Glossary

Compliance & Document Verification Glossary

Clear definitions of key terms in KYC, AML, compliance and document verification.

56 terms

6th Anti-Money Laundering Directive

AMLD6 (6th Anti-Money Laundering Directive) is the sixth European Union directive on combating money laundering, adopted in 2018. It harmonises the definition of money laundering offences across the EU and strengthens applicable criminal penalties.

AMLCompliance

Anti-Money Laundering

AML (Anti-Money Laundering) refers to the set of laws, regulations, and procedures designed to prevent criminals from disguising illegally obtained funds as legitimate income. AML frameworks require regulated businesses to detect and report suspicious financial activities.

Technology

Audit Trail

An audit trail is a chronological and immutable record of all actions, decisions, and events related to a document verification process. It provides formal evidence that each verification step was performed in compliance with regulatory requirements, and enables the complete reconstruction of the verification journey in the event of an inspection.

UBOCompliance

Beneficial Owner

A beneficial owner (Ultimate Beneficial Owner) is the natural person who ultimately owns or controls a legal entity, either directly or through intermediate holdings or control mechanisms. Identifying beneficial owners is a core requirement of anti-money laundering regulations.

Identity

Biometric Verification

Biometric verification is an identification method that uses a person's unique physical or behavioural characteristics to confirm their identity. It includes facial recognition, fingerprint, iris, or voice recognition.

BRNBusiness docs

Business Registration Number

A business registration number is a unique identifier assigned by a government authority to a legally registered business entity. Every jurisdiction uses its own system: EIN — Employer Identification Number (US), Company Number (UK), SIREN/SIRET (France), Handelsregisternummer (Germany), KvK-nummer (Netherlands), NIF — Numero de Identificacion Fiscal (Spain), and NIPC — Numero de Identificacao de Pessoa Coletiva (Portugal). These identifiers enable official identification, tax reporting, and regulatory compliance.

Business docs

Certificate of Insurance

A certificate of insurance (COI) is an official document issued by an insurance company certifying that a natural or legal person holds valid insurance coverage for a specified period and defined risks. It is required in professional, real estate, and contractual procedures worldwide to prove liability and indemnity coverage. Known as COI — Certificate of Insurance (US), insurance certificate or schedule of insurance (UK), attestation d'assurance (France), and Versicherungsnachweis or Versicherungsbestatigung (Germany).

Business docs

Company Registration Certificate

A company registration certificate is the official document issued by a government authority proving the legal existence and good standing of a business entity. Every jurisdiction has an equivalent: Certificate of Good Standing or Certificate of Existence (US), Companies House certificate of incorporation (UK), Kbis extract (France), Handelsregisterauszug (Germany), KvK-uittreksel (Netherlands), and Certidao Permanente (Portugal). It serves as the company's official "identity card" in commercial and regulatory dealings.

Compliance

Compliance Officer

A Compliance Officer is the professional responsible for designing, implementing, and overseeing an organisation's compliance programme. They ensure adherence to regulatory obligations, particularly in anti-money laundering, data protection, and anti-corruption.

Technology

Confidence Score

A confidence score is a numerical value, typically expressed as a percentage or on a scale of 0 to 100, that quantifies the degree of certainty an automated system has regarding the validity or authenticity of a document or an extracted data point. The higher the score, the more confident the system is in its analysis.

Business docs

Criminal Record Check

A criminal record check (also called a background check or police clearance certificate) is an official document issued by a government authority summarizing any criminal convictions or pending charges against an individual. Every major jurisdiction has its own system: FBI background check (US), DBS check (UK), criminal record extract with B1/B2/B3 bulletins (France), National Police Check (Australia), and CPIC criminal record check (Canada).

Fraud

Cross-Document Validation

Cross-document validation is the process of verifying the consistency of information across multiple documents submitted by the same individual or entity. It detects inconsistencies that reveal document fraud or identity theft.

