Modules overview
Your compliance, your rules, your modules
Harmoney gives you the freedom to build your compliance flow your way
Every module can be activated or deactivated independently. Start with what you need today and add more as your business evolves. All modules are fully configurable through the platform interface, with no development or IT release required. This means compliance teams can adapt workflows, rules, and parameters directly in response to changing business requirements.
Modules are continuously updated to reflect evolving regulations, market demands, industry best practices, and feedback from clients. As the regulatory landscape shifts, the platform keeps pace, so your compliance operations remain current without additional effort.
Most Harmoney modules can also be replaced by your own internal capabilities, whether for risk scoring, document processing, or other functions, ensuring your IT architecture is respected and capabilities are not duplicated.
Data modules
UBO registry connection
Retrieve verified Ultimate beneficial owner information instantly. No manual investigation needed, ownership structures are established at the source, accurately and without delay.
Real-time API connections span multiple jurisdictions with full historical tracking of ownership changes. Every retrieval is logged in an immutable audit record, supporting ongoing due diligence obligations and AML 6 compliance requirements. The module connects directly to official UBO registries, eliminating manual searches and ensuring data is always sourced from authoritative, up-to-date records.
Business registry connection
Access official company data in real time. Validate legal existence, current status, and core corporate details directly from authoritative registries, so you always work with what's true.
Connects to sources such as Companies House and INPI to retrieve legal status, directors, share capital, and registration details. Change detection alerts notify your team of dissolutions, liquidations, or structural modifications as they occur. The module also flags red flags such as shell companies and recently incorporated entities that may indicate elevated risk.
Screening connection
Screen customers and related parties automatically against relevant watchlists and sanctions databases. Fewer manual checks, lower compliance risk, and full traceability.
Coverage spans UN, OFAC, EU, and UK sanctions lists, PEP databases, enforcement registries, and custom internal watchlists. Fuzzy matching algorithms handle name variations across languages and character sets, reducing false positives without compromising coverage. Screening runs at onboarding and continues throughout the customer lifecycle, with every check recorded and results automatically fed into the risk scoring engine.
Corporate financials
Obtain structured financial data to assess the economic substance and financial health of corporate clients, giving your risk-based decisions a solid, objective foundation.
Integrates with providers including Dun & Bradstreet and Creditsafe to analyse revenue, solvency, liquidity, and payment behaviour across multiple years. Industry benchmarking and trend analysis add further context to each assessment. Automatic alerts are triggered for distress signals such as negative equity, frequent late payments, or unexplained revenue spikes, supporting both onboarding decisions and ongoing portfolio monitoring.
Web agents (e.g. adverse media)
Continuously scan open sources for negative news and reputational signals. Detect early warning signs before they become compliance issues.
AI-powered agents monitor news outlets, regulatory announcements, court records, government databases, and industry publications across multiple languages. Natural language processing, sentiment analysis, and entity recognition work together to filter noise and surface findings that are genuinely relevant. Categories covered include financial crime, regulatory actions, criminal activity, corruption, and reputational issues. Results are summarised and routed automatically for analyst review.
Internal data feed
Connect your internal systems to Harmoney workflows. Prefill dossiers via API at no extra cost, or embed live data feeds from your risk models, documents, and core systems.
Every Harmoney subscription includes full API access at no additional cost, allowing clients to create dossiers, prefill customer information, and push data into workflows programmatically. For organisations that require deeper integration, the Internal Data Feed module connects Harmoney directly to client systems, ingesting results from your proprietary risk models, fetching information from your CRM, or pulling generated documents from your document generation system. Data is consumed in a non-intrusive, read-only mode, governed by role-based access controls and full audit logging to ensure GDPR-compliant handling at every step.
Engine modules
UBOs and related parties
Identify, verify, and monitor beneficial owners with direct access to UBO registers across Europe and beyond. Automatically reconstruct control chains and assess UBO risk.
As regulatory scrutiny on beneficial ownership intensifies, Harmoney provides direct integration with official UBO registers across Europe and the rest of the world. Official documents are retrieved automatically, and ownership information is extracted to reconstruct the full control chain, identifying beneficial owners at every level of the corporate structure. Combined with the screening module, UBOs can be assessed directly against watchlists and sanctions databases.
Ongoing monitoring dashboards provide a consolidated view of UBO status across the portfolio, with clients organised by risk category to prioritise remediation efforts where they matter most. Harmoney closely monitors the evolving regulatory framework around beneficial ownership, particularly under AMLR, and continuously updates the platform to meet new requirements as they come into force.
