Pomegra Wiki

KYC for Trusts and Foundations

Verifying the identity of a trust or private foundation is far more complex than onboarding an individual customer. Regulators require banks and fintechs to identify the settlor (creator), the trustee, and crucially, the beneficial owners—the people who ultimately benefit from the trust’s assets. Unlike a corporation with clear officers and directors, a trust’s beneficial ownership can be opaque, hidden across layers, or split among multiple beneficiaries.

Why trusts and foundations are KYC hotspots

Trusts attract regulatory scrutiny because they are a legitimate tool for estate planning and asset protection—but also a vehicle for concealing beneficial ownership, layering illicit proceeds, and evading sanctions. A trust can be created in a jurisdiction, managed in another, benefit residents of a third, and hold assets in a fourth. This jurisdictional fragmentation makes it hard for any single regulator or institution to trace ultimate ownership.

Foundations, particularly private foundations in civil-law jurisdictions, present the same challenge. A foundation may have a board of directors but no identified beneficial owners in the conventional sense. Determining who truly controls and benefits from foundation assets requires deep document review.

Under anti-money-laundering (AML) rules in the U.S., UK, EU, and most financial centers, a financial institution accepting a trust or foundation as a customer must:

  1. Identify and verify the trustee or foundation administrator
  2. Understand the trust structure and identify the settlor
  3. Identify beneficial owners—typically anyone with 25% or greater economic interest
  4. Obtain and review core legal documents (trust deed, certificate, bylaws)
  5. Assess risk and monitor for changes in ownership or control

Failure to do so is a violation carrying civil penalties, criminal liability for the institution and its officers, and reputational damage.

The parties in a trust structure

A typical revocable or irrevocable trust has several players:

The settlor (grantor, trustor): The person who created the trust and funded it. The settlor may be deceased or living. If deceased, the institution must still identify and verify the settlor’s identity at the time the trust was opened (or when the institution’s account relationship began). This is historical, not current.

The trustee: The fiduciary responsible for managing trust assets and distributing income and principal according to the trust terms. The trustee is the named legal party and the primary contact. They may be:

  • An individual (a family member or professional)
  • A corporate trustee (a trust company, bank, or specialist entity)
  • A co-trustee arrangement (multiple individuals or entities)

The beneficiaries: The people or entities entitled to income, principal, or both. A trust may have:

  • A single beneficiary (simple)
  • Multiple named beneficiaries (income and remaindermen)
  • Discretionary beneficiaries (the trustee has discretion over distributions)
  • Class beneficiaries (“all my grandchildren”) that expand over time

The protector (if any): Some trusts, particularly those in offshore jurisdictions, have a protector—a named individual with powers to amend terms, remove the trustee, or veto distributions. The protector is not the settlor or trustee but wields influence and must be identified.

Identifying beneficial ownership in discretionary and complex trusts

Where trust documents say “the trustee shall distribute to such beneficiaries in such amounts as the trustee deems appropriate,” determining who actually benefits is speculative. Regulators nevertheless require the institution to:

  1. Obtain a full trust deed (not just a certificate of trust, which omits beneficiary names). The full deed lists all named beneficiaries and describes the trustee’s discretion.

  2. Identify everyone with a 25%+ interest. In a trust with four equal beneficiaries, each holds 25%, so all four must be identified and verified. In a discretionary trust where the trustee has broad power, the institution may need to obtain a letter from the trustee stating the likely distributees or a certified list of beneficiaries.

  3. Verify identity and address for each beneficiary using government-issued documents (passport, driver’s license) and independent sources (utility bills, property records).

  4. Assess nationality and jurisdiction. A U.S. trust with a U.S. beneficiary is lower risk than an irrevocable trust created in a Pacific Island jurisdiction with beneficiaries scattered across multiple countries.

Key documentation for trust KYC

The onboarding checklist for a trust account is lengthy:

  • Full trust deed or agreement (not a summary or extract)
  • Certificate of trust (establishes existence and names trustee, but is not a substitute for the full deed)
  • Schedule of beneficiaries (if not evident from the deed)
  • Trustee’s resolution or board minutes (if the trustee is a corporate entity, authorizing the account opening)
  • Proof of the settlor’s identity (historical; government ID if settlor is/was a known individual; corporate documents if settlor is a company)
  • Proof of trustee’s identity (government ID if individual; corporate records if entity)
  • Proof of beneficial owner identity (for anyone with 25%+ interest)
  • Certificate of good standing (if the trustee is a company or trust company)
  • Corporate bylaws or trust company license (if applicable)
  • Any powers of attorney held by the trustee or protector
  • Recent bank statements or account statements showing the trust’s assets (to verify the account is funded and active)

A single missing document—especially the full trust deed—can delay onboarding indefinitely and is a compliance red flag.

