The Regulatory and Operational complexity of the Financial Crime landscape has driven Banks to expand their compliance budget to ensure that they truly know their customers, throughout the duration of the commercial relationships. In an environment where customers seek fast, streamlined, and tailored services, it becomes critical to ensure that the KYC operations are efficient, not only to satisfy regulators, but also minimise downstream customer impact.
In 2025, we see the trend of transitioning towards end-to-end Straight-Through-Processing (STP) and perpetual KYC (pKYC) continuing, using AI and RegTech, to enhance firm-wide Anti-Money Laundering and Counter Terrorism Financing (AML-CFT) risk management frameworks, generate process efficiencies, improve customer experience, and use data and analytics to generate business value.
KYC can and will become more than a regulatory box-ticking exercise.
The balance between achieving business objectives and meeting KYC regulatory compliance requirements remains a constant challenge. Businesses aim for swift onboarding, seamless reviews, minimal customer outreach, and cost efficiency, while regulators demand effective, adaptable processes to meet evolving AML requirements, mitigate risks, and safeguard reputation. In 2024 and 2025, these challenges remain; the FCA placed emphasis on treatment of politically exposed persons (PEP), requiring extensive documentation and rational around the decisions on risk classification of PEPs. There will also be continuing efforts to align with Economic Crime and Transparency Act, in particular on the extended requirements on identification of ultimate beneficial owners (UBOs), giving enhanced powers to Company House to ensure accurate collection of data on UBOs and their network.
In addition to the digitalisation of KYC at the onboarding stage, it is therefore critical for organisations to enhance the static, risk-based approach for periodic reviews (based on low, medium, high risk review timeframes) to a more continuous and automated approach, enabling organisations to review new events as soon as they arise, assess their materiality and update customers’ records and risk classification accordingly.
pKYC automation allows for a more cost-efficient approach and trend towards real-time risk and compliance remediation. It can also generate strategic insight for the bank, both in terms of risk management and business value through Customer information and insight.
The case for AI to support end to end KYC STP
Compliance departments have trended over the past few years towards creating long-term strategies to streamline KYC operations, adopting new RegTech applications supporting AML-CFT infrastructure, and investment in AI-powered solutions is only going to continue in the months to come, with the following objectives and use cases:
- Proactive Risk Management approach: AI-backed applications can be used for continuous monitoring of customer data, behaviour, and transaction patterns, assess alignment with expected activity, and update dynamically customers risk profile. It can also review customer data change and trigger when required partial or full KYC review based on materiality of these changes.
- Reduction of manual processes: From ID&V to collect customer documentation, to collect customer data such as adverse media search, cross reference internal and external data and automate customer risk ratings to conduct EDD, identify UBOs and model their networks, and optimise workflows. AI-backed STP can free up resources to enable organisations to focus resources on high-risk / high complexity cases.
- Anticipate new fraudulent behaviours: Technologies such as biometric recognition, and facial recognition can enhance identity verification processes, detecting sophisticated GenAI and deepfake forged customer documentation.
The challenge of data quality, availability, and transparency: adopting KYC on the blockchain
A further key step taken towards enabling automation in the KYC space, in particular with AI and Machine Learning, and release the full potential and value realisation of these technologies is to ensure that data is available, accurate, maintained and controlled in an adequate fashion.
We see many of our FS Institution clients undertake significant data management programmes or bringing compliance and KYC within the scope and/or under the remit of their Chief Data Office. The additional challenge is to embed data protection regulation such as GDPR into the compliance operating model to ensure that sensitive customer and business data are collected, maintained, and protected in accordance with regulations,
In 2025 and beyond, we see the adoption of blockchain-based technology to support KYC operations as a growing trend, to provide accessibility to better quality data, in real time, and fed into AI models, to streamline on-boarding, KYC review, and support risk management framework.
As the KYC data recorded on the blockchain is decentralised, transparent and auditable, it is extremely useful to help feed AI models and get more refined assessment of customer data for onboarding, CDD / EDD, trigger event driven review, update risk ratings and trigger offboarding when necessary.
Data can be accessed on the blockchain by every bank in a relationship with a given customer and consume updated data in real time when that customer makes transactions with other banks, enhancing transparency and availability of transaction data.
This helps managing AML risks from a KYC perspective, but also sanctions risks, and make controls more sustainable for more complex products involving multiple parties, such as correspondent banking or trade finance.
Conclusion
To initiate or continue the journey towards KYC automation, there are a number of questions and challenges that should be clarified; what is the state of your supporting IT and tech infrastructure? i.e. how many systems are involved and how complex maintenance and integration would be? Do you have an efficient and fit-for-purpose end-to-end case management or workflow tool? How many vendors are providing tech services-? Is your KYC data “clean”? Can you identify, document, and maintain effective event-driven trigger rules? The list goes on…
pKYC is an incremental journey and will not cover 100% of your customers and scope. The implementation of relevant technology to support an iterative automation is extremely valuable. It allows to focus on high value tasks, sustain talent and resource retention, and create value for the business through Customer information and insight, as there is undoubtedly a trend and an appetite throughout the industry to integrate AML-CFT compliance as a key part of the business, supporting wider financial crime risk management framework, such as fraud prevention and sanction screening processes, but also support value generation through customer knowledge.
Our Risk and Compliance practice can bring you expert support to help you navigate your KYC journey. We offer advisory services, including a maturity review of your KYC framework, risk management assessment, and a thorough evaluation of policies, standards, and governance. Additionally, we assist with implementation, from designing and delivering a Target Operating Model (TOM) to selecting and deploying the right tooling solutions for KYC automation. Our expertise in data and analytics ensures the efficiency of the solutions implemented.
Reach out to discover how our KYC solutions can support your business in 2025 and beyond.