Aron M. Bratlann

Nov 23, 2025

KYC for Small Accounting Firms: Proportionality in Practice

"Do I really need to use the same KYC procedures on the local hairdresser that Danske Bank uses on multinational corporations?" The question comes from an accountant with 15 clients who just spent an entire weekend reading the AML law's 100+ pages.

The answer is both yes and no. Yes, you must comply with the law. No, you don't need to build a compliance monster. Welcome to the liberating reality of the proportionality principle.

Proportionality: Your New Favorite Word

The AML law recognizes that one size doesn't fit all. As a small accounting firm, you may and should adapt your KYC procedures to:

• Your company's size
• Your clients' complexity
• The real risks you face
• Your resources

This isn't an excuse to cut corners - it's an invitation to work smart.

Risk-Based Approach in Practice

Low risk clients (70% of your portfolio)

• Local retail with Danish owner
• Sole proprietorships without employees
• Associations under 500,000 DKK turnover

KYC effort: Basic identification, simple risk assessment, annual "has anything changed?" review.

Medium risk (25% of your portfolio)

• Companies with foreign trade
• Construction industry (subcontractors)
• Companies with 5-20 employees

KYC effort: More thorough ownership investigation, semi-annual review, documentation of major changes.

High risk (5% of your portfolio)

• Cash-intensive industries
• Complex corporate structures
• Clients with international connections

KYC effort: Full due diligence, quarterly monitoring, extended documentation.

The Pragmatic AML Policy

Large firms have 50-page policies. Yours can be 5 pages and still be compliant:

Pages 1-2: Risk assessment of own business

• "We're a local accounting firm with primarily Danish SME clients"
• "Our geographic area is Central Jutland"
• "We don't offer tax advice for international structures"

Pages 3-4: Concrete procedures

• How we identify clients (incl. checklist)
• Our risk assessment categories
• When we say no

Page 5: Ongoing monitoring

• Annual review of all clients
• Quarterly sanctions list check
• Procedure for suspicion

Done. Implementable. Compliant.

Digital Tools Scaled to Size

Forget enterprise solutions at 50,000 DKK/month. As a small firm, use:

Free/cheap tools:

• Business registry for company data (free)
• EU sanctions list (free online check)
• Excel templates for risk assessment
• Secure cloud storage (200 DKK/month)

Nice-to-have when you grow:

• Automatic registry monitoring (500 DKK/month)
• Integrated KYC software (1000-2000 DKK/month)
• API access to various registries

Practical Shortcuts (That Are Still Legal)

Standard Documentation

Make 3 standard risk assessments:

1. Local service/retail (low risk)
2. Manufacturing company (medium risk)
3. Special attention (high risk)

80% of your clients fit category 1.

Annual Batch Review

Instead of reviewing clients continuously:

• Dedicate first week of January to all reviews
• Send standard "has anything changed?" email to all
• Document responses in simple form
• Focus only on those with changes

Smart Archiving

• One folder per client
• Standard filenames: "2024_KYC_Companyname"
• Automatic cloud backup
• 5-year deletion automated

When Inspection Visits

The authorities know you're small. They don't expect EY-level procedures. They expect:

• That you've thought about risks
• That you can show your thinking
• That documentation exists
• That you've followed your own policy

Be honest: "We're a small firm, so we've focused our efforts on X and Y, because that's where the risk is greatest."

Typical Pitfalls for Small Firms

Overcomplication: Copying Deloitte's procedures isn't proportional.

Undercomplication: "We know all our clients" doesn't hold in court.

Inconsistency: If policy says quarterly review, then do it.

Lack of updating: The 2019 policy doesn't work in 2024.

Case: 2-Person Accounting Firm

Starting point:

• 45 clients, mostly local
• 2 partners, 1 assistant
• Limited time for administration

Solution:

• Monday morning: Partner A checks new EU sanctions (15 min)
• New clients: Standard onboarding checklist (30 min)
• January: Annual review of all (2 days)
• Ongoing: Note significant client changes

Result: Max 5 hours/month on KYC. Full compliance. No stress.

ROI on Proportional KYC

Without structure:

• 20 hours/month on mess and panic
• High risk of errors
• Stress at inspection

With proportional approach:

• 5 hours/month systematic work
• Documentation in place
• Peace of mind

Savings: 15 hours x 1000 DKK = 15,000 DKK/month

Start Today - Step by Step

1. Week 1: Categorize existing clients (low/medium/high)
2. Week 2: Make your 5-page policy
3. Week 3: Implement simple checklists
4. Week 4: Test on 5 clients
5. Month 2: Full implementation

The Message is Clear

As a small accounting firm, you have the right to proportional procedures. But proportional doesn't mean optional. It means smart, focused, and efficient.

You don't need to build a compliance department. You need to build a system that fits your business, protects you from risks, and lets you focus on what you're good at: helping your clients.

Proportionality isn't an excuse. It's a strategy. Use it right, and KYC goes from enemy to friend.