Runs On Your Cloud
No Data Sharing
No Contract Required
Explore Now
Face Verification
Address Verification
Document Verification
Age Verification
VideoIdent
Fast ID
eIDV
NFC Verification
Consent Verification
Business Verification
Due Diligence
Investor Verification
E-Signature
Behavioural Biometrics
Device Fingerprinting
MFA
AML Screening
Business AML Screening
User Risk Assessment
Transaction Screening
Adverse Media Screening
Identity Verification
KYC
KYB
KYI
Fraud Prevention
Bonus Abuse
Deepfakes
Multi-Accounting
Banking
Crypto
Fintech
Forex
Gaming
Gig Economy
Marketplace
Social Networks
Product Managers
Compliance Officers
Fraud Analyst
Global Trust Platform
Journey Builder
Vendor Comparison
Content library
Blogs
News
Reports
Insights
Knowledgebase
ROI calculator
Blind Spot Audit
Deepfake Detector
Liveness Detection
Document Originality
Document Deepfake
Events & Webinar
Podcast Studio
Spotlight Studio
API Documentation
Mobile SDKs
Service Status
Help Center
Contact Us
Technical Support
Compliance
Supported Documents
About
Career
Press Release
Certifications
Partnership
Awards
Sri Lanka
Identity Verification & KYC For Sri Lanka
Shufti provides identity verification, KYC, KYB and AML screening aligned to Central Bank of Sri Lanka (CBSL), Financial Intelligence Unit (FIU-SL) and FATF standards.
Operational performance for Sri Lanka KYC
Our Numbers Speak Volumes
93.68%
Pass rates
< 5 sec
Verification
Time
Evidence-Ready Checks Across People & Businesses
Individual Documents We Verify
Shufti supports 10 Sri Lankan document types.
View All Supported DocumentsNational Identity Card – New Format (From 2016 Onwards)
12-digit format issued since January 2016; standard for all current NIC issuances; primary KYC document for Sri Lankan citizens.
National Identity Card – Old Format (Pre-2016)
9-digit number followed by a letter; issued before 2016; remains valid for life; requires dual-format validation support in verification systems.
Sri Lankan Passport
Biometric ePassport issued by the Department of Passports; ICAO-compliant with machine-readable zone and photograph; accepted for cross-border onboarding.
Driver's Licence
Issued by the Department of Motor Traffic; contains photograph, name and address; used as secondary ID or address verification document.
Business Entity Identity
Certificate of Incorporation
Department of the Registrar of Companies document confirming legal entity status, registration number, and incorporation date. Used as primary proof of business existence and trading authority.
Articles of Association/Memorandum of Association
Governance documents defining company structure, shareholder rights, and director responsibilities. Required for all private and public companies and essential for understanding beneficial ownership chains.
Form 1 (eROC)
Summary details of company, shareholders, directors, and secretary from the official eROC registry. Primary source for current director and shareholder information.
Business Tax Identity
Taxpayer Identification Number (TIN) Certificate
Inland Revenue Department-issued certificate with 9-digit TIN and tax residency confirmation. De facto business identifier for KYB compliance and cross-verification with entity registration.
Tax Registration Form (eRamis)
Proof of IRD registration via eRamis submission demonstrating active tax filing status. Confirms business operational status and tax compliance history.
Ownership & Control (UBO)
Beneficial Ownership Register
Mandatory declaration under Companies Amendment Act No. 12 of 2025 identifying beneficial owners holding 10%+ direct or indirect ownership or exercising effective control. Filed with Department of Registrar; critical for sanctions screening and ultimate ownership transparency.
UBO Certification
Signed director declaration confirming beneficial owners and their ownership percentages. Legal attestation required for regulatory filing and audit-trail documentation.
Languages We Cover
Sinhala and Tamil Document Handling
Sri Lankan documents are issued in Sinhala, Tamil, or bilingual formats; Shufti captures data fields directly from documents in both scripts without transliteration loss.
Name Matching Across Scripts
Controls handle Sinhala, Tamil, and Latin-character name variants to reduce false positives in sanctions and PEP screening.
NIC-Based Gender Encoding
Sri Lankan NICs encode gender via day-of-year offset (500+ for females); Shufti interprets markers correctly for both formats to support name matching and age verification.
