Abstract
Identity is fundamental in finance: to protect against fraud and crime, to fulfil know-your-customer obligations, and to ensure market integrity. At the same time, identification and know-your-customer rules can be major barriers to accessing financial services. This paper considers the various requirements for identification in the financial sector and the evolving nature of identity. We argue that technology presents an opportunity to solve this challenge through the development of digital identity infrastructure and related utilities. The establishment of such utilities requires addressing design questions such as registration methods, data availability, and cross-jurisdiction recognitions. Yet, as with any reform, a balance between flow through efficiency and cyber-security needs to be reached to ensure that the objectives of financial inclusion and market integrity are not achieved to the detriment of financial stability.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Notes
See Zetzsche et al. (2018).
For example, the Google email identity may be used to certify a personality for the online accommodation service Airbnb.
Kulp (2017).
The degree of electronic identification depends on the business model. For example, accommodation providers such as Airbnb require digital passport copies, car rental service providers require a digital copy of a driver’s licence, etc.
For the European Union, see: Directive (EU) 2015/849 of the European Parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No. 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC [2015] OJ L141/73–117 (European Parliament 4th AML Directive); for Hong Kong, see (a) Anti-Money Laundering and Counter-Terrorist Financing (Financial Institutions) (Amendment) Ordinance 2018, (b) Organized and Serious Crimes Ordinance (Cap. 455), (c) Drug Trafficking (Recovery of Proceeds) Ordinance (Cap. 406), and (d) United Nations (Anti-Terrorism Measures) Ordinance (Cap. 575); for Singapore, see the Monetary Authority of Singapore’s various notices and guidelines on AML/CFT, available at http://bit.ly/2p5BgJX; and for Australia, see Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth).
For the European Union, see Art. 25 of Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Regulation (EU) No. 648/2012 [2014] OJ L173/84/349–496.
Asian Development Bank (2016).
International Finance Corporation (2017), p 13.
For example, the Hong Kong Monetary Authority issued a circular on de-risking and financial inclusion to banks operating in Hong Kong: Hong Kong Monetary Authority (2016).
Financial Action Task Force (2018).
Schwab (2016).
Ibid.
Arner et al. (2017).
Litan (2016).
International Bar Association Legal Practice Division Working Group (2015), p 11.
Zetzsche et al. (2018).
Arner et al. (2016).
Noto (2017).
Donnelly (2018).
Smith (2017).
International Bar Association Legal Practice Division Working Group (2015), pp 5–6.
World Economic Forum (2018).
World Bank (2017).
Morozov (2013).
Pesin (2017).
See, Hardjono et al. (2016).
Reuters (2018).
For details, see Weigend (2017).
See, Lanier (2013).
Ibid.
Token Commons, The Windhover Principles for Digital Identity, Trust, and Data, 21 September 2014, http://tokencommons.org/Windhover-Principles-for-Digital-Identity-Trust-Data.html (accessed 11 December 2018).
Todd (2014).
Ibid.
Clippinger (2015).
Arner et al. (2017).
Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU [2014] OJ L 173/349.
Regulation (EU) No. 910/2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC [2014] OJ L257/73.
Unique Identification Authority of India, About Aadhaar, https://uidai.gov.in/your-aadhaar.html (accessed 11 December 2018) and Unique Identification Authority of India, Aadhaar data update, https://uidai.gov.in/enrolment-update/aadhaar-enrolment/aadhaar-data-update.html (accessed 11 December 2018).
Abraham et al. (2017).
‘Indian business prepares to tap into Aadhaar, a state-owned fingerprint identification system’, The Economist, 24 December 2016.
Australian Government Govpass, Digital Transformation Agency, Canberra, https://www.dta.gov.au/what-we-do/platforms/govpass/ (accessed 11 December 2018).
Council of Australian Governments (2017).
These include the face identification service, facial recognition analysis utility service, face verification service, identity data sharing service, and one person one licence service.
For the US, see Quarmby (2003).
See, Identity Documents Bill 2010 (UK).
See, Art. 5 of Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures [2000] OJ L13/12.
For the European Commission, see Kirova (2016).
Ibid.
See, Art. 11 of the eIDASR.
European Commission (2017b).
European Commission (2017a).
See, European Commission (2017c).
See, Arner et al. (2018).
For a comprehensive discussion, see Arner et al. (2018), p 13.
See, Art. 26 of Regulation (EU) No. 600/2014 of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Regulation (EU) No. 648/2012 [2014] OJ L173/84.
Financial Action Task Force (2018), p 8.
Stanley and Buckley (2016).
LexisNexis (2016).
ThomsonReuters, The South African KYC Service, https://africa.thomsonreuters.com/en/products-services/risk-management-solutions/kyc-as-a-service.html (accessed 11 December 2018).
