In the twenty-first century, countries around the world have slowly developed more and more rules around KYC–a three-letter acronym that embodies much of what is at the soul of finance. If you don’t know, this stands for “know your client,” and it is surprisingly complicated and important.

At its core, “KYC” might sound pretty simple; it just means that financial firms, if they have a client-provider relationship with a party, must know who that party really is. The “C” in “KYC” is critical; if you’re a financial institution and you do not have a client relationship, you don’t really need to know who that is.

But what is a client relationship, anyway? Such a term is vague at best, which is why some countries have stricter KYC rules than others. In some jurisdictions, foreign currency exchange implies a KYC relationship, so the money exchanger must get and maintain records of whom they are exchanging currency with. In others, this is not a client-provider relationship, so records aren’t required.

Whether the extra paperwork and bureaucracy in that particular example is worth it is debatable, and it is worth considering that many jurisdictions that have this extra bureaucracy are also much more corrupt than ones without it (some theorize that extra bureaucracy incentivizes corruption as a means of cutting red tape). But the important point is that there is a drive in this situation to do what is at the core of finance: to know your client, because if you don’t, you could be an accessory to illegal activity.

Take a much less controversial example: a private wealth manager in a jurisdiction with low taxes. If that wealth manager has no KYC restraints, dictators from brutal regimes could transfer money to those managers and have a safe haven for their blood money; such activity has been traced to large banks in Switzerland, Monaco, Macau, Panama, and other small nations worldwide. KYC restraints should, in theory, limit the ability for those evildoers to have access to banking services, thus making it harder to profit from evil.

Beyond the ethical element are the obvious political and legal elements. Take, for instance, the now notorious HSBC (HSBC) money laundering scheme, in which the bank laundered $881 million in ill gotten gains for drug cartels and terrorist organizations. That scandal resulted in nearly $2 billion in fines when it was uncovered in 2012, and while senior bankers avoided criminal penalties, the risk, bad press, and reputational aftershocks demonstrated how much loss to shareholders these things may have. HSBC has fallen 30% since the scandal, and declining enthusiasm for the bank has resulted in it leaving the U.S. market. Of course, not all of that was due to this scandal, but it certainly did not help.

Strict compliance rules and a focus on KYC both at the regulatory and internal best practices levels can secure financial institutions’ future, and, more importantly, being aware of the value of KYC for lower level staff can help them avoid becoming complicit in heinous acts and, arguably just as important, avoiding penalties ranging from a loss of job to a loss of liberty.