As consumers and businesses adapt to the Coronavirus pandemic, firms need to make sure the remote ID verification processes they use to cope with customer demand are fit for purpose when it’s over.
Overnight we saw a shift from high street to online, with the expectation that business across the retail, banking and legal sectors, among others, remain as open as possible. Businesses with multi-channel offerings were prepared, but it’s a seismic shift for the rest.
Verifying customers remotely is a new and unique challenge for many businesses. Without being able to stand in front of a customer, to hold their identity documents and review their proofs of address, it’s more difficult to meet your regulatory requirements and verify that you’re genuinely dealing with the person the customer claims to be.
The UK’s Financial Conduct Authority (FCA) last week wrote to firms reminding them of the flexibility in its identity verification guidelines, and what they can accept for the purposes of remote customer onboarding.
The gulf between what the watchdog advises businesses to do and what’s best practice is significant. UK businesses should be applying a risk-based approach, and in many cases going much further than simply following the FCA guidelines, or else they risk additional fraud and compliance challenges later.
Worse still, they put their customers at risk too.
The FCA says businesses can accept scanned customer documents sent via email, or even selfies and videos via mobile device verification. While this helps with the challenge of remote onboarding, it may not deliver the best customer experience and doesn’t give you the confidence you need that a customer isn’t a bad actor.
An out-of-focus image or, black and white photo or one that lacks borders is inadequate, which means the customer must be asked to resubmit – which they may not have the time or patience to do.
But even with a good quality image, you have no means of checking the image hasn’t been tampered with, or if it’s legitimate and wasn’t simply pulled from the internet at random.
Checking identity documents manually raises questions too.
How do you know it is a genuine document and how it may open you up to fraud later? Are the employees you’re asking to validate those documents actually equipped to tell the difference between a counterfeit and the real thing?
Even with training, it’s one thing to spot a fake document in your hands and another thing entirely to do it remotely.
And with countless domestic and international identity documents to check, potentially at large scale, the task becomes even tougher – and this pressure increases the risk of human error.
GBG Product Owner David Thomas said: “The importance of spotting inaccuracies in documents is fundamental to protecting your business from fraud. Our technology is continuously trained to ensure that even sophisticated document fraud is detected.”
Perhaps more fundamentally, there is nothing tying these disparate, ad-hoc checks together into any kind of audit trail.
If the FCA were to ask you in two years’ time to prove you did your due diligence on customers during COVID-19, a series of diary entries and poor-quality image scans probably isn’t going to satisfy the regulator, and could result in financial penalties.
COVID-19 may be a watershed moment for digitisation, causing a greater shift to digital channels as customers accept and embrace a new normal.
The FCA itself has reported greater digitisation of the firms it regulates, and expects the social changes driven by Coronavirus to accelerate the development of digital markets.
At GBG we’ve seen first-hand how businesses dramatically grow by digitising their onboarding, and how the businesses that benefit most are those who are ahead of the curve.
Whether you’re ramping up your remote onboarding to meet new demand or going digital for the first time, applying smart identity verification processes now will pay dividends when the pandemic is over.
Now is the time for businesses to take a step back and take a risk-based approach to identity verification that’s tailored to customers, locations and sectors etc.
GBG’s Commercial Director for Identity, Jonathan Jensen, said organisations could take this as an opportunity to take a smart approach to identity verification.
He said: “It’s very easy to put in a tactical quick fix that is potentially worse than what you had before, isn’t fit for purpose and absolutely not maintainable. Now is the chance to start moving in the right direction with a robust and sustainable alternative.”
Now is the time for businesses to take a risk-based approach to identity verification.