EBA Remote Onboarding Guidelines
European Union
2022
AML/CFT
Privacy
Overview
Key Obligations
- Institutions must conduct a comprehensive risk assessment before adopting remote onboarding tools
- Identity verification must rely on secure, reliable, and fraud-resistant technologies
- Manual intervention and human oversight are required for certain high-risk cases
- Institutions must ensure technical solutions are explainable, reproducible, and auditable
- Outsourced providers must meet equivalent AML/CFT obligations and be properly supervised
Stay ahead of risk with Signzy
Explore tools that help you onboard, monitor, and verify with confidence
One Touch KYC
Launch global KYC flows with built-in document OCR, liveness checks, deepfake detection, and AML, all through a single, customizable dashboard.
Identity Verification
Use facial match and liveness checks paired with government ID verification to validate users while onboarding.
AML Screening
Screen users against Politically Exposed Persons (PEP), watchlists, sanctions lists, adverse media, and more through one-time screening and advanced monitoring.
Related Regulations
FAQ
Who do the EBA guidelines apply to?
They apply to credit institutions and financial institutions in the EU that onboard customers remotely.
Are video KYC and biometrics allowed under the guidelines?
Yes, if the technology is secure, fraud-resistant, and fits the institution’s risk profile.
Can institutions outsource onboarding processes?
Yes, but they remain fully responsible for compliance and must supervise the provider.
Is the use of AI in onboarding addressed?
Yes, AI tools must be explainable and not fully autonomous in high-risk scenarios.