KYC, eIDV, compliance and data marketing glossary

More than 50 terms to decode the acronyms of KYC (Know Your Customer), eIDV (electronic identity verification), regulatory compliance and international data marketing. Your priorities shape the sources we mobilize: this glossary gives you the bearings to situate each concept in your use case. Short, factual definitions, updated against the 2026 texts (AMLD6, eIDAS 2.0, MiCA, PSD3).

A

Autorité de Contrôle Prudentiel et de Résolution. The French supervisory authority attached to the Banque de France, in charge of supervising banks, insurers, mutual societies and payment institutions. The ACPR monitors compliance with AML/CFT obligations and can issue sanctions of up to €100 million or 5% of annual turnover.

Anti-Money Laundering Directive. The series of European directives against money laundering, transposed by each member state. The latest, AMLD6, was finalized in June 2025 and tightens criminal sanctions and cooperation between financial intelligence units. The AMLR6 regulation now harmonizes substantive obligations across the EU.

Anti-Money Laundering. The international term for combating money laundering. The English-speaking equivalent of the French LCB-FT framework. AML obligations cover KYC, sanctions screening, transaction monitoring and suspicious activity reporting.

Autorité des Marchés Financiers. The French financial markets regulator, supervising asset managers and investment advisors. Responsible for AML/CFT supervision over the entities in its scope. Sanctions can reach €100 million or 10% of turnover.

Application Programming Interface. The technical interface allowing one IT system to call the functions of another. An eIDV API returns an identity verification response within seconds, integrable into an onboarding or transaction flow.

The set of measures designed to detect and block fraudulent behavior: identity theft, chargeback, payment fraud, account abuse. eIDV is one of the core tools of a modern anti-fraud stack, complemented by behavioral scoring and device intelligence.

An independent review of a company's KYC framework, conducted by internal audit or an external firm. It checks procedural adequacy, control effectiveness, parameter quality and compliance with applicable regulations. Typical frequency: annual for regulated entities.

B

Business-to-Business. The commercial model between companies. Euroleads B2B data covers 250 million professionals identified across 197 countries, fueling international data marketing operations and targeted prospecting.

Business-to-Consumer. The commercial model from company to individual. B2C KYC applies to banking, fintech, insurance and regulated e-commerce relationships, typically with higher volume than B2B but more standardized checks.

Bank Identifier Code. The 8 or 11-character international code identifying a bank, standardized by ISO 9362. Used together with the IBAN for SEPA and SWIFT international transfers. Used in KYB to identify a business client's bank.

Buy Now Pay Later. A payment method enabling immediate purchase with deferred, free or reduced-cost installments. BNPL operators above AML/CFT thresholds are subject to KYC and apply eIDV at the moment of credit decision.

The natural persons who ultimately own or control a legal entity (typical threshold: more than 25% of the capital or voting rights). Identifying beneficial owners is mandatory under KYB and is registered in the French RBE register.

Identity verification technologies based on physical traits (face, fingerprint, iris). In 2026, facial biometrics with liveness detection are complemented by anti-deepfake countermeasures aligned with ISO 30107-3. A method complementary to eIDV by transactional data.

C

Crypto-Asset Service Provider. Provider of services on crypto-assets within the meaning of the MiCA regulation. Since late 2024, CASPs are subject to a European license and to a full KYC framework, including the Travel Rule on transfers above €1,000.

Counter Financing of Terrorism. The counter-terrorist-financing pillar that complements anti-money laundering, grouped under the French acronym LCB-FT. Relies on screening sanctions lists (EU, OFAC, UN) and on suspicious activity reporting.

Commission Nationale de l'Informatique et des Libertés. The French data protection authority. It publishes sector-specific frameworks that secure the articulation between GDPR and AML/CFT. Sanctions can reach 4% of worldwide turnover.

The corporate function tasked with ensuring compliance with applicable regulations. For regulated actors, compliance covers AML/CFT, GDPR, sector-specific obligations and international sanctions. The AML/CFT officer is declared by name to the ACPR.

Crypto-assets, decentralized digital currencies (Bitcoin, Ether) and stablecoins. Since late 2024, they fall under the MiCA regulation in Europe, which imposes a full KYC framework on PSAN and CASP entities. See our crypto KYC page for details.

D

The set of commercial and marketing practices grounded in the exploitation of structured data (B2B, B2C, geographic, behavioral). International data marketing is one of Euroleads's two historic practices since 2005.

