How to Build an Account Opening Flow: Designing the KYC & Identity Verification Process
"We forgot to collect one of the identity documents." "Where on earth is the record of the sanctions check?" If you work at an account-opening counter or in a back office, you have probably had a close call like this. Each step on its own isn't hard, but there are many of them and many people involved — which is exactly why gaps slip through.
On top of that, identity verification (KYC) and customer due diligence (CDD) are processes the law requires. A single oversight can turn straight into a compliance problem. That is why you need a fixed format — a business flow — that lets anyone carry out the work at the same quality.
This guide walks through why you design an account opening flow, the standard path from intake to issuance, design tips, and how to make it visible as a flowchart. By the time you finish, you'll be ready to capture your own account opening process in a single diagram.
What you'll learn
- Three goals of designing an account opening flow: preventing gaps, compliance, and training
- The standard six steps from intake to card issuance, and the role of each
- Design tips for building in eKYC and sanctions/AML screening
- How to visualize the account opening flow as a flowchart, with an example
Why Design an Account Opening Flow
From the moment an application is received until the account is usable, account opening spans many steps: intake, identity verification, screening, registration, and issuance. When it runs on the experience and memory of staff, the way it's done varies by branch and by person, and gaps slip through. Turning it into a flow means standardizing that path visibly, so anyone follows the same order at the same quality.
Three effects of turning it into a flow
- Preventing identity-check gaps: building required documents and checks into the steps stops "forgot to collect" and "forgot to verify" by design
- Ensuring compliance: KYC/CDD and sanctions screening can be made explicit, required steps, so at audit time you can show where and what was checked
- Faster training: when the procedure is a flowchart, a newcomer can follow the same steps without relying on word-of-mouth handover
Minami
Process improvement lead
Honestly, we already have a written procedure for account opening, and the veterans keep it running. Do we really need to turn it into a flowchart?
Spark
DrillSpark consultant
It's fine while it's running. The problem is the day a veteran is out, or a newcomer handles it alone. A written procedure makes it hard to see which branch to take. A flowchart shows, at a glance, even how to send the case back when identity verification fails.
The Standard Six Steps of an Account Opening Flow
Whether at a counter or online, bank and brokerage account opening shares the same basic path. Organizing it from intake to issuance into six steps gives you a foundation for designing your own flow.
| Step | Stage | Main work | Output |
|---|---|---|---|
| 1 | Intake | Receive the application in person or online and enter the details | Application data |
| 2 | Identity verification (KYC) | Verify identity documents; online, capture and match via eKYC | Verified identity record |
| 3 | Customer due diligence (CDD) | Confirm the purpose of the transaction and screen against sanctions/AML lists | Customer risk assessment record |
| 4 | Screening | Decide whether to open the account from the entered data and check results | Decision (approve / decline / review) |
| 5 | Account opening | Register the account in the system and assign an account number | Active account |
| 6 | Issuance | Issue and send the cash card, passbook, and initial password | A usable account set |
The key is to treat step 2, identity verification, and step 3, customer due diligence, as separate things. Identity verification confirms "is this person who they claim to be," while customer due diligence, from an anti-money-laundering view, confirms "what is the purpose of the transaction, and is there any risk." Their goals differ.
Design Tips for Building In eKYC and Sanctions Screening
The steps people stumble on in an account opening flow are identity verification (KYC) and customer due diligence (CDD). These are critical, legally required steps, and a flawed design leads to frequent rework. Here are the tips for building them in.
Designing identity verification (KYC / eKYC)
- Branch on online vs. offline: in-person means checking original documents, online means eKYC. Splitting the path by intake method keeps the steps clear
- Always draw the return path for failures: show with arrows where a missing document or a mismatch sends the case back. Without it, the floor stalls
- Add a step to record the check: making "recorded" a separate step from "checked" makes audits much easier
Designing customer due diligence (CDD / sanctions screening)
- Make screening an explicit required step: fix the sanctions/AML list check into the flow as a gate that can't be skipped
- Draw the escalation path for hits: when screening returns a suspicious result, show in a branch who it goes to and who decides
- Pass the risk result to screening: feeding the CDD result into the screening step separates verification from the decision
Spark
DrillSpark consultant
The design trick is to draw not just the "all good" line but the "failed, send back" line from the start. Account opening hinges on the branches for failed identity checks and sanctions hits. A flow with only the happy path always stalls on the floor.
Visualizing the Account Opening Flow as a Flowchart
Bringing the six steps and the KYC/CDD branches together into a single flowchart looks like this. The main path from intake to issuance, and the return and escalation paths for failed identity checks or sanctions hits, are all visible at a glance.
Drawn this way, exception handling such as "on a failed identity check, send back to intake" and "on a sanctions hit, escalate to a manager" becomes visible alongside the main path. The strength of a flowchart is that branches, which a written procedure struggles to convey, become clear to anyone through lines and symbols.
Three benefits of putting it in a flowchart
- Fewer gaps: assigning checks per step makes "we forgot this check" far less likely
- Useful for training: you can point at the figure and say "sanctions check here," which beats words alone
- A record of improvement: when a law change or eKYC rollout alters the steps, you can compare before and after as diagrams, turning process improvement into a lasting asset
Drawing such a flowchart by hand from scratch is tedious, though. With DrillSpark, you just describe the account opening flow and AI organizes it into a flowchart, even helping you catch a missed KYC/CDD branch. There's an account-opening template ready, so you can start building along your own procedure right away.
Common Account Opening Flow Pitfalls and Fixes
Because the account opening flow has many steps, the points where designs stumble are clear too. Here are the typical failures and how to fix them.
| Common failure | Why it happens | Fix |
|---|---|---|
| Only the happy path is drawn | You assume only the flow that goes well | Always draw the branches and return paths for failed identity checks, sanctions hits, and declines |
| Checking and recording are merged | You think "once it's checked, you're done" | Separate the check step from the record step, and keep evidence you can show at audit |
| Online and in-person are mixed together | Differences by intake method are crammed into one line | Branch the path by intake method, making eKYC and original-document checks separate steps |
Minami
Process improvement lead
I see — separate checking from recording. It's true that if you "thought you checked" but kept no record, you're in trouble at audit time later. I'll go review our own flow right away!
Summary: Account Opening Flows Work Through Branches and Records
The account opening flow has a basic format of six steps: intake, identity verification (KYC), customer due diligence (CDD), screening, account opening, and issuance. When in doubt, build it in this order and you won't go far wrong.
What matters is drawing not just the line that goes well but the exception branches and return paths — failed identity checks, sanctions hits — and separating "checking" from "recording" so you keep evidence. Bring these together in a flowchart and you get a single diagram that works for preventing gaps, compliance, and training all at once. Start by writing out your own account opening flow, from intake to issuance, as a single line.