6 Steps to Conduct a Know Your Business (KYB) Verification Check

Discover the specific steps and examples of how to conduct a compliant Know Your Business (KYB) verification process.

There isn’t a checkbox for Know Your Business (KYB) identity verification in terms of what you should screen, but there are general regulators that have universal recommendations. 

For example, the US’ KYB process is regulated by the Financial Crimes Enforcement Network (FinCEN) and its Customer Due Diligence (CDD) Final Rule, which mandates that institutions like fintechs, cryptocurrency firms, mutual funds, commodities brokers, and other financial service providers that are stipulated in the Bank Secrecy Act (BSA), should implement identity verification both for corporate and individual customers. 

In general, when you’re a regulated entity, you should follow your local and global anti-money laundering (AML) policy, which involves implementing KYB. What makes KYB checks different from Know Your Customer (KYC) checks is the scope and complexity of data that needs to be verified. Additionally, smaller businesses worry about the resources regarding KYB because they need to check and comply with the law in every jurisdiction where they operate. 

If you are not regulated, you, as a company, can conduct KYB on your business clients in order to mitigate risks of fraud, money laundering and terrorism financing. So, what exactly does it take to verify your partners and ensure their legitimacy?

Below, we explain the intricacies of this process in concise terms, as well as provide actual solutions that can simplify your KYB onboarding.

What is Know Your Business (KYB) Verification?

Know Your Business, or KYB verification, is a process designed to verify the legitimacy of other businesses you work with before initiating a business relationship with them. This could be any stakeholder company or a third-party, such as a supplier, that you work with. 

KYB verification is an ongoing due diligence process consisting of multiple checks that monitor changes in your clients’ risk profiles. This makes KYB a complex process, especially for companies that are required to conduct these screenings due to mandatory AML compliance requirements. However, many unregulated entities also use at least some sort of business background checks for their internal risk assessments. 

In short, companies that use KYB verification have two goals:

  1. To follow regulators’ policy.
  2. To avoid internal fraud risks or fraudulent partners and third-party suppliers.

This makes KYB verification crucial as it enables firms to understand who they’re dealing with — avoid partnering with shell entities that exist merely on paper for illicit reasons — and determine the necessary level of due diligence to apply to each customer’s account.

Related: Know Your Business — Quick-Start Compliance Guide & FAQs

What is a KYB Solution?

A KYB solution is an automated software that’s purpose is to help companies collect data and save time on manual verification procedures, such as checking the different types of beneficiaries, sending our specialized questionnaires, verifying related shareholders’ identities, etc. 

So, in short, companies choose KYB automation over manual KYB checks for two reasons:

  1. To onboard or manage other business clients and partners more easily. 
  2. To guarantee the authenticity of the business and related persons and assess risks they might pose to the company.

Many businesses today use at least a minimal level of automation to fulfill their KYB obligations. Without AI-powered solutions, companies would require extensive internal infrastructure to handle all the document verification needed for KYB, which could delay the onboarding of a single company by weeks or even months.

Related: e-KYB Explained — A Business Verification Guide

Why Should You Care About KYB?

KYC, AML, and now KYB. Why is it so special? While KYB is a relatively new framework for verification, it has presented a fair share of benefits for businesses, patching up a big security loophole when it comes to business-to-business relationships.

In 2016, FinCEN addressed this gap by introducing new Know Your Business regulations under its CDD Requirements (CDD Final Rule). This process has become mandatory in many regions as part of efforts to combat money laundering, terrorism financing, the proliferation of weapons of mass destruction, and other financial crimes. 

Now, this approach means conducting KYB verification using a two-part framework: 

  1. Verifying the existence and authenticity of a business and its owners.
  2. Assessing the potential risks associated with the business and its owners’ activities and statuses.

In terms of data, to comply with the CDD Final Rule, companies should collect and verify certain information during the onboarding process. This includes: 

  • Name (the company’s registered legal name).
  • Address (the operating address, which sometimes differs from the registered address).
  • Taxpayer Identification Number (also known as TIN).
  • Business registration status (in order to check whether the business is registered in the state it claims).
  • UBOs verification (for any shareholders with 25% or more beneficial ownership).

Clearly, as with many new implementations, KYB has introduced some challenges for companies that are either unfamiliar with the regulatory environment or lack the resources to conduct thorough verifications. This is where you should probably also care about automated KYB solutions — they help maintain compliance while freeing up crucial resources like time and money.

What are the Steps Involved in Achieving KYB Compliance?

To comply with AML laws such as  the BSA or the CDD Final Rule, businesses that onboard other businesses must conduct compliant KYB checks, which require them to:

  • Verify the identity of the business.
  • Identify and verify the identities of the business’s Ultimate Beneficial Owners (UBOs).
  • Understand the nature and purpose of customer relationships to develop a customer risk profile.
  • Keep customer information up-to-date and monitor risk continuously.

