financialcrimedecoded.com · 5 minute read · Written for everyone
Lagos, 2019. A compliance officer I know — sharp, meticulous, two decades in the industry — watched his elderly mother get turned away from a bank branch for the third time in two weeks. Wrong documentation. Not the documents themselves. The format. The bank needed a utility bill dated within ninety days. She had one. It was ninety-four days old.
He described it to me later with a mixture of exhaustion and dark amusement. He had spent his entire career building the kind of systems that had just failed his own mother. The rules he had helped enforce, in an institution not unlike that branch, had a cost he had always known existed in the abstract. That day, it had a face.
This is the other side of KYC. Not the regulatory framework. Not the compliance programme. The queue. The person at the counter. The form that does not quite fit the life being lived.
What KYC Is — Without the Definition
Every article you have ever read about KYC starts the same way. Know Your Customer. A regulatory requirement. Identity verification. Risk assessment. The three pillars of customer due diligence.
That is all accurate. It is also the least interesting thing about the subject.
More useful, perhaps, is this: KYC is the financial system’s attempt to answer a question that sounds simple and turns out not to be. Before we do business with you — before we hold your money, move your money, lend you money — who are you, really? Not who you say you are. Who you demonstrably, verifiably are.
The reason that question matters is not complicated. Financial crime depends on anonymity. A fraudster cannot profit from fraud if every transaction is traceable to a verified identity. A corrupt official cannot move stolen public funds if every account requires documented proof of source of wealth. A sanctions evader cannot access the international financial system if every institution knows, with certainty, exactly who they are dealing with.
KYC is the front door. The lock on it. The question asked before the door opens.
Why the Door Keeps Catching the Wrong People
The lock, unfortunately, is not very well-designed for the variety of hands that need to open it.
The global KYC framework was built primarily around a particular kind of customer: settled, formally employed, resident in a high-income country with functioning civil registration systems. Passport. Recent utility bill. Bank statement showing a salary hitting a named account each month. Clean, simple, easy to verify.
For everyone else — and the World Bank estimates that roughly 850 million people globally still lack any official proof of identity — the same framework becomes a barrier rather than a gateway. Refugees. Seasonal workers. People in countries where the civil registry is incomplete or unreliable. People whose names, as rendered in a Western database, do not match their document exactly. Elderly people who have never had a utility bill in their own name because a spouse or a landlord handled it for forty years.
None of these people are financial criminals. But the system, as designed, cannot always tell the difference quickly enough. And when it cannot tell the difference quickly enough, the default is denial.
The Compliance Officer Who Changed His Mind
The person I mentioned at the start of this piece spent years believing that the rigour was the point. That every rejected document, every returned form, every extra visit to the branch was the cost of a system that, on balance, made the financial world safer.
He still believes that, to a degree. What changed was the degree.
After his mother’s experience, he began to look differently at the de-risking decisions made by his own institution. De-risking is the practice of cutting off or refusing entire categories of customer — certain nationalities, certain industries, certain transaction types — not because of specific wrongdoing but because the compliance cost of serving them is high and the commercial return is thin. It is legal. It is common. And it produces, as a side effect, the systematic exclusion of communities that have the least access to formal financial services and the most need of them.
The money services businesses that transfer remittances from diaspora communities to families in West Africa. The small import-export companies operating in regions flagged as high-risk by FATF mutual evaluations. The NGOs trying to move aid money into conflict zones. All of them caught in a net designed for criminals.
What This Has to Do With You
If you have opened a bank account in the last decade, KYC happened to you. The questions about your occupation and source of funds. The request for a second form of ID. The occasional letter asking you to confirm details that have not changed.
Most of the time it is friction you barely notice. Occasionally it is more than that — a mortgage delayed, a payment platform that holds your account pending review, a question about a transfer that felt entirely unremarkable to you and apparently did not to the algorithm.
Understanding why these things happen does not make them less annoying. But it does change what you do with the frustration. The compliance officer in Lagos was not wrong to build rigorous systems. His institution was not wrong to require documentation. The problem is not the principle. It is the distance — still considerable — between the principle and its application at the counter, with the person who has a four-day-old utility bill and nowhere else to bank.
Decoded: KYC is necessary. Its implementation has collateral damage. Closing that gap is not a regulatory question — it is a design question. And design questions get answered when enough people understand what is actually being designed.
Financial Crime Decoded 
Leave a comment