial Record |
|
|
|
|
## Open Questions
|
|
|
|
- Standard `control_basis` enum across US CDD and EU AMLD wording.
|
|
- How to model BOI registry volatility in lifecycle without canon becoming legal advice?
|
|
|
|
## Resolved (see beneficial-ownership-kyc-boi.md)
|
|
|
|
- Beneficial Owner → **Beneficial Ownership Relationship** (dedicated type, not Ownership subtype).
|
|
|
|
## References
|
|
|
|
- Thomson Reuters, Customer Identification Program overview — https://legal.thomsonreuters.com/blog/overview-customer-identification-program-cip/
|
|
- Okta KYC definition — https://www.okta.com/identity-101/kyc/
|
|
- FinCEN, USA PATRIOT Act Section 326 — https://www.fincen.gov/resources/statutes-regulations/usa-patriot-act
|
|
- FATF Guidance on Digital Identity — https://www.fatf-gafi.org/en/publications/Fatfrecommendations/Guidance-on-Digital-Identity.html |