Understanding KYC responsibilities in banking

Knowing your customers is the first step in your defense against the risk of money laundering, financial fraud, sanctions violations, identity theft and the financing of criminal organizations.

In an evolving financial marketplace where risks and regulations change rapidly, banks and other financial institutions are under increasing pressure to understand their client relationships in more detail.

Know Your Customer (KYC) requirements go beyond customer onboarding, requiring a long-term view of customers’ activity and regular updating of information. With regulators putting the onus on banks to proactively monitor and investigate suspicious activity.

Keeping up with the latest AML and KYC requirements for banks is essential to stay compliant to the level required in today’s complex regulatory landscape.

Find out how you can move beyond manual processes to streamline your AML compliance.

Defining your bank’s AML and KYC policies

Being compliant starts with establishing comprehensive and clear policies and procedures around key areas of KYC and AML, including a Customer Identification Program (CIP), Customer Due Diligence, and ongoing monitoring. Together these processes create, structure and update a detailed profile of every customer with whom your institution deals.

In response to the increasing complexity of KYC and AML procedures, many banks are moving to a digital KYC process. In a bank’s digital KYC process flow, systems, people, processes and technology work together to manage different parts of the compliance ecosystem in an efficient and scalable way.

The human aspect of KYC due diligence consists of three key areas:

  • Customer-facing staff, such as client relationship managers.
  • Internal audit team that provides independent assurance that risk policies are being met.
  • Compliance function, responsible for setting policies and KYC operations.

Since the functions often cover multiple departments within the business, technology plays a key role in connecting teams to share information effectively. Using KYC solutions for banks, AML and KYC policies and definitions can serve as a digital instruction set controlling automated processes, reducing the risk of human error or missed steps.

Not only does this greatly increase the effectiveness of KYC, but it also reduces costs and creates consistent processes between silos within the organization.

Demonstrable compliance - why is it so crucial for KYC and AML?

AML screening and monitoring provide essential protection for banks to manage risk and shield the organization from fines and personal liability. Compliance breaches are taken extremely seriously by regulators, with authorities in the US, Europe, APAC, and the Middle East levying nearly US$26 billion in financial penalties against financial institutions for AML, KYC, and other violations over the past decade.

In addition to fines, failing to adhere to regulations can also damage reputation – both at a company and industry-wide level – and mean valuable time is spent resolving issues, which ultimately impacts productivity, profitability and a bank’s ability to attract and retain top talent.

In these scenarios, it’s down to the financial institution to demonstrate that they’re carrying out the required checks and monitoring at the client level, both at onboarding and throughout their lifecycle. This usually takes the form of a KYC audit trail, detailing the due diligence performed on the client.

Key pillars of AML & KYC policies

AML and KYC cover a large range of activities that focus on different data points and procedures, however, the aim of all of them is the same.

The goal is to build a complete, accurate and up-to-date picture of each client relationship to reduce risk exposure, reputational damage from doing business with a compromised organization or suffering disruptions to the customer experience.

Let’s look at the key pillars of AML and KYC policies below.

Customer acceptance policies

Customer acceptance policies | KYC requirements for banksOne of the most basic elements of KYC is a Customer Acceptance Policy (CAP), which defines the criteria that separate the customers that banks want to work with from those they don’t. By collecting sufficient relevant information about the customer before the account relationship is established, banks can ensure that they work with clients who will not expose them to serious compliance, legal and reputational risks, as well as making sure they fit the target risk profile for clients in that business. 

What is a customer acceptance policy?

The Customer Acceptance Policy of a bank is a document that determines the basis on which the bank enters into relationships with its customers. This will usually include:

  • Defining explicit criteria for the acceptance of customers
  • Documenting the specific procedures used to verify the identity of individuals or corporations and UBOs 
  • Setting standards for sufficient information required to understand the customer and its financial activities

Customer identification procedures

The first step in any compliant onboarding process is to make sure customers are who they say they are and verify the business they’re engaged in. An effective customer identification program (CIP) enables firms to form a reasonable belief about the true identity of each customer. 

The recommended steps include:

  • Identification and verification of persons, or organizations, opening an account
  • Record-keeping
  • Comparison with government Politically Exposed Persons (PEPs) lists

Regulators are putting more pressure on financial institutions to know their customers in-depth, partly due to the increasing risk of financial misconduct presented by cryptocurrencies and cybercrime. To remain compliant banks need to invest in reliable tools that can deliver robust identification processes while not slowing down customer experience.

What are customer identification procedures?

