Section Home

Home	Hidden
Home	2

Name

Global FinTech Guide

Country _ Name

Costa Rica

SectionTitle

KYC requirements

Body

The know your customer or know your client (KYC) guidelines and regulations for financial services require that professionals try to verify the identity, suitability, and risks involved with maintaining a business relationship.

Legal affairs

National regulatory framework regarding AML and effective date of the regulations

The Law of narcotic drugs, psychotropic substances, drugs of unauthorised use, related activities, capital legitimation and financing terrorism constitutes the regulatory framework regarding AML. It has first come into force in 1998.

National regulator or relevant authority for AML controls

For FinTechs, the relevant authority for AML controls in Costa Rica is the General Superintendence of Financial Entities.

Customer Due Diligence

Conduct of a typical KYC identification process

Customers or clients need to be identified by the obliged company. Usually, this must take place before the business relationship is established.

In accordance with the Regulation on KYC issued by SUGEF, several personal details must be obtained. In case of a natural person:

Identification information: identification card number, complete name, birthplace, birth date, marital status
Personal information: nationalities, occupation
Communication means: Phone number, e-mail
Complete address
Source of funds
Investment capacity

In case of a legal entity, the Regulation requires the main corporate positions and shareholders or final beneficiaries.

Usually, the identification procedure must be conducted in person.

Possibility to meet customer due diligence requirements by relying on third parties who are obliged by law themselves to comply with AML regulations

Yes, customer due diligence can be outsourced to a third party. However, the responsibility for fulfilling the general due diligence obligations remains with the obliged party.

Possibility to outsource customer due diligence by contract to other third parties who are not obliged by law to meet AML regulations and rely on these (e.g., WebID, IDnow, PostIdent)

Yes, this is possible. However, the contractual third party must meet the AML regulations.

Presence of a license or registration requirement for the third party in case of outsourcing customer due diligence

In general, there is no need for the outsourcing company to acquire a license. However, if the outsourcing company is an obliged company according to SUGEF itself, it has a licence.

Further questions

Entities that could be relied on specifically by law as a third party to comply with AML regulations (regardless of outsourcing)

Yes	credit institutions
Yes	financial institutions
Yes	auditors, external accountants, and tax advisors
Yes	notaries and other independent legal professionals
Yes	other trust or company service providers
Yes	estate agents
Yes	other persons trading high-value goods
Yes	providers of gambling services

BackToCountry	Hidden	Hidden
Back to country	Costa Rica	2

Switch country

Global overview

Authors

Name	Organisation	Email	Hidden	Hidden
Alonso Vargas	Lexincorp Central American Law Firm	[email protected]	0	2117

Choose country

Country	Hidden	Hidden
Albania	167	2
Argentina	512	2
Australia	182	2
Austria	677	2
Bosnia and Herzegovina	197	2
Canada	152	2
Chile	242	2
China	257	2
Colombia	272	2
Costa Rica	287	2
Croatia	302	2
Czech Republic	812	2
Dominican Republic	824	2
Egypt	317	2
France	722	2
Germany	213	2
Hong Kong	737	2
Hungary	347	2
Ireland	692	2
Italy	332	2
Korea, Republic of	362	2
Malaysia	662	2
Mexico	632	2
Montenegro	377	2
New Zealand	392	2
North Macedonia	437	2
Peru	422	2
Philippines	407	2
Poland	482	2
Portugal	497	2
Romania	797	2
Serbia	467	2
Slovenia	527	2
Spain	542	2
Switzerland	707	2
Thailand	557	2
Turkey	752	2
United Kingdom	782	2
United Rep of Tanzania	767	2
United States	587	2
Uruguay	572	2