Chief Financial Officer. A frequent C-level target for B2B data marketing operations. Decision-maker on data purchases, financial tools and compliance services.

The ability to orchestrate and exploit data from heterogeneous sources to produce operational value. Euroleads positions itself as the independent player in international data intelligence, with 4,000 worldwide sources and 45 years of expertise.

Data Protection Officer. The data protection officer role, mandatory in certain organizations under GDPR. Guarantor of GDPR compliance and counterpart to the CNIL during inspections.

The mandatory report submitted to Tracfin by AML/CFT-regulated entities when an operation appears suspicious. Confidential vis-à-vis the client concerned, it is protected by civil and criminal immunity provided it is made in good faith.

Digital Operational Resilience Act. The EU regulation that came into force in January 2025, requiring financial actors to maintain operational resilience against cyber and third-party IT risks. Impacts KYC and eIDV providers identified as critical third parties.

E

EU Regulation 2024/1183, in force since 20 May 2024, which sets out the European framework for digital identity. It defines three assurance levels (low, substantial, high) and mandates that the EUDI Wallet be made available to citizens of all 27 member states by the end of 2026.

Electronic Identity Verification. Electronic identity verification technology triggered by an API call. Three families: document verification, biometric verification, verification by transactional data. See eIDV pillar.

European Banking Authority. The European banking authority. It publishes guidelines clarifying the application of AMLD directives and harmonizing AML/CFT supervision practices between member states.

European Digital Identity Wallet. The sovereign digital identity wallet provided for under eIDAS 2.0. Stores verified attributes (PID, diplomas, licenses) and enables the issuance of Qualified Electronic Attestations of Attributes (QEAA). Universal availability is scheduled by end of 2026.

F

Financial Action Task Force. The intergovernmental body that sets global standards for combating money laundering and terrorist financing. Its 40 recommendations form the reference matrix transposed into the European AMLD directives.

A financial actor operating in payments, credit, savings management or crypto via a native technology infrastructure. Typical status: payment institution, electronic money institution, PSAN, CASP. See fintech KYC page.

The process of updating, deduplicating, enriching and validating B2B and B2C databases. Euroleads database hardening relies on the continuous confrontation of 4,000 sources to guarantee coverage across 197 countries and 1.5 billion individuals registered.

G

Groupe d'Action Financière. The French name for the FATF. Issues the 40 reference recommendations on combating money laundering, transposed into European law via the AMLD directives.

General Data Protection Regulation. The EU regulation on personal data protection, in force since 25 May 2018, applicable to any processing of personal data concerning European residents.

I

A digital identity model in which the user controls their own attributes and presents them on demand, without depending on a central provider. The EUDI Wallet illustrates this approach at the European level, based on verifiable attestations.

International Bank Account Number. The international identifier for a bank account, 14 to 34 characters depending on the country. Enables SEPA and international transfers. Used in eIDV to verify the account holder and prevent payment fraud.

The technical implementation of a third-party API into an existing information system. A typical eIDV API integration takes anywhere from a few days to a few weeks, depending on the complexity of the target IS and the number of use cases covered.

K

Know Your Business. The equivalent of KYC applied to legal entities. It identifies the company, its directors, its beneficial owners and its business context. Relies on official registers (RCS, RBE, Companies House, international equivalents).

Know Your Customer. The regulatory framework that requires regulated actors to identify, verify and monitor their customers throughout the business relationship. Four pillars: identification, verification, risk assessment, ongoing monitoring. See KYC pillar.

L

Lutte Contre le Blanchiment de capitaux et le Financement du Terrorisme. The French acronym grouping AML/CFT obligations. National framework laid out in the French Monetary and Financial Code, supervised by the ACPR, the AMF and Tracfin.

The technique for verifying the liveness of a face captured in biometrics, distinguishing a real person from a photo, a video or a deepfake. Reference standard: ISO 30107-3 (PAD). Essential to reach a substantial or high eIDAS assurance level.

M

Markets in Crypto-Assets. The European regulation, in force since late 2024, that frames CASPs and crypto-asset issuers. Imposes a full KYC framework, the Travel Rule on crypto transfers and a passportable European license.

Continuous surveillance of a client's financial flows to detect atypical behaviors (unusual amounts, risky counterparts, fragmentation). Generates alerts handled by compliance operators, who decide on a possible suspicious activity report to Tracfin.

N

Network and Information Security Directive 2. The European directive in force since October 2024, which imposes reinforced cybersecurity requirements on essential and important entities. Concerns financial actors, digital service providers and certain KYC providers.

