We built Kyonis, an agent-native KYC/AML compliance API. Before writing a single line of code, we made a critical decision: 100% open-source stack.
The result? An 80% reduction in infrastructure costs compared to a proprietary stack. Here's exactly what we use and why.
The Cost Comparison
| Component | Proprietary | Open-Source | Savings |
|---|---|---|---|
| Cloud hosting | €3,000/mo (AWS) | €400-800/mo (Scaleway) | 75% |
| LLM/AI | €1,500/mo | €200-400/mo (local + API) | 80% |
| Monitoring | €500/mo (Datadog) | €0 (Grafana) | 100% |
| Cache | €100/mo (Redis Cloud) | €0 (Valkey) | 100% |
| Search | €200/mo (Elastic) | €0 (PostgreSQL pg_trgm) | 100% |
| API Gateway | €100/mo (Kong) | €0 (Traefik) | 100% |
| Total | €5,400/mo | €800-1,200/mo | ~80% |
That's €75,000 saved over 18 months.
Our Stack
Backend: FastAPI + Go
The API layer uses FastAPI (Python) for its async capabilities and auto-generated OpenAPI docs. But for sanctions screening — where we need sub-500ms response times across 100K+ entries — we use a Go microservice with in-memory fuzzy matching.
Why not all Go? Because Python has the best AI/ML ecosystem (spaCy, HuggingFace, sentence-transformers). Why not all Python? Because Go gives us 10x throughput on the hot path.
Database: PostgreSQL Does Everything
No Elasticsearch. No dedicated search engine. PostgreSQL 16 with:
- pg_trgm for fuzzy name matching (sanctions screening)
- tsvector for full-text search
- GIN indexes for fast trigram lookups
- Partitioned tables for the audit trail (7-year retention)
One database instead of three. Simpler ops, fewer things that break at 3am.
Cache: Valkey (not Redis)
Redis changed its license. Valkey is the Linux Foundation fork — 100% compatible, truly open-source. Drop-in replacement, zero migration effort.
Message Queue: NATS (not Kafka)
Kafka requires ZooKeeper, JVM tuning, and a PhD in distributed systems. NATS is a single binary, 10MB RAM, and handles everything we need. JetStream gives us persistence when required.
AI: Hybrid Strategy (80% Local, 20% Cloud)
This is where it gets interesting:
- Level 1 — Ollama (Mistral 7B): Text extraction, classification, summarization. Cost: ~€0.
- Level 2 — spaCy + HuggingFace: NER for names, companies, addresses in KYC documents. Cost: €0.
- Level 3 — Claude API (20% of requests): Complex risk profiles, adverse media analysis, regulatory reports. Cost: ~€200-400/mo.
- Level 4 — Deterministic rules engine: Hard-coded regulatory thresholds, auditable scoring. Cost: €0.
80% of requests never hit a paid API. The local models handle extraction and classification. Claude only steps in for complex reasoning.
Monitoring: Grafana Stack
Grafana + Prometheus + Loki replaces Datadog. Same dashboards, same alerts, zero monthly bill.
Infrastructure: Scaleway Kapsule
We chose Scaleway over AWS:
- Kubernetes managed (Kapsule) — no cluster management overhead
- Paris datacenter — GDPR native, data stays in France
- 3-5x cheaper than equivalent AWS setup
- Startup program with up to €36K credits
Data: Open Data First
12 data sources, all free:
- Sanctions: OFAC, EU, UN, HMT, DFAT (government APIs, free)
- Company registries: API Sirene (France), Companies House (UK), SEC EDGAR (US) — all free
- Adverse media: GDELT Project (free, updated every 15 minutes)
- Offshore leaks: ICIJ database (Panama/Pandora Papers, free)
- UBO: OpenOwnership registry (free)
Total data cost at launch: €0/month. We add OpenSanctions (€500/mo) when we hit 50+ paying customers.
The Result
An API that:
- Screens against global sanctions in <500ms
- Runs full KYC verification in <3 seconds
- Includes explainable reasoning in every response
- Is discoverable by AI agents via MCP
- Costs €95/month to run (not €5,400)
Try It
Free Sandbox plan: 500 verifications/month, no credit card.
- 🌐 kyonis.com
- 📖 Documentation
- 🔌 API
- 🤖 MCP Server for Claude Desktop
- 💻 GitHub
If you're building a fintech or compliance tool, give it a spin and let me know what you think.
Top comments (0)