Deburise
Financial KYC Automation
FINANCE

Financial KYC Automation

Automated KYC/AML workflow with AI-powered document verification and risk scoring.

Client

Digital lending platform

Industry

Financial Services (NBFC)

Region

South Asia

Duration

10 weeks build + regulatory approvals

Quick answer5× faster customer onboarding

A digital lending NBFC was losing 60% of applicants to drop-off because KYC took 2-5 days. We built an AI-powered onboarding pipeline - OCR + LLM document extraction, real-time eligibility scoring, conversational reapplication for failed verifications, and risk-prioritised review queues. Result: 5× faster onboarding (median 30 minutes instead of 2 days), 40% lower drop-off, and 70% of compliance reviewer capacity freed for the cases that need human judgement.

At a glance

Headline results

5x
Faster onboarding
30 min
Median application time
40%
Lower drop-off
70%
Reviewer capacity freed
The Context

Why this mattered

The client is a digital NBFC offering personal and business loans across India, processing ~12,000 loan applications a month. Pre-automation, KYC and onboarding involved manual document review, multiple internal handoffs across credit and compliance, and a paper-trail audit log. The 2-5 day decision window was killing conversion - applicants would start with them, get delayed, get an instant offer from a competitor, and drop off. Compliance reviewers were drowning in low-risk applications, with no signal to focus on high-risk ones.

The Challenge

Where the team was stuck

  • 1KYC and onboarding took 2 to 5 days per applicant due to manual document review, multiple internal handoffs, and a paper-based audit trail.
  • 2Drop-off between application start and approval was over 60%, with most loss happening when applicants had to re-submit documents.
  • 3Compliance reviewers were drowning in low-risk applications, with no signal-prioritisation to focus attention on high-risk ones.
  • 4Document quality was wildly variable - phone photos in poor light, partial scans, regional-language IDs - and the manual reviewers were flagging documents that the system could have parsed.
  • 5Regulatory reporting was a quarterly fire drill - pulling audit-grade evidence from spreadsheets and emails consumed the compliance team for a full week each cycle.
The Solution

What we built and shipped

01

Vision + LLM document intelligence

Document upload triggers a vision + LLM pipeline that extracts identity fields, validates format, cross-references with our database, and surfaces tampering indicators - all in seconds, with regional-language IDs supported.

  • Aadhaar, PAN, voter ID, passport, driving licence supported natively
  • Regional language support: Hindi, Tamil, Telugu, Bengali, Marathi
  • Tamper detection across image manipulation and template-based fraud
02

Real-time eligibility & risk scoring

Bureau data, internal signals, and ML-derived risk scores combine into a real-time decision that auto-approves clear cases, auto-rejects high-fraud-risk cases, and routes the middle band to compliance reviewers.

  • Sub-30-second decision on green-path applications
  • Composite score blending bureau, behavioural, and document-quality signals
  • Explainable decisions with reason codes for every auto-rejection
03

Conversational reapplication AI

If documents fail verification, an AI agent walks the applicant through what to upload differently - instead of a generic error that causes drop-off. The agent uses simple language and shows good vs bad examples.

  • Specific, actionable guidance per failure type
  • Photo examples shown inline on WhatsApp or in-app
  • Successful reapplication rate climbed from 12% to 58% post-launch
04

Risk-prioritised compliance review

Compliance reviewers see a queue sorted by risk score and complexity, with the AI-generated case summary pre-loaded - turning 30-minute reviews into 5-minute decisions on the cases that genuinely need a human.

  • Queue auto-sorts by risk score, applicant LTV, and SLA pressure
  • Pre-loaded case summary highlighting the specific risk indicators
  • Reviewer time per case dropped from 30 minutes to 5 minutes on average
Architecture

How it actually works

Document intelligence pipeline

Vision models for OCR and tamper detection feeding an LLM that interprets the extracted fields against KYC requirements. Confidence scores on every field - anything below threshold goes to reapplication, not rejection.

Decision engine

Deterministic policy rules wrap a probabilistic risk model - policy gates are non-negotiable, the ML score decides within the policy envelope. Every decision logs the rule set version and the input snapshot.

Audit-grade event log

Append-only event log of every read, write, and decision across the system - built for RBI inspection and quarterly audit reporting without manual evidence-gathering.

PII vault & access controls

Document images and extracted PII stored in an encrypted vault with role-based access. The decision engine sees scores and summaries; reviewers see full details only after access logging.

The Build

Phased delivery timeline

Phase 1
Weeks 1-3

Regulatory + policy mapping

Worked with compliance to map every KYC rule, RBI master direction, and internal policy into explicit code. Built the policy engine that no ML can override.

Phase 2
Weeks 4-7

Document pipeline + scoring build

Shipped document extraction, scoring, and decision engine in shadow mode - every decision compared against the existing manual decision on the same case. Refined until concordance crossed 97%.

Phase 3
Weeks 8-9

Conversational reapplication + reviewer queue

Built the WhatsApp reapplication agent and the risk-prioritised reviewer queue. Reviewer team trained on the new dashboard and queue logic.

Phase 4
Week 10+

Regulatory sign-off + phased go-live

Regulatory approval after demonstrating audit-grade controls. Rolled out to 20% of applications, monitored daily, expanded to 100% over 4 weeks.

The shift

Before vs after

Same business, same team - measurably different operating model after the engagement.

