Face Verification
Address Verification
Document Verification
Age Verification
VideoIdent
Fast ID
eIDV
Consent Verification
NFC Verification
Business Verification
Due Diligence
Investor Verification
E-Signature
QES
AML Screening
Transaction Monitoring
Adverse Media
Business AML Screening
PEP & RCA
Sanctions
Watchlist
Behavioural Biometrics
Device Fingerprinting
1:1 Authentication
MFA
Fraud Hub
Onboarding
Ongoing Monitoring
KYC
KYB
KYI
Age Assurance
Identity Verification
Workforce IAM
Candidate Verification
Compliance
Fraud prevention
Trust & safety
Global expansion
Product Managers
Compliance Officers
Fraud Analysts
Developers
Deepfake
Bonus Abuse / Promotion Abuse
Account Takeover
Synthetic Identity Fraud
Document Fraud
Impersonation Fraud
Multi-Accounting
Fraud Networks
Chargeback Fraud
Money Mule Activity
Party Fraud
Regulatory & Compliance Risks
Fintech
Crypto
iGaming
Forex
Social Network
Marketplace
Banking
Gig Economy
Blind Spot Audit
Deepfake Detector
Liveness Spoofs
Document Originality
Document Deepfake
Global Trust Platform
Journey Builder
Case Management
Shufti AI
Fraud Analytics
Vendor Comparison
Brand Personalisation
IDV Modes
AI Compliance Co-Pilot
OCR
Secure Capture
Deployment Options
Identity Methods
API Documentation
Mobile SDKs
Service Status
Help Center
Contact Us
Technical Support
Supported Documents
Content library
Blogs
News
Reports
Insights
Knowledgebase
ROI calculator
About
Career
Press Release
Certifications
Partnership
Awards
Events & Webinar
Interactive Demo
Podcast Studio
Spotlight Studio
- Australia
- Austria
- Bangladesh
- Brazil
- Bulgaria
- Canada
- China
- Cyprus
- Egypt
- Estonia
- Ethiopia
- France
- Germany
- Greece
- Haiti
- Hong Kong
- India
- Iraq
- Ireland
- Indonesia
- Italy
- Japan
- Jordan
- Kazakhstan
- Kenya
- Kosovo
- Kuwait
- Latvia
- Luxembourg
- Malaysia
- Malta
- Mexico
- Morocco
- Nigeria
- Nepal
- Norway
- Netherlands
- New Zealand
- Pakistan
- Philippines
- Portugal
- Portugal
- Romania
- Singapore
- Slovakia
- South Africa
- South Korea
- Sri Lanka
- Sweden
- Switzerland
- Taiwan
- Thailand
- Turkey
- UK
- USA
- Vietnam
Kenya
Identity Verification & KYC For Kenya
Shufti delivers identity verification and Know Your Customer compliance for Kenyan businesses under POCAMLA and CBK requirements, providing audit-ready KYC and AML screening.
Operational performance for Kenya KYC
Our Numbers Speak Volumes
98.03%
Pass Rates
100%
NFC Verification
90%
eIDV Coverage
Kenya Documents We Verify: People & Businesses
Individual Documents We Verify
Shufti supports 14 Kenyan document types.
View All Supported DocumentsNational Identity Card
Issued by National Registration Bureau to citizens 18+ with 8-digit unique identifier. Mandatory for all financial transactions and legal proceedings in Kenya.
Passport
Issued by Department of Immigration Services. Secondary identification valid 10 years for adults, 5 years for minors. Accepted for identity verification.
Driving Licence
Government-issued identification serving as both driving permit and official identification. Available in learner, professional, and private vehicle categories.
Birth Certificate
Issued by Kenya National Bureau of Statistics. Required for national identity card application. Accepted for identity verification and inheritance matters.
Voter Registration Card
Issued by IEBC. Functions as proof of citizenship and supporting document for identity and residential verification.
Military Identity Card
Government-issued identification for active and retired Kenya Defence Forces personnel conducting financial transactions.
Refugee Identity Card
Issued by Department of Refugee Affairs. Official identification for documented refugees and asylum seekers in Kenya.
Residence Permit
Issued to foreign nationals with long-term residency in Kenya. Primary identification and proof of legal residency.
Business Entity Identity
Certificate of Incorporation
Primary document issued by the Registrar of Companies upon successful company registration. Contains company name, registration number, and registration date confirming legal entity status.
CR 12 Form
Mandatory statutory document listing all directors, shareholders, shareholding percentages, company registered address, and registration details filed with the Registrar of Companies.
Memorandum and Articles of Association
Constitutional document filed during company registration. Details company structure, objects, internal governance rules, and shareholder rights and obligations.
