Financial Crime World

Bangko Sentral ng Pilipinas Issues New Rules for Electronic Know Your Customer Processes

The Bangko Sentral ng Pilipinas (BSP) has recently issued new guidelines covering financial institutions’ use of electronic “know your customer” (KYC) processes. These guidelines provide minimum requirements for digital identification and verification of clients, aiming to promote more efficient and seamless identity verification through technology and existing e-KYC systems.

Promoting Financial Inclusion

According to BSP Governor Felipe M. Medalla, e-KYC is a key enabler of innovation and digital transformation aimed at advancing the country’s financial inclusion agenda. The new rules require BSP-supervised financial institutions (BSFIs) to use strong information and communication technology architecture, with appropriate onboarding requirements and authentication assurance levels.

Key Requirements

  • BSFIs must adopt tiered or risk-based e-KYC policies and procedures
  • Covered persons may use different methods to conduct customer identification and verification, including e-KYC through digital ID systems
  • Identity proofing can be documented digitally, physically, or both, but authentication and credentialing must be in digital form
  • Robust technology, adequate governance, processes, and procedures are required to ensure accurate results from digital ID systems used for customer due diligence (CDD)
  • Covered persons are required to comply with the digitization of customer records under relevant BSP and Anti-Money Laundering Council issuances

PhilSys-enabled e-KYC

The Philippine Identification System (PhilSys)-enabled e-KYC is an acceptable system under Republic Act No. 11055, and will be launched by the Philippine Statistics Authority (PSA).

Implementation Timeline

  • Institutions with existing e-KYC systems have one year to comply with the prescribed e-KYC requirements
  • BSFIs that intend to shift to an e-KYC system must comply with the new rules before implementing their new processes

Non-Compliance

If a covered person is unable to comply with the CDD measures, the BSFI-involved shall not open the account, commence business relations or any transactions, and should consider filing a suspicious transaction report on the customer.