About the Communique on Remote Id Verification by Financial Crimes Investigation Board
Ministry of Treasury and Finance has announced GENERAL COMMUNIQUE OF FINANCIAL CRIMES INVESTIGATION BOARD(NO:19) (“Communique”) related to remote ID verification methods. We, hereby present its articles that ensures the security of remote id verification systems to your attention.
General Principles of Remote Id Verification could be summarized as follows:
- Information that is required in face-to-face ID verification is also required fully in remote ID verification. Identities and addresses are confirmed within the ID share system of General Directorate of Population and Citizenship Affairs of Ministry of Interior Affairs.
- Sample sign is not included within compulsory information.
- Remote ID Verification is concluded before constant business relation to be settled. Constant business relation is ensured by macroprudential measures decided by a risk-based approach.
- The information needed for identity verification and risk assessment could be delivered into digital forms via channels such as web sites, internet branches or mobile applications.
- All records taken throughout these procedures shall be retained in a way considered feasible to present when demanded by the authority.
Macroprudential measures could be summarized as follows:
- Risk assessment on the applicant,
- Aim and nature of business relation; sources of the funds and assets that belongs to the customer, overall revenue, approximate amount, and volume of monthly transaction is also collected beside identity information.
- In case of the first process happens face-to-face after business relation that has been settled by remote id verification, the identification will be managed according to Anti-Money Laundering and Counter-Terrorism Financing Regulation Art. 6 and sample sign will be obtained.
- Here are the measures to be applied proportionally against the risk that is detected as a result of risk-based approach for financial institutions and particular business and professions not being financial institutions:
- Obtaining additional information of the client; retaining accurate and actual information of real beneficiary
- Approval from executive before engaging into business relation or before any process
- Appropriate and effective measures including limitation of amount and value of transaction
Remote identity verification systems, finally, is going to be applied safely from the date of the 1st of May 2021 by the interested sectors after these necessary secondary legislations has been adopted.
A few contents that may be of interest to you; GDPR Fine-About Failure To Conduct A DPIA For A Training App