CDDCompliance

Customer Due Diligence

CDD (Customer Due Diligence) refers to the measures that regulated entities must apply to identify their customers, understand the nature of their activities, and assess the risk of money laundering or terrorist financing. CDD forms the operational foundation of KYC processes.

Regulation

Data Minimization

Data minimization is a core GDPR principle requiring organisations to collect and process only the personal data strictly necessary for the stated purpose. This principle compels organisations to justify every data point collected and avoid any excessive accumulation of information.

Fraud

Deepfake Detection

Deepfake detection refers to the technologies and methods used to identify images, videos, or audio generated or manipulated by artificial intelligence. In the context of identity verification, it aims to counter fraud attempts using synthetic faces.

DORARegulation

Digital Operational Resilience Act (DORA)

The Digital Operational Resilience Act is a European regulation imposing strict digital operational resilience requirements on financial entities. Applicable since 17 January 2025, it covers ICT risk management, incident reporting, resilience testing, and oversight of critical third-party providers.

Identity

Document Authentication

Document authentication is the process of verifying the authenticity and integrity of an official document. It analyses physical and digital security features to determine whether a document is genuine or counterfeit.

Fraud

Document Fraud

Document fraud refers to any falsification, counterfeiting, or fraudulent use of an official or private document to deceive a third party. It encompasses the fabrication of fake documents, the alteration of authentic documents, and the use of stolen documents.

eIDASIdentity

eIDAS

The eIDAS regulation (Electronic IDentification, Authentication and trust Services) is the European legal framework governing electronic identification and trust services for electronic transactions within the internal market. It establishes rules for electronic signatures, seals, timestamps, and remote identification.

EDDCompliance

Enhanced Due Diligence

EDD (Enhanced Due Diligence) refers to the heightened verification measures applied to customers presenting a high risk of money laundering or terrorist financing. EDD goes beyond standard Customer Due Diligence (CDD) and requires more thorough checks and increased monitoring.

Identity

Face Matching

Face matching is a biometric technology that compares the facial features of a person with a reference image to confirm their identity. It is widely used in remote identity verification processes.

FATFCompliance

Financial Action Task Force

The FATF (Financial Action Task Force) is the intergovernmental body that sets global standards for combating money laundering and terrorist financing. Its 40 Recommendations form the reference framework adopted by over 200 jurisdictions worldwide.

LCB-FTRegulation

French Anti-Money Laundering and Counter-Terrorism Financing (LCB-FT)

LCB-FT (Lutte Contre le Blanchiment et le Financement du Terrorisme) is France's comprehensive legal and regulatory framework for preventing money laundering and terrorism financing. Transposing EU anti-money laundering directives, it imposes due diligence, suspicious transaction reporting, and data retention obligations on regulated professionals.

GwGRegulation

Geldwäschegesetz (German Anti-Money Laundering Act)

The Geldwäschegesetz (GwG) is Germany's federal anti-money laundering and counter-terrorism financing law. Transposing EU anti-money laundering directives, it imposes strict customer identification, transaction monitoring, and suspicious activity reporting obligations on obliged entities in Germany.

GDPRRegulation

General Data Protection Regulation (GDPR)

The General Data Protection Regulation is the European legal framework governing the collection, processing, and storage of personal data. Effective since 25 May 2018, it applies to any organisation handling data of EU residents, with fines of up to 4% of global annual turnover.

IBANBusiness docs

IBAN and Bank Account Identification

An IBAN (International Bank Account Number) is an internationally standardized identifier used to uniquely identify a bank account for cross-border and domestic transactions. While IBAN is the global standard (used in over 80 countries), each country may also have domestic banking identifiers: RIB — Releve d'Identite Bancaire (France), sort code and account number (UK), routing number and account number (US), BSB — Bank State Branch (Australia), and transit number (Canada).

Fraud

Identity Fraud

Identity fraud is the deliberate use of another person's identity, or the creation of a fictitious identity, to commit fraudulent acts. It can involve identity theft, impersonation, or the fabrication of synthetic identities.

