In the past—when business was done with a handshake and physical presence—there was no doubt about who you were dealing with. Contracts were signed in person, whether at the marketplace, in the office, or face-to-face at the bank. In today’s digital era, however, customers are often represented only by digital identities. This shift brings with it new opportunities, but also significant risks such as money laundering and fraud.
As a result, secure and legally compliant customer identification is becoming increasingly vital for banks. In order to build trust and meet regulatory requirements, financial institutions must implement processes that combine digital efficiency with robust security. One such process is Know Your Customer, or KYC.
What is KYC?
KYC (Know Your Customer) refers to the legally required process of identifying and verifying the identity of a customer before entering into a business relationship. The objective is to prevent money laundering, fraud, and the financing of terrorism. KYC verification is a key compliance requirement for banks, FinTechs, and other financial service providers.
Why KYC is Especially Relevant in Open Banking
With the introduction of Open Banking under the EU’s PSD2 directive, access to financial data has fundamentally changed. Customers can now allow authorised third-party providers (TPPs) to access their bank account information – securely, in a standardised format, and in real time.
While this new openness paves the way for innovative financial services, it also places increased demands on identity verification and data integrity.
Key considerations include:
- Data is no longer exchanged solely between bank and customer, but among multiple, often technically independent, parties.
- Expectations for seamless digital customer experiences require fully automated and interruption-free KYC procedures.
- Data security, privacy, and control over personal information must be ensured at all times – in line with regulations such as the GDPR and anti-money laundering directives.
Regulatory Framework
The implementation of KYC in banking is closely tied to various European legal regulations. For example, the PSD2 directive opens up access to banking data for third-party providers (TPPs), but at the same time requires strong customer authentication to ensure the protection of personal data. In addition, the Anti-Money Laundering Directive (AMLD), particularly its sixth version (6AMLD), plays a key role by mandating comprehensive KYC checks to prevent money laundering. The eIDAS regulation facilitates the process by enabling the use of electronic identification, which is increasingly applied in open banking scenarios. Lastly, the General Data Protection Regulation (GDPR) governs the processing and protection of personal data—an essential factor when customer data is used or shared in the context of KYC processes.
Challenges of KYC in Open Banking
KYC verification within the context of open banking presents a range of specific challenges. One of the key hurdles is identity verification during a fully digital onboarding process. While traditional methods often rely on physical documents or in-person identification, the digital environment demands fast, reliable, and fully automated solutions – without compromising security.
Another issue is the problem of system discontinuities: the flow of information between banks and third-party providers (TPPs) is not always seamless from a technical standpoint. Differences in systems, interfaces, or data formats can lead to delays or uncertainties that ultimately affect the customer experience.
A further critical challenge lies in the varying KYC requirements depending on the country, regulatory authority, or even individual banking institution. This fragmentation makes it difficult for cross-border providers to implement standardised processes.
In addition, maintaining data consistency and security across multiple systems is essential. Customer data must not only be accurate and up to date, but must also be processed and stored in full compliance with GDPR at all times.
Finally, every institution faces the inherent conflict between user experience and regulatory compliance: how can an onboarding process be designed to meet all legal requirements while remaining so intuitive that users do not abandon it? Striking the right balance between security, efficiency, and user-friendliness is one of the central challenges of the modern KYC process.
Opportunities for Banks and FinTechs
KYC in banking offers a wide range of opportunities for both banks and FinTechs. By automating verification processes, manual efforts can be significantly reduced, leading to noticeable efficiency gains and lower operational costs. At the same time, KYC verification becomes an integral part of seamless digital onboarding, enhancing the user experience and reducing drop-out rates. In addition, new business models are emerging: banks can position themselves as trusted identity providers – for example, through “Bank ID” solutions. Finally, the account insights gained through KYC enable the development of personalised financial products tailored specifically to individual customer needs.
