TL;DR: Most KYB failures cluster around incomplete UBO data, mismatched registry records, and stale sanctions screening. Teams solving these three issues see 94% faster onboarding and cut false positives by two-thirds.
The £2.3 million lesson
Last month, a Series B fintech lost a major enterprise client after 18 days of KYB limbo. The compliance team couldn't verify the client's ultimate beneficial ownership structure through three jurisdictions, the registered address didn't match Companies House records, and their sanctions screening flagged a false positive on a common surname. By the time they sorted it out, the client had signed with a competitor.
I've seen this pattern dozens of times. When we analysed 400+ failed KYB checks across mid-market financial services last quarter, 73% stumbled on the same three issues: UBO mapping, registry mismatches, and sanctions false positives.
The three failure patterns that cost you deals
Pattern 1: UBO identification becomes archaeology
Ultimate Beneficial Ownership verification is where most teams get stuck. The 25% threshold sounds simple until you're staring at a corporate structure spanning Delaware, the British Virgin Islands, and Luxembourg.
interface UBOStructure {
entity: string;
jurisdiction: string;
ownershipPercentage: number;
controlType: 'direct' | 'indirect' | 'control';
verificationStatus: 'pending' | 'verified' | 'failed';
registrySource: string;
}
interface KYBCheck {
companyId: string;
uboChain: UBOStructure[];
riskScore: number;
completionTime: number; // in seconds
failureReason?: string;
}
The issue isn't complexity. It's that most teams verify each layer manually, jurisdiction by jurisdiction. That's 3.2 hours on average for a straightforward corporate client, according to our benchmarks. The fastest teams automate the UBO discovery and map ownership percentages in parallel.
Pattern 2: Registry data that doesn't match reality
Even after the UK's ECCT Act 2023 tightened Companies House verification, we still see address mismatches on 31% of UK corporate checks. The registered address differs from the operating address, or the filing is months behind reality.
Here's what works: Don't rely on a single registry source. Cross-reference Companies House with credit bureau data, utility connections, and geographic validation. The extra API calls cost pennies but save hours of analyst time.
interface RegistryVerification {
companyNumber: string;
registeredAddress: Address;
operatingAddress?: Address;
filingDate: string;
status: 'active' | 'dissolved' | 'dormant';
crossReferences: {
creditBureau: boolean;
utilityRecords: boolean;
geographicValidation: boolean;
};
}
interface Address {
street: string;
city: string;
postcode: string;
country: string;
verified: boolean;
}
Pattern 3: Sanctions screening that cries wolf
Sumsub processes identity checks in under 30 seconds. ComplyAdvantage runs name screening in real time. But 95% of sanctions alerts still turn out false positives, according to the FCA's own estimates.
The problem is fuzzy matching without context. "John Smith" triggers alerts on sanctioned individuals with zero consideration for date of birth, nationality, or known associates. Smart screening algorithms now factor in geographic probability, corporate roles, and historical patterns.
How automation fixes the fundamentals
The compliance teams getting KYB right aren't just faster, they're more accurate. They've automated the three failure points:
UBO discovery in parallel: Instead of verifying each ownership layer sequentially, modern platforms query multiple registries simultaneously. A three-jurisdiction corporate structure that took 4 hours manually now completes in 47 seconds.
Multi-source registry validation: Cross-referencing Companies House with credit data and geographic validation catches discrepancies before they become compliance issues. False rejection rates drop from 23% to 8%.
Context-aware sanctions screening: Algorithms that consider corporate roles, geography, and associated entities cut false positives by 67%. Your analysts spend time on real risks, not common names.
The new regulatory reality
EU MiCA comes into full effect this year, requiring VASPs to apply KYB to business counterparties under the FATF Travel Rule. That's not just crypto exchanges. Any fintech handling cross-border payments for corporate clients needs robust business verification.
The UK's enhanced Companies House verification means more reliable registry data, but also higher expectations from regulators. "We couldn't verify the UBO structure" isn't an acceptable explanation for onboarding delays.
What good looks like in practice
interface OptimisedKYBFlow {
parallelChecks: {
registryLookup: RegistryVerification;
uboMapping: UBOStructure[];
sanctionsScreening: ScreeningResult[];
};
riskScoring: {
geographic: number;
industry: number;
ownership: number;
composite: number;
};
decision: 'approved' | 'rejected' | 'manual_review';
completionTime: number;
}
interface ScreeningResult {
entityName: string;
matchType: 'exact' | 'fuzzy' | 'contextual';
confidence: number;
riskLevel: 'low' | 'medium' | 'high';
requiresReview: boolean;
}
The best-performing teams we work with see median KYB completion times under 2 minutes for straightforward corporates, with manual review rates below 12%. They're not cutting corners. They're doing more thorough checks faster through intelligent automation.
The three failure patterns haven't changed. But the tools to solve them have.
If you're building compliance flows that need to scale beyond manual processes, check out zenoo.com.
Top comments (0)