Customer identification procedures are the steps taken by a bank or financial institution to verify the identity of a new customer. This will involve verifying information about their identity provided by a customer using independent and legal identification documents, as well as third-party data sources.


Corporate customer due diligence solutions

Discover how Encompass can enhance and streamline your customer onboarding process.

Find out more

Due diligence and KYC monitoring

Detailed due diligence is an essential element of KYC monitoring. By collecting and evaluating relevant information about potential customers in comparison with various data sources, banks can better understand the potential risks of doing business with a particular organization or individual. Falling short on these processes leaves institutions open to financial penalties, reputational damage or customer service disruption.

Today, banks must take a proactive approach to risk management to avoid exposure and maintain control of their customer profile. This is aided by new technology which aggregates and checks data automatically, enabling a long term approach to KYC and AML.

What is ongoing KYC monitoring and why is it important?

While all customers go through KYC due diligence when onboarding, it’s also important to maintain and update customer information throughout the customer relationship. Ongoing KYC monitoring ensures that KYC data sources are regularly reviewed to maintain AML compliance.

Circumstances, regulations and risk profiles can change rapidly so banks must regularly check for relevant new information that might affect their relationships. This is done through ongoing KYC monitoring, with data attribution lineage of relevant data stored in the customer record.

Explore the possibilities of automated KYC remediation

Risk management

The relationship between risk management and KYC | KYC requirements for banksThe role of risk management in banking is to create proactive strategies to quantify, analyze and avoid potential losses. While there are multiple kinds of risk, most risk management practices in the banking industry focus on minimizing an institution's exposure to financial losses and protecting the value of its assets. Risk management in AML compliance is primarily concerned with remaining compliant with AML regulations and avoiding penalties or reputational damage.

The relationship between risk management and KYC

KYC processes are the first step in managing risk when it comes to onboarding new customers. By creating a thorough and compliant KYC process for all new businesses, banks can source the data, insights and proofs they need to judge whether a new client fits with their target risk profile.

Throughout the lifetime of the customer relationship, banks should refresh and update customer profiles to make sure that they’re still within acceptable risk parameters. This also ensures that processes remain in line with any new regulations or changes in customer circumstances.


KYC – Evolving from data to risk management

What does ‘evolving from data management to risk management’ really mean, and why is it important within today’s landscape? Find out in this panel discussion focusing on the role of automation, and how different approaches are needed for different customers.

Watch the webinar

KYC due diligence requirements for banks

Every financial institution has the responsibility to carry out due diligence on all entities with whom they do business.

KYC due diligence requirements include both traditional Customer Due Diligence (CDD) and the ever more common Enhanced Due Diligence (EDD). As the burden of compliance grows, banks must find a way to source large amounts of customer information on a regular basis while still offering the seamless experience that businesses now expect.

Performing due diligence checks manually can have serious consequences for customer experience. In the last year, 38% of UK businesses have deliberately abandoned an application for banking services due to ‘slow due diligence processes’. However, by strategically leveraging technology banks can automate the more time-consuming aspects of due diligence to focus more on customer experience and enable efficient growth. 

What’s the difference between customer due diligence and enhanced due diligence?

Customer due diligence and enhanced due diligence are both processes for acquiring and analyzing customer information to determine risk. While CDD processes apply to all customers, EDD is specifically designed for dealing with high-risk or high-net-worth customers and large transactions due to the greater risks that they pose to the institution and the financial sector.

CDD involves background checks to assess the risk a customer poses before dealing with them. This usually involves verifying their background and ensuring that they’re not on any sanctions or counter terrorism financing watchlists, or are politically exposed. EDD is a KYC process that aims for a greater level of scrutiny of potential business partnerships of risks uncovered by simple customer due diligence.

Key customer due diligence (CDD) requirements for banks

Customer due diligence is one of the most time-consuming elements of onboarding a new customer due to the complex nature of AML and KYC requirements. According to Encompass research, it takes an average of 32 days to fully onboard a corporate customer.

Much of this time is spent on the critical CDD needed to unwrap complex, often global, corporate ownership structures, as well as sourcing other information to verify identities and check third-party sources, such as sanctions lists.

Key enhanced due diligence (EDD) requirements for banks

Current money laundering regulation requires that Enhanced Due Diligence (EDD) is carried out when standard CDD identifies a high-risk customer or situation. This includes collecting and verifying substantially more information on a customer from a wide range of trusted and independent sources. 

For banks still working with manual due diligence processes, this can lengthen the customer onboarding journey, leading to poor customer experience and potentially lost business and revenue.