GOVERNANCE & CONTROLS
Audit-Ready Decisions, Lower Operational Drag
Fewer Avoidable Re-Submissions
Dual-format NIC capture reduces rejection risk across pre-2016 and post-2016 variants.
Cleaner Audit
Trails
Structured case files retrievable for CBSL and FIU-SL regulatory examinations.
Better Name Matching Outcomes
Handles Sinhala, Tamil and Latin name variants to reduce sanctions screening false positives.
One workflow, one
back office
KYC, KYB, AML screening and goAML submission integrated in a single system.
NIC-first flow design
New format NIC flows aligned with how identity is verified in Sri Lanka across the majority of citizens.
Sri Lanka IDV/KYC Challenges
Dual NIC Format Legacy
Old 9-digit NICs remain valid for life; dual-format validation and historical record lookup required; complicates name matching and age verification.
Post-War Documentation Gaps
Civil war records loss in Northern and Eastern provinces increased document fraud risk; incomplete address histories complicate KYC verification.
FX Controls and Compliance Complexity
2022 currency crisis triggered strict capital controls; cross-border payment verification adds friction to international business onboarding.
Politically Exposed Person Screening Complexity
Frequent political transitions create PEP screening challenges; intelligence on Sri Lankan PEP lists may lag official parliamentary designations.
Shufti’s IDV/KYC Solutions for Sri Lanka
KYC Solutions
Fast track customer onboarding and authentication with real-time identity verification solutions.
Face Verification
Reduces impersonation and synthetic identity risk; biometric corroboration strengthens identity evidence and reduces manual review burden in Sri Lanka.
.
Age Verification
Selfie-based age estimation with document verification fallback; handles NIC date-of-birth encoding and birth certificates for regulated products.
.
Address Verification
Verifies address documents against Lanka Electricity Company (LECO), National Water Supply & Drainage Board (NWS&DB), Sri Lanka Telecom, Dialog Axiata.
.
Document Verification
Supports both NIC formats (pre-2016 and post-2016), passports, driver's licences and business registration certificates with MRZ extraction.
.KYB Solutions
Business Verification
Validates entity status through Department of Registrar of Companies data; corroborates TIN evidence and captures beneficial ownership disclosures.
.
Enhanced Due Diligence (EDD)
Escalation workflows for high-risk entities, politically exposed persons and cross-border exposure; produces audit trails aligned to FATF standards.
.AML Screening
Utilise artificial intelligence models and 1700+ sanction and watchlists to identify and prevent money laundering attempts.
Business AML Screening
Screens entities and controlling persons against UN Security Council sanctions, FATF high-risk jurisdictions, and local CBSL, SEC and IRCSL sanctions lists.
.
Transaction Screening
Supports ongoing monitoring aligned to Financial Transactions Reporting Act obligations and STR/SAR escalation via goAML platform and FIU-SL workflows.
.Built to Fit Sri Lanka's Compliance Landscape
Central Bank of Sri Lanka (CBSL)
Regulates monetary policy, bank supervision and AML/CFT compliance; enforces financial system stability standards across regulated financial institutions.
Financial Intelligence Unit of Sri Lanka (FIU-SL)
Collects, analyses and disseminates suspicious transaction reports; enforces Financial Transactions Reporting Act and terrorist financing convention compliance.
Securities and Exchange Commission of Sri Lanka (SEC)
Regulates securities markets, listed companies and market intermediaries; enforces capital market rules and detects fraud and prevents market manipulation.
Insurance Regulatory Commission of Sri Lanka (IRCSL)
Supervises insurance companies, brokers and agents; ensures integrity in insurance operations and maintains solvency standards for business verification.
Sri Lanka Customs
Administers customs regulations, manages imports/exports and combats smuggling; maintains TIN and VAT registration for business identity verification.
Department for Registration of Persons (DRP)
Issues and maintains National Identity Cards for all Sri Lankan citizens; provides comprehensive identity verification services and NIC data essential for KYC.
Data Protection Authority of Sri Lanka (DPA)
Established under the Personal Data Protection Act No. 9 of 2022; enforces privacy regulations and investigates data breaches for regulatory compliance.
Financial Crimes Investigation Division (FCID)
Investigates financial crimes, corruption, money laundering and terrorist financing; provides law enforcement support for serious financial crime offences.
