Updated Insights on Biometric Know Your Customer Onboarding Processes in Austria [April 2022]
In the heart of Europe, Austria is gearing up for a significant shift in its financial services sector. As of 2025, the country's biometric Know Your Customer (KYC) onboarding regulations for financial service providers will comply with stringent EU-wide Anti-Money Laundering (AML) and digital identity frameworks.
These regulations, which include mandatory electronic identification (eKYC) and remote verification under updated eIDAS and AMLD6 directives, necessitate a robust customer due diligence (CDD) and enhanced due diligence (EDD) approach based on a risk-based approach. This new approach will leverage advanced technology such as facial recognition, liveness detection, and biometric document verification.
Austrian KYC providers will need to be compliant with three key frameworks:
- The eIDAS regulation, which promotes secure, standardized electronic identification, increasingly enabling cross-border remote verification.
- The European AML Directives (AMLD5 and AMLD6), mandating the verification of beneficial ownership and source of funds, and continuous client monitoring.
- The General Data Protection Regulation (GDPR), ensuring secure handling of biometric and personal data during onboarding.
While the search results do not explicitly mention Near-Field Communication (NFC) technology use in Austrian financial KYC onboarding, the eIDAS framework supports digital identification methods that can include electronic ID cards equipped with NFC chips. These cards can be read via NFC-enabled devices to authenticate the user securely in remote onboarding processes, consistent with EU standards.
In terms of consent requirements, Austrian and EU KYC onboarding processes are bound by GDPR rules. This means explicit informed consent must be obtained from customers before processing biometric or personal identification data, the KYC process must include clear communication about the purpose, scope, and data protection measures related to biometric data collection and processing, and financial institutions must ensure transparency on how customer data is used, stored, and shared, guaranteeing the right to withdraw consent or access data.
By January 1st, 2023, IDs used for biometric identification must contain an electronic security chip (NFC chip). Financial service providers using biometric identification for KYC must obtain customer consent under Article 9 (2) a) of the EU GDPR.
The Austrian Financial Market Authority (FMA) has approved video-based identification for customer onboarding since January 3rd, 2017. To onboard customers online through biometrics in line with the FMA online identification regulation, financial service providers must use appropriate technical and security measures, check for presence, record-keep, and work with the processor.
In November 2021, the FMA issued an amendment to the Austrian Online Identification Regulation for biometric identity verification under the Austrian Anti-Money Laundering Act. This amendment allows the use of biometric KYC onboarding for financial service providers.
As the regulatory environment evolves towards even more harmonized EU-wide digital identity standards by 2027, biometric and NFC-based KYC onboarding across member states, including Austria, is set to become increasingly standardized.
- In the evolving financial business landscape, Austrian financial service providers are adopting advanced technology such as facial recognition, liveness detection, and biometric document verification for robust customer due diligence, aligning with stringent EU-wide Anti-Money Laundering (AML) regulations and digital identity frameworks.
- By 2027, as the EU moves towards unified digital identity standards, biometric Know Your Customer (KYC) onboarding methods, possibly incorporating Near-Field Communication (NFC) technology, are expected to become more standardized across various European countries like Austria.
