Three terms used constantly, and confused just as often
KYC, AML, and EDD get used interchangeably across financial services. They are not the same thing, and mixing them up in a regulatory examination is the kind of mistake that's hard to walk back. Here is the plain-English breakdown.
What each term actually means
They describe different layers of the same goal: knowing who you're dealing with and keeping financial crime out. Read them left to right, foundation first.
The process of verifying a customer's identity before and throughout your relationship with them. The foundation of compliance.
At onboarding, and again whenever customer risk changes materially.
Treating it as a one-time check rather than an ongoing obligation.
The broader framework of laws, policies, and controls designed to detect and prevent financial crime.
Continuously, across every alert, transaction, and customer relationship.
Confusing it with KYC. KYC is a component of AML, not a synonym for it.
A deeper level of scrutiny applied to higher-risk customers, including PEPs, complex ownership structures, and customers from high-risk countries.
When standard KYC flags a customer as higher risk. Triggered, not routine.
Skipping it for customers who "seem low risk" without a documented rationale.
Not three separate jobs. One layered system.
KYC is the foundation. AML is the system built on it. EDD is what you apply when the system raises a flag. Get the layering right and each piece reinforces the others. Get it wrong and the gaps are exactly what an examiner looks for.
One platform for all three layers.
Sentinel ™ by Truth Technologies handles identity verification, continuous AML monitoring, and risk-triggered EDD workflows in a single platform, with the audit trail to prove each decision at examination.
See KYC, AML, and EDD working in one place.
A short walkthrough of Sentinel ™ shows how identity verification, continuous monitoring, and enhanced due diligence connect into a single, examination-ready workflow.