Deployment Choice
No in-country data centres in Sri Lanka. Nearest regions: AWS Mumbai, Azure Central India and GCP Mumbai. On-premise deployment for data residency compliance.
Regulatory Alignment
Aligned to Personal Data Protection Act No. 9 of 2022 enforced by Data Protection Authority; includes lawful processing, data rights and breach notification.
Retention controls
Configurable retention aligned to Financial Transactions Reporting Act five-year minimum recordkeeping for transaction and customer due diligence documentation.
Encryption posture
Strong encryption applied to personal and financial data in transit and at rest; industry-standard AES-256 and TLS 1.2+ protection applied throughout.
Data Controls & Privacy for Sri Lanka
Sri Lanka AML Sources That Strengthen Decision
Parliament of Sri Lanka
Securities and Exchange Commission of Sri Lanka – Administrative Sanctions
Bar Association of Sri Lanka (BASL)
UTHR(J), Sri Lanka
Ceylon Electricity Board (CEB)
Sri Lanka Ports Authority (SLPA)
United National Party (UNP)
Sri Lanka Freedom Party (SLFP)
Parliament of Sri Lanka
Securities and Exchange Commission of Sri Lanka – Administrative Sanctions
Bar Association of Sri Lanka (BASL)
UTHR(J), Sri Lanka
Ceylon Electricity Board (CEB)
Sri Lanka Ports Authority (SLPA)
United National Party (UNP)
Sri Lanka Freedom Party (SLFP)
Parliament of Sri Lanka
Securities and Exchange Commission of Sri Lanka – Administrative Sanctions
Bar Association of Sri Lanka (BASL)
UTHR(J), Sri Lanka
Ceylon Electricity Board (CEB)
Sri Lanka Ports Authority (SLPA)
United National Party (UNP)
Sri Lanka Freedom Party (SLFP)
Frequently Asked Questions
What identity documents are required for KYC in Sri Lanka?
The National Identity Card (either pre-2016 or post-2016 format) is the primary document; passports and driver's licences serve as secondary verification. Shufti supports all three for standard KYC workflows.
How do I verify the new NIC format against the old format?
The new format uses 12 digits issued from 2016 onwards; the old format is a 9-digit number plus a letter, still valid for life. Shufti handles dual-format matching and can cross-reference historical records.
What AML reporting obligations apply in Sri Lanka?
Institutions must report suspicious transactions to FIU-SL via the goAML platform under the Financial Transactions Reporting Act. Reports are submitted through the web-based STR submission system; Shufti supports audit-ready case file export.
What is the minimum data retention period for KYC records?
The Financial Transactions Reporting Act mandates five-year minimum retention for all transaction and customer due diligence records; Shufti supports configurable retention policies aligned to this requirement.
What sanctions lists apply to Sri Lankan institutions?
UN Security Council sanctions lists, FATF high-risk jurisdiction designations, and local regulatory sanctions from CBSL, SEC and IRCSL. Shufti screens against all three and produces audit trails for compliance teams.
What business documents are required for KYB in Sri Lanka?
Certificate of Incorporation, Business Registration Certificate, Taxpayer Identification Number, and director/shareholder information from the Department of Registrar of Companies registry or company records.
Does Shufti support script handling for Sinhala and Tamil names?
Yes; Shufti captures and matches Sinhala-script names, Tamil-script names, and Latin transliterations directly without data loss; critical for reducing false positives in sanctions screening across both scripts.
What causes onboarding drop-off in Sri Lanka?
NIC format mismatches, incomplete address records in provinces affected by historical documentation gaps, and manual beneficial ownership remediation for politically exposed entities are the main friction points.
Build a Sri Lanka-ready KYC, KYB & AML programme with Shufti
INDEPENDENTLY AUDITED. GLOBALLY CERTIFIED.
Certified to Global Standards
PROVEN WORKFLOWS
Use Cases for Regulated Growth in Sri Lanka
Accelerate Growth, Eliminate Friction
Onboard users in seconds, not days. Deploy tiered address verification flows that maximise completion rates for genuine users while filtering out synthetic fraud.
Onboard Global Traders in Real-Time
Verify investors across 250+ countries & territories. Ensure compliance with international financial regulations while preventing identity theft and high-risk chargebacks.