Risk scoring engine
Turn complex, multi-source data into objective, auditable risk profiles. Score not only the main parties but also all related parties, with full transparency on every contributing factor.
The risk scoring engine operates at two levels: entity level (individuals and companies) and dossier level.
At the entity level, each part, including all related parties such as UBOs, directors, and signatories, is scored against configurable risk parameters: country and jurisdiction risk, reputational risk, PEP status, product complexity, ownership structure, and screening results. Many of these parameters are filled automatically by Harmoney through connected data sources, while others can be provided manually or via internal data feeds. At the dossier level, product-specific and internal risk parameters are added to produce a total risk score.
By default, customers are automatically classified as Low, Medium, High, or Very High risk in line with FATF recommendations, but the risk categories can be fully customised to match your own risk policy. Each classification triggers the corresponding approval procedure, from standard processing to 4-eyes validation or escalation to a compliance officer. Every score includes a full breakdown of contributing factors, making it straightforward to justify decisions to regulators. When the risk model itself is updated, for example, following a reclassification of country risk levels, the platform can automatically retrigger a rescoring of the entire customer base, surfacing any clients whose risk profile has increased as a result.
Enhanced due diligence
Go deeper when it matters. For high-risk clients, Harmoney enables thorough investigation flows that meet regulatory requirements and reduce exposure, without slowing down your team.
EDD is triggered automatically by PEP identification, high-risk jurisdictions, complex ownership structures, large transaction volumes, or adverse media findings. The module manages source of wealth documentation requirements, enhanced monitoring configuration, and senior management approval routing. A complete audit trail is maintained for every EDD measure taken, demonstrating to regulators that appropriate controls are in place.
Continuous monitoring
Stay ahead of changes in client risk profiles without relying on periodic manual reviews. Harmoney detects relevant events and automatically recalculates risk scores.
An event-driven architecture replaces calendar-based reviews by continuously tracking changes that may impact a client's risk profile, such as updates to sanctions lists, PEP status changes, or corporate events like a change of activities, ownership, or legal status.
When a relevant change is detected, the risk model is automatically recalculated and the risk score updated. If the score remains within acceptable thresholds, the case is closed automatically. If the rescoring triggers a higher risk classification, a review is reopened according to the rules defined in the workflow.
This approach focuses team attention exclusively on clients where something has actually changed, eliminating unnecessary periodic reviews while ensuring no material change goes unnoticed. Every event and rescoring, whether or not the risk score changes, is fully logged, providing a complete audit trail for regulatory reporting.
Dashboarding
Get a consolidated, real-time view of client risk, case progress, and compliance status. The right information, at a glance, for faster and more confident decisions.
Four tailored views serve analysts, team leaders, compliance officers, and executives, each presenting the KPIs most relevant to their role. Operational views track case volumes and team workload, while risk and compliance views cover portfolio distribution, regulatory metrics, and audit readiness. All views support interactive filtering, drill-down, and export to PDF and Excel.
Fraud detection from documents
Identify anomalies and manipulation in submitted documents before they reach your team. Stop fraudulent entities at the door.
AI-powered analysis using computer vision, OCR, and forensic metadata examination detects forgeries, photo substitutions, altered text, copy-pasted sections, and digital artifacts. Identity documents, financial statements, payslips, bank statements, and corporate documents are all supported. The module assigns a risk score to each document and flags suspicious submissions for immediate analyst review, with every check fully documented in the audit trail.
Outreach modules
Template generation (PDF & outreach)
Standardise communication and documentation across every case. Reduce administrative effort while keeping every output consistent and regulation-ready.
Automates the generation of welcome letters, document request letters, KYC summary reports, due diligence certificates, approval communications, and compliance attestations. Dynamic field population draws from customer data automatically, ensuring accuracy without manual input. Templates are maintained in a version-controlled library with multi-language support, allowing teams across different jurisdictions to work from the same standardised foundation while adapting outputs to their specific requirements.
Digital signing
Collect legally valid signatures securely and digitally. Faster approvals, shorter turnaround times, no paper trail required.
Supports simple, advanced (AES), and qualified (QES) electronic signatures and is eIDAS compliant for European contexts. Integrates with providers such as DocuSign and Adobe Sign, with mobile-responsive interfaces and multi-party signing workflows. Every signature is backed by a full audit log recording the authentication method, timestamp, IP address, and device information. Automatic reminders are sent for pending signatures, and a certificate of completion is generated upon finalisation.
External outreach
Manage and streamline communication with clients and counterparties during KYC data collection. Structured, controlled, and fully traceable.
