How to optimize the KYB process

30.01.2026


KYB (Know Your Business) is the process of collecting, verifying, and confirming information about legal entities as part of compliance procedures. It is carried out by banks, payment institutions, acquirers, and increasingly also by manufacturing companies, accounting firms, and law offices in order to determine who they are entering into a business relationship.

Conceptually, KYB is similar to the better-known KYC (Know Your Customer) process, which focuses on verifying the identity of individuals—for example, through selfie verification or national identity schemes such as mojeID. However, KYB involves a distinct set of procedures designed specifically to describe and assess business entities rather than natural persons.

Typical KYB Process

A standard KYB process consists of the following steps:

  1. Confirmation of the company’s existence in a public business registry;

  2. Identification of Ultimate Beneficial Owners (UBOs), i.e. natural persons who ultimately own or control the entity, either through capital ownership or actual control;

  3. Verification of the company’s representation structure—who is authorised to enter into business relationships on behalf of the entity and who bears responsibility for such relationships;

  4. Verification of the identity of authorised representatives, ensuring that the individuals establishing the business relationship are indeed those listed in the company’s representation records;

  5. Screening of the UBOs, representatives, and the entity itself against sanctions lists, PEP lists, and adverse media—an AML directive requirement prohibiting cooperation with sanctioned entities and requiring enhanced due diligence for PEP-linked or negatively perceived entities (e.g. past convictions);

  6. Collection of supporting data, such as expected transaction volumes, average transaction values, and confirmation that the declared business activity aligns with what can be verified online;

  7. Risk assessment—depending on offered products and risk appetite—requiring obligated entities to clearly define, continuously monitor, and appropriately diversify their risk exposure;

  8. Ongoing risk monitoring, including the collection of updated information about the entity—tracking changes in public registries, sanctions lists, PEP status, and assessing risk based on customer behaviour.

KYB vs. KYC – Operational Complexity

Due to the greater number of variables involved, KYB is operationally far more complex than KYC. While individual customer verification can often be completed within minutes, KYB procedures may take hours—and in complex cases, even months.

For payment institutions serving large numbers of corporate clients or high-risk entities, KYB is often performed manually. Companies employ entire teams or outsource the process, manually executing the steps listed above. This significantly increases onboarding costs, slows down growth, and complicates the end-customer experience.

As a result, many obligated institutions opt for partial or full automation of KYB processes. This is made possible through API orchestration, automated data processing, and AI-assisted handling of repetitive tasks. Modern platforms such as Transactionlink enable end-to-end automation—from instant data retrieval from global sources, through complex ownership analysis, to downstream actions such as client outreach for data confirmation, gap-filling in reports, and continuous monitoring of the entire client portfolio.

No One-Size-Fits-All KYB Solution

Due to the complexity of KYB, there is no universal “out-of-the-box” solution that meets all needs. KYB challenges can only be addressed by platforms offering customisable automation frameworks, tailored to the type of business conducted and the customer segments served.

In practice, KYB optimisation typically focuses on three main dimensions:

1. Onboarding Volume

When monthly onboarding volumes exceed approximately 50 companies, introducing automated onboarding workflows becomes more efficient than manual procedures.

A good example of volume-driven KYB optimisation can be seen in companies such as Fiserv, PeP, or eService, which support terminal-based payment processing. These entities typically serve very large numbers of merchants with relatively simple ownership structures. While individual onboarding cases are not overly complex, the sheer scale—often tens of thousands of clients—makes automation essential.

In such cases, KYB optimisation focuses on automating repetitive tasks:

  • automated retrieval of registry data and official extracts (PDFs),

  • automated AML screening of entities and associated individuals,

  • efficient identity verification of representatives,

  • electronic contract signing.

A key requirement is data consistency—retrieval and processing must be uniform so that other system components can continuously analyse entities. Equally important is robust handling of edge cases (e.g. incomplete address data, suspended activities, complex representation structures) to minimise manual intervention.

2. Client Complexity

Many obligated institutions seek to onboard entities with complex ownership structures, particularly cross-border ones. These are typically large companies, groups, or conglomerates with extensive ownership and capital linkages.

To conduct a proper KYB analysis and identify UBOs, institutions must analyse ownership percentages and build an ownership tree. Multiple ownership layers may exist, often ending in complex jurisdictions such as Luxembourg, Cyprus, or Jersey. Institutions are required to identify UBOs even when such information is not publicly available, significantly increasing the challenge.

A notable Polish example is InPost Sp. z o.o.. A KYB analysis would begin with Poland’s KRS registry, revealing that 100% of shares are owned by Integer Group Services Sp. z o.o., whose shareholders include Integer.pl S.A. and InPost Paczkomaty Sp. z o.o. Integer.pl S.A. is in turn owned by InPost S.A., a Luxembourg-registered entity (Société Anonyme). At this stage, analysis shifts to the Luxembourg registry, eventually leading to the Cayman Islands, where public corporate data is unavailable. At this point, the analyst must work directly with the client using corporate documentation.