Business Tax Identity
KRA PIN Certificate
11-digit Personal Identification Number issued by Kenya Revenue Authority to individuals and legal entities including companies, partnerships, trusts, and clubs for tax administration.
KRA PIN Verification
Online verification service operated by Kenya Revenue Authority. Confirms the validity and current status of KRA PINs issued to individuals and business entities.
Ownership & Control (UBO)
Register of Beneficial Ownership
Mandatory register required under the Companies (Beneficial Ownership Information) Regulations 2020. Identifies natural persons with 10%+ shares, voting rights, or appointment/removal authority.
Beneficial Ownership Declaration
Formal declaration submitted by companies identifying beneficial owners and confirming compliance with beneficial ownership disclosure requirements within the required 30-day timeline.
Directors Resolution
Board resolution documenting beneficial ownership identification process and confirming compliance with beneficial ownership regulations and E-Register submission requirements.
Languages We Cover
Document Language and Script Handling
Kenya's official languages are English and Swahili, both using the Latin alphabet. Government documents and identity cards are issued in English as the primary language. Shufti handles both languages with standard Latin character sets without requiring special transliteration.
Name Matching and Standardisation
Kenyan names may contain diacritical marks or special characters in Swahili. Shufti applies standardised Latin character matching protocols to ensure name consistency across identity documents, transaction records, and beneficial ownership registers while accounting for local naming conventions.
Evidence Consistency Across KYC and KYB Steps
Shufti verifies language consistency between individual identity documents and business registration documents. This includes cross-checking names, addresses, and company details across CNIC data, passport information, KRA PIN records, and company registrations to detect fraud and inconsistencies.
GOVERNANCE & CONTROLS
Audit-Ready Decisions, Lower Operational Drag
Fewer Avoidable Re-submissions
High-resolution capture and OCR reduce incomplete submissions and re-submission cycles in Kenya.
Cleaner Audit Trails
Timestamped records meet FRC and CBK audit expectations, enabling quick regulatory proof during examinations.
Better Name Matching Outcomes
Handles Kenyan naming conventions and Swahili character sets, reducing false rejections of legitimate customers.
One Workflow, One Back Office
Unified KYC, KYB, and AML screening eliminates manual handoffs and reduces operational overhead.
National ID-First Flow Design
Prioritises National Identity Card verification, the most reliable and fraud-resistant pathway.
Kenya IDV/KYC Challenges
Forged and Tampered Documents
High prevalence of document fraud and synthetic identity schemes despite Kenya's biometric passport system. Criminals exploit weaknesses using expired IDs and document tampering techniques.
Manual Verification Delays
Paper-based KYC processes take days or weeks due to overlapping regulatory requirements and lack of unified digital verification infrastructure, creating compliance delays.
Biometric Integration Gaps
The National Registration Bureau maintains biometric data, but integration with commercial KYC systems remains inconsistent, forcing reliance on manual checks and increasing fraud risk.
FATF Grey List Risk
Kenya is under FATF increased monitoring with heightened AML/CFT supervision requirements, ML investigation mandates, and significant non-compliance penalties.
Shufti's IDV/KYC Solutions for Kenya
KYC Solutions
Face Verification
Combines liveness detection with facial matching against government documents. Prevents spoofing and synthetic identity fraud in Kenya's digital finance sector.
.
Age Verification
Selfie-based age estimation using AI combined with government document verification. Supports age-gated products, gaming, and regulated lending in Kenya.
.
Address Verification
Verifies any address-bearing document. Supports Kenyan utilities and bank statements from Kenya Power, KCB, Equity Bank, Barclays, and other Kenyan banks.
.
Document Verification
Verifies all 14 Kenyan document types including National IDs, Passports, and Driving Licences. Detects fraud whilst accommodating Kenya's environments.
.KYB Solutions
Business Verification
Shufti verifies company legal status through Certificate of Incorporation, CR 12 Form, and business registration records. Identifies beneficial owners holding 10%+ shares or voting rights through Kenyan business registry integration and beneficial ownership documentation review.
.
Enhanced Due Diligence
Shufti screens for Kenya-specific AML risk triggers including FATF grey list status, high-risk business sectors, and POTA terrorism financing concerns. Delivers audit-ready evidence for Financial Reporting Centre enquiries and Central Bank examinations.
.AML Screening
Business AML Screening
Shufti screens entities against UN sanctions consolidated lists, UNSC Resolutions 1267/1373/1718/1988, and Kenya's domestic terrorism list. Identifies beneficial owners against PEP and sanctions lists, ensuring POCAMLA compliance.
.
Transaction Screening
Shufti provides ongoing transaction monitoring for Kenya-based financial institutions. Flags suspicious activity patterns requiring Suspicious Transaction Report (STR) filing with the Financial Reporting Centre goAML platform within required timeframes.
