Most KYB roadmaps are built around document collection: certificate of incorporation, register extract, director screening, ultimate beneficial owner.
The hard part of Know Your Business (KYB) is knowing, with confidence, that the entity sitting in your onboarding queue is the same entity that appears in a sanctions list, a payment message, a corporate registry in another jurisdiction, and your own customer database from three years ago. This is entity resolution, and it fails quietly, which is precisely why it stays unfixed.
The identifier layer is the problem
Ask a KYB product manager what uniquely identifies a business customer and you get a different answer per market. A Companies House number in the UK, an EIN in the US, a CNPJ in Brazil. A VAT number that may or may not exist. A DUNS number your vendor bolted on. A SWIFT BIC, but only if the counterparty happens to be a financial institution. An internal UUID that means nothing outside your own stack. We have written a fuller comparison of organisation identifiers covering DID, GLN, DUNS, BIC, TIN and the LEI.
None of these are global, several aren’t unique, most carry no ownership structure, and almost none are maintained by the entity itself.
GLEIF research surveyed senior banking professionals across the UK, US and Germany. Half of financial institutions used an average of four different identifiers to identify a single client organisation. Fifty-eight per cent said the associated reference data was not up to date, 46 per cent said data from different sources was inconsistent, and 49 per cent said the same identifier was being used for different legal entities. GLEIF’s summary of that work, The Pitfalls of Onboarding, is the clearest statement of the problem.
That research is now several years old, and the identifier fragmentation it describes hasn’t gone away. If anything, the proliferation of KYB vendors, each with its own proprietary entity graph, has added another layer to the problem.
The consequence for a product team is predictable enough: mediocre match rates, long manual review queues, analyst hours burned on false positives in screening, and entity data that has to be re-verified at every refresh cycle because nothing links the record to an authoritative, maintained source.
What the LEI actually gives a KYB stack
The Legal Entity Identifier is a 20-character alphanumeric code defined by ISO 17442, issued by GLEIF-accredited LEI Issuers and published to the Global LEI Index, a free, public, machine-readable reference database. As of the end of Q1 2026, the active LEI population passed 3 million, with 3.02 million active records against a total population of 3.26 million.
- The LEI is globally unique and jurisdiction-agnostic. One code, one legal entity, anywhere in the world. There is no mapping table to maintain between national registers, and no collision risk between a Delaware LLC and a Singapore Pte Ltd that happen to share a trading name.
- The reference data behind the LEI is public, free and structured. Legal name, registered address, headquarters address, entity legal form, registration authority and local registration number all come back from the Global LEI Index. You don’t need a commercial data licence to resolve an LEI to an entity record, and there is no per-lookup cost to model.
- The LEI carries ownership structure. Level 1 data answers “who is who”. Level 2 data answers “who owns whom”, recording direct and ultimate parent relationships. For UBO work that gives you a verified starting point, which is more than most identifiers offer, though it falls short of a complete answer.
- Every LEI has a public lifecycle. An LEI is either active or lapsed, and a lapse is visible to anyone who looks. Annual renewal requires re-verification of the underlying entity data against the authoritative registry. An active LEI is therefore a maintained assertion, refreshed at least yearly, with a public audit trail behind it.
- Every LEI is verified at source. LEI Issuers validate entity data directly against the relevant business registry, and the Policy Conformity Flag published by GLEIF gives you a quality signal on the resulting record.
Set against a self-declared company number and a scanned PDF, that is a materially better input to a risk decision.
The inversion: the LEI as an output of your KYB process
The default model treats the LEI as a field you collect. The customer has an LEI, you ask for it, you store it, you enrich against it. If they don’t have an LEI, you skip the field and carry on. Most product teams never question this, because the LEI reaches the requirements doc as a data attribute, and attributes get fields.
