Developer Documentation

KYC

Introduction

KYC stands for Know Your Customer, a set of guidelines to verify you are who you say you are. The process includes verifying the identity, suitability and risks involved in establishing and maintaining a business relationship. This is a legal requirement under Swedish and EU regulations for all payment institutions.

At Ping Payments, we use KYC to verify the identity of anyone receiving funds, whether an individual or an organisation. This means that any payout receiver must complete KYC before funds can be disbursed. This process helps maintain security, prevent financial crime, and protect the integrity of the payment ecosystem. We’ve designed the process to be as simple and seamless as possible, enabling payout receivers to complete onboarding quickly and start using our payment services with confidence.

Our Approach

To meet KYC requirements with as little friction as possible, Ping automates the collection of the required information using two methods:

  • AIS (Account Information Service)
  • Agreement

The method is chosen during onboarding based on the type of payout receiver. Generally, AIS is used for private individuals and Agreements are used for organizations.

AIS

AIS is a secure way to confirm that an individual owns a specific bank account. Ping connects to their bank to retrieve the required information directly — there are no documents to upload. The individual approves access with BankID, so the whole flow is fast and secure.

For the integration details — creating a session, hosting the flow, and reading the result — see the Account Verification (AIS) guide.

Agreement

For organizations, a digital agreement containing all the necessary KYC information is sent to the receiver to complete and sign. The agreement collects the required information and captures signatures using approved Nordic digital-signature solutions. Once submitted, it is reviewed before the receiver is approved.

Keeping KYC current

To stay compliant, KYC information is renewed periodically. How often depends on the receiver's risk profile, and a renewal can also be triggered by ongoing monitoring.

A renewal might mean updating an expired document or confirming a new representative for an organization. This process is automated and handled through a new Agreement, so payout receivers can keep their information up to date quickly and securely.