Norway’s KYC Regulations: Identity Verification Requirements and Procedures under the Money Laundering Act

Overview

In adherence to Norway’s robust anti-money laundering (AML) and terrorist financing regulations, this article offers an overview of the Know Your Customer (KYC) process, specifically focusing on identity verification requirements under the Norwegian Money Laundering Act.

Table of Contents

1. Introduction
2. Scope
3. Definitions
4. Identity Verification Requirements
5. Compliant CDD Methods
6. Documents Required for Verification
7. Timing of Verification
8. Politically Exposed Persons (PEPs) and EDD Measures
9. Reliance on External Services
10. Record Retention

Introduction ::

Norway’s Money Laundering Act regulates the rights and obligations of both legal and natural persons to prevent and detect money laundering and terrorist financing within the country’s jurisdictions, including Jan Mayen and the archipelago of Svalbard.

Scope ::

This article serves as a reference to illustrate the fundamental identity verification and anti-money laundering requirements as outlined in Norway’s Money Laundering Act and related sources.

Definitions ::

• Client: Shufti Pro’s customer
• Customer: The client’s customer undergoing KYC-AML checks
• End-user: The customer from Shufti Pro’s perspective
• Document Verification: Process of authenticating government-issued identity documents
• Identity Verification: Procedure of verifying the client’s end-users’ identities
• Proof of Identity: Government-issued identity documents used to identify individuals
• Enhanced Due Diligence (EDD): Process of executing a greater level of scrutiny for potential business relationships
• Third-Party Diligence: Outsourcing due diligence to an external party
• Politically Exposed Person (PEP): Individuals with a higher risk for potential involvement in bribery or corruption

Identity Verification Requirements ::

As per Norway’s regulations, the following identity attributes are required from official documents to identify natural persons:

• Full name
• Date of Birth
• Place of birth
• Citizenship
• Gender
• Personal Identity Number
• Address

Compliant CDD Methods ::>

Shufti Pro provides multiple methods at the client’s request to perform identity verification:

Document Verification:

For end-users who do not present themselves to the client in physical presence, Shufti Pro can verify their identities using independently sourced documents.

Real-time audio-video transmission:

During a live, interactive video session, an identification expert will ask the end-user to show their identity documents and perform a liveness check.

Document Verification:

Shufti Pro utilizes a specialized document verification service to perform checks on the authenticity of submitted documents.

Documents Required for Verification ::>

Identity Verification:

• Driving License
• Passport
• Residence Permit

Address Verification:

• Utility bills (no older than three months, displaying the end-user’s address and name)
• Bank/Credit card statements (no older than three months, displaying the end-user’s address and name)

Timing of Verification ::>

Identity Verification is not a one-time process. It is required at multiple instances, and the application and selection of when to deploy the verification procedures depend on the client’s requirements.

Politically Exposed Persons (PEPs) and EDD Measures ::>

As per Norway’s Enhanced Due Diligence requirements, the client is required to determine if their customer is a PEP, holds a public office, or exhibits a higher risk profile. Shufti Pro offers an AML Screening service to help clients fulfill their obligations by screening an individual’s selected ID attributes against global regulatory authorities, foreign, and domestic databases, compromised PEPs, and sanctioned individuals.

Reliance on External Services ::>

Norway’s regulations allow clients to seek the services of a third-party to apply measures of due diligence. However, the client remains responsible for maintaining all compliance and fulfilling AML and KYC obligations.

Record Retention ::>

Under Norway’s Act, clients are required to retain data for no less than five years as part of their AML and KYC obligations for due diligence. In the case where the information is processed, collected, and managed by a relevant third-party, the client is liable to collect all necessary information from the third-party without undue delay.

This article aims to provide a clear understanding of the essential identity verification requirements and procedures necessary to comply with Norway's Money Laundering Act.