Businesses using identity document validation technologies (IDVT) are likely aware that the HM Revenue and Customs (HMRC) has recently released a new set of Money Laundering, Terrorist Financing and Transfer of Funds Regulations. But what do they mean for companies, and how can your electronic ID verification provider help with compliance?
We break down some of the key points below:
The minimum due diligence requirements of the new set of regulations highlight the responsibility companies have to ‘complete customer due diligence on all customers and beneficial owners before entering into a business relationship or occasional transaction.’ These include implementing enhanced due diligence procedures for high-risk areas where the risk of money laundering is higher and having the means to identify politically exposed persons.
The regulations also introduce several changes in the way businesses can use technology designed to assist them in establishing whether identity verification documents are authentic.
Merely carrying out electronic records checks on limited information, such as the name and address of a person you have not seen, does not mean that you have verified that the person you are dealing with is who they say they are. You must ensure that the checks you use show that you have identified the customer, verified the identity and that they are, in fact, the same person that is using your services (to protect against impersonation).
Fortunately, IDVT such as the Credas portal and mobile app take users through a specific process which requires them to prove they are ‘real and present’ by performing a ‘liveness’ test. These include a series of real-time instructions users need to follow while completing the verification process. Combined with the other ID checks outlined below, this ‘liveness’ test provides concrete proof of thorough verification.
Viewing a photo document over the internet or a “selfie” of a person holding identification documents or the use of Skype or similar, is not an appropriate form of customer due diligence as you will not be able to identify fakes or forgeries. The use of facial recognition software does not address this issue.
The next-generation facial recognition technology used by Credas compares the person in the photographic ID document with the selfie taken to ensure a complete match. What’s more, the innovative document authentication tool on our portal and app uses Optical Character Recognition (OCR) to confirm that the document hasn’t been tampered with, while the revolutionary NFC chip reading makes the authentication 100% complete. Our ID verification software performs a series of broader data checks, including PEPs, Sanctions, address, DOB, mortality and more.
If using a service provider, you should ensure that it is reliable and accurate using extensive source data. You should consider the following criteria in your selection:
At Credas, we are proud to shout about all the things that make us a preferred IDVT provider. We are registered with the Information Commissioner’s Office (Reg. number: ZA220768) and covered by Lexis Nexis’ accreditation to provide identity verification services as part of our partnership.
As we already mentioned above, the Credas software also performs a series of further checks such as Known as Deceased, Beneficial Owner, Politically Exposed Person (PEP) – domestically or internationally, up to date financial sanctions information and more. We employ best practice solutions and use our access to multiple data sources to provide companies with the most extensive results on the market.
Our clients can access a detailed overview of all the checks that the
Credas software is carrying out through the client portal, alongside with the results of each check.
In addition to a comprehensive dashboard, we give companies the option to download a PDF copy of all the identity verification information we’ve collected, which they can include in their records.
What’s more, we use Azure to store all the information we collect on behalf of our customers, and we keep all the data safe for a minimum of five years.