Financial Crime World

Digital ID Systems: A New Era in Authentication

In today’s digital age, verifying identities has become a crucial aspect of financial transactions. The Financial Transactions Reporting Act (FTR Act) and Guideline 10 have introduced the concept of digital ID systems to authenticate individuals and businesses alike.

Government-Approved Digital ID Systems

A government agency or a private sector entity may provide a digital ID system, which can be used by financial institutions to verify customer identities. These systems are considered reliable and independent when they provide a high level of confidence that the identity verification process will work as intended and produce accurate results.

Financial Institutions’ Role in Digital ID Systems

Financial institutions play a crucial role in ensuring the integrity of digital ID systems. They must understand the basic components of the system, assess its reliability and independence, and decide whether it can be used for customer due diligence (CDD) purposes based on the level of assurance provided.

Onboarding Customers with Digital ID Systems

When using non-face-to-face onboarding processes, financial institutions must adopt additional verification procedures to ensure the accuracy of customer information and the authenticity of digital identity evidence. This includes:

  • Verifying the applicant’s information against a reliable and independent digital ID system or public registries
  • Checking security markers in “soft copies” of identification documents

Authentication Process

The authentication process is an essential step in verifying digital identities. Financial institutions must adopt additional procedures to establish that the person claiming a digital identity is the rightful owner of that identity. This can be achieved through one or more factors relating to something a person has, knows, or is.

Ongoing Control Measures

To ensure the effectiveness and accuracy of eKYC processes, financial institutions must:

  • Continuously monitor their solutions
  • Maintain proper records of customer identities and evidence used to verify those identities
  • Have access to regulatory authorities and law enforcement agencies for obtaining identity information and evidence

Non-Compliance and Oversight

The Financial Intelligence Unit (FIU) and relevant supervisory authorities will assess compliance with the FTR Act and Guideline 10. Non-compliance may result in sanctions, emphasizing the importance of implementing these measures effectively.

Effective from January 31, 2024, this guideline aims to provide a framework for financial institutions to implement digital ID systems securely and reliably, ultimately enhancing the integrity of the financial system.