GLEIF’s Validation Agent framework inverts it. A Validation Agent is a financial institution or regulated firm that has been onboarded by an accredited LEI Issuer like RapidLEI to obtain LEI Numbers for its clients as part of its existing KYC and KYB workflow. You’re already verifying the entity against the registry. You’re already collecting legal name, address, legal form and registration number. The framework lets you use that same verification event to issue the client an LEI.
One verification produces both outcomes: the client is onboarded, and the client holds an LEI. Today that same client completes your onboarding, then separately applies for an LEI, and a second organisation repeats the registry checks you have already performed.
That changes the business case in three ways.
It removes a drop-off point. “Go and get an LEI, then come back” is a funnel leak, and issuing the LEI inside the flow closes it.
It converts a compliance cost centre into a data asset. Every client you onboard leaves the process carrying a globally resolvable identifier attached to a public, maintained record. Your entity graph becomes interoperable with everyone else’s.
And it scales. McKinsey research conducted for GLEIF and published in October 2019 estimated that broad LEI adoption could save the banking sector between two and four billion US dollars annually in client onboarding costs alone, equivalent to 5 to 10 per cent of the industry’s roughly forty billion dollar annual onboarding spend. That figure was modelled on precisely this mechanism: eliminating duplicated entity verification.
The regulatory clock is now the forcing function
The compliance calendar is gathering significant pace.
AMLR. Regulation (EU) 2024/1624, the EU’s single anti-money laundering rulebook, applies directly across all 27 Member States from 10 July 2027. Article 22 names the Legal Entity Identifier in the binding customer due diligence dataset, alongside the registration number and the tax identification number, to be collected “where available”. The obligation sits with you as the obliged entity, and a customer without an LEI does not fail onboarding.
FATF Recommendation 16. The revised Recommendation, adopted in June 2025, distinguishes between natural persons and legal persons in payment messages for the first time. For legal persons, the explanatory note calls for the connected BIC, the LEI, or the unique official identifier, “where this exists”. FATF members are expected to implement by the end of 2030.
EU Instant Payments Regulation. Verification of Payee has been mandatory for euro-area payment service providers since 9 October 2025, with non-euro-area PSPs following by 9 July 2027. In practice, an entity identifier is the only workable way to automate the name-check element at volume. A maintained identifier record makes that check deterministic. Free text leaves you with fuzzy matching.
DORA. LEI Numbers are required for identifying ICT third-party service providers in the registers of information that financial entities must maintain and submit to their competent authority.
MiCA and ECSPR. Crypto-asset service providers and crowdfunding service providers both sit inside LEI-referencing regimes, and CASPs become obliged entities under AMLR from 2027.
The direction of travel is consistent: the LEI is becoming the reference identifier for legal entities. Our regulation spotlights track each of these in detail.
Where to start
Consume. Add an LEI field to onboarding and validate it in real time against the Global LEI Index, using RapidLEI’s free LEI lookup or the API. Use the returned reference data to pre-fill and cross-check the entity record the customer gave you. Low effort, immediate match-rate improvement.
Reconcile. Store the LEI as the primary key on your entity record. Treat a lapse as a review trigger. Use Level 2 data as an input to your ownership graph. EnterpriseLEI gives you portfolio-level visibility if you hold LEI Numbers across many entities.
Contribute. Become a Validation Agent and issue LEI Numbers to your clients from the verification you already perform. You optimise what you do today, because the duplicate LEI validation disappears. And the organisation identity file you produce enters circulation, resolvable by every counterparty, regulator and platform your client will ever deal with.
RapidLEI is the world’s largest GLEIF-accredited LEI Issuer, accredited since 2018 and operating in over 170 jurisdictions. We rank first across all LEI Issuers on the ROC Policy Conformity Flag, we have launched the majority of GLEIF Validation Agents globally, and our API supports same-session issuance embedded directly into existing KYB and KYC workflows.
If you’re rebuilding your entity model for AMLR, for FATF R16, for Verification of Payee, or simply for a workflow that doesn’t require your own people’s administration time, start with the identifier layer. Then decide whether you want to keep paying to rediscover what the system could already have told you.
