KYC & digital onboarding
SPID/CIE/eIDAS identification, AML/PEP/sanction screening, beneficial owner check and continuous refresh.
What is the KYC & Onboarding module?
KYC onboarding is the module that automates identification, AML verification and customer activation — brokers, MGAs, corporate and private principals — per AML4/AML5/AML6 obligations and IVASS Reg. 40/2018. It runs remote identification via SPID, CIE or video-identification with liveness; screening against PEP lists, EU/UN/OFAC sanctions, embargoes; beneficial owner verification via the Italian Beneficial Owners Registry (RITE); risk scoring based on customer profile, country, sector, expected exposure; automatic scheduling of the periodic KYC refresh. Replaces paper-based processes (AML forms, ID photocopies, monitoring spreadsheets) with a compliant digital flow in 1-2 days vs 2-3 weeks.
Who operates KYC/AML processes
What the KYC module does
- SPID L2/L3, CIE, multi-country eIDAS identification
- Video-identification with liveness (operator or AI)
- ID document OCR + facial recognition
- VAT and tax-code verification against official registries
- RITE query (Italian Beneficial Owners Registry)
- Beneficial owner identification ≥ 25% ownership
- PEP screening (Italian + foreign lists)
- Sanction screening EU, UN, OFAC, UK HMT (daily-updated)
- Configurable risk scoring per profile / sector / country
- Automatic refresh every 12/24/36 months per rating
- Automatic freeze on missed refresh
- Italian UIF (Financial Intelligence Unit) reporting ready
From entry to operational customer
Onboarding start
Procedure opened from broker portal or by underwriter. Entry of VAT / tax code / master data. Auto-fill from external registries.
Identification
Physical person: SPID, CIE or video-ID with liveness. Legal entity: identification of legal representative + RITE query for beneficial owners.
AML screening
Automatic match against PEP, sanction lists, embargoes. Confidence scoring on partial matches. High-confidence hits routed to AML officer for manual review.
Scoring & rating
Risk rating computation (LOW / MEDIUM / HIGH) based on profile, country of residence, activity sector, expected amounts, presence of foreign BOs. Output drives refresh frequency.
Sign-off & activation
AML officer approves (or runs enhanced due diligence if HIGH risk). Customer activated for policy issuance. Audit log with decision justification.
Continuous monitoring
System schedules periodic refresh, re-screens against updated lists, flags anomalies. On new risk evidence: freeze + AML officer alert.
Technical stack
Impact on KYC/AML processes
Frequently asked questions about KYC onboarding
What's the difference between KYC and AML?
KYC (Know Your Customer) is the set of identification and verification procedures performed when a relationship starts. AML (Anti-Money Laundering) is the set of continuous monitoring obligations to prevent money laundering and terrorism financing. KYC is a tool of AML: KYC identifies who the customer is, AML verifies whether they represent elevated risk throughout the relationship.
What is a beneficial owner?
The beneficial owner (BO) is the physical person who owns or controls — directly or indirectly — the customer entity, typically above 25% of capital or voting rights. Per AML5/AML6 every insurance broker must identify BOs of corporate customers, verify them against PEP and sanction lists, and keep the data updated. NewPicass 14.Net queries the Italian Beneficial Owners Registry (RITE) when available.
What are PEP and sanction screening?
PEP (Politically Exposed Person) are individuals in relevant public office — Italian or foreign — that require enhanced due diligence. Sanction screening is the verification of the subject against EU, UN, US OFAC, UK HMT sanction lists. The module continuously checks customers against daily-updated lists, flags matches for manual review, keeps audit logs.
How often is the periodic refresh of an existing customer needed?
Ongoing KYC requires periodic update based on the customer risk rating: HIGH every 12 months, MEDIUM every 24 months, LOW every 36 months. The module automatically schedules refreshes, sends requests to the customer via portal/PEC, monitors responses. Missed refresh = automatic operation freeze until completion.
Is SPID identification valid for AML purposes?
Yes. SPID level 2/3 is accepted as a remote-identification tool under the Italian M.D. of 19/07/2019 and the Bank of Italy AML Order. CIE is equivalent. For foreign subjects the module supports video-identification with document recognition and selfie liveness (live operator or AI-driven).
How are PEP/sanction false positives handled?
The module flags matches with a confidence score (e.g. 87% for partial name match). Review workflow: AML officer examines the case, can close as false positive with documented reasoning, or open enhanced due diligence if confirmed. Everything logged in audit trail. The confidence threshold below which a match is auto-closed without manual review is configurable.
Continue exploring the platform
Want to see KYC & digital onboarding in action on your real flows?
45 minutes with one of our engineers, no sales script. You show us your current process and we show you concretely how this module would solve the critical points.