Learn about automated EDD

Correspondent banking due diligence

Since correspondent banks play an important role in facilitating cross-border money transactions, they pose a notable risk for money laundering. To mitigate the potential risks in correspondent banking relationships, CDD, and EDD, where necessary, must be consistently carried out to the highest quality. 

This involves gaining the full picture of a respondent institution’s business, including beneficial ownership and any adverse media. This will often require checking multiple data sources and comparing national and international regulations to ensure international compliance.

Find out how you can streamline your correspondent banking due diligence process with process automation.

KYC screening in banking

>PEP, sanctions and adverse media screening in Banking | KYC requirements for banksAlongside identity verification and unraveling business structures, one of the most important KYC requirements for banks involves screening customers against relevant third-party data sources that indicate risk. The key ones among these are PEP lists, sanctions lists and adverse media checks.

PEP, sanctions and adverse media screening requirements for banks

As part of KYC due diligence processes, banks will check any relevant individuals and entities identified in a corporate ownership structure for associated risks in public sources. Screening is conducted against global PEP, sanctions and adverse media lists to determine whether they’re in line with the organization’s policy and risk-based approach.

PEPs are those who, through their prominent position or influence, are more susceptible to being involved in bribery or exposure. Sanctioned individuals are those against whom measures have been passed by national or foreign governments. Adverse media screening involves the interrogation of third-party data sources for negative news associated with an individual or company. All of these checks are essential for uncovering a client's involvement in activities related to financial crime or that pose a reputational risk.

Due to the large amount of data and verification involved in checking these details on potential customers, more banks are turning to technology-assisted systems to automate the screening process.

Learn about automated KYC screening tools

UBO verification

UBO verification is the process by which banks determine the Ultimate Beneficial Owner (UBO) in a business. This is an individual who benefits the most and has the ultimate effective control over an arrangement, a legal or a natural entity on whose behalf the transactions are being made. This can be a complex and lengthy process, especially if there are multiple corporate structures to unwrap, but even the simplest of structures to discover beneficial ownership and control is a big challenge for customer onboarding and KYC teams.

By using automation, due diligence teams significantly reduce the time taken to identify and verify UBOs. Using intelligent process automation and extensive data integrations, businesses can use software to iteratively retrieve and analyze high-quality data from trusted global providers, saving analysts crucial time and eliminating human error.

Find out how Encompass automates the UBO identification and verification process.

KYC due diligence checklist for banks

KYC due diligence checklist for banks | KYC requirements for banksKYC due diligence is one of the most important issues facing banks today. Not only are regulations evolving rapidly, but new technology is providing more opportunities for bad actors to slip through the system. In the event of compliance falling short, it’s your organization that will have to pay the price.

When it comes to customer experience, the ability to conduct the required due diligence quickly and effectively can be the difference between winning and losing a valuable client. However, when there’s more pressure to get results quickly and regulations and best practices are constantly evolving, due diligence can become relegated to a tick-box exercise. 

Key KYC challenges for banks to consider when it comes to due diligence include:

  • Aligning in-depth compliant due diligence with the speed expected by modern customers
  • Managing EDD processes at scale while remaining efficient and profitable
  • Building ongoing monitoring KYC and compliance processes that can keep up with evolving regulation
  • Working proactively to keep systems compliant and limit risk exposure

6 steps to improve your KYC due diligence checklist

Effective due diligence can be the difference between winning and losing clients. Get our six steps to improve your KYC due diligence checklist.

Read the blog

Remediation and ongoing monitoring KYC requirements for banks

Remediation and ongoing monitoring | KYC requirements for banksRemediation and ongoing monitoring are becoming more important KYC requirements for banks in today's climate.

Regulators expect KYC files to be fit for purpose and in line with an organization’s global KYC policies. However, manual processes cannot keep up with the pace of regulatory change and volumes of reviews needed. 

Outdated KYC files and information leave organizations exposed to penalties. Automating KYC remediation ensures organizations can quickly and easily perform remediation through integrations with external data sources to achieve compliance faster and mitigate risk.

What is KYC refresh?

KYC refresh is the process of ensuring that all files are kept up to date. KYC refresh requirements and timelines will vary according to the target risk profile of the institution, but the process involves updating key data points such as annual reports from corporate clients, re-screening and revising profiles in line with any new regulation.

Learn more about KYC remediation and refresh

KYC best practices for banks

KYC best practices in banking are evolving every year in line with new technology and regulations.

As well as the ongoing challenge of balancing regulatory obligations with client and business expectations, many institutions are having to decide how best to implement new data and technology processes to remain competitive and compliant. 