> Talk to us about becoming a Validation Agent
Frequently Asked Questions
What is the difference between LEI and KYB?
KYB, Know Your Business, is the overall process of verifying a business customer’s identity, ownership and risk profile before and during a commercial relationship. The LEI, Legal Entity Identifier, is a single globally unique 20-character code that identifies a legal entity. The LEI is one input into KYB. It solves entity identification and resolution, but it does not replace sanctions screening, UBO determination or risk assessment.
Does an LEI replace a company registration number?
No. An LEI complements national registration numbers. The LEI record includes the entity’s local registration authority and registration number. The advantage of the LEI is that it is unique globally, whereas a company registration number is only unique within its own jurisdiction.
Can a KYB platform issue LEI Numbers to its customers?
Yes, through the GLEIF Validation Agent framework. A regulated financial institution can be onboarded by an accredited LEI Issuer to obtain LEI Numbers for its clients using its existing KYC and KYB verification processes, removing the duplication of entity validation between onboarding and separate LEI registration.
Is LEI data free to access?
Yes. The Global LEI Index is published by GLEIF as a free, public, machine-readable reference database. There is no licensing cost for looking up or bulk-downloading LEI reference data.
What does a lapsed LEI mean for KYB?
A lapsed LEI means the entity has not renewed and re-verified its LEI record within the required annual cycle. The status is publicly visible. It indicates that the reference data is no longer confirmed as current, and should be treated as a review trigger. The entity itself may still be trading.
Which regulations require an LEI?
GLEIF maintains a public list of regulatory provisions that reference the LEI, covering dozens of jurisdictions. Key examples include AMLR, MiFID II, EMIR, SFTR, AIFMD, DORA, MiCA and the EU Instant Payments Regulation in the EU, UK EMIR and CHAPS in the UK, CFTC Part 45 and SEC reporting requirements in the US, and the revised FATF Recommendation 16 globally. AMLR Article 22 names the LEI directly in the EU’s customer due diligence dataset, to be collected where available, from 10 July 2027.
Why would a KYB platform contribute entity data to the Global LEI System?
Because the reference data it would contribute is not proprietary. Legal name, registered address, entity legal form and registration number are public facts derived from business registries, and every KYB platform, bank and LEI Issuer currently pays separately to re-derive the same facts about the same entity. Publishing that verification once, through the Validation Agent framework, removes the duplicate validation from the platform’s own workflow and makes the entity resolvable for every other participant. Competitive differentiation in KYB sits in risk scoring, screening, monitoring and workflow, none of which the LEI touches.
Does AMLR require a Legal Entity Identifier?
AMLR, Regulation (EU) 2024/1624, names the Legal Entity Identifier in its Article 22 customer due diligence dataset, alongside the registration number and tax identification number, to be collected where available. The obligation sits with the obliged entity collecting the data, so a customer without an LEI is not blocked from onboarding. AMLR applies across all 27 EU Member States from 10 July 2027.
How long does LEI issuance take?
With an automated, GLEIF-accredited issuer connected directly to business registries, an LEI can be issued in minutes. Legacy issuance processes that rely on manual document review can take several days.
Sources
External, all verified live on 9 July 2026:
- GLEIF: The LEI in Numbers, Active LEI Population Surpasses 3 Million in Q1 2026 – 3.02m active, 3.26m total
- GLEIF: Research Reveals Wide Adoption of LEIs Could Save Banks an Estimated US$2-4 Billion per Annum – published 29 October 2019
- GLEIF Research: The Pitfalls of Onboarding – 2018 Loudhouse survey, n=102
- GLEIF: Validation Agents
- GLEIF: LEI in Regulations – the public regulation list, states no total count
- FATF: Explanatory note for revised Recommendation 16 – BIC/LEI/unique official identifier “where this exists”; end-2030 deadline
- ECB: Instant Payments Regulation – VoP dates 9 Oct 2025 and 9 Jul 2027