Blog · May 21, 2026

Closed-Loop KYB: KYC Every UBO From One Session

A Didit KYB session spawns a linked KYC session for every ultimate beneficial owner on the same unified /v3/ API — verify the company and the humans behind it in one closed loop.

By DiditMay 21, 2026Updated May 21, 2026

Most KYB and KYC stacks are two products bolted together. You verify the company in one tool, export a list of beneficial owners, then re-key those names into a separate identity tool to verify the humans — assuming the handoff doesn't drop anyone. The seam between "we know the company" and "we know the people behind it" is exactly where shell structures hide, and it's the seam most providers leave open.

Didit closes it. A KYB session doesn't just name the ultimate beneficial owners — it can spawn a linked KYC session for each one, on the same unified /v3/ API. Verify the entity and the individuals who control it in a single, connected flow. This closed loop is unique to Didit: identifying UBOs and verifying UBOs are not two products with a manual bridge between them — they're one continuous session graph.

This guide walks through what closed-loop KYB means, why the seam matters, and how to integrate it.

Key takeaways

One loop, not two tools. A KYB session can spawn a linked KYC session for each UBO it identifies — no export, no re-keying, no dropped names.
Same unified /v3/ API. The KYB session and the KYC sessions for its owners live on the same API and link back to the parent business.
Unique to Didit. Closing the loop between company verification and beneficial-owner identity verification on one platform is a differentiator no competitor matches.
UBO identification is free. Key People extraction is free as part of a $2.00 KYB session; linked KYC on each UBO is billed at standard User Verification rates.
The whole picture. You end with a verified company, a resolved ownership graph, and verified identities for the humans at the end of the chain.
End-to-end lifecycle. Verified owners flow into ongoing monitoring; a flagged transaction can later spawn a remediation KYC — all on the same API.

What closed-loop KYB does

Business verification produces two outputs: a verified entity and a list of the people who control it. The first is useless without the second — a company can be in perfect registry standing and still be controlled by a sanctioned individual. KYB obligations therefore require not just identifying beneficial owners but verifying that the named individuals are who they claim to be.

Didit's closed loop handles both halves in one session graph. The KYB session runs registry, entity AML, documents, and Key People; Key People identifies the UBOs; and for each UBO, a linked KYC session can be spawned — biometric and document verification of the actual human — all referencing the parent business. There is no export step, no separate tool, and no manual reconciliation. The loop closes inside the platform.

Why it matters

The gap between KYB and KYC is a compliance and a fraud problem at once. Regulators require obliged entities to identify and verify beneficial owners — not just collect names from a registry. A process that stops at identification leaves the verification step to a separate, manual workflow, which is slow, lossy, and auditable only with effort.

It's also where bad actors operate. A shell company with clean registry data and a plausible director list can still front for a sanctioned or fictitious owner. Only by verifying the actual identities of the UBOs — not just naming them — do you close the door. When that verification lives in the same session as the company check, every beneficial owner is accounted for by construction, not by a checklist someone has to remember to run.

Technical details

It starts with a single KYB session on the unified /v3/ API.

curl -X POST https://verification.didit.me/v3/session/ \
  -H "x-api-key: $DIDIT_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "workflow_id": "your_kyb_workflow_id",
    "vendor_data": "merchant_9912",
    "callback": "https://yourapp.com/kyb/callback"
  }'

Once kyb_key_people resolves the UBOs, each one can carry a linked KYC session that references the parent business:

{
  "session_id": "kyb_4d81fa20",
  "status": "IN_PROGRESS",
  "vendor_data": "merchant_9912",
  "kyb_key_people": {
    "status": "APPROVED",
    "ubos": [
      {
        "name": "María García",
        "ownership_percentage": 55.0,
        "linked_kyc": { "session_id": "kyc_77c1a0", "status": "APPROVED" }
      },
      {
        "name": "Daniel Romero",
        "ownership_percentage": 45.0,
        "linked_kyc": { "session_id": "kyc_77c1b3", "status": "AWAITING_USER" }
      }
    ]
  }
}

The link. Each linked KYC session is a standard User Verification session — biometric liveness, document verification, face match — connected back to the parent KYB session and its vendor_data, so the company record and the owner identities stay joined.

Statuses. The KYB session moves through the business-session lifecycle (NOT_STARTED, IN_PROGRESS, APPROVED, DECLINED, IN_REVIEW, RESUBMITTED, ABANDONED, EXPIRED); each linked KYC session reports the User Verification statuses, including AWAITING_USER for owners who still need to complete their step.

Webhooks. Subscribe to status.updated and data.updated (session_kind: business) for the parent, and to the standard session webhooks for each linked KYC session.

Price. Key People extraction is free as part of the $2.00 KYB verification. Each linked KYC session is billed at standard User Verification rates.

The loop, end to end

The point of the closed loop is that the platform — not your operations team — keeps the company and its owners connected. The KYB session identifies the owners; the linked KYC sessions verify them; the parent business record reflects the combined result. Verified owners then flow into ongoing monitoring, and if a transaction is later flagged, a remediation KYC can be spawned on the same API. The identity-and-fraud lifecycle stays on one platform from incorporation check to ongoing oversight.

That continuity is what's hard to replicate by stitching vendors together. A KYB tool plus a KYC tool plus a monitoring tool gives you three systems and two seams; the closed loop gives you one session graph and no seams.

Use cases

Marketplaces onboarding business sellers verify the seller entity and KYC every owner before enabling payouts — in one flow, with no owner left unverified.
Fintech and banking platforms opening corporate accounts satisfy "identify and verify beneficial owners" in a single connected session.
Lending providers underwriting business borrowers verify both the borrowing entity and the individuals who ultimately control it.
Crypto B2B platforms onboarding counterparty VASPs and corporate clients close the loop between entity screening and owner identity verification.

How to integrate with Didit

Build the workflow. In the Business Console, create a KYB workflow with kyb_key_people enabled and linked KYC switched on for UBOs.
Create the KYB session. POST /v3/session/ with your KYB workflow_id and a vendor_data reference for the business.
Handle webhooks. Listen for the parent business webhooks and the linked KYC session webhooks to track both halves of the loop.
Resolve owner steps. Route any UBO whose linked KYC is AWAITING_USER to complete their verification, then read the combined result on the parent record.

Because the KYB session and every linked KYC session live on the same unified /v3/ API, the company and the humans behind it are verified together — one identity-and-fraud platform, end to end.

Frequently asked questions

What does "closed-loop KYB" mean?

A KYB session spawns a linked KYC session for each ultimate beneficial owner it identifies, on the same unified /v3/ API — so the company and the people behind it are verified in one connected flow, with no export or re-keying.

Is this really unique to Didit?

Yes. Identifying UBOs and verifying UBOs as one continuous session graph on a single platform is a Didit differentiator; most stacks require a separate KYC tool and a manual handoff.

What does it cost?

Key People extraction is free as part of the $2.00 KYB verification. Each linked KYC session is billed at standard User Verification rates.

How is each owner verified?

Through a standard User Verification (KYC) session — biometric liveness, document verification, and face match — linked back to the parent KYB session.

What happens after the owners are verified?

Verified owners flow into ongoing monitoring on the same API, and a later flagged transaction can spawn a remediation KYC — the full identity-and-fraud lifecycle on one platform.

Ready to get started?

Read the Business Verification overview in the docs, see how it fits the rest of the platform on the Business Verification product page, and check transparent per-call pricing on the pricing page. When you're ready, start free — 500 free KYC checks every month, and business verification at $2.00 per company.