A customer of the money exchange center fills out personal details in an individual membership application form for individuals or an institutional membership application form for establishments to benefit from the money exchange center’s services. The money exchange center issues a membership card containing a unique number linked to the system, storing personal data, a copy for the ID, signatures verifying the customer's presence and the accuracy of the data provided, and the details of the beneficiary of the transfer at the money exchange centers authorized by SAMA to conduct this activity. The customer can present their membership number for any financial transaction and provide the original ID to confirm identity and that the ID is valid.

Membership is subject to regulatory procedures such as data updating, freezing, reservation, and setting financial limits based on customer status and transaction patterns.

Membership must meet the due conditions for the verification requirements of identity and the real user (beneficiary), including the following:
 

1. The applicant must be 18 years old or older.
2. Complete the KYC information in the membership application form and confirm its accuracy by signing.
3. Provide a copy of a valid national ID for citizens or a residence permit for expatriates. For legal entities (customers with legal capacity), a copy of the commercial registration or activity license to practice the activity, including the address and the actual owner, must be provided.
4. The money exchange center is responsible for verifying data accuracy with original documents, stamping and dating each document, and storing them in the electronic system.
5. A recognized representative must be available for a veiled woman.
6. A representative must be present for visually impaired and minor individuals.
7. For expatriates with a temporary residence permit in the passport, membership can be granted based on this permit (for 3 months) and frozen after its expiration until a valid residence permit is issued.
8. Follow instructions related to prohibited persons as per Security Council resolutions (updated data can be obtained from the UN website or global systems like WORLD CHECK).
9. Specify the number of beneficiaries for money transfers abroad and provide complete information such as name, ID number (if available), account number, and address.
10. Membership cannot be shared among multiple persons and must be used solely for the intended purpose for which it was opened.

The money exchange center must update customer data (regarding their membership) in the following cases:

1. Upon expiration of the ID, commercial registration, or a maximum of 3 years, whichever comes first.
2. When there are doubts about the customer’s identification documents or the nature of their financial transactions.
3. If financial transactions do not match the information provided to the money exchange center or if there is a change in the transaction patterns or behavior of the customer.
4. When changing or adding beneficiaries for money transfers abroad in authorized  money exchange centers.

1. The money exchange center must verify the customer’s identity through valid identification documents in all dealings.
2. The nature of the customer’s activities and transactions must match the size, purpose, and type of financial operations executed, including knowing the actual beneficiary and taking necessary verification measures.
3. Money exchange centers are not allowed to treat legal customers (companies, institutions, organizations, etc.) as transient customers.
4. Internal authorizations or powers of attorney from individuals, institutions, or companies for transactions are not permitted.
5. Financial transfers (in Category A money exchange centers) or currency exchange on behalf of customers are allowed only with a power of attorney from a notary, with the condition that the attorney is a Saudi national, ensuring all data of the membership holder and the attorney are collected per KYC requirements and updated as needed.
6. The validity of residency/visas/temporary residences must be considered when dealing with expatriates, pilgrims, and visitors.
7. Information should be verified based on legal documents such as national ID, residence, or passport, and a copy should be obtained and authenticated by both the customer and the employee.
8. Do not accept transactions under fictitious or unknown names.
9. Link the membership number to the name and ID number and use them as an electronic reference for transactions.
10. Apply KYC requirements and anti-money laundering and counter-terrorism financing rules issued by SAMA, along with other related regulations and instructions.
11. Terminate the relationship with a customer if the money exchange center cannot verify transaction sources or doubts the accuracy of the customer’s identification data or its adequacy, or if the customer continues to use the membership for purposes other than those intended.

The purpose of applying the KYC principle is to enable the money exchange center to form an appropriate understanding that it knows the true identity of each customer with a suitable level of confidence and understands the types of business and transactions the customer is likely to conduct with the money exchange center. The money exchange center’s procedures should include the following to achieve this principle:

1. Continuously identify and verify the identity of all permanent and transient customers.
2. Identify and verify the true beneficiaries of all transactions conducted by customers to the extent that achieves full understanding and knowledge.
3. Assess the risks associated with different types of customers and take appropriate actions to enhance identification and verification requirements for customers or true beneficiaries.
4. Continuously update the identification and verification requirements for all customers and true beneficiaries.
5. Monitor changes in the identity of customers and true beneficiaries and address their impact on oversight and control requirements.
6. Customer and beneficial owner identification records should be accessible to the person responsible for compliance with anti-money laundering and counter-terrorism financing standards and relevant responsible officials.
7. Verify customer and true beneficiary identities from reliable and independent sources.

Applying due diligence procedures here means that money exchange centers monitor customer and true beneficiary financial transactions, ensure they understand and verify all operations they engage in, and ensure the accuracy and clarity of the membership creation data. Money exchange centers in the Kingdom must apply basic due diligence procedures to all permanent and transient customers, including true beneficiaries, and ensure that these procedures are continuous and commensurate with the risk levels associated with the business and transactions conducted by customers, as follows:

1. Monitor financial transaction activities and ensure the compatibility with the information provided by the customers.
2. Apply due diligence procedures when establishing a business relationship and enhance them when conducting occasional transactions exceeding previously disclosed limits or when there is suspicion of money laundering or terrorist financing, regardless of exemptions or specified transaction limits, or if there are doubts about the accuracy or adequacy of previously obtained data for identifying customers.
3. Verify if any person (natural or legal) is acting on behalf of the customer and ensure the legality of this.
4. Identify individuals (natural and legal) who have ownership or control over the customer.
5. Enhance due diligence procedures for high-risk customers and business relationships, which may be due to the customer’s business activity, ownership structure, volume, or types of expected or actual transactions, including those involving high-risk countries or those identified as high-risk under applicable laws or regulations, such as correspondent banking relationships and politically exposed persons.
6. Simplified due diligence procedures are not acceptable if there is suspicion of money laundering or terrorist financing.
7. Mitigate due diligence requirements for relationships classified as low-risk categories, such as:

8. Avoid terminating or restricting business relationships with entire customer categories solely to avoid risk management or limited financial returns (profits) without considering other risk mitigation measures for individual customers within a particular sector and evaluating each case individually.