The KYC intake automation checklist

A single corporate onboarding takes 100 days, 100 documents, and 150 data fields. The applicant gets contacted 10 times. 95% of your sanctions alerts are false positives, each one €30 to €70 to clear. 70% of financial institutions lost clients to slow onboarding last year. TD Bank paid €3.09 billion because their team could not keep up with the document load.

That is the math. Now here is the checklist.

What an honest KYC intake system has to do

Score every vendor against this list. No partial credit. A "we are working on it" is a no.

Applicant collection

Can the applicant submit entity data, IDs, ownership documents, source of funds, and proof of address in a single hosted session on your domain?
Does the form ask different questions for an individual, a UK Limited company, an LLP, a trust, and a foundation, with the right document set for each?
Does it support beneficial owner chains four levels deep without requiring the applicant to log in five times?
Can the system request additional evidence based on a value extracted from a document the applicant already uploaded?
Does the applicant know what the system is asking and why, in plain language, without analyst handholding?

Evidence handling

Does every extracted fact, including UBO names, ownership percentages, and source of funds amounts, carry a quote, page index, and source document reference?
Can the system flag an expired passport, a missing register of members, a conflicting director name across two filings, or an unsupported UBO claim?
Are unresolved issues displayed in a separate queue from accepted facts so your analyst is not searching for them?
Does the system reconcile applicant declarations against the corporate registry, the document set, and prior facts in the case?
Can the analyst trace any number back to the exact source page in one click?

Review and audit

Can the analyst see exactly what was asked, what was answered, what was extracted, what was verified, what was corrected, and by whom?
Is the workflow's risk decision step locked to a human, with a recorded signature and timestamp?
Does every change carry an attributed, reversible audit log entry that a regulator can read without translation?
Can outputs sync to your AML screening, CRM, and case management without custom integration projects?
Does the audit log distinguish between a system extraction, a human correction, and a deliberate override?

Failure handling

When the model fails, does the case route to a human review queue with the failure reason attached, or does the system silently fall back to a guessed value?
When the screening provider is down, does the case wait in a clear "paused on third party" state, or does it proceed as if cleared?
Are there explicit timeouts on applicant follow-up, with automatic escalation when the applicant goes dark?

If a vendor cannot show all of the above on your actual onboarding packet, keep looking.

The numbers that decide the spend

Three inputs decide whether automating KYC intake is worth the project.

Onboardings per month. A bank with 200 corporate onboardings a month and a 30 minute analyst review per file is paying for 100 hours of analyst time monthly on document chase alone. At €60 fully loaded, that is €6k a month for one tiny slice of the workflow.
Alert volume. Multiply your monthly sanctions alerts by €50 average clearance cost. That is your false positive bill. If your front door reduces UBO ambiguity and screening hits by even 20%, the number is real.
Client loss. 70% of institutions lost clients to slow onboarding. Pull your own abandonment data. Multiply by lifetime value. That is the line your CFO will recognize.

If the project does not break even on those three lines, do not buy it.

What an analyst's morning should look like

Before automation, your analyst opens an email, downloads three PDFs, opens the screening tool, opens the CRM, retypes the UBO names, runs the screen, manages 47 false positive alerts, emails the applicant for the missing ownership filing, and starts again. That is six hours before any judgment is made.

After automation, your analyst opens one case file. The entity is verified. The UBO chain is extracted and cited. The screening run is complete with false positives pre-dispositioned. The missing ownership filing is already on the applicant's task list with a deadline. The analyst spends ten minutes making a risk decision and signs off. The next file is queued.

That is the work. Anything less is not KYC automation, it is KYC theatre.

What we will not automate

The final risk decision. A human signs every approval.
The adverse action. A human writes every rejection notice.
The compliance attestation. A human stamps every regulator filing.

Software does the chase. Humans do the judgment. That distinction is the entire product.

Can the applicant submit entity data, IDs, ownership documents, source of funds, and proof of address in a single hosted session on your domain?
Does the form ask different questions for an individual, a UK Limited company, an LLP, a trust, and a foundation, with the right document set for each?
Does it support beneficial owner chains four levels deep without requiring the applicant to log in five times?
Can the system request additional evidence based on a value extracted from a document the applicant already uploaded?
Does the applicant know what the system is asking and why, in plain language, without analyst handholding?

Evidence handling

Does every extracted fact, including UBO names, ownership percentages, and source of funds amounts, carry a quote, page index, and source document reference?
Can the system flag an expired passport, a missing register of members, a conflicting director name across two filings, or an unsupported UBO claim?
Are unresolved issues displayed in a separate queue from accepted facts so your analyst is not searching for them?
Does the system reconcile applicant declarations against the corporate registry, the document set, and prior facts in the case?
Can the analyst trace any number back to the exact source page in one click?

Review and audit

Can the analyst see exactly what was asked, what was answered, what was extracted, what was verified, what was corrected, and by whom?
Is the workflow's risk decision step locked to a human, with a recorded signature and timestamp?
Does every change carry an attributed, reversible audit log entry that a regulator can read without translation?
Can outputs sync to your AML screening, CRM, and case management without custom integration projects?
Does the audit log distinguish between a system extraction, a human correction, and a deliberate override?

