Cyprus

Identity Verification & KYC For Cyprus

Q: What are acceptable primary ID documents in Cyprus?

Cyprus national ID card and biometric passport are widely accepted, provided they are valid and government-issued.

Q: Can onboarding proceed if a BRP has expired?

Potentially, yes. If immigration permission remains valid, digital status via a UKVI eVisa account may be required to confirm status.

Q: How long must AML records be retained?

At least five years under AML Law 188(I)/2007.

Q: Is there a beneficial ownership register in Cyprus?

Yes. Companies must file beneficial owner information with the Registrar of Companies.

Q: Are EU IDs accepted for onboarding?

Yes, subject to risk-based assessment and AML compliance.

Q: How are Greek name variants handled?

Transliteration-aware screening reduces false positives.

KYC, KYB and AML screening aligned to The Prevention and Suppression of Money Laundering and Terrorist Financing Law 188(I)/2007 (as amended), CySEC AML Directive requirements, and EU AML Directives, delivered in one unified Shufti platform. Built for obliged entities supervised by CySEC, the Central Bank of Cyprus, ICPAC and other competent authorities.

Operational performance for Cyprus KYC

Our Numbers Speak Volumes

98.67%

Pass
Rate

< 5 secs

IDV Verification

99.9%

Fraud
Detection

END-TO-END VERIFICATION COVERAGE

Evidence-Ready Checks Across People & Businesses

Individual Documents We Verify

Shufti verifies upto 35 types of Cyprus documents.

View All Supported Documents

Cyprus National Identity Card (Δελτίο Ταυτότητας)

Primary domestic identity document for Cypriot nationals. Widely relied upon for customer identification under AML obligations.

Cyprus Biometric Passport

ICAO-compliant ePassport with MRZ and chip. Accepted for domestic and cross-border onboarding.

Residence Permit (MEU1, MEU2, third-country residence card)

Issued by the Civil Registry and Migration Department. Used to evidence lawful stay for non-Cypriot residents.

EU/EEA National ID Cards & Passports

Accepted in line with EU AML framework, subject to risk-based assessment.

Cyprus Driving Licence

May be used as supplementary identification where appropriate. Not typically sufficient alone for AML-regulated onboarding.

Entity Identity

Certificate of Incorporation

Issued by the Registrar of Companies. Confirms legal existence.

Certificate of Directors and Secretary

Identifies authorised officers for screening.

Certificate of Shareholders

Confirms legal ownership structure.

Certificate of Registered Office

Confirms official address.

HE32 Annual Return Extract

Provides updated filing information.

Tax Identity

Tax Identification Code (TIC)

Issued by the Cyprus Tax Department. Required for corporate tax purposes.

VAT Registration Number (CY + number)

Issued under Cyprus VAT Law in line with EU VAT Directive.

Ownership & Control (UBO)

Beneficial Owner Register Filing

Maintained by the Registrar of Companies pursuant to AML Law transposing EU AMLD requirements. Cypriot companies must identify natural persons exercising ultimate control.

Shareholder Register / Trust Documentation (where applicable)

Used for verification of indirect control.

Languages We Cover

Greek and English document parsing reflecting Cyprus’s administrative practice.

Transliteration-aware matching between Greek and Latin scripts.

Cross-verification between identity documents and Registrar filings.

GOVERNANCE & CONTROLS

Audit-Ready Decisions, Lower Operational Drag

Fewer Avoidable Re-Submissions

Optimised capture for Cyprus ID and bilingual formats.

Cleaner Audit
Trails

Structured logs aligned with CySEC and CBC supervisory expectations.

Better Name Matching Outcomes

Handles Greek–Latin transliteration variants.

One workflow, one
back office

KYC, KYB and AML screening in a unified operational case.

Primary ID-first flow design

Reflects common reliance on Cyprus ID and passport documents.

Enterprise-grade compliance infrastructure

Cyprus IDV/KYC Challenges

Complex International Structures

Cyprus hosts a significant volume of cross-border holding companies and SPVs. This includes multi-layer ownership chains increase UBO verification burden.

Restricted UBO Register Access

Following CJEU rulings, public access to UBO data has been limited. This means that firms must independently verify beneficial ownership which is very time consuming.

Greek–Latin Transliteration

Dual-language records create name inconsistencies in sanctions screening. Therefore, spelling variants increase false positives and manual review volumes.

Risk-Based Monitoring Requirements

AML Law and CySEC Directive require ongoing monitoring proportionate to risk. This often means that high-risk third-country exposure triggers EDD.

Shufti’s IDV Solution for the Cyprus

KYC Solutions

Face Verification

Matches a live selfie against passport or driving licence imagery. This matters in the UK, where remote onboarding is common, and fraud controls must align with FCA and sector AML expectations.

Age Verification

Selfie-based age estimation combined with document verification fallback where required for regulated activities such as gaming.

Address Verification

Verification of Cyprus address-bearing documents including EAC utility bills, Cyta telecom invoices, and bank statements from Bank of Cyprus or Hellenic Bank. Proof of address commonly forms part of AML customer due diligence.

Document Verification

Validation of Cyprus ID cards, biometric passports and residence permits, including Greek-language OCR and MRZ validation.

Behavioural Biometrics

Globally compliant biometric authentication for selfie-based login to help businesses satisfy stringent identity verification requirements.

Video KYC

Onboard real customers and eliminate ID fraud through cost effective in house or outsourced video KYC.

