Four steps for best-in-class digital onboarding in EU
The future of digital onboarding for regulated industries such as finance, insurance and health care is bright. With the eIDAS regulation, all EU member states have received one definition of identity and signature.
Here are five steps for you to provide a best-in-class future proof onboarding experience that leaves you fully AML compliant with risk entirely separated from your business.
- Adopt a compliant identification framework
If you are regulated and have business risk: choose eIDAS. You no longer need to do-it-yourself identify natural persons. In the long run ad hoc identity concepts will be risky and expensive. Today, there is a legal basis called eIDAS that allows you to piggyback on a standards based identity concept. It isolates you from risk of identity theft and fraud. And it provides a future proof platform to build your digital offering on.
- Find a vetted supplier called Trust Service Provider (TSP)
Part of the beauty of eIDAS is that the EU provides a framework of certification, authorization, validation and liability. Choosing a so-called trust service provider as supplier from the public EU trusted list guarantees that everything from information security to personal data is top notch. And that liability is with the TSP.
- Secure AML compliance by selecting a TSP that abides by KYC regulation
In the best of worlds, onboarding would be a push of a button. But anti-money laundering legislation defines remote identification as part of KYC and the general trend requirements are becoming more strict. Select a trust service provider that registers users in compliance with an eIDAS accepted national state of the art legislation. The TSP should be certified to the standards of the most prominent remote identification frameworks e.g. German VDG and French PVID.
- Offer user best in class way of signing and logging in
The future of all user experiences is to offer FaceID and TouchID sign in, registration and signatures. This requires the foundational infrastructure mentioned under step 1. Select a trust service provider that offers you a mobile smartphone based super experience. Either a standalone app or an SDK. It should provide not only registration but persistent identity such that the entire user life time benefits from Face and TouchID for every secure transaction.