What does KYC for accountants mean in practice?

We support accountancy firms in meeting KYC for accountants requirements, which in practice means performing risk-based customer due diligence under the Anti-Money Laundering Act, including identifying clients and beneficial owners, understanding their business and documenting assessments for review by the County Administrative Board.

How can Morling Consulting help an accountancy firm with KYC and AML compliance?

We map your current AML and KYC processes, design risk-based procedures, templates and training, and provide hands-on legal support so your accountancy firm can meet regulatory expectations without unnecessary administration.

When should an accountancy firm engage AML lawyers for KYC accounting?

You should engage our AML lawyers when establishing or updating your KYC framework, preparing for supervision by the County Administrative Board or handling complex client risk assessments where additional legal expertise is needed.

KYC for accountants

KYC for accountants – what it means in practice

Carrying out customer due diligence, or KYC measures under the Anti-Money Laundering Act (2017:630), is a legal requirement for accountancy firms. It involves identifying customers, understanding their business and assessing the risk of being exploited for money laundering or terrorist financing. The obligations apply both at the start of an engagement and on an ongoing basis throughout the client relationship.

The regulatory framework is extensive and places demands on internal processes, particularly for firms without prior AML experience. Expectations from Länsstyrelsen (County Administrative Board) as the supervisory authority are clear — customer due diligence must be structured, risk-based and documented.

By working methodically, firms can meet the requirements without losing focus on day-to-day operations. This is not about building bureaucracy; it is about creating an efficient, review-proof way of working so that colleagues onboarding clients know what to do and when to act.

Professional working at a computer reviewing client data and compliance dashboards related to KYC accounting in an office setting.

How an accountancy firm complies with the Anti-Money Laundering Act

To comply with the Anti-Money Laundering Act and Länsstyrelsen’s (County Administrative Board) regulations and general guidance on measures against money laundering and terrorist financing, certain core components are required:

Risk assessment at business level.
Policies and procedures for customer due diligence.
Templates for client information, checks of the beneficial owner, and checks of politically exposed persons (PEPs) and any family members or known close associates of a PEP.
Documentation and ongoing monitoring.
Training for staff in roles that apply the AML framework.
Preparation for potential supervision or inspection.

With these elements in place, you establish an internal compliance system that is proportionate, scalable and tailored to the reality of an accountancy firm. It makes it easier to take the right decisions — both in new engagements and in existing relationships.

Compliance in focus

Advisory tailored to accountancy firms

The first step is usually to map the current state: how do today’s processes work, what risks exist and what is missing? Concrete actions are then defined — always with regard to firm size, client base and the type of engagements. In many cases, modest interventions make a major difference, especially where documentation or clear procedures are lacking.

Access to legally drafted templates streamlines the work. This may include KYC forms, instructions for risk classification, or checklists for follow-up or changes to the scope of existing engagements. Everything is aligned to the AML legislation and current guidance from authorities such as Länsstyrelsen (County Administrative Board) and the Swedish Economic Crime Authority (EBM).

Training is another essential component. When staff understand the purpose and application of the framework, both compliance and the quality of day-to-day work improve. Over time, the risk of misjudgements or insufficient measures in client relationships also decreases.

Where needed, external legal expertise can be engaged on an ongoing basis for specific matters, for example client risk assessments, ahead of supervision, or to update internal procedures. This provides confidence when your own regulatory work needs reinforcing. Our services support clients across Europe.

Support with KYC accounting — on commercial terms

With structured support, you can meet legal requirements without creating unnecessary administration. Our advisory helps accountancy firms implement KYC for accountants processes across the business through tailored workflows, templates and checklists.

The advisory focuses on practical anti money laundering for accountants in the accounting sector, with emphasis on business value, compliance and internal control. Our AML lawyers are ready to help you take the next step in your work with the AML framework.

Illustration of a compliance specialist reviewing AML checklists and workflow documents on screen, ensuring KYC accounting procedures and anti–money laundering controls are correctly followed.

Customer due diligence (KYC) means, among other things, identifying the client and the beneficial owner, understanding the client’s business activity and assessing the risk of money laundering or terrorist financing. Measures must be risk-based and documented so the County Administrative Board can see that the firm follows the Anti-Money Laundering Act (2017:630). The need to establish or update KYC applies both to new engagements and when existing relationships change.

To meet the AML requirements, the accountancy firm must collect a number of basic details before an engagement starts. These form the basis for the client’s risk classification and ongoing monitoring, and include, among other things:

Identity details: Name, company/personal registration number, address and contact details, etc.
Beneficial owner: Information on who controls the company (including checks against the Swedish Companies Registration Office).
Purpose of the business relationship: Type of engagement, scope and expected transaction volume.
Risk factors: Sector, geographical exposure and whether the client or its representatives are PEPs (politically exposed persons).
Source of funds: Understanding where money or assets come from; depth of evidence depends on risk.

