November 4, 2020 Catherine Lygoe

Compliance Radar October 2020

Digital identification continues to be highlighted to address changing environments

COVID-19 has undoubtedly accelerated the digital transformation for organisations and forced some initiatives to be urgently prioritised to deal with pain points and bottlenecks exposed by the COVID surge.

The rate of new applications has not yet returned to their pre-covid volumes and with more volatility expected in the capital markets this onboarding trend looks likely to continue.

Financial Institutions have rapidly moved to deliver seamless digital customer experiences and enabled access to products and services online in an efficient and secure way. With continued high volumes expected, digital customer onboarding and electronic identification verification (EIDV) are paramount.‘

Financial Action Task Force (FATF) encourages digital onboarding

The Financial Action Task Force (FATF) has highlighted that digital transformation of AML/CTF will be prioritised from July 2020 to June 2022.

In line with the FATF Standards, the FATF encourages the use of technology, including Fintech, Regtech and Suptech to the fullest extent possible. The FATF’s Guidance on Digital ID highlights the benefits of trustworthy digital identity for improving the security, privacy and convenience of identifying people remotely while also mitigating Money Laundering / Terrorism Financing (ML/TF) risks.

More on the FATF statement here.

AUSTRAC continues to work constructively during this disruptive time

AUSTRAC recognises the COVID-19 pandemic is posing challenges for Australians and Australian businesses, particularly during this period of social distancing, self-isolation and other disruptions to everyday business and outlined alternatives to verify customer identity and fulfil KYC requirements as we previously reported.

LAB Group has worked proactively to fast track a number of solutions for businesses as well as continued work and due diligence with strategic partners to explore the delivery of facial biometrics technology to enable verification of identification anywhere, anytime.

More on AUSTRAC’s guidance here.

COVID, our new “normal” and increased online fraud risk

Identity theft and the use of stolen information to create fraudulent accounts is a significant and costly issue. Virtual Private Networks (VPNs) are a common tool used by fraudsters to mask their internet activity and identity and with reports of a 33% increase of use since the onset of the coronavirus outbreak it’s easy to see how the pandemic has increased the fertile ground for potential fraudulent activity.

ASIC recommends a number of controls for protecting stockbrokers against share sale fraud. One of these controls is the comparison of the geographical location of the IP address used to submit an application with the physical address of the prospective applicant. A Virtual Private Network provides online privacy and anonymity by creating a private network from a public internet connection. This anonymity can attract bad actors as they seek to mask their IP address. In September last year, police laid charges in relation to a $10m fraud involving retirement and share trading accounts. This article reports the court heard “Members of the alleged syndicate used VPNs to hide their identities online.

LAB Group’s Application Manager has been enhanced with a new feature to flag if an application is coming from a VPN and we have also partnered with a fraud score provider.

If VPN detection results are available and a VPN is detected, you can take action to confirm the application is authentic prior to proceeding with your usual account opening processes.

For more information on how to activate this feature, please contact your Customer Success Manager.

Open Banking and CDR moving forward

The ACCC has formally set the rules for the Consumer Data Right (CDR) and Open Banking which applied from July 2020. All four major banks can share their customers’ data when requested by the customer and individual customers can now request their bank share their data for deposit and transaction accounts as well as credit and debit cards.

From November 1st, 2020 consumers will be able to share their data relating to some loans and joint accounts.

LAB Group contributed to a formal submission earlier this year (you can see LAB’s submission to the ACCC here) and post consultation the ACCC released Rules which incorporates ‘intermediaries’ in the CDR through a Combined Accredited Person (“CAP”) arrangement.

The general industry feedback on the proposed CAP arrangement is that requiring both intermediaries and their clients to obtain accreditation to the highest level is too restrictive, may raise barriers for adoption and limit the efficiencies and benefits intermediaries can provide.

Seemingly taking on this feedback, on September 30th, 2020 the ACCC released consultation on proposed new CDR Rules that, amongst other things, introduce new accreditation levels. The ACCC states these “new levels (“tiers”) of accreditation are intended to lower barriers to entry and reduce compliance costs for service providers that do not require unrestricted access to CDR data”.

LAB Group intends to contribute to this consultation and are pleased that the proposed rules allow more flexibility around accreditation.

Government Digital ID programs launched in UK, coming to New Zealand and worth waiting for in Australia

A new stand-alone version of a Document Checking Service is being piloted by the UK’s Government Digital Service to verify user identity and provide faster access to important government services.

The service can be used to verify the identity of people filing online mortgage applications, accessing financial services or onboarding to recruitment services. The pilot will run for a year, and assess the market for such a service, while helping organizations reduce fraud.

New Zealand’s Cabinet has confirmed that legislation for a Digital Identity Trust Framework will be drafted, and an Interim Trust Framework stood up in the meantime by the Department of Internal Affairs to allow testing with digital identity providers.

Electronic Contracts and Electronic Signing Reform

Governments have enacted emergency regulations during the pandemic to allow essential transactions such as signatures to occur electronically. Those changes should stay for the benefit and convenience of people and businesses.

Benefits for both the customer and the business to Electronic Contracts and Signing include:

  • Digital signatures are more robust than physical signatures with authentication methods and compliance factors.
  • E-signatures have stronger assurance than paper signature with the date and time as well as the IP able to be verified with other verification methods such as SMS authentication.
  • Faster turnaround times and accessibility options for people with disabilities.

The post covid reforms are of patchwork temporary nature with the limitations of the current environment addressed, but the rules and applications vary from state to state. There is a push for these reforms to be made permanent and applied consistently across Australia.

Senate Select Committee Interim Report

Ahead of the final reporting date (April 16th, 2021) the Senate Select Committee on Financial Technology and Regulatory Technology has released its interim report. The report makes 32 recommendations which Committee Chair Andrew Bragg has described as a ‘series of quick wins’. The changes include:

  • Making temporary changes to the Corporations Act enabling companies to hold virtual meetings, enabling electronic execution/witnessing of documents and electronic shareholder communication permanent.
  • Expanding the Consumer Data Right (CDR) to include other financial services, starting with the superannuation sector and then including sectors such as general insurance.
  • Digital Identity reforms led by the Digital Transformation Agency be accelerated in order to deliver a national, economy-wide framework for the operation of a federated digital identity ecosystem as soon as possible.
  • Australian Competition and Consumer Commission, or the new proposed national Consumer Data Right (CDR) body finalise the rules for intermediary and third party access to CDR banking data by late 2020, and enable intermediaries to enter the CDR ecosystem as soon as possible thereafter.

For more information visit the Parliament of Australia Website.

Stockbrokers’ Association pushes back against AUSTRAC proposal

Financial crime authority AUSTRAC has closed public consultation on a key rule about identifying the source of funds used to buy and sell ASX stocks, which could inadvertently make it easier for criminals to move money.

The Stockbrokers and Financial Advisers Association reportedly say they did not ask for the change and believe most brokers would not take the risk of trading on behalf of an unidentified client.

The proposed law change means stockbrokers would not need to identify their clients for up to five days after making a trade and experts in the field are concerned the proposals could make it easier for criminals to launder money by buying and selling shares in traded companies — and then getting their money out.

The ABC reported that the stockbrokers’ peak body said it’s “absolutely mystified” by the change.

Read the full ABC article here.

, ,

Subscribe to our Compliance Radar

We will bring you the latest trends in compliance, identity verification
and digital customer onboarding.