PCG logo
Case Study

A KYC Archival System for a Digital Bank

The Challenge

The bank’s main goal is to provide better services for its customers by ensuring that their customers are legitimate, thereby preventing illegal bank transactions such as money laundering, etc. The main task to achieve this was to transition to a data-driven approach and start getting to know customers better in order to serve them more professionally. Hence, the bank wanted an KYC archival system to store customers’ KYC files.

Data security is a huge concern in the banking world. For this reason, the bank wanted a secure file archival system. The KYC data consists of customers’ files, which have had to pass through specific integrity checks before being archived, and an endpoint that determines the status of the integrity check. The bank even needed a mechanism for re-uploading the KYC data, which did not pass the integrity check.

To satisfy the capacity requirements due to the increasing customer base, they wanted the archival system to scale automatically, without manual intervention and according to demand. The solution should be cost-optimized with a very low idle running cost. It was a challenging task to implement the end-to-end Cloud platform and to automate all the processes within a short period of time.

The Solution

We proposed Amazon S3 bucket with intelligent tiering as a storage solution for the project. To secure the KYC data, encryption was enabled. Serverless architecture has zero idle running costs, and was therefore chosen for the implementation of the project, making use of the AWS Serverless Application Model (SAM)External Link. The AWS Lambda function was used to generate the pre-signed URL for uploading the KYC data. The Amazon API Gateway endpoint protected by API Key was used as a trigger for the AWS Lambda function. The bank partners make a GET call to this endpoint, which generated the pre-signed URL. Using this URL, the partners had to upload the KYC data by providing it as a payload. The main advantage of using the pre-signed URL is that the partners were able to upload the KYC data directly to S3 without installing any AWS libraries. The validity of the pre-signed URL was configured with a short expiration period. This is an add-on advantage.

Structure of the architecture

image-2dc05200dc24

Once the data was uploaded, it was stored in the Amazon S3 bucket. The integrity checks were performed with the help of the AWS Step Functions. The results of the integrity check were written to an AWS DynamoDB table. The bank partner was able to re-upload the files which failed the integrity check by again generating the new pre-signed URL.

If the customer discontinued doing business with the bank, the deletion of the customers’ files was performed by another AWS Lambda function. This was enabled by placing the object Lifecycle policy on the required files to be deleted according to GDPR policy.

Results and Benefits

PCG implemented the secure Cloud platform, which is scalable based on the needs for the archival of the digital bank’s KYC data. We used our AWS Cloud expertise and our strong knowledge of the financial domain to implement a cost-effective solution. This enabled our client to use the Cloud to fulfil the needs of their ever-growing customer base.

About PCG

Public Cloud Group (PCG) supports companies in their digital transformation through the use of public cloud solutions.

With a product portfolio designed to accompany organisations of all sizes in their cloud journey and competence that is a synonym for highly qualified staff that clients and partners like to work with, PCG is positioned as a reliable and trustworthy partner for the hyperscalers, relevant and with repeatedly validated competence and credibility.

We have the highest partnership status with the three relevant hyperscalers: Amazon Web Services (AWS), Google, and Microsoft. As experienced providers, we advise our customers independently with cloud implementation, application development, and managed services.


Services Used

Continue Reading

Article
Automation
Automated Control Rollout in AWS Control Tower

Control Tower Controls help you to set up guardrails making your environment more secure and helping you ensuring governance across all OUs and accounts.

Learn more
News
Above the Clouds: PCG's Stellar Performance at the AWS LeadMaster Challenge 2024

Wow, what a triumph! Public Cloud Group has just swept the AWS Summit 2024 Lead Master Challenge.

Learn more
Article
AWS Events 2025: The Future is Cloud

As a leading AWS Premier Partner, we're thrilled to present the exciting lineup of AWS events for 2025.

Learn more
Article
Protecting Lambda URLs with Cognito, IAM, Lambda@Edge and CDK

In this article, we’ll look at how to secure Lambda URLs using IAM access control. With complete code to try yourself!

Learn more
See all

Let's work together

United Kingdom
Arrow Down