ID&V: what every B2C fintech should know
A robust ID&V process is essential for complying with regulatory standards, guarding against financial crime, and enhancing customers' trust in your product.
Most fintechs share the same goal: enable as many customers as possible to access great financial products in a seamless way. A key step in achieving this is being able to confirm that those customers are who they say they are. This step is called identification and verification (ID&V).
ID&V consists of two key processes:
- Identification: checking that the identity the customer has submitted does belong to them, usually by making sure they have valid identity documents
- Verification: checking the claimed identity against existing records and databases to confirm that it is genuine.
A brief look at the history of ID&V
‘Safe conduct’ documents, which came into effect in 1414 and were granted by King Henry V, are often referred to as the first ‘passport’ in the UK, although there are much earlier records of issuing passes to enable travel in countries like China and India.
In 1915, passports were introduced in the UK, with legislation in 1920 standardising their format. These passports have since evolved from a singular piece of paper to include digital features like biometric data. This shift to digitisation has resulted in changes to how organisations complete ID&V too, with technology now predominantly embedded in the process.
Why does my fintech need to do ID&V?
It can increase trust. Knowing who the customer is means increased confidence of who is actually using your products. In turn, this means that the rest of the organisation can trust there is a reliable operational process in place that complements other efforts to keep customers (and the business itself) safe and secure.
It’s a regulatory requirement. The Money Laundering and Terrorist Financing Regulations require firms to put effective Know Your Customer (KYC) checks in place at the point of onboarding and during the course of the relationship, including ID&V. KYC helps organisations ensure that they are dealing with legitimate customers and, by extension, protect the integrity of the financial system in the U.K.
It reduces financial crime risk. Money laundering, terrorist financing and fraud are just some of the activities criminals can use false or stolen identities for. Robust ID&V processes can help reduce the risk of bad actors gaining access to financial products.
Factors to consider when setting up ID&V for your fintech
When defining how your fintech will implement ID&V, some key factors to consider are:
ID&V processes need to grow with you as your fintech scales to ensure that they are still fit for purpose. This includes ensuring that there is an ongoing review process to identify any gaps. This is especially important as techniques to evade ID&V checks, such as deep-fake technology, are continually evolving.
Balancing ease of completion with friction
ID&V is typically one of the first entry points into a financial product. The process, whilst delivering the best customer experience possible, should also be rigorous to ensure it meets the necessary control standards.
This should be at the heart of the process. This can look like having more flexibility, in line with risk appetite, with which document types are accepted in addition to a passport (for example, a driving licence or residency permits) and which country they are issued from. Where possible, customers should also be able to note their preferred name on their account if different from the one on their identity document.
Lastly, even the best ID&V process cannot happen if records are not properly kept. You’ll need the results of ID&V to validate your decision making and evidence that you’ve complied with relevant regulations.
A robust ID&V process is essential for fintechs, not only to comply with regulatory standards and safeguard against financial crime but also to cultivate trust and enhance customer experience.