How to keep up with the latest AML and KYC regulations

Compliance demands are an evolving and complex area of regulation. In recent years rapid developments have left some compliance teams struggling to keep up. Modern teams must focus on developing AML compliance programs and best practices that evolve dynamically and are agile enough to respond to inevitable change. 

Done in the right way, improvements can directly impact profitability as well as shareholder value. Key to the success of such a project is a clear view of the target risk profile for the business, an understanding of the role of technology and a team ready to embrace new methods of working.

KYC automation and how to apply it to your AML policies and procedures

As the volume of Anti-Money Laundering (AML) legislation grows, more pressure is being put on financial institutions to comply with regulatory requirements to avoid reputational damage, sanctions, and hefty penalties.

KYC automation and how to apply it to your AML policies and procedures | KYC requirements for banksEach revision in AML requirements can require a complete review of existing customer profiles, alongside the existing work on new customer onboarding and ongoing monitoring. This puts a huge amount of pressure on compliance teams in banks.

To keep up with the pace of change, more compliance departments are turning to new tools such as automation and artificial intelligence.

Intelligent process design automates data collection, visualization, and analysis. Complex UBO structures can be collated in seconds – dramatically improving ROI by driving efficiencies and freeing analysts to focus on even more complex KYC investigations. In addition, these tools are all customizable to the target risk profile of the organization, keeping teams in control.

Learn more about our KYC automation capabilities

KYC software for banking 

There is KYC software for banks available, powered by automation, to streamline the compliance processes, targeting different areas of the due diligence workflow.

Given the large amounts of data processing involved in due diligence, automation-based KYC banking software is an essential tool for managing, structuring and transferring information between systems. This is aided by API connections with trusted KYC data sources to analyze and unwrap complex corporate ownership structures.

This can also be used to automate ID and verification processes, with all information stored on a central database to create a complete digital KYC profile and audit trail for corporate ownership structures.

Next-gen electronic IDV (ID verification)

Recent years have seen rapid developments in the area of ID verification (IDV) with the Financial Action Task Force (FATF) urging financial institutions to take full advantage of RegTech solutions as a means of meeting both their regulatory and customer obligations.

The main advantage for banks and regulators in moving to fully digital IDV solutions is a clearer, more reliable audit trail, less time spent on manual processes and a faster customer experience.

Dynamic audit trail for ensuring demonstrable AML compliance

When working with regulators, the safest way to demonstrate compliance is a clear, accurate and consistent audit trail. In getting the full picture of each customer during the Know Your Customer (KYC) tasks that form part of a standard onboarding process, the importance of a reliable audit trail – which is central to any compliance program – becomes apparent.

Most audit trails are compiled manually, which is both time-consuming and can leave the process open to error. But innovative software solutions transform the process. Encompass dynamically compiles a full, time-stamped digital audit trail for each KYC process step for demonstrable compliance.

Discover how Encompass helps banks prove demonstrable AML compliance with automated dynamic audit trail creation.

Integrating KYC software with your existing banking systems

For businesses already working with digital systems, KYC software can be integrated into existing processes without the need to fully replace solutions already in place. By adding additional automation and data sourcing tools, banks can move towards real-time and automated KYC activity, updates and generation of digital KYC profiles

Flexible, API-first solutions are designed to fit around current technology to enhance performance and accuracy without compromising customer experience. Encompass partners with leading technology platforms, providing KYC solutions that power systems with the data and functionality that users require.

Using APIs for streamlining KYC process requirements

Using APIs for streamlining KYC process | KYC requirements for banksWith the advent of Open Banking and the increasing adoption of online financial management by consumers and businesses alike, APIs now play a key role in streamlining the global financial system. By creating live connections between networks and platforms, businesses can now create a seamless data flow that transfers information instantly between interfaces. Not only does this simplify the customer experience, but it can radically reduce the amount of manual work involved in due diligence and compliance workflows.

By integrating the right API into your Customer Lifecycle Management (CLM) or Customer Relationship Management (CRM) solutions, you can get all of the benefits of a fully automated KYC and AML platform to enhance your existing onboarding process and satisfy KYC process requirements.

Learn how simple it can be to integrate the Encompass API with your systems.

KYC requirements for banks are complex; embracing automation alleviates pressure

KYC and AML compliance is a complex domain, but an essential focus area for banks. As regulators turn more scrutiny towards the risks of identity theft, money laundering, financial fraud, sanctions violations and the financing of criminal organizations, banks must ensure their systems can keep up with the new environment.  

KYC requirements for banks now go beyond traditional customer onboarding to cover customers’ activity throughout the ongoing relationship. To remain compliant while also being scalable and profitable, banks must embrace a technology-led approach.

