Overview - The Opportunities and Challenges in the KYB/Business Onboarding Space

If you've been following along for the last few posts, you may be asking where I see potential opportunities in business onboarding between data collection, data verification and compliance review.? Is there something here or in the near future that materially changes the game?? If yes, then what?? If not, then why?? I'm hoping that this can be a reference document for anyone in our ecosystem who is thinking about KYB whether it be buying a vendor solution, building a better offering or investing in the space.

Revenue Potential in the KYB Space

To start, I want to talk about the revenue and cost drivers in KYB as this is the most critical to making build and invest decisions in this space. Because KYB is primarily an operational efficiency problem for compliance teams, there is an inherent ceiling based on budgets and value to the business on what a vendor can charge a platform for onboarding or KYB services. Most offerings today understand this and they are attempting to position themselves as Sales tools that generate revenue. But the value of increased revenue has to be obvious as the primary offering rather than a byproduct of a great compliance solution, which has been a tough argument to make.

The existing data verification providers as well as the new entrants are providing minor improvements on commoditized compliance data using cleaner sourcing of similar datasets and AI applied to publicly available data. Competing in the bloody red waters with these players where there are no obvious defendable moats, we are already seeing a race to the bottom on pricing where it is hard to extract a lot of value on slightly better data. Platform customers, on the other hand, will benefit in this environment by getting a better service at a relatively low cost while these new solutions proliferate.

AI as a way to improve operational efficiency around compliance review is a clear use case for regulatory tech, but again this comes back to the smaller budgets that we find within risk and compliance. In addition, given that many of the largest platforms are already embracing AI to improve efficiency across multiple fronts from automated onboarding to recognizing anomalies in uploaded documentation, these new AI driven offerings will need to focus on smaller platforms who only have a handful of new customers on a monthly basis who go through manual review. In this case, the ability to charge a premium decreases, and these solutions are left building complex AI based flows and analysis for a limited set of total scenarios.

The true path towards increasing perceived value (and thereby capturing more revenue) is with a faster onboarding mechanism that caters to Sales and Marketing teams who are frustrated with application drop-off and slower time to revenue. This moves the offering from a compliance tool (cost driver) to a sales tool (revenue driver). Most people in the industry would agree that a reusable business identity is that mechanism.

The two ways to get there are either through a collaborative network (driven by the government or formed as a consortium of ecosystem players) or an end-to-end Onboarding as a Service (OaaS) solution. Both options require major investments to build a viable offering as they need massive datasets, uncompromisable security and collaboration amongst large and powerful competitors. And the only way that this network becomes valuable is for it to be ubiquitous throughout the ecosystem, and in that position, this layer would the key to simpler onboarding, increased revenue and improved compliance for all entities. However, in the network model, getting buy-in from the required parties has traditionally taken a herculean effort, and in the OaaS model, getting to a scale where there are enough platforms using it to create a network effect is not obvious. In short, there is a lot that one could do with a trusted portable business identity, but the near term revenue potential for either option is low and the initial costs are high making them unlikely paths towards the right solution today.

What's really broken today with business onboarding?

As I mentioned in my first post on this series, many people say that business onboarding is broken because the current process lacks the efficiency to tie together the multiple data points that help establish trust between two businesses.? We're asking businesses to enter a lot of information that is generally available publicly every time they apply for a regulated service, and then we are using a set of vendors to verify whether their entered data is true.? Given that businesses are constantly interacting with other businesses, it would seem logical that there should be a faster way to build relationships that are safe and trusted.

What's the best way to fix this problem? - Government or large network involvement

In an ideal world, there would be a portable trusted identity that can be readily shared between businesses.? The hard part about establishing a large enough network of businesses for the greater good of growing the economy and keeping the ecosystem safe is that the incentives for any existing player with a sizable network are tough to align.? Platforms would, of course, benefit from receiving a reusable identity as that would remove a lot of the initial friction during onboarding.? On the other hand, reducing onboarding friction for a competitor is counterintuitive, so most platforms will find it hard to collaborate and share identity data.? In the same way, most of the largest financial institutions, major card brands and fintechs can see the benefits of a shared business identity (especially when they receive one during onboarding), but contributing to this network does not have clear near term benefits.? The effort of creating a shared and robust data layer is relatively sizable and the value for each individual participant is comparably low.

