persona-logo
Industry
Published February 21, 2024
Last updated April 11, 2025

Know Your Employee (KYE): How identity verification fits in the picture

A thorough Know Your Employee (KYE) process helps you verify the identity, credentials, and background of new and existing employees to control for fraud.
Tim Stobierski
Tim Stobierski
6 mins
Key takeaways
Know Your Employee (KYE) refers to the processes a business uses during the hiring and onboarding process, and throughout an employee’s employment, to ensure that they are who they say they are.
KYE is required by law for certain regulated industries, such as banks, but it can also offer benefits to businesses operating in other industries where it isn’t required. 
An identity verification (IDV) tool can help you with certain parts of the KYE process, especially if you are already leveraging IDV for other uses such as KYC or fraud prevention.

When many companies think about risk, it’s often through the lens of external threats: Outside forces seeking to harm or defraud the business and its customers. While these external threats are very real, they are far from the only risks that a business must account for. Internal threats, which often originate with a business’s employees, must also be considered. 

Your employees can be a significant source of risk. They can facilitate fraud directly — for example, by siphoning off company funds, stealing customer data, or selling trade secrets to competing firms. They can also facilitate fraud indirectly and accidentally — for example, if their log-in credentials become compromised or they fall victim to phishing schemes

It’s essential that you account for these risks and take steps to minimize them as much as possible. A thorough Know Your Employee (KYE) process that begins during hiring and onboarding, and which continues throughout an employee’s employment, can help.

Below, we take a look at what KYE is, how it works, and why it’s important. We also discuss the different ways that identity verification (IDV) can address some of your KYE needs. 

What is Know Your Employee (KYE)?

Know Your Employee (KYE) is a concept that refers to the steps a business completes in order to confirm that an employee is who they claim to be. It involves checking and verifying an employee’s identity, credentials, and background. In some industries, such as the financial industry, businesses are required to conduct KYE by law. 

A well-designed KYE program helps a business understand what, if any, fraud risk would be involved in hiring a particular individual. For example, it can help you uncover whether or not a person:

  • Is using somebody else’s Social Security number or TIN to engage in tax fraud

  • Has lied about their credentials, education, or work history

  • Has a criminal history that should disqualify them from a particular job

  • Is connected in any way to known bad actors that could threaten your business

The point of conducting KYE on new hires is to gather the information you need to make an informed decision about the risk an employee could introduce to your organization if you hire them. In this way, it is similar in concept to Know Your Customer (KYC) or Know Your Business (KYB)

How does KYE work? 

Know Your Employee processes typically take place just prior to an employment offer being made to an applicant or immediately following an offer acceptance. But, as with other protective measures, it shouldn’t be a one-time thing. Instead, KYE should be an ongoing effort that assesses and reassesses an employee’s risk throughout the course of their employment. 

With this in mind, a full KYE process will usually involve the following steps:

  1. Identity verification: Confirming that the individual is who they claim to be, often through the use of government ID verification, document verification, database verification, selfie verification, and other methods. 

  2. Employment authorization verification: Confirming that an individual is authorized to work in the United States. 

  3. Background check: Collecting additional information about the individual that will be used to assess their risk. What is included in a background check will vary, and may consist of checking an individual’s criminal history, educational history, employment history, and credit history.

  4. Reverification and ongoing maintenance: Periodically reverifying the individual’s identity and reassessing their risk throughout the course of their employment, and updating records as necessary. 

Persona and KYE

Persona’s suite of identity tools can be used to support your KYE process in a number of different ways.

Initial verification during onboarding

Verifying an employee’s identity during onboarding is probably the most obvious way that IDV impacts the Know Your Employee process, but it’s also one of the most important. After all, if an individual is lying about their identity or their ability to legally work for you, you’ll know if there are discrepancies between the information they present to you and your verification checks. 

