On October 31, 2019, The Financial Action Task Force (FATF) has published a new 77-page draft guidance. In it, FATF comments on how Digital Identity or Digital ID systems could benefit financial institutions as a part of their customer due diligence (CDD) routine. And although the draft guidance doesn’t really change anything, it pushes relevant entities to get ready to adopt Digital ID as a strong asset to market security.
FATF describes Digital ID as a system used for identification and authentication, disregarding their types of operational models and technology.
The guidance mentions how Digital ID standards, processes, and the technology behind it, have evolved to digital ID systems being available at scale. Among these are a range of biometric technologies, artificial intelligence and machine learning often used for verifying government-issued IDs and used in distributed ledger technology also known as DLT.
Digital ID system doesn’t have to be entirely digital—identity verification and onboarding can be both digital or physical (using physical documents), however the authentication, credentialing, binding, and portability must be digital.
With a reference to NIST Digital ID guidelines and the EU’s e-IDAS regulation, FATF comments on how proper identity verification reinforces AML/CFT efforts to customer identification and verification. The guidance also describes the risk-based approach that has to be applied to digital ID systems.
Robust authentication of the customer’s identity ensures that the person accessing an account and conducting transactions today is the same person who accessed the account previously. It also proves that the person is the verified account holder.
Using digital ID can enable regulated entities to capture additional data, including geolocation, IP address, or the type of digital device used for transactions. It contributes to the client’s profile and behavioural pattern, giving a basis for determining of when their transaction become unusual or suspicious.
FATF encourages authorities to introduce step-by-step guidelines to a risk-based approach to digital ID systems used by AML/CFT regulated entities, stating that digital ID based remote identification and transactions have same or lower risks, if compared with face-to-face processes.
The draft gave crypto exchanges (virtual asset service providers) a good portion of attention, by having them follow the same demands for a risk-based approach to the digital ID systems as other regulated institutions do. FATF is encouraging crypto exchanges to authorize transactions and account access by authenticating new and existing clients as a part of CDD.
Moreover, FATF claims that blockchain and the security of its technology can push the further development of digital ID standards and frameworks. In its turn, the digital ID could be able to keep crypto transactions compliant by verifying the stakeholders.
FATF shoutout to cryptocurrency platforms binds virtual asset service providers (VASPs) to existing KYC/AML rules, showcasing digital payments gain in trust among users.
1. Digital ID supports efforts against AML/CFT
The system eliminates the human error aspect of customer verification. Digital ID is able to improve the reliability, privacy, convenience, security, and efficiency of identification and CDD.
2. Digital ID reinforces the efficiency of blockchain transaction monitoring
The system can be effectively used to identify stakeholders in stablecoin-related transactions.
3. Regulated entities have to introduce the right guidelines to the use of digital ID
Institutions have to implement security management practices, policies and approaches to risk management.
The draft guidance brings regulated institutions to work on their CDD demands to the use of digital ID, considering that non-face-to-face transactions and interactions are in general more risky of ML and TF purposes.