Skip to main content
Certyneo
KYC & AML-CFT Guide · 2026

KYC and AML-CFT: the guide to digitalized onboarding

Entities subject to anti-money laundering and counter-terrorist financing (AML-CFT) — banks, insurers, fintechs, payment institutions, brokers — must identify their client and verify their identity before any onboarding, then exercise ongoing due diligence. This guide explains how to digitalize KYC (know your customer) and document these procedures with a probative electronic signature.

Last updated

What is the legal framework for KYC and AML-CFT?

The French AML-CFT system, derived from Directive (EU) 2015/849, is set out in Articles L561-1 et seq. of the Monetary and Financial Code. Remote onboarding is permitted subject to additional due diligence measures. Advanced electronic signature (AES) allows for collecting consent and documenting each procedure.

  • Identification at onboarding: art. L561-5 of the Monetary and Financial Code
  • Ongoing due diligence during the relationship: art. L561-6 of the Monetary and Financial Code
  • Beneficial owner: collection and verification (beneficial ownership register)
  • Document retention: 5 years after the end of the relationship (art. L561-12 CMF)

What documents make up a KYC file?

Know your customer form (activity, purpose of the relationship)
Valid identity document
Proof of address
Beneficial owner declaration (legal entity)
Kbis less than 3 months old and bylaws (legal entity)
Declaration of the origin of funds

What does a compliant remote onboarding look like?

  1. 1

    Collect KYC documents

    Gather the customer knowledge form, identity document, proof of address and, for a legal entity, the beneficial owner declaration and Kbis.

  2. 2

    Verify identity (art. L561-5)

    Article L561-5 requires verifying identity on presentation of a reliable written document. At a distance, additional measures apply (additional document, first transaction from an account in the customer''s name, or electronic identification means).

  3. 3

    Obtain signed consent

    The customer signs the onboarding file with strong identification (OTP SMS) and qualified timestamping, which proves the exact date of document collection and consent.

  4. 4

    Archive and update due diligence

    The signed file and its audit trail are kept for 5 years after the end of the relationship (art. L561-12). Each update to customer knowledge (art. L561-6) is signed and timestamped.

Frequently asked questions — KYC & AML/CFT

Can remote onboarding be carried out in compliance with AML/CFT regulations?
Yes. Remote onboarding is permitted provided that additional due diligence measures are implemented (art. L561-10 of the Monetary and Financial Code and associated regulatory provisions). Certyneo enables the file to be signed with strong identification (dual-channel OTP) and qualified timestamping that traces each step.
Does electronic signature replace the identity verification required by article L561-5?
No, it complements it. Article L561-5 requires verifying identity on a reliable document; electronic signature does not replace this documentary verification, but it timestamps the document collection, authenticates the customer via OTP and seals the file with an enforceable audit trail.
How to prove the ongoing due diligence required by article L561-6?
Article L561-6 requires updating customer knowledge throughout the relationship. Certyneo preserves each signed version of the file with its audit trail, which makes it possible to demonstrate to ACPR the dates and content of each due diligence update.
How long must the KYC file be kept?
Five years from the end of the business relationship (art. L561-12 of the Monetary and Financial Code). Certyneo automatically archives the signed file and its eIDAS audit trail, accessible in one click for any ACPR inspection.
Is the audit trail enforceable against ACPR and usable for a TRACFIN declaration?
Yes. The Certyneo audit trail (identity verified by OTP, qualified timestamp, SHA-256 hash) documents each AML/KYC diligence. It is exportable as a certified PDF, enforceable against ACPR to demonstrate compliance of the customer onboarding device, and usable to support a suspicious activity report to TRACFIN.
Complete electronic signature guide · Certyneo solution for banking & insurance · eIDAS guide — SES/AES/QES levels · Sign a KYC file / customer onboarding online · Sign an IOBSP brokerage mandate online

Digitalize your customer onboarding and KYC

Permanent free plan (5 envelopes / month), no credit card required. Strong identification (SMS OTP), qualified timestamp, audit trail enforceable against ACPR and compliant archiving included.