How you choose to verify your employees’ identities is unique to your business and should be informed by the industry you operate within, the regulations you are subject to, and your risk tolerance. That’s why we’ve built our Verifications solution to be flexible and customizable. Build the employee IDV flow that makes the most sense for your business, whether that includes government ID verification, document verification, database verification, or other reports

Case study
Remote verifies workers quickly and compliantly with Persona
Learn more

Catching account takeover (ATO) attacks

Once you’ve verified an employee’s identity once, it becomes possible to reverify their identity in the future. This ability empowers you to minimize the threat of bad actors taking over an employee’s account in the event that their credentials or device are ever compromised. 

Reverification can take place at any point after initial onboarding. Many businesses choose to reverify their employees’ identities periodically as part of their identity and access management strategy. 

Other businesses trigger reverification during high-risk moments — for example, when an employee logs in to their account from an unknown device or in a country where they don’t reside, or if they’ve engaged in suspicious activity that may indicate that their account has been compromised, e.g., downloading or deleting sensitive data, trying to access systems without permission, or granting system access to new employees with no clear business reason. 

As with verification, reverification can take many forms and should be tailored to your needs. Here again, Persona’s Verifications solution empowers you to customize your reverification process to align with your business requirements and risk tolerance. 

Access recordkeeping

Businesses operating within certain industries — such as financial services or healthcare — are required to implement measures designed to prevent sensitive customer data from being accessed inappropriately. These regulations also often require that businesses keep records whenever said information is accessed, including the identity of the person accessing the information as well as the date and time that the access took place. 

Once you’ve onboarded an employee using Persona, it’s possible to configure your instance to track the systems and information that your employees access — centralizing your identity operations and providing an auditable data trail for investigators or regulators to follow.  

Background checks during onboarding

After identity verification, organizations typically want to run a background check or screening to get a more thorough understanding of an applicant or employee’s background. Persona partners with Yardstik to offer national criminal background checks directly integrated with identity verification. This allows organizations to offer a seamless experience to the employee while making sure background checks are only run on employees who pass IDV.

Interested in learning more? Start for free or get a demo today.

The information provided is not intended to constitute legal advice; all information provided is for general informational purposes only and may not constitute the most up-to-date information. Any links to other third-party websites are only for the convenience of the reader.
FAQs

Yes, banks perform background checks before hiring employees. 

At a minimum, banks must perform a criminal background check of all applicants in order to comply with Section 19 of the Federal Deposit Insurance (FDI) Act, which prohibits banks from employing anyone who has been convicted of a crime involving “dishonesty, breach of trust, or money laundering,” as well as those who have agreed to a pre-trial conversion due to their connection with such an offense. 

In addition to criminal activity, background checks typically include:

  • Identity verification

  • Employment and education history verification

  • Credit score check

  • Various reports (sanctions lists, watchlists, etc.)

By law, financial institutions are required to implement anti-money laundering (AML) processes to prevent criminals from using their platforms to carry out financial crimes. An important part of this is known as the risk-based approach, whereby the institution must consider their own unique risk profile in designing these processes. 

In order to implement the risk-based approach, financial institutions must perform an external risk assessment (focused on their customers’ risk profile) and an internal risk assessment. Gauging employee risk of money laundering or other types of fraud is an integral piece of the AML risk assessment, and as such, your KYE processes should both inform and be informed by the results of the assessment.

Tim Stobierski
Tim Stobierski
Tim Stobierski is a writer and content strategist focused on the world of finance, investing, fintech, insurtech, and software. His friends know him as a bit of a nerd. He likes cats and coffee.
Continue reading
  • Online KYC during user onboarding
    10 mins

    Online KYC during user onboarding

    Many businesses need to have a KYC process for onboarding new users. Learn what's required, common steps, and more.

  • How to create a great digital onboarding experience
    7 mins

    How to create a great digital onboarding experience

    Learn how a user-friendly digital onboarding experience can become your competitive advantage.

  • Build onboarding flows that convert with Dynamic Flow
    5 mins

    Build onboarding flows that convert with Dynamic Flow

    Customers like LedgerX and Coursera drive conversion at every screen with Dynamic Flow.