Know Your Supplier (KYS): our guide to being compliant and fighting fraud

Financial fraud isn’t only a matter of financial and reputational loss for your company. It’s also the way criminals launder money and finance illegal activities. One of the solutions? Know Your Supplier (KYS) regulations. They protect you against payment fraud by enforcing account validation and improving your supplier risk management.

How can you be compliant and which tool can you use for effective third-party validation?

Trustpair helps you with the KYS process by continuously monitoring your suppliers’ data and making sure you’re compliant with US laws. Contact an expert to learn more.

What does Know Your Supplier mean?

A definition of KYS

KYS stands for “Know Your Supplier”. Originally a requirement for financial institutions, it has spread to become the norm in the B2B world.

It is a due diligence tool that companies use to ensure they know who they are doing business with. KYS requires you to confirm your supplier’s identity before entering into a commercial relationship with them.

Applying it in your organization limits the risk of fraud, but also ensures you remain compliant with regulations.

Know Your Supplier and its counterpart Know Your Customer (KYC) are both important elements of the Anti Money Laundering (AML) law. They do however have some differences.

The difference between KYS and KYC

Both KYC and KYS have the same goal: verify the identity of your third-party, and prevent financing of terrorism and money laundering.

Where they differ is in their application:

• KYC is for customers (B2C),
• KYS is for suppliers or vendors (B2B).

There is also a third process called KYB, for “Know Your Business”, which serves the same intent but puts the emphasis on the structure and legitimacy of the business of your third parties.

Verifications must be done for all your third parties before starting your business relationship. They both require an understanding of similar business processes.

Why are Know Your Supplier (KYS) checks so crucial?

Know Your Supplier (KYS) is an important part of your due diligence process. It helps you carry out a thorough risk assessment with your vendors; it’s also a legal requirement – you’ll learn more about this below.

The goal of KYS is simple: reduce your financial risk, like:

• Financial fraud,
• Money laundering,
• Tax evasion,
• Financing of terrorism and other illegal activities.

Criminals have become more creative about the way they commit fraud. Invoice fraud is now a common way to commit money laundering. Scammers impersonate your suppliers and send fake invoices with their own bank account details.

They can inflate costs, and send invoices for services never rendered or products never delivered. Some also hack into your supplier’s security system or email provider to get you to switch the legitimate bank details for their own.

Supplier relationship management isn’t only a good business practice, it’s a necessary one for business continuity. Most fraud attempts are undetected, so you want to be auditing your third-party credentials every time you’re about to send them a payment – to ensure they haven’t been compromised.

In brief, KYS helps mitigate your third-party risks and better manage your supply chain. It’s also a legal requirement.

Learn more about B2B payment fraud by downloading our latest report!

What does the law say about account validation?

More than making business sense, using KYC to do supplier risk management is a legal requirement. Failure to meet those requirements would be a huge compliance risk and can result in severe fines and sanctions.

KYC is mandatory for financial institutions and services, which they then pass down to their customers. Nowadays, most companies have to do it.

In the US, the KYS process took root through various legal texts. AML (anti-money-laundering) regulations were first introduced in the 70s to fight money laundering and are overseen by FINRA. The Patriot Act and the Bank Secrecy Act also contributed to enhancing third-party vigilance.

Whichever angle you use to look at it, KYC is a must-have for corporations. Doing so effectively is good compliance management practice, and will limit the risk of fraud.

How can you effectively execute account validation?

Involved teams and departments

Two departments are directly implicated by KYS requirements:

• Procurement: as they’re in charge of your sourcing, they’re directly involved in your supplier management, receiving purchase orders through procurement software, negotiating commodities, and bidding for goods and services (learn more on procure-to-pay process here).

They’re naturally the ones who must check your new suppliers’ identities and backgrounds before authorizing them to access some of your company’s information. No invoice should be sent (let alone paid!) before the KYS process is successfully passed.

