Smart KYC: AI-Driven Automation for Risk & Compliance

linzhiwei · July 4, 2025, 3:04pm

AgentHack submission type

Enterprise Agents

Name

Oscar Lin

Team name

OscarLin

How many agents do you use

Multiple agents

Industry category in which use case would best fit in (Select up to 2 industries)

Banking and financial services
Compliance

Complexity level

Advanced

Summary (abstract)

Intelligent Agent for Automated KYC/KYCB Verification

Project Overview

This project introduces an intelligent agent designed to automate the Know Your Customer (KYC) and Know Your Business (KYCB) verification process.

Workflow Trigger

The automation is triggered by an incoming email containing the hashtag #KYC in the subject line.

Core Technologies

Core Intelligence & Data Management

Document Understanding: For high-accuracy data extraction from documents.
Generative AI: For advanced comprehension and processing of information.
Data Fabric: For managing all process data in a structured, accessible format.

Process & Agent Orchestration

Agent Builder: For configuring the autonomous agent’s specific skills and behaviors.
Agentic Process: For connecting agents with workflows to execute seamless, multi-step operations.
Maestro: For end-to-end orchestration and governance of the entire business process.

Connectivity & Human Collaboration

Integration Service: For bridging communication between essential applications, including Gmail and AI services.
Apps: For designing intuitive user interfaces for escalations and reviews.
Action Center: For managing and assigning exceptions or tasks that require human intervention.

Key Processes

Information Extraction & Processing: The agent extracts and processes relevant information from the submitted documents.
Critical Background Checks: It performs parallel checks for:
- Negative News Screening
- Politically Exposed Persons (PEPs) & Sanctions List Verification
Risk Assessment: An initial risk assessment is conducted based on the gathered data.

Outcomes & Decision-Making

Based on a comprehensive risk analysis, the agent will take one of the following actions:

Approve: The case is automatically approved.
Flag for Review: The case is flagged for manual review by a user.
Request More Information: The system automatically sends a request for additional information.

The process concludes with an automated email notifying the requester of the outcome.

Benefits

This automated system streamlines the entire onboarding and verification workflow, significantly reducing manual effort and enhancing regulatory compliance.

Detailed problem statement

In today’s stringent regulatory environment, financial institutions and other regulated entities face significant challenges in conducting thorough, efficient, and timely KYC/KYCB checks. The traditional, manual process is fraught with problems:

High Operational Costs: Manual KYC verification is a labor-intensive process, requiring a significant number of analysts to manually read documents, input data into various systems, and conduct searches across multiple databases and news sources. This drives up operational costs and limits scalability.
Slow Onboarding Times: The dependency on manual data entry and review creates bottlenecks, leading to lengthy customer and business partner onboarding cycles. These delays can result in a poor customer experience and potential loss of business to more agile competitors.
Risk of Human Error: Manual data handling is inherently prone to errors, such as typos in names, dates, or identification numbers. These inaccuracies can lead to failed verifications or, more critically, an incorrect risk assessment, exposing the organization to compliance and financial risks.
Inconsistent Risk Assessment: Different analysts may interpret information differently, leading to inconsistent risk evaluations. Lacking a centralized, AI-driven analysis of all risk factors (such as negative news and sanctions lists) simultaneously can lead to siloed and incomplete decision-making.
Regulatory & Compliance Pressure: The regulatory landscape is constantly evolving, with increasing scrutiny on the effectiveness of anti-money laundering (AML) and counter-terrorism financing (CTF) controls. Failure to comply can result in severe financial penalties and reputational damage. Manual processes struggle to keep pace with these changes and provide a clear, auditable trail.

This project directly addresses these challenges by deploying a smart, automated agent to handle the repetitive, data-intensive tasks of the KYC process, allowing human experts to focus on complex, high-risk cases.

Detailed solution

End-to-End Automated KYC Process Orchestration

My solution is an end-to-end automation of the Know Your Customer (KYC) process, orchestrated by a UiPath agent as illustrated in the provided BPMN. The process unfolds as follows:

1. Process Trigger

The automation is initiated when the agent detects a new email in a dedicated inbox with #KYC in its title. This serves as the starting point for a new verification case.

2. Intelligent Document Processing (CollectPii)

The agent first retrieves the email and its attachments. Using UiPath Document Understanding and Generative AI, it intelligently extracts all pertinent Personally Identifiable Information (PII) from various document types (e.g., passports, identification cards, other government-issued documents). The GenAI component helps interpret unstructured text and identify relevant entities with high accuracy.

