In today’s world banks, payment platforms, and professional services firms are onboarding entities whose ownership chains run through Europe, offshore centres, Asia and the US.

Often with trusts, foundations and complex control structures in the mix. This webinar explores how to:

• Meet KYB and UBO obligations in Europe while dealing with fragmented data and divergent registries
• Spot where “the criminals don’t change – only their vehicles do”
• Balance speed of onboarding with genuine risk understanding and regulatory expectations
• Use RegTech, registry data, open banking and crypto rails as enablers, not replacements, for professional judgement

Key experts include:

– Gabriella Catlin – Group Head of Client Onboarding at Carey Olsen key expert on complex, high-net-worth offshore structures and trust arrangements in legal and property sectors.

– Ray Blake – Presenter of The Dark Money Files Ltd and FinCrime subject expert at RiskAlert247; key expert on identifying criminal networks through advanced risk indicators.

– Grant Evans – VP, Sales & Partnerships at Worldpay for Platforms; key expert on on payments industry challenges with drop-shipping and miscoded gambling.

– Claus Christensen – CEO & Co-Founder at Know Your Customer Limited; key expert on registry technology and global data access for KYB information.

What is KYB?

KYB involves the full identification and verification of business entities for anti-money laundering (AML) compliance and risk management. Unlike individual identity verification (KYC), corporate entities are structured and have multiple components requiring verification:

• Entity identification – Verifying the business itself
• Controlling parties – Directors, corporate secretaries, and other controlling entities
• Beneficial owners – Starting at the shareholder level and potentially extending through ownership chains
• Purpose of relationship – Understanding why the entity needs the service

As Claus Christensen explained, KYB is necessary for financial institutions to meet their AML obligations, but the requirements extend beyond just ticking regulatory boxes.

Key Data Points and Red Flags

Ray Blake emphasized that while basic verification meets regulatory requirements, compliance teams must understand the nature and purpose of the relationship. This context helps interpret whether a client’s subsequent activities align with expectations.

Red flag indicators include:

• Complex cross-border structures without clear economic justification
• Multiple entities with similar ownership at different addresses, all struck off before filing accounts
• Frequent changes in directors or shareholders
• Structures spanning multiple jurisdictions that don’t match the stated business purpose
• Discrepancies between stated business activities and actual transactions

The Human Element

Claus Christensen highlighted a key duality in compliance work: mechanical verification tasks versus contextual judgment. While technology can handle routine checks, compliance staff must assess whether complex structures make sense for the stated business purpose. “Does this structure across three different countries and two continents make sense for a flower stall that has just opened an account with us?” he asked.

Technology and Data Sources – Static vs Live Registry Data

A significant discussion point was the difference between static databases and live primary source data.

Static databases contain historical information compiled from various sources. While access is fast (milliseconds), the data can be weeks, months, or years outdated. This creates onboarding risks, as companies change directors, shareholders, and structures frequently.

Live registry connections query official government registries in real-time. Know Your Customer’s platform, for example, connects to 146 country registries and retrieves current information on-demand. While slightly slower (minutes rather than milliseconds), this ensures accuracy and compliance.

As Claus noted: “Businesses are dynamic in nature. They can change certain aspects of themselves any business day. A director can resign, another director can come on, a shareholder can acquire new shares—any business day.”

Speed vs Compliance

Grant Evans from WorldPay emphasized that speed has become paramount in competitive markets. Legacy processes requiring physical document uploads no longer meet customer expectations.

WorldPay’s modern approach includes:

• Selfie and ID scanning – Capturing verification in the moment on mobile devices
• Open banking integration – Using confirmation of payee for bank account verification
• Pre-populated data fields – Customers type company names and data auto-fills

This eliminates friction points that previously added days to onboarding. However, Grant warned against “partial onboarding” where customers believe they’re live but funds are held pending delayed verification checks—a practice that creates poor customer experiences.

The Challenge of Cross-Border Complexity

Gabriella Catlin described how offshore law firms handle cross-border complexity. Cary Olson operates globally across the Channel Islands, Caribbean, Asia, and London, often engaging with the same client through multiple offices.

Key challenges include:

• Different UBO thresholds by jurisdiction (25% in UK/Channel Islands vs. 10% in Caribbean)
• Reliance on primary source documents from clients
• Need for certified documentation from onshore lawyers
• Coordination across offices in different time zones

Most Challenging Jurisdictions

When asked which countries pose the greatest challenges for obtaining UBO data, panelists offered surprising answers:

Delaware, United States – Claus Christensen called Delaware “the world’s black hole of information,” noting the extreme difficulty in obtaining ownership data—more challenging than jurisdictions typically associated with secrecy.

