Non-Face-to-Face Identity Verification

      The Monetary Authority of Singapore (“MAS”) on 10 November 2020, introduced a new consultation paper on the types of information required for non-face-to-face verification of an individual’s identity. In light of increase in global cyber attacks such as data theft, scams and phishing incidences, Singapore has seen its fair share of incidents of breach in personal data of individuals. Increasingly, individuals’ data that have been stolen are used to impersonate an individual and perform unauthorised financial transactions through non-face-to-face channels. MAS proposes to issue a Notice on Identity Verification to strengthen the level of authentication controls to be implemented by financial institutions when conducting non-face-to-face business.

      Under the proposed non-face-to-face identification verification Notice, it will be mandatory for financial institutions to use at least one of the following types of information for non-face-to-face verification:

      • Something that only the individual knows, such as passwords or personal identification number (“Pin”)
      • Something that only the individual has, such as a cryptographic identification device or token;
      • Something that uniquely identifies the individual, based on the individual’s biometrics or behaviour;
      • Information such as account transaction information or application identification number

      The non-face-to-face identity verification Notice, financial institutions will be prohibited from replying on common personal information such as NRIC number, residential address, and date of birth as the sole  means of identity verification as these information could be easily obtained and manipulated by scammers.

      The proposed non-face-to-face Identification Notice is a step further to protect customer data, increase consumer confidence in Singapore’ financial system and assist to reduce further fraud from taking place.

      Any third parties appointed to act on behalf of financial institutions to conduct identification and verification process including non-face-to-face verification process, must adhere to the proposed Notice.

      MAS proposes the effective date of the non-face-to-face verification Notice to take into effect 6 months after it has been issued. It is not certain if 6 months will be a sufficient period of time for financial institutions, especially those dealing with retail customers, to implement and roll out the necessary measures. It is anticipated that several changes may need to be done to technology solutions that are currently used by financial institutions to aid them in the identification and verification process. It is recommended that financial institutions reach out to their technology service providers and other third party service providers who are assisting with the customer identification and verification process and understand if their current processes and systems in place will be adequate to meet the new requirements.

      How can Argus (now Waystone Compliance) Assist?

      We, at Argus Global (now Waystone Compliance), are a team of consultants who specialize in regulatory compliance for financial institutions. We assist to do the following:

      • Implement policies and procedures on Customer Due Diligence Process including customer onboarding and risk assessment
      • Assist to conduct AML Screening and customer risk assessment
      • Assist to conduct gap analysis on current Customer Due Diligence policies and procedures against MAS requirements and intended requirements
      • Assist to provide ongoing compliance advisory support to ensure adherence to compliance requirements in Singapore

       

      Please reach out to us for an initial discussion at compliancesolutions@waystone.com.

      Follow us on LinkedIn for more updates.

      Previous post Next post
      Share

      More like this

      Increase in the budget of Ongoing Compliance

      The Cost of Compliance: Time & Money According to survey data released in Q1 2017 from the National Small Business…
      Read more

      Technology Risk Management Guidelines – Key Requirements

      Who Does It Apply To Applies to all financial institutions that MAS regulates, ranging from large banks to venture capital…
      Read more

      Introduction to Fund Setup in Singapore

      A fund is a pool of money set aside for a specific purpose. These pools of money are often invested…
      Read more

      Fund Management Company, Venture Capital – Singapore Series

      Venture Capital Fund Management (VCFM) A Fund Management Company is a business in which licensed or registered managers manage the…
      Read more

      Singapore Funds Industry Group (SFIG) to Strengthen Singapore’s Fund Management Ecosystem

      New Singapore Funds Industry Group to Strengthen Singapore’s Fund Management Ecosystem The Monetary Authority of Singapore (MAS) announced on 27…
      Read more

      MAS Requirements on Cyber Hygiene

      Monetary Authority of Singapore (“MAS”) released a Notice on Cyber Hygiene on 6th August 2019 to raise cyber security standards and…
      Read more