KYB Solutions

Business Verification

Validation of Registrar of Companies data, directors, shareholders, TIC and VAT numbers. Reduces manual registry searches and onboarding delays.

Enhanced Due Diligence (EDD)

Structured review of complex ownership chains and high-risk jurisdictions aligned to AML Law obligations.

AML Screening

Utilise artificial intelligence models and 1700+ sanction and watchlists to identify and prevent money laundering attempts.

Business AML Screening

Screening against EU consolidated sanctions lists, UN Security Council sanctions, and relevant national measures, covering entities and controlling persons.

Transaction Screening

Ongoing monitoring aligned with AML Law risk-based obligations.

REGULATORY ALIGNMENT

Built To Fit Cyprus’s Compliance Landscape

Cyprus Securities and Exchange Commission (CySEC)

Supervises Cyprus Investment Firms (CIFs), EMIs, ASPs and VASPs under AML Law. Shufti supports customer due diligence, enhanced due diligence and ongoing monitoring documentation aligned with CySEC AML Directive requirements.

Central Bank of Cyprus (CBC)

Supervises banks and certain financial institutions. Structured identity evidence and screening logs support CBC AML expectations.

MOKAS (Unit for Combating Money Laundering)

Cyprus FIU responsible for receiving Suspicious Activity Reports under AML Law. Decision audit logs support SAR documentation.

Registrar of Companies and Intellectual Property

Maintains corporate registry and UBO filings. KYB workflows validate legal status, directors and beneficial ownership.

Cyprus Tax Department

Issues TIC and VAT numbers. Business verification supports fiscal registration checks.

Office of the Commissioner for Personal Data Protection

Enforces GDPR in Cyprus. Data processing aligned with EU GDPR obligations.

Deployment Choice

Cloud (UK regions such as London) or on-premise deployment supports UK GDPR accountability and supervisory expectations under the FCA and HMRC.

Regulatory Alignment

Aligned to the UK Money Laundering Regulations (MLRs) and UK GDPR principles including lawfulness, purpose limitation and integrity of processing.

Retention controls

AML records must generally be retained for five years from the end of the business relationship, consistent with MLR record-keeping rules and UK GDPR storage limitation principles.

Encryption posture

Technical and organisational security measures, including encryption, support Article 32 UK GDPR obligations on security of processing.

Data & Privacy Controls In Cyprus

BUILT FOR COMPLIANCE TEAMS

Cyprus AML Sources That Strengthen Decision

House of Representatives of Cyprus

Cyprus Securities and Exchange Commission (CySEC)

Frequently Asked Questions

What are acceptable primary ID documents in Cyprus?

Cyprus national ID card and biometric passport are widely accepted, provided they are valid and government-issued.

Can onboarding proceed if a BRP has expired?

Potentially, yes. If immigration permission remains valid, digital status via a UKVI eVisa account may be required to confirm status.

Who receives Suspicious Activity Reports?

MOKAS, the Cyprus FIU.

How long must AML records be retained?

At least five years under AML Law 188(I)/2007.

Is there a beneficial ownership register in Cyprus?

Yes. Companies must file beneficial owner information with the Registrar of Companies.

Are EU IDs accepted for onboarding?

Yes, subject to risk-based assessment and AML compliance.

How are Greek name variants handled?

Transliteration-aware screening reduces false positives.

Is data processing subject to GDPR?

Yes. Cyprus applies EU GDPR.

Build a Cyprus-ready KYC, KYB & AML programme with Shufti

Check Pricing Request Demo

INDEPENDENTLY AUDITED. GLOBALLY CERTIFIED.

Certified to Global Standards

PROVEN WORKFLOWS

Use Cases for Regulated Growth in Cyprus

Fintech

Forex

Banking

Gaming

Gig Economy

Crypto

Marketplace

Fintech

Forex

Banking

Gaming

Gig Economy

Crypto

Marketplace

Fintech

Forex

Banking

Gaming

Gig Economy

Crypto

Marketplace

Accelerate Growth, Eliminate Friction

Onboard users in seconds, not days. Deploy tiered address verification flows that maximise completion rates for genuine users while filtering out synthetic fraud.

Learn More Try Now

Onboard Global Traders in Real-Time

Verify investors across 250+ countries & territories. Ensure compliance with international financial regulations while preventing identity theft and high-risk chargebacks.

Learn More Try Now

Secure Trust at Every Transaction

Automate KYC and AML workflows to reduce manual onboarding costs. Strengthen residency checks while delivering the frictionless digital experience modern customers expect.

Learn More Try Now

Power a Fair & Secure Player Experience

Reduce bonus abuse and multi-accounting rings at the door. Enforce location rules and trigger step-up checks without disrupting the player journey.

Learn More Try Now

Build a Trusted, Verified Workforce

Screen freelancers and drivers at scale. Verify residency and reduce onboarding friction while maintaining trust between users.

Learn More Try Now

Scale Your Exchange with Confidence

Balance anonymity with compliance. Instantly verify user jurisdiction to meet Travel Rule obligations and help stop abuse without slowing down legitimate trading volume.

Learn More Try Now

Reduce fraud without blocking growth

Shufti supports marketplace integrity by verifying seller and buyer identities, enabling age-gated journeys where needed, and preserving evidence to support investigations, disputes and risk-led enforcement actions.

Learn More Try Now