1. Classification Architecture
Every recurring stakeholder is assigned to a defined taxonomy:
- KYB - Know Your Business: commercial customers and counterparties.
- KYS - Know Your Supplier: vendors, contractors, and service providers.
- KYC - Know Your Counterparty: connected individuals such as UBOs, directors, or shareholders.
- KYA - Know Your Applicant: applicants or employees when HR governance is in scope.
Classification ensures structural clarity and comparability.
2. Case Construction
Each case includes identity and ownership verification, legal and structural review, relationship rationale, exposure mapping, concentration analysis, behavioural assessment, and risk recommendation.
Cases are not notes. They are governance files.
3. Threshold Logic
Governance becomes operational only when limits are defined.
- 20 percent concentration of revenue or cost.
- High-value transfer triggers.
- Name and IBAN mismatches.
- Introduction of new bank accounts.
- Ownership or structural change signals.
- 12-month case expiry.
Thresholds convert passive information into mandatory review.
4. Monitoring Tiers
- Annual Refresh Discipline: full case review within 12 months.
- Monthly Monitoring: behavioural and exposure review on a periodic basis.
- Real-Time API Monitoring (Premium): transaction-based signal detection with reduced latency.
5. Escalation Integration
Monitoring without escalation is cosmetic. Signals trigger review, enhanced due diligence, and decision gates.
Governance must interrupt momentum when exposure exceeds appetite.