.Built to Fit Kenya's Compliance Landscape
Central Bank of Kenya (CBK)
Banking regulator responsible for KYC/AML guidelines. Shufti delivers solutions aligned with CBK's Customer Due Diligence Guidelines for financial institutions. Official Website: https://www.centralbank.go.ke/
Financial Reporting Centre (FRC)
Kenya's financial intelligence unit established under POCAMLA 2009. Shufti enables real-time STR and CTR reporting through goAML platform for compliance. Official Website: https://www.frc.go.ke/
Capital Markets Authority (CMA)
Regulator of securities markets, investment firms, and capital market development. Shufti supports CMA-required investor verification and beneficial ownership disclosure for capital market entities and investment fund participants. Official Website: https://www.cma.or.ke/
Insurance Regulatory Authority (IRA)
Sole authority regulating and supervising Kenya's insurance industry. Shufti enables KYC verification for insurance customers and beneficial owner identification for insurance entities, ensuring policyholder protection and industry compliance. Official Website: https://ira.go.ke/
Office of the Data Protection Commissioner (ODPC)
Data protection regulator established under the Data Protection Act 2019. Shufti implements encryption, secure access controls, and data retention protocols compliant with ODPC requirements and POCAMLA minimum retention periods. Official Website: https://www.odpc.go.ke/
Kenya Revenue Authority (KRA)
Tax authority responsible for tax administration and issuance of KRA PINs. Shufti integrates KRA PIN verification for individual and entity identification, supporting tax compliance verification and beneficial owner confirmation. Official Website: https://www.kra.go.ke/
Communications Authority of Kenya (CA)
Regulator for telecommunications, e-commerce, and cyber security. Shufti supports telecommunications operators and fintech platforms licensed by CA, ensuring customer identity verification and data security compliance. Official Website: https://www.ca.go.ke/
Sacco Societies Regulatory Authority (SASRA)
Regulator of Sacco Societies undertaking deposit-taking and specified non-deposit-taking business. Shufti delivers KYC and beneficial ownership verification for SACCO members and deposit-taking operations. Official Website: https://www.sasra.go.ke/
Deployment Choice
Shufti supports on-premise deployment for regulated financial institutions in Kenya pending full regional cloud infrastructure. AWS, Azure, and GCP regional data centres are planned in Kenya by 2026; interim deployments use South African regions or dedicated on-premise environments.
Regulatory Alignment
Shufti's data handling aligns with the Data Protection Act 2019 and POCAMLA record retention requirements. All KYC records, customer identification information, and transaction documentation are maintained according to Kenya's 7-year minimum retention period for transaction and customer data and beneficial ownership record retention of 10 years post-cessation.
Retention Controls
Shufti implements configurable data retention schedules aligned with POCAMLA (7 years for transaction and customer data) and beneficial ownership retention requirements (10 years after person ceases to be beneficial owner). Automated deletion workflows ensure compliance with Kenya's necessity and proportionality principles.
Encryption Posture
Shufti deploys AES-256 encryption for stored personal data and implements secure access controls with regular vulnerability assessments. Compliance aligns with Kenya's Data Protection (General) Regulations 2021 and Central Bank of Kenya information security requirements.
Data and Privacy Controls in Kenya
Kenya AML Sources That Strengthen Decision
National Assembly of Kenya
Kenya Tourism Board
Kenya Rural Roads Authority
Nairobi Securities Exchange
Kenya Law – Terrorist Organizations
The Standard
Daily Nation
The Star
National Assembly of Kenya
Kenya Tourism Board
Kenya Rural Roads Authority
Nairobi Securities Exchange
Kenya Law – Terrorist Organizations
The Standard
Daily Nation
The Star
National Assembly of Kenya
Kenya Tourism Board
Kenya Rural Roads Authority
Nairobi Securities Exchange
Kenya Law – Terrorist Organizations
The Standard
Daily Nation
The Star
Frequently Asked Questions
What documents are required for KYC verification in Kenya?
Kenya's primary KYC documents are the National Identity Card, Passport, and Driving Licence. Secondary documents include birth certificates and business registration documents (Certificate of Incorporation, CR 12 Form) for company verification.
What is POCAMLA compliance and who must comply in Kenya?
POCAMLA 2009 is Kenya's primary AML legislation requiring banks, payment service providers, SACCOs, and non-financial businesses to register with the Financial Reporting Centre, conduct customer due diligence, and file STRs and CTRs for transactions exceeding USD 15,000 equivalent.
What is the difference between KYC and KYB in Kenya?
KYC (Know Your Customer) is the individual customer verification process requiring identity document validation, biometric liveness checks, and risk assessment. KYB (Know Your Business) is the corporate equivalent, verifying company legal status, Certificate of Incorporation, beneficial ownership disclosure (10%+ shareholders), and UBO identification through the Companies Act 2015 requirements.
