Perpetual KYC (pKYC) – real-time compliance for the modern financial institution

Perpetual KYC (pKYC) changes that. It replaces static reviews with continuous monitoring powered by real-time data feeds and automated risk scoring. Instead of waiting for a scheduled compliance refresh, pKYC constantly updates customer profiles whenever new information or transactional data becomes available.

This approach aligns with the modern expectations of regulators under the EU’s AMLD6, the FATF Recommendations, and the European Banking Authority (EBA) guidelines for risk-based supervision.

Why traditional KYC no longer works

According to the EBA Risk Factor Guidelines, financial institutions must adopt a risk-based approach that reflects the dynamic nature of customer risk. However, periodic KYC reviews create gaps that criminals exploit.

Static KYC frameworks fail because:

• Customer risk profiles change rapidly. Employment, ownership, or political exposure can shift within weeks.
• Data sources are fragmented. Identity, transaction, and sanctions data often sit in separate systems.
• Manual reviews are inefficient. High compliance costs divert resources from active investigation.
• Regulatory expectations have evolved. Supervisors now expect ongoing monitoring, not point-in-time certification.

Perpetual KYC solves these problems through automation and secure data integration.

How pKYC works in practice

Perpetual KYC uses a combination of internal and external data sources to maintain an up-to-date view of each customer’s risk profile. This includes:

• Customer transaction history and behavioral analytics
• Sanctions and watchlist updates
• Adverse media and public record monitoring
• Beneficial ownership and corporate structure data
• Cross-border transaction information

When new data indicates elevated risk, the system automatically triggers a review or enhanced due diligence. This keeps compliance aligned with reality and reduces the need for large-scale manual refresh cycles.

According to PwC’s Financial Crime Report 2024, organizations adopting pKYC models can reduce KYC maintenance costs by up to 40 percent while improving detection accuracy.

Regulatory alignment and industry momentum

The concept of perpetual monitoring is now endorsed by major regulatory bodies.

• The Financial Action Task Force (FATF)
   encourages ongoing monitoring as part of its Recommendation 10.
  
  
• The EBA AML Guidelines
   require continuous assessment of business relationships.
  
  
• The UK Financial Conduct Authority (FCA)
   supports dynamic, data-driven customer risk management as a sign of effective governance.
  
  

These frameworks are moving away from reactive documentation toward continuous data intelligence. Institutions that fail to evolve risk being seen as non-compliant, even if they meet legacy requirements.

Key benefits of adopting Perpetual KYC

1. Real-time risk visibility – pKYC ensures that compliance teams always have the most current view of customer behavior.
   
   
2. Operational efficiency – automated triggers and data ingestion reduce manual intervention.
   
   
3. Reduced remediation costs – fewer periodic overhauls mean fewer backlogs and customer friction.
   
   
4. Better fraud and AML detection – risk events can be detected at the moment they occur.
   
   
5. Regulatory confidence – continuous compliance provides better audit trails and proactive reporting capability.

A 2025 Deloitte study found that banks moving to pKYC models experienced a 60% improvement in early risk detection and a significant drop in post-event compliance failures.

The challenges of implementation

Moving from periodic to perpetual KYC is not just a technology upgrade — it’s a cultural shift.

Financial institutions must:

• Rebuild their data architecture to handle continuous information flows.
  
  
• Integrate customer data across jurisdictions without breaching privacy laws.
  
  
• Ensure algorithmic transparency and auditability.
  
  
• Protect sensitive identity and transaction data when collaborating with third parties.
  
  

These challenges are amplified by stricter data protection laws such as GDPR and operational resilience standards under DORA. Secure, privacy-preserving computation is now essential to making pKYC both effective and compliant.

“Perpetual KYC represents a fundamental shift in compliance philosophy. Instead of proving you were compliant once, you must now prove you remain compliant always. That demands secure automation and cross-institution data intelligence.”
- William Morris, Lead Enterprise Account Executive - UK

This insight captures the essence of modern compliance: continuous, data-driven, and privacy-aware.

The link between pKYC, AML, and CTF

Perpetual KYC does not exist in isolation. It feeds directly into AML and CTF frameworks by providing continuously updated customer intelligence. That means suspicious transactions can be flagged with context — not in isolation.

Integrating pKYC with transaction monitoring and fraud detection systems allows for a unified compliance view that spans onboarding, ongoing monitoring, and event-driven escalation.

Partisia’s approach

Perpetual KYC depends on the ability to update customer profiles in real time — without breaching data confidentiality. Partisia’s privacy-preserving data collaboration technology enables this continuous monitoring model securely.

Using Multi-Party Computation (MPC), banks and financial partners can jointly analyze risk data, sanctions matches, and behavior patterns while keeping all underlying customer information encrypted and private.

This approach supports the regulatory shift toward continuous compliance, aligning with AMLD6, FATF, and DORA frameworks. It allows institutions to deliver real-time KYC assurance, lower operational cost, and maintain privacy compliance simultaneously.

With MPC, pKYC becomes not only technically possible but legally sustainable — a genuine bridge between compliance innovation and data protection.