KYC - From Framework to API (Part 1)

Updated: Aug 28


This article illustrates a generic KYC Framework and explains how to turn it into an effective set of API’s. This Part 1 sets out to discuss when we need to conduct KYC and what essential information is required. The subsequent Part 2 will examine the customer identification and due diligence, as well as the technical mechanism of turning the KYC from a framework into implementable API’s.

When do you need KYC?

The KYC (Know Your Customer / Client) is an indispensable exercise for banks, financial institutions and even non-financial institutions to prevent the organizations from violating compliance regulations or being involved in financial crimes

The triggering moment of the KYC depends on your customer lifecycle which normally has the following stages;

  1. Prospecting - Pitching the potential customers,

  2. Onboarding - Establishing the business relationship with the customers,

  3. Servicing - Providing ongoing customer service,

  4. Offboarding - Terminating the business relationship with the customers.

The KYC should be conducted at the moment of Onboarding as you need to make sure your customers have not been involved in any financial crimes.

However, the KYC process does not end with the onboarding process. You still need to do the regular or ad hoc KYC during the ongoing service. This serves to ascertain that information of the customers is consistent with the bank's central records.

The frequency of the regular KYC depends on the risk level of the customers. Normal customers may require the KYC for every 1-2 years. For customers with a high-risk level, an annual or even biannual review may be warranted.


Other than the regular KYC, you need ad hoc KYC for salient events. For instance, your Relationship Managers (RM) may have heard some negative news for your customers, then an ad hoc KYC should be kicked off to verify the customers’ latest status.

What Information is required?


Once the KYC is kicked off, the first step is “Information Collection”. The biggest challenge in information collection is that different information is required for different customers in different services, roles, jurisdictions and even moments. It takes RM tremendous time and effort to collect and assure all necessary information is collected.


Some organizations use a KYC Wizard to assist RM in their information collection. The wizard will guide RM on what information is required based on the available information and status of the customers.


Basically, the information collection process builds the profile of all parties that enter into the business relationship with the bank. These parties include Individual Customer, Legal Entity, Power of Attorney (POA), etc.

Individual Customer Profile


For an individual customer profile, we start with basic information such as last name, first name, contact address(s), passport number(s), occupation, business nature, etc.


Once we have the basic information, we can conduct “Customer Identification” which will be discussed in the Part 2 of this article.


Meanwhile, we can continue to collect other important information pertinent to the understanding of the financial situation of the customers. You need to collect the Wealth Composition. You also need to know how your customers accumulated their wealth, so you need to check the Wealth Origin and Source of Income. You also need to check if they have accumulated wealth from non-business activities, such as inheritance or other financial investments.

For those customers who require investment service, you need to build the investment profile for them. The investment profile contains the details of investment background, investment objective, investment risk rating, investment sophistication and experience, etc.

Service Profile


You need to understand what is the objective of the customers for having business engagement with your organization? So, you have to determine what service or products you are going to offer to your customers.

Thank you for reading the article. For the details of KYC Framework, please contact us. In part 2, we shall discuss the customer identification, due diligence as well as how to turn the framework into API.


KYC - From Framework to API ( Part 1 )