3. Data Validation and Structuring (FillInKycData)

Validation: Once the data is extracted, it undergoes rigorous validation to ensure completeness and accuracy—for example, verifying date formats, ID number structures, and required field presence.
Structuring: Upon successful validation, the cleaned data is structured and populated into UiPath’s Data Fabric, ensuring consistency and integrity from the beginning of the automation pipeline.
Escalation: In cases where certain fields require human verification or fail automatic validation, the process intelligently escalates the discrepancies to designated users for review via UiPath Action Center before final submission to the data service.

4. Parallel Risk Screening

To maximize efficiency, the agent performs two critical checks simultaneously:

News Analysis (Negative News Filtering):
It conducts a “Negative News Filtering” check by scanning a wide array of global and local news sources, blogs, and web content using AI-powered search and analysis from Perpexity.ai and Google. It looks for any adverse media mentions associated with the individual or entity that could indicate reputational, financial, or legal risks.
PEP & Sanctions Screening (CheckPepSanc):
The agent performs a comprehensive screening of the individual’s or entity’s name and associated details against global watchlists. These include databases of Politically Exposed Persons (PEPs) as well as international sanctions lists (e.g., OFAC, UN, EU). For the highest level of accuracy, the agent utilizes the industry-leading tool provided by dilisense.com.

5. Holistic Risk Assessment (FinalDecision)

The results from both the News Analysis and PEP/Sanctions checks are consolidated. An intelligent decisioning engine analyzes the combined findings to determine an overall risk profile.

Additional Check Gateway:
- If the risk assessment indicates high confidence and low risk, the “Additional Check” will be set to false, and a reply will be sent directly.
- Otherwise, the process proceeds to “Final Decision,” where an agent performs a more thorough risk assessment. During this stage, escalation to the user may occur to request additional information or make a final determination if needed.

6. Final Decision

The agent makes a final determination:

Approve: If no significant risks are found, the case is automatically approved.
Manual Intervention: If complex risks, multiple high-risk alerts, or significant negative news are detected, the case is flagged for manual intervention via UiPath Action Center. A comprehensive summary of the findings is prepared and assigned to a compliance user for final review.

7. Automated Communication & Closure

The process concludes with an automated email response from the agent, notifying the original requester of the outcome—whether approved or rejected.

The process then moves to its end state, with a complete, auditable log of every action taken stored for compliance purposes with UiPath Maestro.

Demo Video

Expected impact of this automation

This intelligent agent transforms the KYC process by delivering tangible results, reducing manual work, and mitigating user pain points.

Time Saved & Increased Efficiency:

Automates data extraction, validation, and screening, dramatically reducing the time for customer and business partner onboarding.
Parallel risk checks (News Analysis and PEP/Sanctions) maximize efficiency.

Steps Automated & Reduced Manual Effort:

The entire end-to-end process is orchestrated by the agent, from the initial email trigger to the final communication.
Handles repetitive, data-intensive tasks, freeing up human analysts to focus only on complex, high-risk cases that require manual intervention.

Reduced Risk & Enhanced Compliance:

Minimizes human errors in data handling and ensures consistent, centralized risk assessment.
Creates a complete, auditable log of every action taken, strengthening regulatory compliance and transparency.

Clear Outcomes & Automated Communication:

The process concludes with a clear decision:

Approve
Escalate for manual review
Reject

An automated email is sent to the original requester, communicating the final outcome and ensuring timely closure.

UiPath products used (select up to 4 items)

UiPath Action Center
UiPath Agent Builder
UiPath Data Service
UiPath Document Understanding™

Integration with external technologies

Agentic solution architecture (file size up to 4 MB)

Sample inputs and outputs for solution execution

Sample Input

The primary input for this solution is an email sent to a monitored inbox that meets the following criteria:

Subject Line: Contains the specific tag #KYC.

Example Subject: New Client Onboarding: John Doe #KYC

Email Body: The body of the email may contain unstructured text providing necessary KYC information. The agent is trained to find and extract key data points such as:

Occupation / Industry
Source of Funds / Source of Wealth
Purpose of the business relationship

Attachments: The email includes one or more attached files containing identity verification documents. The agent can process various formats (PDF, JPG, PNG).

Example Attachments:

Passport_JDoe.pdf (A scanned copy of a passport)

Address_Proof.jpg (A utility bill or bank statement for address verification)

Sample Output

The final output of the process is an automated email reply sent to the original sender. The content of the email is determined by the outcome of the KYC analysis:

Output for an Approved Case

If the KYC checks are successfully passed without any significant risks being flagged, a confirmation email is sent.

Example Subject: RE: New Client Onboarding: John Doe #KYC

Example Body:

Dear Sender,

Thank you for your submission. The KYC verification has been successfully completed and approved.

Best regards,

Compliance Department

Output for a Rejected or High-Risk Case

If the process identifies significant risks (e.g., a sanctions list match, severe negative news) that lead to a rejection, the email will state the outcome and provide a summarized reason. This maintains transparency while protecting the sensitivity of the detailed findings.