Here’s a summary of the key considerations:

  • Moving from data management to a risk-based approach
  • Understanding and implementing the benefits of automation
  • Harnessing open source media screening and third-party data sources
  • Maintaining a clear audit trail for demonstrable KYC and AML compliance 
  • Utilizing electronic identity verification to streamline onboarding
  • Proactively monitor and remediate KYC data to future-proof compliance
Explore our KYC automation tools

How automation solves client outreach challenges

Discover how automation tools such as Encompass meet the challenges of client outreach.

Read the ebook

Introducing the Encompass API

The Encompass API is designed to integrate with existing Customer Lifecycle Management (CLM) or Customer Relationship Management (CRM) solutions to provide all of the benefits of our KYC automation platform to enhance your existing onboarding processes. 

With built-in connectivity, you can easily add new functionality to your systems and tailor our tools to meet your specific target risk profile while automating the repetitive activity of collecting, analyzing and integrating data and documents from multiple sources to provide KYC on demand.

Unrivaled data sources, automation and integrations

When it comes to compliance, banks need reliable, fast and complete information to understand risk and provide the level of customers expect. 

We put data quality first in everything that we do, collecting data from multiple trusted KYC data sources to analyze and unwrap complex corporate ownership structures quickly and efficiently. With extensive connections to global primary and premium data sources, our KYC and AML platform is easily configured to existing KYC policies and data requirements.

Explore the Encompass platform’s benefits

KYC software solutions

Challenger banks

Challenger banks have made their mark on the financial services landscape by offering innovative digital experiences and frictionless customer onboarding. However, with growth, comes increased regulatory scrutiny. Robust KYC processes are critical but enhanced compliance cannot come at the expense of the kind of customer experience that has made the sector so successful.

Encompass specializes in building digital solutions for KYC and AML compliance that connect easily with your existing systems. With instant API connections, you can create an end-to-end process that manages the customer KYC journey online in minutes.

Find out more about Encompass’ KYC tools for challenger banks.

Business banks

For business banks servicing a large and diverse customer base, KYC and customer onboarding can be complex and time-consuming activities.  Ensuring KYC banking compliance involves sourcing data from multiple sources – often done manually. The volume and variation among customers can leave teams overstretched and risk falling foul of compliance. And while analysts waste time rekeying data into CLMs and CRMs, customers are left frustrated at delays to onboarding and access to critical financial services. 

Encompass streamlines KYC onboarding with targeted automation to deliver key data points in seconds rather than days, freeing your teams to focus on customer experience and service.

Learn about Encompass’ KYC software solutions for business banking.

Corporate and investment banks

The Encompass platform is designed to meet the key challenges that corporate and investment banks face when remaining compliant. Complex AML and KYC requirements for banks mean that it takes an average of 32 days to onboard a corporate customer. A lot of this time is spent on CDD activities, but slow onboarding processes lead to lost business and risk exposure.

Our platform automates key processes to save you time, reduce risk and improve the customer onboarding experience without compromising on AML and KYC compliance requirements.

Find out what Encompass’ KYC solutions can do for corporate and investment banks.

KYC banking software case studies

Encompass works with top financial institutions all over the world, including leading banks like Santander, helping them to meet their KYC requirements and future-proof their AML compliance.

As a trusted technology partner, we specialize in bringing a fresh approach to existing systems to build more valuable workflows from the ground up. 

Combining cutting-edge software, deep industry expertise and years of experience, we ensure KYC drives whole business value from onboarding to ongoing monitoring.

Meeting KYC requirements for banks with intelligent automation


Multinational commercial bank and financial services company Santander engaged Encompass to provide a more efficient way of onboarding clients. Having one platform with all of the information gathered during the corporate discovery stage and throughout further Customer Due Diligence (CDD) investigation has armed Santander with the information they need to make the right decisions, faster.

Read more Encompass case studies

Speak to our RegTech experts about your bank’s KYC requirements

Our RegTech experts work with leading institutions all over the world to analyze processes, find opportunities and implement game-changing technology to help them stay ahead of the market and regulators.

We have offices across the globe including New York, London, Amsterdam, Sydney, Singapore, Glasgow and Belgrade. 

If you’d like more information about any of the topics discussed on this page, including KYC, AML compliance and ongoing monitoring, you can get in touch with the Encompass team

Request a complimentary consultation with Encompass

Alternatively, why not book an in-depth session with Encompass to learn more about how our software can help you stay compliant and competitive? You can request a free KYC consultation tailored to your specific business needs - just fill out the form below.