Before
Without Deburise
  • Median onboarding time2-5 days
  • Application drop-off rate60%+
  • Compliance reviewer time per case30 minutes
  • Successful reapplication rate12%
  • Regulatory audit prep time5-7 days per quarter
  • First-pass approval rate on KYC65%
After
With Deburise
  • Median onboarding time30 minutes (green path: 30 seconds)
  • Application drop-off rateUnder 30%
  • Compliance reviewer time per case5 minutes
  • Successful reapplication rate58%
  • Regulatory audit prep timeReal-time export, hours
  • First-pass approval rate on KYC89%
The results, in detail

What changed and by how much

Operational and revenue metrics tracked from go-live, measured against the pre-engagement baseline.

Median time-to-decision improvement-99%
Drop-off rate reduction-50%
Reviewer hours saved per 1,000 apps-70%
First-pass approval rate89%
Successful reapplication lift+46pp
Where the value landed

Composition of impact

Approximate breakdown of how this engagement contributed to the business outcome - the headline metric is a roll-up of these levers.

  • Onboarding speed & conversion lift
    36%
  • Compliance reviewer capacity freed
    22%
  • Successful reapplication recovery
    18%
  • Fraud risk reduction
    14%
  • Audit & reporting automation
    10%
Onboarding speed
Tech Stack

What we built it with

Document AI

  • Custom vision models for OCR + tamper detection
  • Anthropic Claude 3.5 for reasoning
  • Indic-language OCR fine-tunes

Decision engine

  • Custom policy rules layer
  • ML risk model (XGBoost + behavioural features)
  • Bureau API integrations (CIBIL, Equifax, CRIF, Experian)

Compliance & audit

  • Audit-grade event store (immutable)
  • RBI-aligned reporting hooks
  • Field-level encryption + PII vault

Customer-facing

  • WhatsApp Business API
  • In-app SDK for live reapplication
  • SMS fallback for low-data customers
Risks & mitigations

What we de-risked along the way

Auto-approval of fraudulent applicants

Mitigation: Hard policy gates ML cannot override, plus a continuous backtest against confirmed-fraud cases. Suspicious patterns escalate to compliance regardless of score.

Regulatory non-compliance

Mitigation: Every decision logged with rule-set version and input snapshot, audit-grade evidence available in real time, quarterly external review of decision distributions.

Bias against under-represented applicants

Mitigation: Quarterly fairness audits across age, gender, geography, and language. Approval-rate deltas tracked; model retrained when drift exceeds threshold.

Lessons learned

What we'd carry into the next build

Policy rules first, ML inside the envelope

Trying to encode KYC in an ML model alone is dangerous and not auditable. Policy rules as a hard outer envelope, with ML deciding within, is the only structure RBI auditors trust - and the only structure that ships.

Reapplication recovers more than acquisition

Improving the reapplication flow lifted overall approvals more than any front-of-funnel optimisation we could have done. Drop-off after a failed first attempt was the biggest leak.

Audit-grade logging from day one

Bolting on audit logs later would have meant rebuilding the system. Building the immutable event log on day one made the regulatory sign-off step painless - and made quarterly reporting an export, not a project.

Concordance, not accuracy, is the metric

We did not ask 'is the AI right?' - we asked 'does the AI decide the same way the manual reviewer would have?' Concordance at 97% was the bar regulators understood. Beating that on absolute accuracy was beside the point.

The Business Case

ROI & payback

Investment

Upper-six-figures one-time build + low-five-figures monthly run cost

Payback period

Inside 5 months on conversion lift and reviewer-cost reduction

Year-1 ROI

Estimated 8-12× ROI from incremental loan originations enabled by the conversion lift

We went from 'onboarding is our bottleneck' to 'onboarding is our advantage.' Customers approve in minutes; reviewers focus on the cases that need them; and regulatory reporting is real-time instead of a weekly fire drill. The conversion lift alone paid for the project inside two quarters.
Head of Risk
Digital lending platform
FAQ

Questions about this engagement

Is AI-driven KYC compliant with RBI master directions?+

Yes, when designed correctly. The pattern that works is: hard policy rules that no ML can override, audit-grade event logging on every decision, real-time access controls on PII, and quarterly fairness and concordance audits. We worked with the client's compliance team and external counsel through approval - it added weeks but is required.

How does AI handle Aadhaar and PAN verification?+

Document images are processed by vision models for OCR and tamper detection, then an LLM cross-references the extracted fields against UIDAI-allowed signals and the client's internal database. The actual verification API calls - UIDAI offline KYC, NSDL PAN, etc. - remain deterministic. The AI improves quality of extraction; it does not replace the regulatory APIs.

What happens when document quality is poor?+

Instead of rejecting outright, the AI initiates a conversational reapplication via WhatsApp - explaining specifically what was wrong (glare, partial scan, wrong document) with photo examples. Successful reapplication rate jumped from 12% to 58% with this approach.

How was bias managed?+

Quarterly fairness audits across age, gender, geography, and language - tracking approval rate deltas and intervening when drift exceeds threshold. The model is retrained against an explicitly balanced dataset whenever drift is flagged.

What was the payback period?+

Inside 5 months on conversion lift alone (more loans approved per inbound applicant). Reviewer-cost savings added a second payback path. Year-one ROI estimated at 8 to 12 times the build investment.

More case studies

Other AI deployments

AI Sales Agent - 40% Conversion Lift
Agentic AI

AI Sales Agent - 40% Conversion Lift

Read case study
E-commerce Order Automation
Process Automation

E-commerce Order Automation

Read case study
Healthcare Patient Triage AI
Healthcare

Healthcare Patient Triage AI

Read case study
Get Started

Let's buildReady to put AI to work in your business?

Book a free 30-minute strategy call. We'll map your highest-impact automation opportunities and give you a clear roadmap - no obligation.

Book a Free Consultation+91 9071779997