• Financial services: their role is to proactively set up internal controls to limit your third-party risk. This ensures proper risk mitigation with your suppliers.
  As they deal with your account payables, they must know about risk and compliance management processes. Involving your finance team in your purchasing strategy also means they’ll be able to improve your profitability by analyzing and forecasting your sourcing strategy.

The steps to be supplier compliant

Becoming supplier compliant is a process that requires time and careful implementation within your organization. Here are a few steps to follow:

1. Establish a supplier code of conduct that will define your risk of fraud (corruption, money laundering, etc.)
2. Map out your risks. The goal is to identify the main risks your company is exposed to. Consider your suppliers and your tools, but also which countries you’re established in. To quantify your risk, attribute a metric to them on a scorecard to weigh each one in terms of risk exposure.
3. Set up external and internal control processes. An auditor identifies fraud, catches oversights, and overall helps with mitigating your risks. Your internal control team will help provide a standardized process for your global supply chain.
4. Train your teams to spot any risk of fraud and carry out proper due diligence when working with suppliers, especially with international contracts. It pays to be proactive! Your team should receive cybersecurity training that’ll teach them incident management in case of data breach, and decide on a contingency plan.
5. Set up a whistleblower process, so your employees can raise any suspicion without risking losing their jobs (mandatory for government agencies).

These steps will contribute to further protecting your organization against the risk of fraud. It’s essential for your employees to be involved in your supply chain risk management. Your company also needs to look for continuous improvement to further streamline your KYS.

The steps of the KYS process

While the Know Your Supplier (KYS) process is applied with various degrees of complexity across an organization, in its essence, it’s quite simple.

The whole KYS process can be summed up in 3 steps. To carry out a proper risk assessment, you must:

1. Verify the legal identity of your supplier.
2. Check the financial risk of your vendor (its solvability, debts, etc.)
3. Estimate the operational risks of doing business with your supplier. That means checking who their Ultimate Beneficial owners are (UBO) as well as who they themselves do business with.

Once you have verified those answers, you should be good to go and start a relationship with them. It’s important to note that while the KYS happens mainly at the start of your supplier relationship, it’s necessary to carry it out regularly, especially if the company has a change of ownership or stakeholders.

At Trustpair, we recommend checking your third party’s credentials every time there is a change in their banking details. Our software makes this process quick and effortless

On the other hand, doing so manually can quickly become time-consuming. That’s why you should look at tools to help with your KYS process.

What tools can you use for Know Your Supplier (KYS) checks?

Using software to optimize your KYS process

Securing your third-party master file is a long-term job that’s costly in terms of time and labor. The good news is: various tools now allow you to optimize your KYS business process.

As they’re more in-depth than manual checks could ever be, they help further reduce the risk of fraud. All that contributes to saving precious labor time for your CFO, accountants, procurement officers, and other financial executives. It gives your team – and company – a competitive advantage, as it’s time that can be used for more strategic tasks with added business value.

Tools like Trustpair can scan your suppliers’ bank and legal information in real-time, auditing your whole third-party base in a matter of minutes. Software automates your KYS process while making your payments more secure.

Using Trustpair for your KYS

Using a solution like Trustpair gives you confidence in your due diligence process. Our smart vendor data management system carries out all the necessary authentication details that would otherwise be hard to spot.

It’s especially difficult for US companies who work with overseas suppliers to ensure they’re well protected against fraud. Our account validation features help you lower the risk of fraud while remaining compliant with KYS regulations when running a global business.

Our SaaS software plugs into various international data sources. That ensures the validity and ownership of the data in your vendor master file while carrying out the necessary identification and background checks for each supplier.

Because all of this is done automatically and in real time, you are protected against vendor fraud and other types of fraud. Added visibility on your supply chain means you can rest easy knowing that the funds are always transferred to the right bank account.

Trustpair improves your risk assessment easily and makes you more compliant with KYS regulations. Contact a fraud expert to learn more!

Key Takeaways:

• The Know Your Supplier (KYS) process is essential to lower the risk of fraud and to remain compliant with US regulations.
• Consider using a tool like Trustpair to optimize your KYS process and increase your security against accounts payable fraud.