Red flags and higher-risk situations

Financial institutions apply a risk gradient to trust KYC. A straightforward, domestic, irrevocable trust created by a U.S. citizen for U.S. beneficiaries is lower risk. These scenarios elevate risk:

Offshore or exotic jurisdictions: Trusts formed in the Cayman Islands, British Virgin Islands, Cook Islands, or other havens attract heightened scrutiny. They are not inherently suspicious, but the combination of a foreign trust + foreign beneficiaries + complex distribution terms merits deeper due diligence.

Discretionary distributions: If the trustee has unfettered discretion to distribute to any beneficiary or none, the institution cannot clearly identify who will benefit. Regulators expect the institution to request a letter from the trustee affirming the expected beneficiaries and distribution policy.

Protectors with veto power: A protector who can remove the trustee or block distributions wields beneficial ownership. They must be identified and verified.

Recent amendments or trust modifications: If the trust deed was recently amended to add beneficiaries, remove restrictions, or shift control, the institution must update its beneficial ownership record. Change is a risk signal.

Layered structures: A trust whose beneficiary is itself a trust (or a company that is owned by a trust) requires tracing through multiple layers. The institution must drill down to the ultimate human or economic beneficiary.

Deceased settlor or missing information: If the settlor is deceased and the institution cannot obtain their historical identification, the account may not open or must be flagged for exception approval.

Practical onboarding steps

  1. Request the full trust deed. Many trustees try to provide only a certificate of trust, claiming privacy. Politely insist on the full deed; regulators expect it.

  2. Create a beneficiary schedule. Have the trustee list all beneficiaries, their ownership percentages, and their jurisdiction. If a beneficiary holds >25%, flag them for identity verification.

  3. Verify the trustee’s authority. If the trustee is an individual, obtain government ID. If a corporate trustee, obtain corporate documents and a certificate of good standing.

  4. Identify the settlor. Verify who created the trust using government ID or historical records.

  5. Run sanctions and negative news checks on the settlor, trustee, and all beneficiaries against OFAC, UN, EU, and other lists.

  6. Document your findings. Create a trust KYC summary stating the parties, structure, sources of funds, and risk rating. This is your audit trail if regulators review later.

  7. Update periodically. At least annually, confirm that beneficiaries and control have not changed. If a trustee resigns and is replaced, repeat trustee verification.

Common pitfalls

Confusing trustee with beneficial owner: The trustee is the legal party but may not be the beneficial owner. A corporate trustee managing the trust for a single individual beneficiary is not the beneficial owner.

Overlooking co-trustees: If two individuals are named as co-trustees, both must be verified. They share control and influence.

Accepting oral or email representations: Insist on written, signed documents. A beneficiary list provided via email is not sufficient.

Skipping the full deed: A certificate of trust is a red flag if you cannot obtain the full deed. Many institutions incorrectly accept a certificate as sufficient.

Ignoring distribution patterns: Monitor the account after opening. If distributions consistently flow to a beneficiary not named in the trust deed, your KYC was incomplete.

The Financial Action Task Force (FATF), SEC, FinCEN, and FCA have all published guidance on trust KYC in recent years, emphasizing:

  • Beneficial ownership transparency, especially in trusts with multiple layers
  • Sanctions checking for all identified parties
  • Particular scrutiny of irrevocable trusts and those structured for privacy or estate tax benefits
  • Reporting requirements for accounts holding over a certain threshold in some jurisdictions
  • Automatic exchange of information (AEOI) under Common Reporting Standard (CRS) for cross-border trusts

Many jurisdictions are moving toward public registries of trust beneficial ownership, reducing the opacity that has historically sheltered trusts from regulatory oversight.

See also

  • Anti-Money Laundering Compliance — The regulatory framework underlying trust KYC
  • Beneficial Ownership — The core concept in trust identity verification
  • Sanctions Screening — How to check trust parties against OFAC and other lists
  • Customer Due Diligence — KYC processes for all account types

Wider context