Registry analysis alone involves over 12 sequential ownership checks, not including checks of executive bodies, AML screening, UBO registries, or corporate agreements. It is, therefore, unsurprising that onboarding such entities can take several months.

Optimisation in such cases relies on providing analysts with comprehensive data sets: automated global registry data retrieval, automated analysis of non-registered ownership links, and enrichment with property, financial, and shareholder reporting data. Additional optimisation comes from integrated client communication tools that eliminate lengthy email exchanges.

3. Client Diversity

The third major automation driver is diversity of legal forms. Institutions onboarding commercial companies, foundations, partnerships, municipalities, and sole proprietorships simultaneously must understand the nuances of ownership definitions and documentation requirements for each entity type.

This challenge intensifies in international operations. While many EU countries maintain public corporate registries, sole proprietorship and foundation data may be fragmented or unavailable, requiring manual aggregation.

Austria provides a strong example. While Firmenbuch covers commercial companies, sole proprietorships require either client-provided registration documents (Gewerbeanmeldung) or queries to GISA, a trades and professions registry. GISA data is often available only as PDF files and requires exact registration numbers. Similarly, foundations and associations are recorded in ZVR, again accessible only via PDFs.

Clients frequently provide only a registration number and expect a well-designed KYB process to correctly identify whether they are a company, sole trader, or association.

Optimisation in this context requires integrating all available data sources into a single system, returning data in a consistent format regardless of whether the source provides XML, JSON, or PDF files. An additional improvement is cascading search logic—if data is not found in one source, the system automatically queries others until a result is found or all options are exhausted.

This approach delivers a smoother onboarding experience for clients and eliminates the need for analysts to manually navigate numerous fragmented or unstable registries.

Mateusz Pniewski, CEO & Founder, TransactionLink

Gabriela Kocurek

Specjalizacje

Specjalizuje się w prawie nowych technologii i regulacji rynków finansowych, prawie własności intelektualnej, prawie ochrony danych osobowych oraz prawie zamówień publicznych. 

Jest ekspertem w obszarze regulacji dotyczących usług chmurowych oraz outsourcingu usług IT, z uwzględnieniem specyfiki sektora finansowego. Wspiera klientów w obszarze zamówień publicznych, z uwzględnieniem specyfiki zamówień w sektorze IT.


Doświadczenie

Doradza w szczególności klientom z branży FinTech, IT, cyberbezpieczeństwa, e-commerce i branży nowych technologii:

  • Posiada bogate doświadczenie w przygotowywaniu i negocjowaniu umów IT, umów wdrożeniowych oraz umów na świadczenie usług IT w modelu SaaS a także umów licencyjnych, dotyczących przeniesienia know-how, transferu praw własności intelektualnej jak również umów dotyczących komercjalizacji wyników prac badawczo – rozwojowych.
  • Wspiera klientów z sektora FinTech w dostosowaniu umów i wdrażaniu wymogów regulacyjnych właściwych dla sektora finansowego. Doradza i wspiera klientów w negocjowaniu umów IT w reżimie outsourcingu bankowego, inwestycyjnego, chmury obliczeniowej i outsourcingu w rozumieniu wytycznych EBA.
  • Doradza w zakresie umów IT oraz ochrony danych osobowych podmiotom z branży IT Security.
  • Współuczestniczyła w audycie procedur ochrony danych osobowych w grupie spółek o zasięgu globalnym.
  • Doradza klientom w zakresie prowadzenia kampanii marketingowych o zasięgu międzynarodowym.
  • Wspiera klientów kancelarii w postępowaniach o udzielenie zamówień publicznych. Doradzała klientowi kancelarii w postępowaniu o udzielenie zamówienia publicznego na wdrożenie Platformy Kanałów Elektronicznych przez Bank Gospodarstwa Krajowego oraz z sukcesem reprezentowała klienta w postępowaniu dotyczącym tego zamówienia przed Krajową Izbą Odwoławczą.


Kwalifikacje i uprawnienia zawodowe

Radca prawny przy Okręgowej Izbie Radców Prawnych w Krakowie.

Absolwentka studiów podyplomowych na kierunku Prawo Zamówień Publicznych na Wydziale Prawa i Administracji Uniwersytetu Warszawskiego.

Absolwentka studiów magisterskich na kierunku Prawo na Wydziale Prawa i Administracji Uniwersytetu Jagiellońskiego.

Absolwentka studiów licencjackich i magisterskich na kierunku Administracja na Wydziale Prawa i Administracji Uniwersytetu Jagiellońskiego.