Internal · Finance + Compliance

KYC Framework

Know Your Customer framework for onboarding Seagull Maritime and Vanguard entities into client vendor master data systems. Structured for Finance-led population with Compliance-led policy and sanctions overlay — so each section has a clear owner and no requests fall through the gap.

Draft v0.1 — for discussion

Why this framework

KYC requests come in constantly — Nakilat, Boskalis, DNK, EMF, Pacific Basin, Hafnia, Navios, Vitol — and the shape is always similar. Ten common sections, three owning teams, and a mix of finance data (bank, tax, invoicing) and compliance evidence (sanctions, policies, insurance). When the ownership isn't clear, things drop. This framework mirrors the Due Diligence portal you already know, but scoped for KYC and owned primarily by Finance.

Built to evolve. Each section below is a placeholder today. Finance + Compliance populate it together, the same way Compliance built out the DD portal over the last 12 weeks.

Finance / Accounts Compliance Operations Commercial Legal
01
Corporate Identity
Legal entity, registration, contact data · Matches most client vendor master data schema
Finance

Core corporate identity for each contracting entity. Provided once per entity, refreshed on any incorporation change or rebranding.

Legal Entity Name + Trading NamePer entityFinance to populate
Country + Company Registration NumberPer entityFinance to populate
Date of IncorporationPer entityFinance to populate
Tax ID / VAT / TRN NumbersPer jurisdictionFinance to populate
Registered Office + Principal Business AddressPer entityFinance to populate
Telephone + Email + WebsiteCentral contactFinance to populate
Certificate of Incorporation (scan)Per entityFinance to populate
02
Group Structure & Beneficial Ownership
Parent, subsidiaries, UBO declaration (>25%)
FinanceCompliance

Group structure and ultimate beneficial ownership — one of the highest-friction KYC items. Needs an org chart, a UBO register (anyone with >25% control), and a clear statement of ownership changes in the last 36 months (Boskalis flagged this specifically).

Group Organisation ChartExistingLive in DD Portal
UBO Register (>25% beneficial owners, per entity)Per entityFinance + Legal
Ownership Change Declaration (last 36 months)Group-levelFinance + Legal
Parent Company Letter of ConfirmationSeagull FZCOFinance
03
Directors, Officers & Authorised Signatories
Board, senior officers, authorised payees, PEP declarations
FinanceCompliance

Current directors and officers per entity, with copies of passport / ID for KYC verification and PEP (Politically Exposed Person) declarations. Authorised signatories for contracts and banking listed separately.

Board of Directors — per entityPer entityFinance
Senior Officers / Key ManagementGroup-levelFinance
Authorised Signatories ListPer entity + activityFinance + Legal
PEP DeclarationPer officer / directorCompliance
Director IDs / Passports (for verification)RestrictedFinance (restricted)
04
Banking & Financial
Bank details, invoicing format, authorised payee — critical for getting paid
Finance

Entirely Finance-owned. Errors here mean we don't get paid — this is why KYC needs Finance in the lead, not Compliance. Must be kept current and validated against contract bank details (Nakilat caught a mismatch in Nov 2025).

Bank Name + Branch (per entity)Per entityFinance
Account Number + IBANPer entityFinance
SWIFT / BIC CodePer accountFinance
Bank Reference Letter / Confirmation of AccountPer entityFinance
Authorised Payee DeclarationPer entityFinance
Sample Invoice TemplateGroup-levelFinance
05
Tax Residency & Reporting
Tax residence, FATCA (US-facing), CRS (most jurisdictions)
FinanceLegal

Standard tax-transparency regime documents. FATCA for any US-connected counterparty, CRS for almost everyone else. Tax residency certificates must be in-date; they expire annually in most jurisdictions.

Tax Residence Certificate (per entity)Per entity / per yearFinance
FATCA W-8BEN-E (US-facing)Per entityFinance + Legal
CRS Self-CertificationPer entityFinance + Legal
06
Sanctions, PEP & Adverse Media
OFAC / UK OFSI / EU FSF / UN — screening evidence
Compliance

Compliance-led. Clients want a clear statement of our sanctions screening process and evidence we ourselves are not sanctioned. Sanctions checks for new counterparties are managed by Compliance via the CSC channel, with documented response per request.

Sanctions PolicySM/INT/POL/012Live Policy
Screening Declaration (Seagull entities not sanctioned)Per entity, annualCompliance
PEP Declaration — Directors & OfficersPer officerCompliance
Adverse Media Review StatementAnnualCompliance
07
Compliance Policies
Anti-bribery, AML, Code of Conduct, Conflict of Interest, ESG
Compliance

Already built out and in the DD portal. Linked here directly so Finance doesn't have to go hunting when a client asks. All current versions.

Anti-Bribery, Corruption & Business Ethics PolicySM/INT/POL/001Live Policy
Code of ConductSM/INT/POL/002Live Policy
Grievance & Whistleblowing PolicySM/INT/POL/004Live Policy
ESG PolicySM/INT/POL/011Live Policy
Conflict of Interest PolicySM/INT/POL/013Live Policy
AML Procedure StatementTo buildCompliance
08
Insurance
Liability, professional indemnity, personal accident, K&R
ComplianceLegal

Compliance holds the policies, Legal confirms the scope. Client KYC typically asks for certificates plus a statement of cover limits. Insurance certificates are renewed annually — expired certificates get flagged fast in vendor systems.

Public & Employer's Liability CertificatePer entity, annualCompliance
Professional Indemnity CertificateGroup-levelCompliance
Personal Accident / K&R CoverPCASP poolCompliance
Firearms Use InsuranceHRA operationsCompliance
Insurance Scope Summary (client-friendly)GroupCompliance + Legal
09
Operating Licences & Memberships
ICoCA, ISO certifications, flag state approvals, regional licences
Compliance

Industry memberships and operating credentials. Covered comprehensively in the DD portal already — KYC typically wants certificates and a summary statement.

ISO 28007, 18788, 28000 CertificatesDD Portal Section 6Live
ICoCA Certified Member CertificateDD Portal Section 6Live
Flag State Requirements RegisterSM/SEC/REG/001Live
Malta Operating Regime StatementS.L. 480.05 contextCompliance
10
Trade & Bank References
Client testimonials, bank references, sample client list
CommercialFinance

Final layer — references from existing clients and banking partners. Commercial owns the client relationships; Finance owns the bank side. Always needs NDA-permission before naming specific clients.

Trade References (3-5, with NDA permission)RotatingCommercial
Bank Reference LetterPer entityFinance
Major Clients List (NDA-permitted only)GroupCommercial
Testimonials PackGroupCommercial

How we build this out

Each section starts as a placeholder. Finance owns the bulk — Corporate Identity, Banking, Tax — and Compliance layers in the policy and sanctions evidence. The aim is that when a client sends a KYC form, the right team knows exactly which section they own and can pull the documents in ten minutes, not three days.

The DD portal took 12 weeks of Compliance work to get right. The KYC framework could move faster — most of the finance items already exist somewhere, they just aren't centralised. Framework-first, then populate, then wire to external KYC questionnaires (Nakilat, Boskalis, DNK, EMF, Hafnia, Pacific Basin, Navios already in the last six months of inbox).

Next step: Finance team walk-through, agreement on who owns which row, and a two-week sprint to populate the placeholders with real documents.