Business verification or KYB is a complicated topic, yet it is a mandatory procedure for AML-regulated companies. It includes retrieval of a company’s details and corporate structure, identification, and verification of the UBOs, application of the risk-based approach, and adequate responses to high-risk factors. Of course, each case may vary depending on its specifics and jurisdiction.
What is a KYB check and its types
KYB or business verification is a mandatory requirement for financial institutions and other AML-regulated entities to verify the identities of their corporate clients.
Taking into account the complexity of KYB, there are two main approaches—manual and semi-automated business e-verification checks done with the help of an external or a company’s own solution.
Manual KYB check
Carried out by a company’s legal or security department, such checks require an extensive research across many data sources to verify the legitimacy of the submitted corporate documents and the data contained therein, including company details (registration number, address, etc.) and information on UBOs. Company experts then analyze the collected data and give their feedback.
The cost usually varies from 20 to 200+ EUR depending on a case and on a company’s reputation.
Verification time takes up a few days.
Suits for a company with a relatively small amount of verification checks.
Semi-automated KYB check
This type of verification is considered the most effective. For a semi-automated check, the information on legal entities is compared with corporate documents provided by the user or retrieved from state and commercial registers automatically, while UBO documents (ID, selfies, PoA) are automatically verified across paid and public databases (such as data.gov.uk, data.gov.in, open.canada.ca).
The cost usually varies from 35 to 45 EUR.
Verification time from a few hours to a couple of business days.
Suits for a company with a large number of verification checks.
Note: Fully automated KYB checks are not supposed to exist since human-guided assessment is necessary to properly verify that the corporate document is genuine, as well as to establish control and beneficial ownership structure.
Now that we’ve figured out the basics, let’s take a further look at how to conduct a KYB check.
Stages of the KYB check
Each company has its own specific AML policy which implies verification of legal entities. There may be nuances for each case but the demands to KYB verification are almost always the same.
1) Collect all the information properly
The most standard list of necessary data on a company includes company name, registration number, date of incorporation, and current status (whether the company still operates), address, and legal type. In certain jurisdictions, it is also required to obtain additional information, e.g., names of all directors and/or representatives of the company.
In addition to that, the legal department obtains at least the certificate of incorporation/certificate of registration or another similar document, depending on the jurisdiction.
- Certificate of incumbency—a corporate document with stated shareholders and CEOs;
- Current excerpt from the public registry of companies—public registry statement;
- Certificate of good standing—confirmation that the company still exists and complies with the legal requirements.
2) Verify the ultimate beneficial owners (UBOs)
Beneficial ownership check discloses the persons that actually control the legal entity. It requires to perform standard AML/KYC procedures.
- Acquire company credentials;
- Collect full and up-to-date information on the company’s ownership structure based on its corporate documents and external data sources;
- Identify legal entities and natural persons who have a percentage, directly or indirectly, in shares or interests in the company;
- Reveal the total percentage of shares, management control, and ownership stake of every individual involved;
- Carry out an AML/KYC check.
3) Make a decision on the collected information and documents
The data from multiple reports and several data sets can often be old or inaccurate and has to be treated with caution. Besides, each company structure is different and can change over time. So, it could be hard to gather and interpret the data correctly.
In some cases, the legal department may need to implement Enhanced Due Diligence (EDD) to find out whether a company is high risk or not. For instance, if a politically exposed person is involved in the process, the legal department should conduct EDD in order to double-check with the FATF blocklists, look through adverse media online, etc.
Let’s take a closer look at where you might need to use KYB.
KYB for high-risk corporates
The verification of high-risk corporates cannot be carried out as a basic KYB check due to stronger exposure to fraud and corruption.
The purpose: to understand the risk of financial crime and reputational risk a client might carry.
- Accept corporate documents;
- Apply enhanced due diligence, ex. check the company and its UBO using sanctions lists;
- Use adverse media to conduct EDD for affiliated individuals (UBO, directors, etc.).
All in all, the KYB check seems complex, but in fact, it is mostly based on a consistent legal system and comes down to a standard procedure and certain nuances that slightly vary from case to case.