Identity

Identity Proofing

Identity proofing is the process of collecting, validating, and verifying a person's information to establish their identity with a defined level of confidence. It is the first step before issuing digital credentials.

Identity

Identity Verification

Identity verification is the process of confirming that a person is who they claim to be. It relies on the analysis of official documents, biometric data, or personal information to establish the authenticity of an identity.

IDPTechnology

Intelligent Document Processing (IDP)

Intelligent Document Processing (IDP) is a technology approach that combines OCR, artificial intelligence, and natural language processing to automatically extract, classify, and validate information from unstructured documents. Unlike OCR alone, IDP understands the context and semantics of the extracted data.

KYCCompliance

Know Your Customer

KYC (Know Your Customer) refers to the set of regulatory procedures that enable businesses to verify the identity of their clients. These checks are mandatory for financial institutions and regulated professions to prevent money laundering and terrorist financing.

Identity

Liveness Detection

Liveness detection is a technology that verifies a person is physically present during a remote identity verification. It distinguishes a real human being from a fraud attempt using a photo, video, or mask.

MLTechnology

Machine Learning for Document Verification

Machine learning applied to document verification refers to the set of artificial intelligence techniques that enable systems to learn how to detect fraud, classify documents, and validate authenticity without being explicitly programmed for each case. These models continuously improve with every new document analysed.

MiCARegulation

Markets in Crypto-Assets Regulation (MiCA)

The Markets in Crypto-Assets Regulation (MiCA) is the first comprehensive European regulatory framework for crypto-assets. Fully applicable since 30 December 2024, it imposes licensing, transparency, and investor protection obligations on crypto-asset issuers and crypto-asset service providers (CASPs).

Compliance

Ongoing Monitoring

Ongoing Monitoring refers to the obligation for regulated entities to continuously monitor transactions and the business relationship with their clients. It aims to detect suspicious activities, verify the consistency of operations with the client's profile, and keep customer information up to date.

OCRTechnology

Optical Character Recognition (OCR)

Optical Character Recognition (OCR) is a technology that converts images of text — scanned documents, photos, or PDFs — into machine-readable text data. In the context of document verification, OCR enables the automatic extraction of identity information from supporting documents.

PSD2Regulation

Payment Services Directive 2 (PSD2)

The Payment Services Directive 2 (PSD2) is the European regulatory framework governing payment services and access to bank accounts. Effective since January 2018, it introduced Strong Customer Authentication (SCA), open banking, and new obligations for third-party payment service providers.

Business docs

Payslip / Pay Stub

A payslip (also called a pay stub, wage slip, or salary statement) is the document that employers provide to employees upon payment of salary, detailing gross pay, deductions, taxes, and net pay. It is legally required in most jurisdictions — monthly in France and Germany, weekly or biweekly in the US and UK — and serves as essential proof of income in KYC and creditworthiness verification procedures.

PIICompliance

Personally Identifiable Information

PII (Personally Identifiable Information) refers to any data that can be used to directly or indirectly identify a specific individual. It includes names, addresses, social security numbers, biometric data, and any combination of elements that can lead to identification.

PEPCompliance

Politically Exposed Person

A PEP (Politically Exposed Person) is an individual who holds or has held a prominent public function, along with their immediate family members and known close associates. PEPs present a higher risk of corruption and money laundering due to their position of influence.

Business docs

Proof of Address

Proof of address is an official or semi-official document certifying the residential address of a natural person or the registered office of a legal entity. It is one of the documents systematically required in KYC procedures worldwide to confirm the address declared by a client during onboarding. Accepted documents and requirements vary by jurisdiction but typically include utility bills, bank statements, and government-issued correspondence.

ACPRCompliance

Prudential Supervision and Resolution Authority

The ACPR (Autorité de Contrôle Prudentiel et de Résolution) is the French authority for supervising banks and insurance companies, operating under the Banque de France. It ensures compliance with prudential rules, protects customers, and monitors the effectiveness of anti-money laundering programmes.

