Calendar-based Know Your Customer (KYC) reviews are increasingly exposing banks to financial crime, compliance failings and operational inefficiencies, as regulators intensify scrutiny on outdated client monitoring processes, according to nCino.
For years, periodic KYC reviews formed the backbone of commercial banking compliance programmes. Institutions would onboard a customer, complete due diligence checks, assign a risk rating and schedule the next review months or even years later. While the approach was once considered sufficient, mounting regulatory pressure and the growing complexity of commercial client structures have rendered static monitoring models increasingly ineffective.
Traditional troubles
The weakness of the traditional model lies in its inability to detect material changes in real time. A commercial client may initially pass onboarding checks with a clean ownership structure and verified documentation, but significant developments can emerge long before the next scheduled review.
Directors may resign, ultimate beneficial ownership structures may shift, or adverse financial events such as county court judgments may arise without triggering immediate scrutiny. Under a calendar-led process, banks can remain unaware of these developments for months, leaving them exposed to regulatory and financial risk.
The issue is compounded by the operational burden associated with periodic reviews. Some client reviews can reportedly take up to 150 days to complete, creating persistent backlogs across compliance teams.
By the time a review concludes, the information gathered may already be outdated, limiting the institution’s ability to assess evolving risk accurately.
In many cases, risk assessments established during onboarding become entrenched, causing monitoring frameworks to rely on historical assumptions rather than live intelligence.
Regulators have made clear that this approach no longer satisfies compliance expectations. Under the Money Laundering Regulations 2017, firms are required to maintain ongoing monitoring of customer relationships and ensure customer due diligence records remain up to date throughout the lifecycle of the relationship.
The UK’s Financial Conduct Authority has repeatedly warned against static risk assessments that fail to reflect changing customer circumstances, while Joint Money Laundering Steering Group guidance calls for enhanced and more frequent oversight of higher-risk relationships.
The financial consequences of falling short are becoming increasingly severe. In 2024, the FCA imposed more than £176m in financial crime-related penalties on UK banks, underlining the widening gap between regulatory expectations and legacy compliance frameworks.
The emergence of pKYC
As a result, perpetual KYC, often referred to as pKYC, is rapidly emerging as the preferred operating model across commercial banking and client lifecycle management. Rather than relying on fixed review schedules, pKYC introduces continuous, event-driven monitoring designed to identify material changes to a client’s risk profile as they happen.
The model has gained support from global regulatory bodies including the Financial Action Task Force, which advocates ongoing due diligence as part of effective anti-money laundering controls. The FCA has also endorsed more dynamic and data-driven approaches to customer risk management.
Holistic opportunities
Beyond compliance benefits, banks are increasingly viewing pKYC as an operational and commercial opportunity. According to PwC’s Financial Crime Report, firms implementing perpetual KYC frameworks can reduce maintenance costs by as much as 40% while simultaneously improving risk detection capabilities.
Modern client lifecycle management platforms are helping institutions operationalise this shift through integrated business change monitoring tools. These systems continuously monitor verified data sources, flagging significant changes in real time.
Configurable workflows enable banks to align responses with internal risk appetites, while portfolio dashboards provide centralised oversight across customer books.
Escalation and case management capabilities also allow compliance teams to apply human judgement where enhanced due diligence is required, supported by comprehensive audit trails for regulatory reporting.
The implications extend well beyond compliance. Event-driven monitoring enables relationship managers to engage clients proactively when significant business developments occur, potentially strengthening trust and improving customer experience.
Banks are also looking to consolidate onboarding, monitoring and ongoing relationship management within single platforms to reduce duplication, streamline workflows and improve operational efficiency.
nCino argues that perpetual KYC is no longer a future ambition for commercial banks but an operational necessity.
The company said its Client Monitoring technology, embedded within its client lifecycle management platform, is designed to help UK financial institutions manage compliance obligations continuously while responding to business changes in real time.
Read the full blog from nCino here.
Read the daily FinTech news here
Copyright © 2026 FinTech Global
Copyright © 2018 RegTech Analyst