Nomenclature d'Activités Française. INSEE statistical codes classifying a company's main activity. Used in B2B data marketing to target sector segments (banking-insurance, fintech, e-commerce).

An approach to deploying a KYC framework without heavy technical development, through a configurable console. Suited to regulated SMEs and pilots. Limitations: reduced flexibility on orchestration and multi-channel integration.

O

A fully remote customer onboarding journey, with no physical visit. Combines eIDV, electronic signature and automated information collection. The industry standard for fintechs and online banks. Measurable abandonment reduction from 25% to 5% with eIDV by transactional data.

Office of Foreign Assets Control. The US authority in charge of economic sanctions. Publishes the SDN List, the registry of sanctioned persons and entities whose screening is integrated into any KYC framework operating in connection with the US financial system.

Organisme pour le Registre unique des Intermédiaires en Assurance, banque et finance. The French registry of regulated intermediaries (insurance brokers, IOBSP, investment advisors). Used in KYB to verify the professional status of an intermediary.

P

Politically Exposed Person. A person holding or having held an important political, judicial or administrative role. Extended status applied to direct family members and close associates. Automatically triggers enhanced due diligence (EDD).

Prestataire de Services sur Actifs Numériques. The French status applied to crypto actors prior to the full entry into application of MiCA. Subject to mandatory registration with the AMF and to a full KYC framework.

Prestataire de Services sur Crypto-Actifs. The European status under the MiCA regime, equivalent to CASP. Imposes a passportable European license, a full KYC framework and the application of the Travel Rule.

Payment Services Directive. European directives governing payment services. PSD2 introduced strong customer authentication (SCA) and open banking. PSD3, currently being transposed, strengthens the fight against fraud and clarifies the status of payment institutions.

R

Periodic update of a client's KYC information during the business relationship. Typical frequency: 1 year for high-risk profiles, 3 to 5 years for standard profiles. Mandated by the FATF's risk-based approach and by AMLD6.

Recency Frequency Monetary value. A classic marketing scoring method that qualifies a client's value based on the date of their last transaction, their purchase frequency and the cumulative amount. A structuring tool of B2C data marketing.

Règlement Général sur la Protection des Données. The French name for the GDPR — the European reference text for personal data protection, applicable since 25 May 2018. It articulates with AML/CFT via the legal obligation basis and retention periods aligned with the 5-year post-relationship rule.

Risk-Based Approach. A founding principle of the FATF recommendations: the rigor of KYC controls is proportionate to the client's risk level (simplified, standard or enhanced due diligence). Enables efficient allocation of compliance resources.

S

Coercive measures imposed by states or international organizations (EU, UN, OFAC) on persons or entities. Screening sanctions lists is mandatory in any KYC framework. Daily updates are required to remain compliant.

Attribution of a quantitative score to a client or prospect on the basis of weighted criteria. KYC scoring: AML/CFT risk level. Marketing scoring: commercial appetite. Credit scoring: probability of default.

Single Euro Payments Area. The single area for euro payments covering 36 European countries. Standardizes transfers and direct debits via the IBAN. A baseline reference for bank account verification in eIDV.

The process of attaching company data to the corresponding SIRET number. A central data hardening step in B2B data marketing in France, guaranteeing the uniqueness and freshness of company data.

T

Transfer of Funds Regulation, Travel Rule. European Regulation 2023/1113 which requires CASPs to transmit information on the sender and recipient of a crypto transfer above €1,000. The crypto pillar of anti-money-laundering rules.

The French financial intelligence unit, attached to the Ministry of the Economy. Receives suspicious activity reports from AML/CFT-regulated actors, conducts its own investigations and transmits the most substantial files to the judicial authorities.

Transactional data. The digital trace generated by an act of consumption or use (payment, subscription, telecom movement). The foundation of the Euroleads eIDV approach: “Everything can be forged, except real life.”

V

The AML/CFT due diligence levels applicable depending on client risk. Standard due diligence applies by default. Enhanced due diligence (EDD) applies to PEPs, high-risk jurisdictions and atypical operations. Simplified due diligence is reserved for very low-risk profiles (clients regulated under EU-equivalent regimes).

Customer Lifetime Value. A marketing metric assessing the cumulative economic value of a customer over the foreseeable duration of the commercial relationship. A structuring indicator for arbitrating acquisition and loyalty investments in B2C data marketing.

A question on a specific term or a business use case?

Talk to our experts