Legal Brief: Digital Identity Catches the Regulatory Eye

By Silas Bartels, legal writer

Editor’s note: In the 12th installment of our series, the legal team covers global efforts to utilize digital ID systems for customer due diligence.

On March 6, 2020, the Financial Action Task Force (FATF) published guidance to assist government agencies and regulated entities with determining whether digital ID technology is appropriate to use for customer due diligence (CDD).

This new guidance was approved during the February 2020 FATF Plenary to establish international standards in the rapidly evolving area of digital ID systems. The publication of the guidance fulfilled one of FATF’s major strategic initiatives under FATF President Xiangmin Liu of China, who remarked in September 2019 that reliable digital ID solutions have the potential to benefit both customers and regulated entities.

According to the guidance, the assurance, audit or certification of digital ID systems by a government would permit regulated entities to assume that the system works as it is supposed and produces accurate customer due diligence results. For this reason, FATF urged countries to consider supporting the development and implementation of reliable digital ID systems.

In countries where the government has not authorized the use of specific digital ID systems for CDD, regulated entities must determine the reliability and independence of the system by either performing the assurance assessment themselves or using audit information on assurance levels by an expert body. FATF emphasizes that regulated entities performing this assurance assessment themselves should exercise additional caution and conduct appropriate due diligence on the digital ID system provider, including the governance systems in place. Additionally, regulated entities should only use information from another expert body during this process if it has a reasonable basis for concluding that the digital ID system provider applies appropriate digital ID assurance frameworks and standards, such as being approved for similar purposes by another government.

After determining a digital ID system’s assurance levels, governments and financial institutions must then determine whether it is appropriately reliable and independent in light of the potential risks that the system could be used to facilitate financial crime.

Back in November 2019, FATF Executive Secretary David Lewis highlighted that the new push by the intergovernmental organization to develop this digital ID technology guidance stemmed from the prospects that such systems could promote financial inclusion. He noted that digital ID systems could help to remove lack of documentation as a critical barrier to unbanked or underbanked individuals accessing financial services and banks.

This position was mirrored in both the consultation of the draft guidance published on Oct. 31, 2019, as well as in the final guidance published in March 2020. Specifically, FATF emphasized that non-face-to-face customer identification and CDD that rely on adequate, reliable and independent digital ID systems may present only a standard level of risk, or may even be lower-risk.

While FATF worked to develop the international standards for utilizing digital ID systems for CDD purposes, regulators and governments around the world moved forward on efforts to employ them.

On Jan. 8, 2020, the Bangladesh Financial Intelligence Unit published guidelines to enable financial institutions to conduct electronic know your customer (e-KYC) due diligence using digital means, such as the Election Commission of Bangladesh’s database that contains identity data with biometric information. As presented in these guidelines, Bangladesh Bank also introduced simplified due diligence for mobile financial services and other low or limited-risk banking products.

France also proposed reforms in March 2019 that would see the establishment of a certified public digital ID system to make online banking more secure. The measure was one of a set of 25 broader proposals to combat financial crime.

A report published by New Zealand’s financial regulator on the country’s anti-money laundering regime underlined that more and more regulated entities are using electronic ID verification systems, but a number of CDD deficiencies have arisen as a result. These widespread deficiencies included regulated entities not verifying an individual’s identity from at least two reliable electronic sources.

The U.S. House Committee on Financial Services passed the Advancing Innovation to Assist Law Enforcement Act on Sept. 19, 2019, which seeks to promote the use of new technology to fight against money laundering by requiring the Financial Crime Enforcement Network to explore the potential of artificial intelligence, digital ID technologies, blockchain, and other emerging financial technology.

The House Financial Services Committee also heard testimony from a managing director at Accenture and a representative of the Better Identity Coalition on how digital ID innovation could mitigate cyber threats, enhance customer privacy and ensure trust in financial transactions.

Contact Silas Bartels at

Topics : Anti-money laundering , Counterterrorist Financing , Info. Security/Cybercrime , Know Your Customer
Source: FATF , Bangladesh , U.S.: Congress , France , New Zealand
Document Date: March 16, 2020