United Kingdom – Ray Blake highlighted that the UK’s Person with Significant Control (PSC) register doesn’t actually contain shareholder percentage data as a field. This information must be extracted manually from documents or through AI-enabled technology, making the UK register less transparent than it appears.

United States broadly – Gabriella confirmed that US states generally present difficulties beyond just Delaware.

Sanctions and Regulatory Complexity

The past three to four years have seen dramatic changes in sanctions regimes. Claus noted that updates previously occurred semi-annually but now happen weekly with hundreds of names added.

This creates multiple challenges:

• Continuous screening requirements – Organizations must screen nightly to catch updates
• Verification of current data – Ensuring screened individuals are still current directors/shareholders
• Complex decision-making – Determining whether to continue relationships, apply for licenses, or exit

Gabriella described how Cary Olson handles sanctions hits through a Senior Risk Committee comprising partners from every jurisdiction. When Russian sanctions were imposed, the firm conducted overnight periodic reviews of all clients affiliated with sanctioned jurisdictions, examining whether they remained resident or registered there.

The Four Stakeholder Balance

Ray Blake articulated the competing interests compliance teams must balance:

1. Legal obligations – Meeting regulatory requirements
2. Customers – Duty of care and fair treatment
3. Society – Preventing bad actors from causing harm
4. Shareholders – Maintaining reasonable profitability

Balancing these four stakeholders requires advanced skills and operational robustness. As one panelist noted: “If you think the cost of being compliant is expensive, try being uncompliant.”

Adverse Media and Reputational Risk

Grant Evans provided nuanced perspective on adverse media screening. Different organizations have varying risk appetites, and adverse media requires interpretation:

• A lawsuit from four years ago that the business won may not indicate current risk
• Blog posts versus mainstream media articles carry different weight
• Timing matters—incidents from decades ago may be less relevant
• Emerging channels like YouTube whistleblowing raise questions about what constitutes credible media

However, reputational risk remains paramount. Gabriella confirmed that law firms regularly decline clients based on adverse media, stating: “There’s nothing wrong in ceasing that client relationship if you think it could have long term damage to your firm.”

Ray Blake suggested a broader approach: searching Google News rather than general Google results, focusing on names that appear repeatedly in business coverage, then verifying whether those individuals are disclosed as shareholders or UBOs.

Ongoing Monitoring

Organizations cannot rely solely on onboarding verification. Companies evolve, and ownership structures change.

Available solutions include:

• UK Companies House free subscription alerts for any company changes
• Risk Alert 247’s 180 risk flags with change notifications
• Know Your Customer’s perpetual compliance features with push notifications
• Periodic reviews (six months to annually depending on risk)

Claus noted some resistance to continuous alerts from customers concerned about volume, but emphasized that for higher-risk relationships, immediate notification of changes is critical.

The Future of KYB

Panelists identified several trends:

Digital identity wallets – Businesses could maintain digital profiles that update automatically, instantly notifying all parties when directors or shareholders change. Singapore’s MyInfo and CorpPass were cited as examples, though the technology remains in experimental phases.

Increased connectivity – Movement away from static databases toward hyper-connected real-time registry systems.

Stablecoin integration – As business moves to blockchain rails, identity verification must adapt to new transaction methods.

AI and automation – Removing mechanical tasks to let compliance staff focus on contextual judgment.

Greater transparency requirements – Regulatory pressure for more open data across jurisdictions.

Key Takeaways

1. Primary source data matters – Real-time registry connections provide accuracy that static databases cannot match for regulated entities.
2. Speed without shortcuts – Modern onboarding can be fast without compromising compliance through embedded digital journeys and smart data use.
3. Context is critical – Mechanical verification alone is insufficient; compliance teams must assess whether structures make business sense.
4. Cross-border complexity is increasing – Globalization means even regional businesses often have international ownership structures.
5. Vendor due diligence is essential – Organizations must thoroughly vet KYB technology providers, as some use fraudulent practices or inaccurate data sources.
6. Ongoing monitoring is mandatory – The company onboarded today may not be the same company tomorrow without continuous screening.
7. Human judgment remains irreplaceable – Technology enables efficiency, but regulators hold people accountable, not systems. Professional judgment cannot be outsourced to automation.

As Ray Blake summarized: “Professional money launderers know what your tick boxes are and they’re very good at ticking your boxes. So you have to look beyond the mechanics and ask yourself—is this how I’d structure this business if I had a legitimate commercial justification?”