In practice, companies implement these processes for KYB compliance:

  1. AML screening measures (such as PEPs and sanctions, as well as adverse media checks)
  2. Company detail verification (such as the address and registration number; however, some jurisdictions have specific requirements)
  3. Ownership and control structure verification (this is a complex task because some companies don’t want to disclose this data publicly) 
  4. KYC for individuals (identity verification for all individuals linked to the company)

You might wonder why KYC is necessary if we’re doing business verification. KYB compliance means verifying the identities of all beneficial owners and individuals who are applying on behalf of the company. This is similar to how a sole director is legally authorized to open a bank account or has the authority to apply for services, conduct transactions, etc.

6 Steps to Build Your KYB Verification Process

The KYB verification process has become more streamlined over the years thanks to automation tools that help companies build a streamlined KYB workflow based on their customer use case and risk factors. 

Here are the typical steps that you should follow for your KYB verification process:

1. Collect Company Data

In this step of the process, companies gather key company information from the individual representing the business. This includes details like the business name, address, and so on. 

Various methods are used to collect this data, ranging from custom-built forms to lengthy PDFs exchanged via email, which would be considered more of a traditional manual approach to the KYB process. 

With automation, companies can streamline this by initiating a KYB onboarding case directly from their internal systems using API webhooks. This approach eliminates the need for separate compliance processes and multiple platforms.

2. Add UBO Information 

The CDD Final Rule mandates that companies verify beneficial ownership based on “reasonable belief.” In this stage, companies require documentation that details the beneficial ownership, including the equity percentage held by each individual. The KYB software is typically used to assess the accuracy of registry data for key entities linked to the business. 

Compliance staff can improve their understanding of a case by manually adding additional information about beneficial ownership. Once beneficial owners are identified, firms can conduct standard KYC checks on each owner. For example, the KYC flow could include a government-issued ID verification and proof of address (PoA) to save time and verify the company since some shareholders often don’t have time for extra liveness checks

3. Cross-Check Customer-Provided Data Against System Records

In this step, companies verify the originally collected information. Internal compliance officers often check that the collected company data matches official records by using the KYB software and automatically validating the information received from their customers.

For example, they check if the TIN corresponds with the data in the Internal Revenue Service (IRS) register. Without automated solutions, compliance teams manually input data into their own databases, access public databases via Google, and then cross-reference the information.

4. Apply a Risk-Based Approach to Receive Alerts 

During this stage, companies often receive risk scores for the company that’s being onboarded. Depending on the automation solution, companies can take advantage of the KYB software’s built-in features that adjust risk scores based on changes in the business’s risk profile. 

In general, risk scoring is crucial for preventing fraud, ensuring regulatory compliance, and managing financial exposure. By implementing their specific risk assessment formulas, companies can tailor the risk scores to match their tolerance for AML red flags, enabling the compliance staff to conduct manual reviews as needed.  

For example, iDenfy’s automated Risk Scoring feature simplifies the process for compliance teams that need to evaluate various risk factors of a client. Each risk category includes a set of rules that are weighted. The software calculates the maximum possible score for each rule and then adds these scores together. The risk levels are assigned scores from 1 to 5, ranging from low to very high.

5. Use AML Screening 

This step requires companies to conduct AML screening, which consists of screening the business and its associated individuals against global and local watchlists, sanctions lists, politically exposed persons (PEPs) lists, and adverse media sources.

AML screening in KYB helps identify risks associated with individuals involved in money laundering, terrorism financing, connections to PEPs, sanctioned entities, terrorists, and wanted criminals.

For example, iDenfy’s KYB software has various custom automation rules that can help streamline AML checks, such as:

  • AML beneficiary check. Similar to the standard AML check. This feature is designed for specific high-risk beneficiaries like UBOs, checking against Sanctions and PEPs lists. 
  • Shareholders check. This automation option extracts and performs AML checks on a list of shareholders from credit bureau reports. 
  • Credit bureau reports. This custom AM rule obtains a credit bureau report, determining actions like blocking the company based on its status (such as active, non-active, etc.).
  • GOV Register reports. This feature allows you to order GOV register reports, displaying results in the company profile in PDF and JSON formats on the KYB software dashboard.

Registry checks are crucial because KYB software automatically pulls information from all available registries. With the variety of beneficiary types, an automated KYB solution not only gathers all necessary data but also offers additional features. For example, it can provide specialized questionnaires tailored to your security protocols. These questionnaires are customizable according to the entity’s risk level and your company’s specific risk tolerance.

6. Conduct Ongoing Monitoring

It’s insufficient only to check if a business is on a watchlist at the start of your relationship. After onboarding the company and verifying that it’s safe to work with it, companies use the ongoing monitoring stage to maintain accurate customer profiles. An automated KYB solution allows companies to monitor changes in a customer’s AML risk profile automatically. 

A client can receive a PEP status, similarly, sanctions lists evolve, so it’s important to continuously monitor the business throughout their customer lifecycle. This is also part of the CDD Final Rule framework, which mandates that obliged entities conduct ongoing due diligence to identify and report suspicious transactions and maintain updated customer information. For low-risk entities, companies use simplified due diligence (SDD) measures. For higher risks, they apply standard or enhanced due diligence (EDD) measures.