On material changes in ownership, business or risk profile, and on an ongoing basis under the firm’s risk-based monitoring plan (for example every five years for low-risk clients and more frequently where risk is higher). Robust KYC for accountants routines help ensure timely updates.

The firm should combine the general business-wide risk assessment with an individual client assessment (low, some, high or unacceptable risk). The risk level is documented and determines which controls are performed. Morling Consulting’s AML lawyers provide templates and methodological support that meet the County Administrative Board’s expectations and reflect anti money laundering for accountants standards.

If an accountancy firm falls short in its AML work, the consequences can be costly and damage market trust. Common sanctions and adverse effects include:

Administrative fines from the County Administrative Board, potentially significant depending on firm size and severity.
Orders to implement corrective measures within short deadlines.
Reputational damage with banks, partners and clients.
Criminal liability for management in particularly serious cases.

The County Administrative Board assesses not only whether KYC has been performed, but also how measures have been documented and followed up over time. All information must be traceable, dated and retained for at least five years after the engagement ends.

Dated risk assessments: Business-wide and client risk assessments with clear dates, responsible persons and approved risk levels.
Written procedures and policies: Formal documents describing workflows, controls and escalation — including when enhanced due diligence applies.
Client profiles and records: Consolidated data on each client’s identity, beneficial owner, purpose of the relationship and the reasoning behind the risk classification.
Identity verification evidence: Copies of ID documents or electronic verification and confirmation of details in external registers (for example the Swedish Companies Registration Office’s beneficial owner register).
Transaction monitoring: Logs showing how unusual or complex transactions were identified, investigated and handled.
Training register: A record of staff who have completed AML training, content covered and date of latest update.
Archiving and retention schedule: How documents are stored securely for at least five years and subsequently deleted appropriately.

Cross-border clients often require deeper checks of identity, beneficial owners and transaction flows. Exposure to the EU list of high-risk countries regularly leads to elevated risk classification and additional verification.

Simplified due diligence may be used where risk is low and involves more limited measures, whilst enhanced due diligence requires verification of source of funds, deeper background checks and more frequent follow-up for higher risk.

At least annually, or when the business or the framework changes materially. New joiners and anyone in roles applying the framework should receive induction training before handling client matters.

Digital solutions streamline the entire KYC process and reduce the risk of manual error. By integrating multiple tools into a cohesive workflow, the firm achieves better traceability, faster processing and consistent risk assessment.

Electronic ID verification (for example BankID, eIDAS services): Automates client identification and reduces the need for physical ID copies.
Real-time PEP and sanctions screening: Matches client data against international lists and alerts immediately on hits.
API-based queries: Retrieves beneficial owner, board and ownership data without manual entry.
Automated risk classification: Considers sector, geography, transaction patterns and history to propose a risk level.
Cloud-based KYC/AML platforms: Consolidate documentation, risk assessments and follow-up in a system accessible to authorised users.

The firm must identify the persons who ultimately control the administration or activities, which may require reviewing statutes, board minutes and public registers, together with supplementary written certifications.

It is the continuous check that the client’s transactions align with the firm’s knowledge of the client’s business, risk profile and known sources of income — including review of new owners, unusual transactions and changed business patterns.

Under the Anti-Money Laundering Act, the firm must terminate a business relationship if KYC requirements cannot be met or if the risk of money laundering or terrorist financing cannot be reduced to an acceptable level. In some cases, the firm must also submit a suspicious activity or transaction report to Finanspolisen (Financial Intelligence Unit).

Insufficient KYC: The client refuses or fails to provide identity details, beneficial owner information or the purpose of the engagement.
Unacceptable risk level: The assessment results in an indefensible risk, for example exposure to high-risk countries or complex ownership structures.
Suspicion of money laundering/terrorist financing: Indicators of criminality remain after client dialogue and the client cannot provide a credible explanation.
Incorrect or false information: Supplied documents or answers prove forged or materially inaccurate.
Client on a sanctions list: A match in EU or UN sanctions registers that cannot be cleared.

In all of the above situations the firm should immediately end the engagement and, where there is suspicion of money laundering or terrorist financing, file a suspicious activity or transaction report with Finanspolisen (Financial Intelligence Unit).

We perform a pre-review of procedures, support you in dialogue with the County Administrative Board and help remedy any deficiencies so your firm can continue operations with minimal disruption. Contact our AML lawyers for support with anti money laundering for accountants or to handle a request from the County Administrative Board.

We design pragmatic frameworks for KYC for accountants and provide hands-on materials that align with regulatory expectations while remaining workable in day-to-day delivery across Europe.

Contact

Felix Morling

Contact us

If you prefer phone, please feel free to contact Felix Morling at +46 70 444 42 85

"*" indicates required fields