Explore how digital IDs (such as eIDAS 2.0), central registries and blockchain can improve KYC by enhancing compliance, security and efficiency

Authors: Anna Spengel (Consultant), Lars Ulbricht (Senior Consultant), Jens Hermann Paulsen (Director)

"KYC is really one of the main reasons not to start doing business with new banks." (Heinz Jeranko, COFRA Holding AG)

Know Your Customer (KYC*) processes are an essential component of financial compliance, yet their complexity often leads to inefficiencies and frustration for both institutions and customers. As regulations evolve, traditional KYC approaches struggle to keep pace, resulting in rising costs, longer onboarding times, and strained banking relationships.

At Deloitte, we recognize the need for innovation — leveraging technology to develop secure, seamless, and scalable solutions. This article explores some of the key KYC challenges and forward-looking approaches that can improve compliance processes.

*KYC is a process banks use to verify the identity of their clients, assess potential risks, and ensure compliance with legal and regulatory requirements to prevent fraud, money laundering, and other illicit activities.

The Challenges Driving the Need for Innovation

1. Rising Compliance Costs and Resource Demands

Regulatory requirements continue to intensify, requiring financial institutions to make significant investments in compliance infrastructure. In parallel, the demand for specialized personnel has grown, adding to operational costs and complexity.

2. Prolonged Onboarding Times

KYC compliance requirements have led to significant delays in customer onboarding and account opening, which has a significant impact on operational efficiency and business continuity for financial institutions. In addition, onboarding times vary widely depending on customer risk profiles and regional regulatory requirements.

3. Inconsistent Documentation Requirements

Documentation requirements for KYC are inconsistent across financial institutions, with different banks — and sometimes even branches of the same bank — requiring similar information in different formats. The lack of standardization increases frustration for both institutions and customers.

4. Impact on Client Relationships

KYC-related burdens have led many companies to limit or avoid certain banking relationships due to the high compliance requirements. Excessive documentation requirements and lengthy onboarding procedures associated with KYC compliance deter many corporate customers from establishing new banking relationships.

5. Data Security and Privacy Concerns

As financial institutions are responsible for protecting sensitive customer information while complying with increasingly stringent regulatory requirements, customers may be reluctant to provide extensive documentation unless they receive robust assurances about data protection measures.

Rethinking KYC: Practical Solutions for the Future

There are three promising approaches to offer a solution to some of these challenges: Solutions based on the updated eIDAS regulation, the usage of centralized registries from industry initiatives and the implementation of a decentralized KYC solutions e.g. by using blockchain technology.

It is important to note that these solutions are not mutually exclusive. A hybrid approach that combines elements of decentralized KYC with centralized registries or ensures interoperability with eIDAS and other regulatory frameworks could provide a viable and more flexible solution.

1. Digital Identity Through eIDAS 2.0

The revised eIDAS regulation (EU Regulation No 910/2014) aims to enhance digital identity management across the EU. By introducing wallet-based digital identities, customers can securely store and share their credentials across relationships, possibly also improving KYC processes.

Key Attributes:

  • Enables fully digital identity verification with real-time authentication.
  • Establishes a harmonized identity management framework across borders.
  • Enhances customer control over personal data, improving security and efficiency.
  • Supports electronic identification (eID) and digital trust services, enabling businesses to verify customer identities entirely online without the need for in-person verification.

2. Centralized KYC Data Registries

A unified KYC registry, developed through industry-wide collaboration, can enable financial institutions to securely share verified customer data. SWIFT's upcoming KYC platform exemplifies this shift toward a shared compliance model.

Key Attributes:

  • Reduces redundant KYC verifications across institutions.
  • Strengthens industry-wide collaboration and trust.
  • Simplifies cross-border banking relationships and accelerates onboarding.
  • Provides a structured approach for integrating different KYC standards across jurisdictions, reducing friction in correspondent banking relationships.
  • Facilitates a global trusted repository for identity documents, ownership details, and risk assessments, ensuring seamless data exchange among financial institutions.

3. Decentralized KYC Using Blockchain

Blockchain technology offers a secure, decentralized KYC solution, allowing customers to maintain control of their identity data while ensuring compliance.

Key Attributes:

  • Customers use encrypted, tokenized credentials to manage data access.
  • Institutions verify identities without direct access to sensitive data, reducing security risks.
  • An immutable audit trail ensures compliance and transparency without duplication.
  • Allows financial institutions to verify KYC information without requiring repeated submission of sensitive documents.
  • Enhances privacy-preserving KYC by enabling token-based permission management, ensuring customers decide who can access their identity data.
  • Possibly allows financial institutions to monetize KYC data to party recapture costs associated with KYC and develop or enhance data-based business models — a first draft for a potential solution is outlined below:
A flowchart titled “Exemplary User Journey for Monetized Blockchain-based KYC Data Sharing” showing the process of KYC data exchange between two banks via blockchain. It begins with account creation and KYC at Bank A, followed by encrypted data storage and blockchain listing. When opening an account at Bank B, the user signs a message with their private key, authorizes data sharing, and completes a payment. Bank B then receives the verified KYC data.
Figure 1: Exemplary User Journey for Monetized Blockchain-based KYC Data Sharing

Deloitte: Supporting the Future of KYC

At Deloitte, we help businesses navigate KYC compliance by integrating regulatory expertise with forward-thinking technology know-how. Our approach prioritizes efficiency, security, and compliance through:

  • Regulatory & Compliance Innovation: Ensuring businesses stay ahead of evolving AML and KYC regulations while developing and integrating future-ready solutions.
  • Next-Gen KYC Platforms: Designing reusable digital credential architectures that unlock new business models and streamline compliance.
  • Advanced API & System Integration: Connecting new KYC frameworks with existing infrastructure for seamless adoption.

By collaborating with regulators, FinTechs, and leading corporations, we strive to make KYC transformation both innovative and scalable.

The Path Forward: A Future-Ready KYC Ecosystem

The financial industry is evolving, and compliance must evolve with it. By adopting digital identity frameworks like eIDAS, centralized registries, and decentralized blockchain solutions, financial institutions can transform KYC from a regulatory challenge into an opportunity for increased efficiency and customer engagement.

Ready to Explore the Future of KYC?

At Deloitte, we are committed to helping organizations develop and implement KYC solutions that reduce friction, enhance security, and drive operational improvements. Get in touch to learn how we can support your journey towards a more efficient, secure, and future-proof KYC strategy.

Contact: Jens Hermann Paulsen (Lead Web3 & Digital Assets Deloitte)

Close-up of a person in a suit pressing their thumb against a transparent screen. The thumb is overlaid with digital biometric patterns, indicating fingerprint scanning. The background is blurred to emphasize the fingerprint and surrounding digital interface.