kyccost

Independent reference. Not legal or regulatory advice. Consult a qualified compliance specialist for advice specific to your jurisdiction and risk profile. See methodology.

Cluster 10 / Annual recurring

Annual KYC cost: refresh, monitoring and perpetual KYC.

Most vendor blogs collapse onboarding and ongoing into one number. Finance teams need the annual recurring line broken out: periodic review, continuous monitoring, perpetual KYC, and recordkeeping each cost differently.

Annual ongoing per active customer: £8 - £45 | pKYC saving: 60-80% labour vs periodic

The line that does not appear in vendor pricing.

Vendor blogs collapse onboarding and ongoing into one figure. Finance teams need the annual recurring line broken out as a separate budget item because it scales with active book size, not new onboardings. A mature fintech with a 1,000,000-customer active book and a 100,000-onboardings-a-year run rate spends materially more on annual recurring than on onboarding; vendor pricing pages do not surface this.

The annual recurring line decomposes into four components: periodic refresh, continuous monitoring, perpetual KYC (where adopted), and recordkeeping. Each costs differently and is sourced from different parts of the budget.

The four components.

Periodic KYC review

£6 - £28 per refresh cycle

Traditional 1-3 year refresh for low-risk, annual for higher-risk. JMLSG-recommended cadence. Per-customer cost weighted by risk-tier review cadence.

Continuous monitoring

£4 - £15 per active customer / yr

System cost plus alert-review labour for retail; materially higher for higher-risk segments. Sanctions / PEP / adverse media list-change checks dominate.

Perpetual KYC (pKYC)

£4 - £12 per active customer / yr

Continuous signal-driven review (sanctions list updates, adverse media, PEP status changes, behavioural signals). PwC benchmark: 60-80% labour saving vs periodic.

Recordkeeping

£0.05 - £0.20 per active customer / yr

Storage, retrieval, audit-readiness for KYC artefacts. MLR 2017 5-year post-relationship requirement; EU AMLR has its own retention regime.

Perpetual KYC: the implementation cost.

PwC's "Perpetual KYC: A new approach to periodic reviews" benchmarks 60-80% labour saving on the periodic-review process for institutions that migrate. The headline figure is a mid-sized bank scenario with corporate customers; fintechs typically realise 40-60% labour savings because their customer base is more retail-weighted and the signals available are simpler.

Implementation costs scale with institution size and complexity. Sanctions.io and industry-analyst commentary place the typical pKYC implementation at: small fintechs tens of thousands of pounds, mid-sized institutions £100,000-£500,000, large banks several million. The pay-back period is typically 18-30 months at scale; below the 100,000-active-customer threshold, the implementation cost often dominates the saving.

pKYC implementation by institution size
Small fintech (< 50k active)£20k - £80k
Mid-sized fintech (50k-500k)£100k - £500k
Large fintech (500k-5M)£500k - £2M
Large bank (5M+)£2M - £10M+
Source: sanctions.io industry commentary, PwC pKYC research, engagement-history triangulation.

Annual budget worked: 50,000-customer EMI.

Traditional periodic review
Periodic refresh (50k × £12 weighted)£600,000
Continuous monitoring (50k × £4)£200,000
Alert-review labour (50k × £2)£100,000
Annual recurring KYC£900,000
£18 per active customer per year
Perpetual KYC (after migration)
Signal-driven review (50k × £6)£300,000
Continuous monitoring (50k × £4)£200,000
Triage / escalation labour (50k × £1)£50,000
Annual recurring KYC£550,000
£11 per active customer per year (39% reduction)

Annual saving: £350,000. Pay-back on a £200,000 mid-sized fintech pKYC implementation: roughly 7 months on operating saving alone, before any customer-experience or false-positive-reduction benefits.

Recordkeeping under MLR 2017.

MLR 2017 Regulation 40 requires KYC records to be kept for 5 years after the customer relationship ends. For a fintech with a 5-year average relationship length, the firm must retain records for typically 8-10 years from initial onboarding. EU AMLR has its own retention regime (typically 5 years post-relationship, with extension powers for ongoing investigations); FinCEN under the Bank Secrecy Act requires 5 years from the date of the transaction or relationship.

Storage, retrieval and audit-readiness costs are small per record but compound at scale. A 1-million-customer book typically carries £80,000-£200,000 of annual storage and retrieval cost, plus the labour cost of audit-ready production on supervisor request. The labour cost on a major supervisor request can run into the high tens of thousands.

The privacy boundary.

Every KYC programme also generates GDPR exposure: identity documents, biometric templates, and PEP-screening results are personal data with their own processing and retention rules. The cost of getting that wrong is not bundled into KYC vendor pricing. See gdprcompliancecost.com for the privacy-cost side of the same operating model.

Ongoing cost questions

How much does perpetual KYC cost?+
Implementation: small fintechs tens of thousands of pounds; mid-sized institutions £100,000-£500,000; large banks several million. Annual operating cost: PwC benchmarks 60-80% labour saving on the periodic-review process for institutions that migrate. In fintech terms, expect to budget £4-£12 per active customer per year for the pKYC operating line, plus the implementation cost amortised over the contract period.
What is the cost of KYC refresh?+
Traditional periodic review: £6-£28 per refresh cycle, weighted by risk-tier review cadence (typical 1-3 year cycle for low-risk, annual for higher-risk). For a 100,000-customer book with 70% low-risk and 30% higher-risk, annual recurring refresh cost typically lands £600,000-£1.5M before automation. Perpetual KYC migrations target 60-80% reduction on this line.
How often does KYC need updating?+
MLR 2017 requires ongoing monitoring (Regulation 28(11)) and triggered review on any change of circumstances. JMLSG Guidance recommends review cadence by risk tier: 1-3 years for low-risk, annual for higher-risk, more frequent for highest-risk. The traditional periodic-review pattern is being displaced by perpetual KYC where signal-driven review replaces scheduled review.
Is perpetual KYC cheaper than periodic review?+
PwC and Fenergo published case studies cite 60-80% labour savings vs traditional periodic review. The headline benchmark is a mid-sized bank scenario with corporate customers; fintechs typically realise 40-60% labour savings because their customer base is more retail-weighted and signals are simpler. The implementation cost (£100k-£500k for mid-sized institutions) is the offsetting line; pay-back typically 18-30 months at scale.
What is the recordkeeping cost under MLR 2017?+
MLR 2017 Regulation 40 requires records to be kept for 5 years after the relationship ends. For a fintech with a 5-year average relationship length, the firm must retain records for typically 8-10 years from initial onboarding. Storage, retrieval and audit-readiness costs are small per record but compound at scale: a 1-million-customer book typically carries £80,000-£200,000 of annual storage and retrieval cost, plus the labour cost of audit-ready production on supervisor request.

Sources cited on this page

  1. PwC Perpetual KYC: A new approach to periodic reviews
  2. Fenergo Perpetual KYC research and case studies
  3. Money Laundering Regulations 2017 Regulation 40 (recordkeeping)
  4. JMLSG Guidance on ongoing monitoring and refresh cadence
  5. Sanctions.io and industry-analyst commentary on pKYC implementation cost ranges
  6. gdprcompliancecost.com - GDPR cost side of the operating model