European KYC for Insurtech: Navigating EBA Guidelines

EBA Guidelines Impact InsurtechThe European Banking Authority's guidelines on AML/CFT risk factors significantly influence how insurtechs must conduct their KYC processes, necessitating robust and adaptable solutions.

Layered Verification is KeyEffective compliance requires a multi-faceted approach, combining ID verification, liveness detection, and ongoing AML screening to build a comprehensive risk profile for each customer.

The Importance of AutomationManual KYC processes are inefficient and prone to errors. Automating identity verification and compliance checks is crucial for scalability, accuracy, and maintaining a positive customer experience.

Didit Offers a Modern Compliance SolutionDidit provides an AI-native, modular identity platform with Free Core KYC, offering comprehensive tools like ID Verification, Passive Liveness, and AML Screening, tailored to meet EBA and other regulatory demands efficiently.

The European insurtech landscape is dynamic and innovative, but it operates under a stringent regulatory framework designed to combat financial crime. Among the most impactful are the Know Your Customer (KYC) requirements, heavily influenced by the European Banking Authority (EBA) guidelines on Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) risk factors. For insurtechs, navigating these complex rules is not just about avoiding penalties; it's about building trust, ensuring operational integrity, and fostering sustainable growth. This blog post delves into the specifics of European KYC for insurtechs and outlines how to achieve robust compliance.

Understanding EBA Guidelines and Their Impact on Insurtech

The EBA guidelines, while primarily focused on credit and financial institutions, extend their influence to entities that fall under AML directives, including many insurtechs. These guidelines emphasize a risk-based approach, meaning that the intensity of KYC measures should be proportionate to the assessed risk of money laundering or terrorist financing. Key aspects include:

• Customer Due Diligence (CDD): This is the cornerstone of KYC, requiring insurtechs to identify and verify the identity of their customers and, where applicable, beneficial owners. This includes collecting and verifying personal data, such as names, addresses, and dates of birth, often via robust ID Verification.
• Ongoing Monitoring: KYC isn't a one-time event. Insurtechs must continuously monitor customer transactions and activities to detect any unusual patterns that might indicate financial crime. This necessitates ongoing checks, such as AML Screening.
• Risk Assessment: Companies must have clear procedures for assessing the risk associated with different customer types, products, and geographical areas. High-risk customers will require Enhanced Due Diligence (EDD).
• Record-Keeping: All documents and data collected during the KYC process must be securely stored and readily accessible for regulatory audits. Didit supports this by allowing export of verification results to PDF and CSV for compliance and regulatory reporting.

For insurtechs, especially those offering digital-first products, these requirements pose unique challenges, demanding solutions that are both compliant and user-friendly.

Implementing a Robust Identity Verification Process

Meeting EBA guidelines requires more than just collecting a few pieces of information. It demands a sophisticated and layered approach to identity verification. Here’s how insurtechs can build a strong process:

1. Document Verification: This is the first line of defense. Utilizing advanced ID Verification technologies, insurtechs can accurately extract data from government-issued identity documents (passports, national IDs, driver's licenses) using OCR, MRZ, and barcode scanning. For enhanced security, NFC Verification of ePassports and eIDs can provide an additional layer of trust by reading chip data.
2. Liveness Detection: To combat sophisticated fraud like deepfakes and spoofing, integrating Passive & Active Liveness detection is crucial. This ensures that the person submitting the identity document is a real, present individual and not an imposter.
3. Biometric Matching: After verifying the document and Liveness, a 1:1 Face Match confirms that the selfie taken during the verification process matches the photo on the identity document. This significantly strengthens the integrity of the onboarding process.
4. Proof of Address: Verifying the customer's residential address is a critical component of CDD. Didit's Proof of Address solution helps confirm this information, reducing fraud risks.
5. Phone & Email Verification: Adding Phone & Email Verification steps helps confirm contact details and adds another layer of security to the user's account.

By combining these elements, insurtechs can establish a highly reliable and compliant identity verification workflow.

Ongoing Monitoring and AML Screening

EBA guidelines stress the importance of ongoing monitoring. This means that once a customer is onboarded, the compliance journey doesn't end. Insurtechs must continuously screen their customer base against sanctions lists, Politically Exposed Persons (PEPs) lists, and adverse media databases. Didit's AML Screening & Monitoring solution automates this critical function, providing real-time alerts and ongoing checks to ensure continuous compliance. This proactive approach helps identify potential risks as they emerge, allowing insurtechs to take timely action and avoid regulatory breaches.

Furthermore, the ability to export detailed verification reports is vital for audits. Didit allows you to export individual session reports to PDF, containing all verification steps, extracted data, biometric scores, AML results, and final decisions. For bulk analysis and record-keeping, you can export data to CSV, customizing columns and filters to meet specific reporting needs.

How Didit Helps

Didit is an AI-native, developer-first identity platform designed to help insurtechs navigate the complexities of European KYC and EBA guidelines with ease. Our modular architecture allows businesses to compose verification workflows tailored to their specific risk appetite and regulatory obligations. With Didit's free tier, companies can start verifying identities immediately, benefiting from our Free Core KYC features.

Didit offers a comprehensive suite of products directly addressing EBA requirements:

• ID Verification: Robust OCR, MRZ, and barcode scanning capabilities for accurate document verification.
• Passive & Active Liveness: Advanced fraud prevention to detect spoofing and deepfakes.
• 1:1 Face Match: Biometric verification to match selfies with document photos.
• AML Screening & Monitoring: Continuous checks against global sanctions and PEP lists.
• Proof of Address: Streamlined address verification to complete CDD requirements.
• NFC Verification: High-security ePassport and eID chip data reading for enhanced trust.
• Orchestrated Workflows: Our no-code engine allows insurtechs to easily build and manage complex KYC workflows, adapting to evolving EBA guidelines without extensive development.

Didit’s AI-native approach ensures high accuracy and efficiency, reducing manual review and accelerating onboarding. Our developer-first tools, including a sandbox and clean APIs, facilitate seamless integration, while our global design ensures compliance across various jurisdictions.

Ready to Get Started?

Ready to see Didit in action? Get a free demo today.

Start verifying identities for free with Didit's free tier.