KYB is know your business: the work of understanding which company you are dealing with, how ownership and control are structured, and which risk facts must be assessed before the relationship moves forward. It matters at onboarding, during periodic review, and when new information about ownership, representatives, or risk level means an earlier decision needs to be reopened. Record source + timestamp + rationale + policy version + owner role for every material outcome.

Quick answer

• Use KYB before opening a corporate relationship, when ownership changes, or when an existing company file needs renewed review.
• Keep company records, ownership and control evidence, screening-related findings, decision rationale, and responsible role so the assessment can be replayed later.
• A common mistake is letting isolated registry or screening outputs replace the full company review.
• Clear KYB makes it easier to compare companies, follow changes over time, and explain why a decision was taken.

Records to keep (for traceable control)

• Company identity and base data: Show which legal entity the review started from and which register details were used — Store as: Source log with timestamp
• Ownership and control evidence: Explain which people or structures informed the assessment — Store as: Evidence log with ownership and control fields
• Screening and risk findings: Show which hits or signals affected the review — Store as: Review note with findings and rationale fields
• Decision note and policy reference: Make the outcome reproducible against the right internal logic — Store as: Decision record with policy ID and version reference
• Responsible role and decision date: Show who owned the outcome and when it was taken — Store as: Decision record with owner and date

Definition and scope

KYB means knowing which company you are doing business with, how that company is represented, who ultimately owns or controls it, and which risk facts require more action. It covers company identity, company status, ownership and control structure, relevant representatives, and the records needed to explain a later decision.

For risk and compliance teams, KYB is broader than a simple company lookup. The work also includes deciding whether the available data is enough, whether a beneficial owner can be identified directly, whether fallback logic is needed, and whether a person or relationship needs to move into screening or enhanced review.

When those elements stay connected, KYB becomes a traceable company review rather than a set of isolated checks. When company data, owner evidence, and decision notes are split across systems, similar companies become harder to treat consistently.

Why KYB matters

KYB shapes which company relationships you start, what needs deeper review, and when an existing business file must be revisited. It affects onboarding, periodic review, and the combined judgement that decides whether an earlier outcome still stands.

Weak records create avoidable remediation work later. If a reviewer cannot reconstruct which company was checked, how ownership looked, which people were assessed, and why the outcome was considered reasonable, the organisation ends up relying on memory instead of evidence.

It also affects related AML work. Screening for beneficial owners, representatives, or other relevant people is harder to assess if the company's baseline facts, control structure, and earlier rationale are not held in the same trail.

What each review must assess

Each KYB case needs to start with the right company identity and reliable company data. Teams need to know that the correct legal entity is under review, which registry details have been verified, and which parts of the file still rely on incomplete or uncertain inputs.

The next step is understanding ownership and control. It is not enough to know that a company exists if it is still unclear who owns it, who controls it, who represents it, and whether additional owner logic or a fallback person is needed for the review.

Teams then need to decide whether there are findings, signals, or other risk facts that require screening, enhanced review, or follow-up. A registry result or a hit is not the same as a final decision. It is an input that still has to be weighed against the wider company context.

Common pitfalls

• Company data is collected, but the file does not show how it connects to ownership, control, or representatives.
• An owner or screening result is stored without a clear rationale for how it affected the overall company review.
• Fallback logic is used when ownership is unclear, but the reason for that choice is documented too thinly.
• An earlier company file is reused even though ownership, representatives, or risk facts have changed.
• Company evidence, decision notes, and follow-up sit in separate systems without a clear link between them.

These problems are operational more than theoretical. The issue is rarely whether teams know KYB is required. The issue is whether company data, risk logic, and decisions actually stay connected in day-to-day work.

A process for KYB

1) Confirm the right company and the right sources

Start from the correct legal entity and keep the registry or source data the review relied on. That makes it clear which company was actually assessed.

2) Map ownership, control, and relevant people

Assess whether the ownership structure is clear enough, whether a beneficial owner can be identified directly, and which representatives or fallback people become relevant in the flow.

3) Keep facts, findings, and decisions separate

Separate company data, owner evidence, screening findings, and the final judgement in each material case. That makes it easier to see both what facts you had and how you used them.

4) Record risk logic and responsibility

Tie the company risk level, any findings, and the next action to a clear rationale. That makes it easier to explain why the company was accepted, followed up, or escalated.

5) Reopen the file when company facts change

If ownership, company status, representatives, or other risk facts change, the same company file needs to be reopened without forcing the team to start from zero.

Roaring field guide

• Define which company data, owner evidence, and risk events must be present before a company case can move forward.
• Store company identity, ownership or control evidence, findings, and decision rationale so the outcome can be replayed later.
• Keep baseline data, screening outputs, and the final judgement separate so each step can be explained.
• Document when fallback logic is used and why a specific person or structure became relevant.
• Treat KYB as an ongoing review discipline rather than a one-off company lookup at the start.

How Roaring can help

• Integration Suite can bring company data, owner evidence, and decision support into existing workflows so company review and follow-up stay connected in the same process.
• Lookup can act as the entry path for teams that want to inspect data, verify company details manually, or understand information needs before building an integration.
• Beneficial-owner and fallback-owner data can support owner logic when control structures need deeper review or when a fallback person must be used.
• Monitoring and webhooks can route new company or risk events into existing workflows when an earlier company file needs to be reopened.