Since the explosion of Internet and remote services, the European market is governed by numerous regulations that companies must comply with. What is the purpose of these regulatory compliance? To verify the identity of your customers, ensure their compliance with legislation and verify their probity and integrity. This is called the Know Your Customer (KYC) process.
This process consists in verifying the identity of your customers, in most case when they register remotely. Indeed, to benefit from an online service or product, the customer must create an account and it is during this account creation that ID verification is sometimes required. It can be used either to be certain of the user’s identity, or sometimes to respond to issues related to the sector of activity: age verification, fraud detection, regulation compliance…etc. In terms of KYC compliance, each country, and each industry (banking, insurance, online gaming, government, etc.) depends on a regulator with different requirements.
The KYC process also enables the assessment and control of customer risk. In the financial industry, for example, regulations have become very strict and constitute a legal obligation to comply with the Anti-Money Laundering and Counter Terrorist Financing (AML-CFT). It is within this framework that the European Union stepped up regulation last January with the adoption of the fifth European AML-CFT directive.
In addition to this, there are also issues related to data protection and compliance with the GDPR (General Data Protection Regulation), as well as issues related to improving and securing European digital exchanges (eiDas Regulation). Find out how our remote identification solutions are in regulatory compliance and meet all these European regulations.
European Anti-Money Laundering (AML) Directives imposes identity checks which require financial institutions to prevent, detect and report money laundering activities. In this context, AML regulations oblige financial institutions that issue credit or enable customers to open accounts, to carry out reasonable diligence procedures. This ensures that they are not involved in money laundering activities.
The Fifth AML-CFT Directive, which entered into force at the beginning of 2020, is a series of amendments to the structure of the Fourth Directive. In fact, the perimeter is expanding. Initially targeting money laundering, it gradually includes tax fraud and terrorist financing.
Thus, our identity check services respond to AML-CFT requirements and they are an effective means of achieving regulatory compliance.
The GDPR (General Data Protection Regulation) is a European regulation that requires companies to protect the personal data and privacy of EU citizens. It concerns all the transactions taking place in European Union, but also all entities that deal with personal data belonging to residents of the EU. Hence, companies that fail to respect the regulation can pay a heavy price. In fact, the penalty is up to 4% of annual revenue.
Data about identity (surname, first name, date of birth, etc.) clearly fall within this category, but the GDPR also covers biometric data, which are physical or biological characteristics that identify a person. These can be fingerprints, facial recognition, etc. In fact, our identity verification solutions compiles biometric data. Requirements for processing biometric data collected for identification purposes are even stricter. Of course, we guarantee the total confidentiality and the protection of all analyses, our ID check service is effectively GDPR compliant.
IDCheck.io also complies with the eIDAS regulation. This regulation concerns public-sector organisations and trust service providers based in the European Union. ANSSI is one of the national organizations responsible for the implementation of this regulation in France.
eIDAS aims to increase trust in electronic transactions within the internal market. It establishes a common framework for secure electronic transactions between citizens, businesses and public authorities. In this way, it facilitates the emergence of the digital market. The eIDAS Regulation applies to electronic identification, trusted services and electronic documents. It covers in particular the subject of electronic signatures.
Our services are certified at a European level for both authentication and electronic signature processes.