A self-service customer portal allows clients to upload documents, track their case progress in real time, and view outstanding requirements at any time. Communication is handled across email, SMS, and secure messaging channels, with automated reminders for missing information and status updates triggered by workflow events. All interactions are encrypted, GDPR-compliant, and stored in a complete communication audit trail.
Internal outreach
Coordinate follow-ups and internal communication across teams. Keep every case moving without information getting lost between departments.
Supports mentions, case discussion threads, file sharing, and multi-level approval routing within a single platform. Automatic escalation paths trigger alerts when tasks become overdue or cases require senior attention. Structured handoffs between compliance, operations, relationship managers, and senior management are clearly documented at every stage, with in-app notifications, email alerts, and SMS for urgent items ensuring nothing is missed.
Natural person identification & validation
Verify individual identities with high assurance. Prevent impersonation and identity fraud before they enter your workflow.
Combines document authentication with MRZ validation, security feature checking, and facial recognition backed by liveness detection. Anti-spoofing measures include deepfake detection to prevent presentation attacks. Identity is further verified through database checks against government registries and credit bureaus. Three configurable assurance levels allow the depth of verification to be matched to the risk profile of each individual case, from basic document upload to full biometric verification.
Document data extraction
Convert unstructured documents into clean, structured data automatically. Eliminate manual data entry and the errors that come with it.
OCR, intelligent character recognition for handwriting, natural language processing, and computer vision work together to extract and structure data from identity documents, financial statements, and corporate filings. Field extraction accuracy exceeds 95% across more than 50 languages, with each document processed in under 10 seconds. A confidence scoring system automatically accepts reliable results and routes uncertain extractions to human review for validation.
Document type validation
Ensure every submitted document matches required formats and standards. Catch processing errors early, not after the fact.
AI classifies uploaded documents instantly, identifying the type and validating it against configurable requirements including acceptable document age, jurisdiction-specific formats, and image quality thresholds. Customers receive immediate and specific feedback, with clear guidance on what to resubmit and why. Validated documents are routed automatically to the correct processing workflow, skipping unnecessary manual checks and reducing the time between submission and case progression.
MiFID, IDD and/or ESG profiling
Assess regulatory and sustainability profiles in real time. Support compliant onboarding and suitability decisions, without the manual work.
Generates MIFID II profiles covering knowledge and experience, financial situation, risk tolerance, investment objectives, and sustainability preferences. Also supports IDD insurance needs and demands assessments, and ESG profiles aligned with SFDR, taxonomy requirements, and principal adverse impact considerations. Both suitability assessments for advised services and appropriateness testing for execution-only services are covered, with complete documentation of each assessment for regulatory audit purposes.
Workflow modules
Internal forms
Capture the right information, in a structured way, every time. Enforce consistent data collection across teams and cases.
Dynamic conditional logic adapts which fields are shown based on prior responses, allowing a single form to serve multiple use cases without overcomplicating the experience. Fields are pre-populated from the internal data feed and document extraction results to reduce repetitive entry. Forms are built using a drag-and-drop designer, include version control, support multi-language configurations, and save drafts automatically to prevent data loss. Less room for oversights, inconsistencies, or missing data.
Internal tasks
Orchestrate activities, deadlines, and responsibilities within your compliance workflows. Keep processes on track and every action accountable.
Tasks can be created manually, triggered by workflow events, or scheduled in advance, across four priority levels with configurable SLA targets. Sequential, parallel, and conditional task structures allow complex processes to be modelled accurately. When deadlines are missed, automatic escalation alerts notify supervisors immediately. Every activity is assigned to a named owner, with a complete audit trail maintained throughout the process.
An essential tool for teams managing high volumes of cases in parallel.
Custom statuses
Adapt workflow stages to match your internal processes. Clearer progress tracking, better accountability, and full alignment with how your team actually works.
Each status is configured with a name, colour coding, SLA targets, and transition permissions defined per role. Required fields must be completed before a case can progress to the next stage, preventing gaps in data collection. Automatic actions trigger on entry and exit from each status, and linear, branching, and loop-back workflow configurations are all supported. No development needed. Everything is configured directly within the platform.
Summary & snapshot
Get an instant, high-level overview of any client's risk and compliance profile. Everything your team needs to make a quick, informed decision, in one view.
Traffic light indicators surface critical information immediately across risk rating, KYC status, screening results, and active alerts. Four snapshot types serve different audiences, from a quick view for daily operations to a regulatory snapshot for audit readiness. Historical snapshots preserve point-in-time views and trend tracking across the full relationship lifecycle.
A client lifecycle management solution with total peace of mind?