The most straightforward (although not easy) way to create a universally trusted business identity is for a regulatory body like FinCEN to step in.? In FinCEN's case, their primary objective is to reduce financial crime rather than facilitate trusted relationships which is why they have recently added the requirement to disclose beneficiary owners.? But of course, that's really not enough information to onboard a business given the risk areas most compliance teams want to tackle. So FinCEN would need to take their current model around FinCEN ID and make it more accessible as a trusted ID for businesses to share. They would also need to allow more robust data points to be added to the ID so that this ID becomes the defacto credential whenever a business wants to establish a new relationship with another business.

What's the next best way to fix the problem? - Onboarding as a Service

Without the government stepping in, the next best option to improve how we perform onboarding today is for a large data verification vendor to combine all three phases of collection, verification and review as a single Onboarding as a Service (OaaS) offering. Platforms would not have to spend time and resources creating onboarding collection flows which inevitably end up being clunky given the order of product priority that compliance tools are given. Orchestration of various data sources in the background is also painful, as it means having to negotiate, integrate and maintain connections vendor by vendor. And if that data can be summarized in an easy way when there is a need for manual review, then the overall efficiency gains become pretty significant. Doing all of this work on behalf of a business would create real value, and that OaaS vendor could also keep updating the data that they get on the backend to improve onboarding when the same business applies to be onboarded onto another platform. This can be another path towards a single trusted business identity.

I've highlighted the opportunities and challenges of an OaaS offering in my previous post , but here is the summary. OaaS offerings are hard for most of the largest platforms to justify as they want to control that initial touchpoint with a new customer. As good as an OaaS offering may be, any bad experience at this stage could mean the loss of that customer and application drop-off. In addition, most platforms with KYB needs big and small already have an onboarding workflow built, and it's typically not worth the effort of ripping out a system that works well enough (especially if there hasn't been any incident or major call to action). Today, most OaaS solutions in the market cater to the very early stage embedded fintech platform or the platform that simply does not have the resources to build out a technical solution. However, most of the incumbent OaaS solutions do not truly offer the level of data verification and AI driven compliance review that would change the game. So there is an opportunity here to create a solution that leapfrogs today's offerings.

The remaining question is whether there is enough revenue in this market for an end-to-end OaaS solution with all the required bells and whistles. As I mentioned previously, most OaaS solutions impose an annual minimum between $20k and $40k and a $20 to $50 per application fee. Given that the platforms who would initially use an OaaS solution typically would not see a massive cohort of new customers on a monthly basis, these solutions start becoming limited in their overall potential to capture revenue and even more so as a future business identity trust layer.

Final Thoughts

As I round the corner on my analysis of the KYB market, it is clear that there is a massive opportunity to materially change how we build trust between businesses today. Most of us who have been in the regulated financial space recognizes the problematic areas that need to be solved, and that is why we are seeing so much time and energy being pumped into new KYB offerings. At a glance, it appears that a more comprehensive solution which looks across the various risk areas can take advantage of the gaps that we have in existing offerings that result in long lead times to onboard. That solution would result in outsized outcomes for the company that builds it and the overall ecosystem.

But inherently, the reason that this problem has existed for such a long time is related to the high costs associated with getting it done right coupled with a lower willingness to pay for a compliance tool that primarily helps with operational efficiency. From a cost perspective, the data required to validate all four of the major risk areas is highly fragmented at a country level and even more inconsistent as you move outside of the G10 countries and beyond. To build that database and then maintain it at a level where you can ensure an accurate view of every business is expensive, and it's one of the reasons that LexisNexis and D&B are still the economical choice for onboarding global businesses. From a willingness to pay perspective, compliance tools typically get fewer budget dollars to spend, and ultimately compliance teams want some friction to ensure they keep the platform safe so full automation is never the goal.

Operational efficiency through AI is a real thing, but I would make the case that internal efficiency projects like this are better solved by implementing AI in-house rather than expecting a third party tool to solve it. In the context of data verification for onboarding, running screen scraped publicly available data through a LLM for efficiency is something that the largest platforms are already starting to look at and what every competitor can and most likely will do. In the context of compliance review, only the largest platforms will truly pay for an AI based approach to justify the absolute number of manual review cases, and in this instance, work is already underway to do this in-house.

Overall, this is a space that is already seeing a lot of innovation and capital pour in. And the prize of a singular business identity layer still looms large waiting for the right player to create that network and unlock it's potential. The question is whether any the current or future ideas can materially change the game in a way that justifies the costs and satisfies the needs of platforms and the businesses they onboard. It's going to be exciting to see where things play out over the next few years!