Failure handling

When the model fails, does the case route to a human review queue with the failure reason attached, or does the system silently fall back to a guessed value?
When the screening provider is down, does the case wait in a clear "paused on third party" state, or does it proceed as if cleared?
Are there explicit timeouts on applicant follow-up, with automatic escalation when the applicant goes dark?

If a vendor cannot show all of the above on your actual onboarding packet, keep looking.

The numbers that decide the spend

Three inputs decide whether automating KYC intake is worth the project.

Onboardings per month. A bank with 200 corporate onboardings a month and a 30 minute analyst review per file is paying for 100 hours of analyst time monthly on document chase alone. At €60 fully loaded, that is €6k a month for one tiny slice of the workflow.
Alert volume. Multiply your monthly sanctions alerts by €50 average clearance cost. That is your false positive bill. If your front door reduces UBO ambiguity and screening hits by even 20%, the number is real.
Client loss. 70% of institutions lost clients to slow onboarding. Pull your own abandonment data. Multiply by lifetime value. That is the line your CFO will recognize.

If the project does not break even on those three lines, do not buy it.

What an analyst's morning should look like

That is the work. Anything less is not KYC automation, it is KYC theatre.

What we will not automate

The final risk decision. A human signs every approval.
The adverse action. A human writes every rejection notice.
The compliance attestation. A human stamps every regulator filing.

Software does the chase. Humans do the judgment. That distinction is the entire product.

Can the applicant submit entity data, IDs, ownership documents, source of funds, and proof of address in a single hosted session on your domain?
Does the form ask different questions for an individual, a UK Limited company, an LLP, a trust, and a foundation, with the right document set for each?
Does it support beneficial owner chains four levels deep without requiring the applicant to log in five times?
Can the system request additional evidence based on a value extracted from a document the applicant already uploaded?
Does the applicant know what the system is asking and why, in plain language, without analyst handholding?

Evidence handling

Does every extracted fact, including UBO names, ownership percentages, and source of funds amounts, carry a quote, page index, and source document reference?
Can the system flag an expired passport, a missing register of members, a conflicting director name across two filings, or an unsupported UBO claim?
Are unresolved issues displayed in a separate queue from accepted facts so your analyst is not searching for them?
Does the system reconcile applicant declarations against the corporate registry, the document set, and prior facts in the case?
Can the analyst trace any number back to the exact source page in one click?

Review and audit

Can the analyst see exactly what was asked, what was answered, what was extracted, what was verified, what was corrected, and by whom?
Is the workflow's risk decision step locked to a human, with a recorded signature and timestamp?
Does every change carry an attributed, reversible audit log entry that a regulator can read without translation?
Can outputs sync to your AML screening, CRM, and case management without custom integration projects?
Does the audit log distinguish between a system extraction, a human correction, and a deliberate override?

Failure handling

When the model fails, does the case route to a human review queue with the failure reason attached, or does the system silently fall back to a guessed value?
When the screening provider is down, does the case wait in a clear "paused on third party" state, or does it proceed as if cleared?
Are there explicit timeouts on applicant follow-up, with automatic escalation when the applicant goes dark?

If a vendor cannot show all of the above on your actual onboarding packet, keep looking.

The numbers that decide the spend

Three inputs decide whether automating KYC intake is worth the project.

Onboardings per month. A bank with 200 corporate onboardings a month and a 30 minute analyst review per file is paying for 100 hours of analyst time monthly on document chase alone. At €60 fully loaded, that is €6k a month for one tiny slice of the workflow.
Alert volume. Multiply your monthly sanctions alerts by €50 average clearance cost. That is your false positive bill. If your front door reduces UBO ambiguity and screening hits by even 20%, the number is real.
Client loss. 70% of institutions lost clients to slow onboarding. Pull your own abandonment data. Multiply by lifetime value. That is the line your CFO will recognize.

If the project does not break even on those three lines, do not buy it.

What an analyst's morning should look like

That is the work. Anything less is not KYC automation, it is KYC theatre.

What we will not automate

The final risk decision. A human signs every approval.
The adverse action. A human writes every rejection notice.
The compliance attestation. A human stamps every regulator filing.

Software does the chase. Humans do the judgment. That distinction is the entire product.

The KYC intake automation checklist

What an honest KYC intake system has to do

Applicant collection

Evidence handling

Review and audit

Failure handling

The numbers that decide the spend

What an analyst's morning should look like

What we will not automate

The move

The KYC intake automation checklist

What an honest KYC intake system has to do

Applicant collection

Evidence handling

Review and audit

Failure handling

The numbers that decide the spend

What an analyst's morning should look like

What we will not automate

The move

The KYC intake automation checklist

What an honest KYC intake system has to do

Applicant collection

Evidence handling

Review and audit

Failure handling

The numbers that decide the spend

What an analyst's morning should look like

What we will not automate

The move