Related: What is the Difference Between CDD and EDD?

Can You Collect KYB Data Manually Without a Third-Party Software?

Automated or manual — that is the question. While automated systems still require oversight by a compliance officer and some human interaction, they greatly simplify the KYB verification process. Just consider the complexity of manually collecting, analyzing, and managing numerous documents from multiple companies all at once, with new corporate clients that need to be onboarded piling up. 

Manual KYB verification and data collection is particularly challenging and time-consuming because it requires:

  1. Developing a proper in-house KYB/AML compliance infrastructure, complete with technical teams and compliance officers.
  2. Hiring numerous skilled compliance analysts to work with different hard-to-access data sources and AML processes, each focusing on different aspects of KYB on top. This can lead to a fragmented and disjointed audit trail.

Even if the company has multiple vendors, for example, one for KYC onboarding and the other for KYB compliance, it can also create chaos and make it harder for the team to collect all required data in one place. 

An illustrative demonstration of the key issues that come along with manual KYB verification methods for companies that conduct internal KYB checks without KYB software.

Additionally, sending out emails manually and KYB applications takes weeks, which KYB laws require, including collection of UBO data. Most public registries (with some exceptions like the UK’s Companies House) aren’t reliable enough for complete AML compliance because they can’t be authenticated or lack reliable corporate documents. Also, let’s not forget that some companies aren’t transparent about their ownership structure. 

What’s more is that most companies that use only manual KYB processes don’t have access to global and local watchlists and don’t have enough resources for KYB verification. And lastly, even if you finally receive the documentation,  you need to have the knowledge and legal background to assess and understand the document’s legitimacy — check if it’s real and not altered.

Automating Your KYB Verification Workflow with iDenfy’s Onboarding Form

This feature streamlines the data collection and verification steps within the KYB workflow. It enables you to create custom onboarding forms and send them to the company’s representative for completion — all aligned with your own use case and compliance policies. 

Here’s a short step-by-step memo for the form creation process:

1. Company Information

  • The company search field enables you to find a company by its name and registration number (default field), automatically filling certain KYB form details. Default fields are mandatory and custom fields can be used for certain companies that you might need to verify later. 
  • The company document field allows you to request documents that either can be required or customized as optional in your KYB form.
An illustration of the six steps to the KYB form creation process, which helps automate the whole KYB process and gather, as well as verify the collected data for KYB onboarding.

2. Director Information

  • Individual fields allow you to select predefined options or create and edit custom fields in the KYB form. For example, residential address and date of birth are required fields of data. 
  • The individual document field enables you to request documents, such as an identity document, on the KYB form as either required or optional.

3. Representative Information

  • Representative fields allow you to select predefined options or edit a custom field regarding the company representative’s info, such as name, surname, or date of birth. 
  • Representative document fields, which are similar to the director section, also enable you to request extra documents like an ID or other custom options.

4. Ownership Structure

  • The shareholder check feature in the KYB form allows you to tailor the ownership structure reporting. You can choose the first-level option, where companies only need to enter direct shareholders, or the full-level option, which requires providing comprehensive ownership details, including individual or government shareholder data.
  • Threshold submission allows you to request that your client lists all shareholders who own a specific amount of shares. Optionally, you can also ask shareholders to disclose their exact percentage of ownership.

5. Questionnaire

The questionnaire feature helps you collect a variety of company information, such as incorporation documents, financial data, and contact details.

A sample showing key automation features combined, such as the KYB onboarding form and KYB custom rules, which are beneficial when streamlining any company's business verification flow.

It also enables you to design conditional questions that become available only after specific responses are provided. Using the KYB questionnaire, you can:

  1. Assign a name to your questionnaire for easy identification in future stages.
  2. Divide the questionnaire into sections, with each section focused on collecting specific types of data.
  3. Assign a title to each section that clearly instructs your client on the information they need to provide.
  4. Create and add questions that are specifically tailored to meet your unique needs and use cases.

6. Custom Rules

To complete your KYB verification flow, you can implement custom rules:

  1. Select the type of custom rule or automation you wish to apply.
  2. Determine how this rule will be implemented on the client’s end upon form submission.
  3. Add additional automation rules to enhance your KYB process.

This feature is useful for blocking companies from onboarding if they fail to meet your compliance criteria. Our KYB software allows you to either flag a company or completely block its application, which in turn automatically stops any other automations from being executed.

Moreover, this functionality helps you remain compliant with evolving AML regulations by automatically connecting to over 180 company registries across more than 120 countries for official, real-time data. You can configure automations to trigger either once or continuously whenever new data is submitted.

Interested to learn more? Don’t hesitate to try out our automated KYB verification solution for free and find out how to handle more KYB checks in less time.

Save costs by onboarding more verified users

Join hundreds of businesses that successfully integrated iDenfy in their processes and saved money on failed verifications.