QESIdentity

Qualified Electronic Signature

A Qualified Electronic Signature (QES) is the highest level of electronic signature defined by the eIDAS regulation. It benefits from a presumption of legal validity equivalent to a handwritten signature in all European Union Member States.

APITechnology

REST API

A REST API (Application Programming Interface — Representational State Transfer) is a programming interface that enables two computer systems to communicate via the HTTP protocol. In the context of document verification, a REST API allows identity verification services to be integrated directly into existing business applications.

Regulation

Right to Be Forgotten (Right to Erasure)

The right to be forgotten, formally the right to erasure, allows individuals to request the deletion of their personal data when it is no longer necessary, consent has been withdrawn, or processing is unlawful. Enshrined in Article 17 of the GDPR, this right is not absolute and must be balanced against other legal obligations.

RBACompliance

Risk-Based Approach

The Risk-Based Approach (RBA) is the fundamental principle that compliance measures should be proportionate to the level of risk identified. Regulated entities allocate more resources to high-risk clients and transactions, while applying simplified measures to low-risk situations.

Compliance

Sapin 2 Act

The Sapin 2 Act (Law No. 2016-1691 of 9 December 2016) is the French legislation on transparency, anti-corruption, and modernisation of the economy. It requires large French companies to implement an anti-corruption compliance programme comprising eight mandatory pillars.

SCACompliance

Strong Customer Authentication

Strong Customer Authentication (SCA) is a European regulatory requirement mandating at least two-factor verification for electronic payments and online account access. It combines at least two elements from knowledge, possession, and inherence.

SARCompliance

Suspicious Activity Report

A Suspicious Activity Report (SAR) is the mandatory filing that regulated professionals must submit to the financial intelligence unit (FinCEN in the US, NCA in the UK, Tracfin in France) when they suspect that a transaction is linked to money laundering, terrorist financing, or tax fraud.

Fraud

Synthetic Identity

A synthetic identity is a fictitious identity created by combining real personal information (often stolen) with fabricated data. Unlike traditional identity theft, it does not correspond to any real person, making it particularly difficult to detect.

Fraud

Tamper Detection

Tamper detection encompasses the techniques used to identify unauthorised modifications made to a digital or physical document. It analyses visual, structural, and digital anomalies to determine whether a document has been altered.

Business docs

Tax Assessment Notice

A tax assessment notice (also called a tax return transcript or tax summary) is the official document issued by a country's tax authority indicating the income declared by a taxpayer and the resulting tax liability. Every jurisdiction has its equivalent: IRS Tax Return Transcript or Form 1040 (US), HMRC Tax Calculation / SA302 (UK), avis d'imposition (France), Steuerbescheid (Germany), ATO Notice of Assessment (Australia), and CRA Notice of Assessment (Canada).

TRACFINCompliance

Tracfin

Tracfin (Traitement du Renseignement et Action contre les Circuits Financiers Clandestins) is the French Financial Intelligence Unit, attached to the Ministry of Economy. It receives, analyses, and processes suspicious transaction reports submitted by regulated professionals and combats clandestine financial networks.

UBOCompliance

Ultimate Beneficial Owner

The Ultimate Beneficial Owner (UBO) is the natural person who ultimately owns or controls a legal entity, directly or indirectly. Identifying the UBO is a fundamental obligation within the anti-money laundering framework.

Technology

Webhook

A webhook is an automatic notification mechanism that enables one system to send data in real time to another system as soon as a specific event occurs. In the context of document verification, webhooks instantly inform the client application of a verification result without the need for continuous server polling.

WwftRegulation

Wwft (Dutch Anti-Money Laundering Act)

The Wet ter voorkoming van witwassen en financieren van terrorisme (Wwft) is the Netherlands' anti-money laundering and counter-terrorism financing law. Transposing EU anti-money laundering directives, it imposes customer identification, ongoing monitoring, and unusual transaction reporting obligations on obliged entities in the Netherlands.