Secure Trust at Every Transaction
Automate KYC and AML workflows to reduce manual onboarding costs. Strengthen residency checks while delivering the frictionless digital experience modern customers expect.
Power a Fair & Secure Player Experience
Reduce bonus abuse and multi-accounting rings at the door. Enforce location rules and trigger step-up checks without disrupting the player journey.
Build a Trusted, Verified Workforce
Screen freelancers and drivers at scale. Verify residency and reduce onboarding friction while maintaining trust between users.
Scale Your Exchange with Confidence
Balance anonymity with compliance. Instantly verify user jurisdiction to meet Travel Rule obligations and help stop abuse without slowing down legitimate trading volume.
Reduce fraud without blocking growth
Shufti supports marketplace integrity by verifying seller and buyer identities, enabling age-gated journeys where needed, and preserving evidence to support investigations, disputes and risk-led enforcement actions.
Accelerate Growth, Eliminate Friction
Onboard users in seconds, not days. Deploy tiered address verification flows that maximise completion rates for genuine users while filtering out synthetic fraud.
Onboard Global Traders in Real-Time
Verify investors across 250+ countries & territories. Ensure compliance with international financial regulations while preventing identity theft and high-risk chargebacks.
Secure Trust at Every Transaction
Automate KYC and AML workflows to reduce manual onboarding costs. Strengthen residency checks while delivering the frictionless digital experience modern customers expect.
Power a Fair & Secure Player Experience
Reduce bonus abuse and multi-accounting rings at the door. Enforce location rules and trigger step-up checks without disrupting the player journey.
Build a Trusted, Verified Workforce
Screen freelancers and drivers at scale. Verify residency and reduce onboarding friction while maintaining trust between users.
Scale Your Exchange with Confidence
Balance anonymity with compliance. Instantly verify user jurisdiction to meet Travel Rule obligations and help stop abuse without slowing down legitimate trading volume.
Reduce fraud without blocking growth
Shufti supports marketplace integrity by verifying seller and buyer identities, enabling age-gated journeys where needed, and preserving evidence to support investigations, disputes and risk-led enforcement actions.
Accelerate Growth, Eliminate Friction
Onboard users in seconds, not days. Deploy tiered address verification flows that maximise completion rates for genuine users while filtering out synthetic fraud.
Onboard Global Traders in Real-Time
Verify investors across 250+ countries & territories. Ensure compliance with international financial regulations while preventing identity theft and high-risk chargebacks.
Secure Trust at Every Transaction
Automate KYC and AML workflows to reduce manual onboarding costs. Strengthen residency checks while delivering the frictionless digital experience modern customers expect.
Power a Fair & Secure Player Experience
Reduce bonus abuse and multi-accounting rings at the door. Enforce location rules and trigger step-up checks without disrupting the player journey.
Build a Trusted, Verified Workforce
Screen freelancers and drivers at scale. Verify residency and reduce onboarding friction while maintaining trust between users.
Scale Your Exchange with Confidence
Balance anonymity with compliance. Instantly verify user jurisdiction to meet Travel Rule obligations and help stop abuse without slowing down legitimate trading volume.
Reduce fraud without blocking growth
Shufti supports marketplace integrity by verifying seller and buyer identities, enabling age-gated journeys where needed, and preserving evidence to support investigations, disputes and risk-led enforcement actions.
Let’s Tailor your journey
Just a few quick questions to guide your Shufti experience.
Shufti
Market Positioning and Commercial Assessment
Industry stands at 1.7rating
Best ID Verification Innovator
TOP 10 KYC Solution Provider
Best Client Onboarding Solution
Samer Al Tamimi@CEO of Safwa Bank
We take our client's privacy very seriously and always look for new innovative solutions to ensure a safe banking experience. Working with Shufti feels like a breath of fresh air, as their 100% in-house tech keeps our customer's data free from vulnerabilities and fully safe and protected.
PROVEN PLAYBOOKS
Explore Practical KYC & AML Resources
16 August, 2025
5 minutes read
How Much of What You’ve Verified Is Actually Real?
Shufti’s Deepfake Blindspot Audit now runs fully inside your AWS environment, auditing historic KYC for manipulation signals without moving sensitive data off-prem.
whitepapers
