KYC AML Guide: the Clock shows the average reeding time of the blog08 min Read


KYC AML Guide: the Clock shows the average reeding time of the blogSeptember 13, 2023

What is Perpetual KYC (pKYC)?

The regulatory landscape of KYC (Kow Your Customer) is becoming increasingly stringent in response to the prevailing threat of financial crimes. Dr Henry Balani, Head of the Global Industry & Regulatory Affairs advocates the implementation of dynamic & automated KYC process. Manual KYC is nearly outdated in many aspects such as the use requirement of larger resources & time, To mitigate this banks and FIs need to accelerate their digitization especially for KYC to tackle global financial crimes. Undeniably, the risk of Money Laundering and Fraud is on the rise as criminals find newer ways to outwit the system. Perpetual KYC (pKYC) is an ongoing due diligence approach to onboard clients for improved security.

Belal Mahmoud

KYC Product Consultant

Definition of Perpetual KYC

Perpetual KYC as the name suggests is a recurring and uninterrupted client onboarding and verification process. Instead of Periodic KYC verification which is time-consuming, Perpetual KYC occurs in real-time through an automated process that mostly integrates Artificial Intelligence (AI) and Machine Learning (ML). While traditional KYC is typically a one-time or periodic procedure conducted at the onboarding stage and in intervals thereafter, perpetual KYC involves continuous monitoring and updates of customer information throughout the entire customer relationship.

How does Perpetual KYC work?

It is similar to traditional KYC from a theoretical aspect. But in working Perpetual KYC is executed in three steps:

Initial Verification:

Perpetual KYC begins with an initial identity verification of a customer, through identification documents like ID Card, Passport, Driver’s license, and Utility bills.

Continuous Monitoring:

Unlike traditional KYC, where customer data is periodically rechecked, perpetual KYC employs continuous monitoring (ongoing monitoring). This involves the use of technology and data sources to automatically track and verify customer data in real-time. This can include checking against government databases, sanctions lists, and watchlists.

Alerts and Updates:

Whenever there is a significant change in a customer’s profile i.e. a customer changes his address, updates the income source, or depicts suspicious behavior, the system generates Red Flags. These alerts trigger further investigation, potential re-verification, or additional compliance measures.

Importance of Perpetual KYC

A 2021 report on Fintech Friction Index statistics revealed that existing KYC and Mobile KYC applications have loopholes in the onboarding process. 10 applications were observed during customer onboarding under 5 factors and the average results were as follows:

  • The average number of clicks that customers did was 29.2
  • The average number of fields that a customer needed to fill was 15.9
  • The average number of screens a customer visited was 14.3
  • The average sign-up time through these apps was 6 minutes and 50 seconds
  • The average onboarding friction index turned out to be 6
  • The added factors included 2-step verification, PII requirements, Address verification, Legal Notices, Linking of bank accounts, and Authenticating new accounts

Based on the statistics from the report, Forbes derived the following outcomes:

  • 40-60% of users canceled their decision of account creation (sign-up)
  • 89% of users did not have a good KYC experience
  • 13% switched to another financial institution service provider

The customer onboarding itself is a significant phase where friction & cost increase and this doesn’t end here. The changes in client information like change of address, aging, deaths, and financial information changes occur regularly. To keep up with this, KYC service providers need Perpetual KYC to carry out ongoing customer data updates.

Benefits of Perpetual KYC

1 Enhanced Compliance

Perpetual KYC helps financial institutions and other regulated entities stay compliant with evolving regulations and requirements. It reduces the risk of dealing with outdated or inaccurate customer information.

2 Improved Risk Management

Continuous monitoring allows businesses to promptly identify and respond to suspicious or high-risk activities, reducing the risk of financial crimes like money laundering and fraud.

3 Enhanced Customer Experience

Customers may appreciate the reduced need for manual data submissions and re-verification, as well as the added security that comes with perpetual KYC.

Difference Between Periodic KYC and Perpetual KYC

Periodic KYC is currently the most in-demand and ongoing due diligence process as it integrates the use of the most updated technology for customer onboarding. On the other hand, periodic KYC verifies and updates customer information in intervals. Here are some of the main differences between the two:

Factors Periodic KYC (Traditional KYC) Perpetual KYC (Continuous KYC)
Risk Management & Compliance It is often seen as an essential regulatory compliance requirement to meet regulatory standards. Reduces compliance risks. More focused on continuous risk management through prompt identification of suspicious & high-risk activities.
Customer Experience Less convenient due to the hassle of providing physical documents and regularly updating them from the customer’s end. Notably enhances the KYC experience for customers by reducing the need for manual data submission and re-verification.
Identity Verification Customer Identities are verified in intervals and updated accordingly. These intervals typically range in years. Customer identities are verified and through ongoing monitoring, they are updated whenever a change occurs.
Update Interval Customers might need to go through multiple KYC processes due to interval-based updates. Regular customer data updates prevent the need for multiple KYC verification. As soon as a change occurs, the system automatically updates the database of the customer.
Privacy & Data Security Privacy risk is reduced due to less frequent data updates. High risk of privacy and data security due to the continuous updates in customers’ data.

Few Considerations in Implementing Perpetual KYC

While implementing pKYC, the following are the main concerns a fintech client should be aware of:

1 Customer Consent

Clearly communicate the perpetual KYC process to customers and obtain their consent for continuous monitoring and updates of their data.

2 Data Accuracy

Establish mechanisms to verify and maintain the accuracy of customer data. Address the discrepancies in customer data promptly.

3 Monitoring Algorithms

Develop or deploy advanced monitoring algorithms, such as AI and machine learning, to detect unusual or suspicious customer activities in real-time.

4 False Positives

Develop strategies to reduce false positives in the alert system to avoid unnecessary disruptions for customers and staff.

5 Data Management

Define policies for data retention, data privacy, and data deletion to comply with data protection regulations.

6 Third Party Vendors

If you have acquired a third-party vendor for Perpetual KYC, conduct due diligence on their compliance practices and security measures to check whether they are aligned with your requirements or not. You can hire a professional consultancy to choose your vendor or consult a KYC vendor analysis in this case.

How KYC AML Guide can help you in Perpetual KYC?

KYC AML Guide is the ultimate source of regulatory compliance expert knowledge to facilitate clients in choosing the best KYC solution provider. We have years of experience and industry expertise and we guide our clients with full confidence throughout their compliance journey.


KYC AML Guide: the Facebook share KYC AML Guide: the Linkedin share KYC AML Guide: the Twitter share
Belal Mahmoud
KYC AML Guide: the Linkedin share

Belal possess over 8 years experience in the KYC Identity Verification industry. He has consulted KYC solutions for over 20 new economy companies at DIFC and ADGM while ensuring a seamless technical integration and helped in jurisdictional compliance audits.