How do I verify beneficial ownership (UBO) for a Kenya company?
Kenya requires companies to maintain a Register of Beneficial Owners identifying natural persons holding 10%+ shares/voting rights, appointment/removal authority, or significant control (Companies Beneficial Ownership Information Regulations 2020). Companies must submit the register to the E-Register within 30 days of preparation and notify identified beneficial owners to provide National ID, Passport, or Birth Certificate within 21 days. Changes must be reported within 14 days.
What is the Central Bank of Kenya's role in KYC and AML compliance?
The Central Bank of Kenya (CBK) is the monetary authority and banking regulator responsible for developing KYC/AML guidelines, licensing financial institutions, supervising compliance with POCAMLA, and ensuring banks implement customer due diligence measures. CBK's Prudential Guidelines and Digital Credit Providers Regulations mandate identity verification, beneficial ownership disclosure, and PEP/sanctions screening for all account holders.
What data protection laws apply to KYC in Kenya?
The Data Protection Act No. 24 of 2019 governs personal data handling for KYC purposes, enforced by the Office of the Data Protection Commissioner (ODPC). The act requires organisations to collect data lawfully, store it securely with encryption, implement data protection by design, notify individuals of processing, and retain KYC records per POCAMLA (7 years) whilst respecting data necessity principles.
Is biometric liveness detection required for Kenya KYC?
While not explicitly mandated as 'required' in POCAMLA itself, CBK guidelines and best practices recommend biometric liveness detection as part of digital KYC implementation. The National Registration Bureau maintains biometric data (fingerprints, facial recognition) integrated into National ID and passport systems. For higher-risk customers and enhanced due diligence (PEPs, high-value accounts), financial institutions increasingly deploy AI-powered biometric liveness checks to prevent synthetic identity fraud.
How do I file STR and CTR reports with Kenya's Financial Reporting Centre?
All reporting institutions must file STRs (Suspicious Transaction Reports) and CTRs (Cash Transaction Reports) electronically via the goAML platform (https://goaml.frc.go.ke/). CTRs must be filed for cash transactions ≥USD 15,000 weekly. STRs must be filed immediately when suspicious activity is detected. Reports require FRC acknowledgment via the goAML message board to be officially recorded.
Build a Kenya-ready KYC, KYB & AML programme with Shufti
INDEPENDENTLY AUDITED. GLOBALLY CERTIFIED.
Certified to Global Standards
PROVEN WORKFLOWS
Use Cases for Regulated Growth in Kenya
Reduce Fraud Without Blocking Growth
Shufti supports marketplace integrity by verifying seller and buyer identities, enabling age-gated journeys where needed, and preserving evidence to support investigations, disputes, and risk-led enforcement actions.
Secure Trust at Every Transaction
Automate KYC and AML workflows to reduce manual onboarding costs. Strengthen residency checks whilst delivering the frictionless digital experience modern customers expect.
Scale Your Exchange with Confidence
Balance anonymity with compliance. Instantly verify user jurisdiction to meet Travel Rule obligations and help stop abuse without slowing down legitimate trading volume.
Accelerate Growth, Eliminate Friction
Onboard users in seconds, not days. Deploy tiered address verification flows that maximise completion rates for genuine users whilst filtering out synthetic fraud.
Onboard Global Traders in Real-Time
Verify investors across 250+ countries and territories. Ensure compliance with international financial regulations whilst preventing identity theft and high-risk chargebacks.
Power a Fair and Secure Player Experience
Reduce bonus abuse and multi-accounting rings at the door. Enforce location rules and trigger step-up checks without disrupting the player journey.
Build a Trusted, Verified Workforce
Screen freelancers and drivers at scale. Verify residency and reduce onboarding friction whilst maintaining trust between users.
Let’s Tailor your journey
Just a few quick questions to guide your Shufti experience.
Shufti
Market Positioning and Commercial Assessment
Industry stands at 1.7rating
Best ID Verification Innovator
TOP 10 KYC Solution Provider
Best Client Onboarding Solution
Samer Al Tamimi@CEO of Safwa Bank
We take our client's privacy very seriously and always look for new innovative solutions to ensure a safe banking experience. Working with Shufti feels like a breath of fresh air, as their 100% in-house tech keeps our customer's data free from vulnerabilities and fully safe and protected.
PROVEN PLAYBOOKS
Explore Practical KYC & AML Resources
16 August, 2025
5 minutes read
How Much of What You’ve Verified Is Actually Real?
Shufti’s Deepfake Blindspot Audit now runs fully inside your AWS environment, auditing historic KYC for manipulation signals without moving sensitive data off-prem.
whitepapers