IIFL (2014).
For example, see RBL Bank’s Abacus Digital Savings Account (temporarily disabled because of the recent Supreme Court Judgement); and HDFC Bank’s digital Instant Account: HDFC Bank, Account kholo chutki mein, https://www.hdfcbank.com/htdocs/digital-campaign/instantaccounts.html (accessed 11 December 2018).
For distributed ledgers, see Zetzsche et al. (2017).
Ibid.
For example, see Art. 25(1) of the European Parliament 4th AML Directive (above n. 5).
See, Joint Committee of the European Supervisory Authorities, Joint Guidelines under Articles 17 and 18(4) of Directive (EU) 2015/849 on simplified and enhanced customer due diligence and the factors credit and financial institutions should consider when assessing the money laundering and terrorist financing risk associated with individual business relationships and occasional transactions—The Risk Factors Guidelines, JC 2017/37, 26 June 2017, Title III, Ch. 1, No. 81, 83.
See, Association of the Luxembourg Fund Industry (2018).
See, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) [2016] OJ L119/1.
Zetzsche et al. (2017).
References
Abraham S, Sharma RS, Panda BJ (2017) Is Aadhaar a breach of privacy? The Hindu, 31 March 2017. https://www.thehindu.com/opinion/op-ed/is-aadhaar-a-breach-of-privacy/article17745615.ece. Accessed 11 Dec 2018
Arner DW, Barberis JN, Buckley RP (2016) The evolution of FinTech: a new post-crisis paradigm? Georget J Int Law 47(4):1271–1319
Arner DW, Barberis JN, Buckley RP (2017) FinTech, RegTech and the reconceptualisation of financial regulation. Northwestern J Int Law Bus 37(3):371–413
Arner DW, Buckley RP, Zetzsche DA (2018) Fintech for financial inclusion: a framework for digital financial transformation. A report to the Alliance for Financial Inclusion (AFI). https://www.g24.org/wp-content/uploads/2018/09/G-24-AFI_FinTech_Special_Report_AW_digital.pdf. Accessed 7 Jan 2019
Asian Development Bank (2016) Global trade finance gap reaches $1.6 trillion, SMEs hardest hit—ADB. Asian Development Bank News Release, 7 September 2016. https://www.adb.org/news/global-trade-finance-gap-reaches-16-trillion-smes-hardest-hit-adb. Accessed 5 June 2018
Association of the Luxembourg Fund Industry (2018) Global fund distribution. http://www.alfi.lu/sites/alfi.lu/files/Poster-GFD-2018-web-BAT.pdf. Accessed 11 Dec 2018
BaFin Federal Financial Supervisory Authority (2017) Circular 3/2017 video identification procedures. 10 April 2017. https://www.bafin.de/SharedDocs/Veroeffentlichungen/EN/Rundschreiben/2017/rs_1703_gw_videoident_en.html. Accessed 11 Dec 2018
Bracken M (2012) Identity and privacy principles. UK Government Digital Service, 24 April 2012. https://gds.blog.gov.uk/2012/04/24/identityand-privacy-principles/. Accessed 5 July 2018
Clippinger JH (2015) A proof of concept pilot for a decentralized autonomous authority (DAA) for KYC compliant decentralized identity and authentication services. MIT Media LAB/ID3. http://financelawpolicy.umich.edu/wp-content/uploads/sites/26/2016/09/Clippinger-A-Proof-of-Concept-Pilot-for-A-Decentralized-Autonomous-Authority4.1.16.pdf. Accessed 7 Jan 2019
Commission de Surveillance du Secteur Financier (2018) Frequently asked questions on AML/CTF and IT requirements for specific customer on-boarding/KYC methods. 8 March 2018. http://www.cssf.lu/fileadmin/files/LBC_FT/FAQ_LBCFT_VIDEO_IDENTIFICATION_080318.pdf. Accessed 11 Dec 2018
Council of Australian Governments (2017) Intergovernmental agreement on identity matching services. 5 October 2017. https://www.coag.gov.au/sites/default/files/agreements/iga-identity-matching-services.pdf. Accessed 11 Dec 2018
Donnelly G (2018) 75 Super-useful Facebook statistics for 2018. Wordstream, 7 September 2018. https://www.wordstream.com/blog/ws/2017/11/07/facebook-statistics. Accessed 11 Dec 2018
European Commission (2017a) Consumer financial services action plan. 23 March 2017. https://ec.europa.eu/info/publications/consumer-financial-services-action-plan_en. Accessed 11 Dec 2018
European Commission (2017b) First private sector eID scheme pre-notified by Italy under eIDAS. 7 December 2017. https://ec.europa.eu/digital-single-market/en/news/first-private-sector-eid-scheme-pre-notified-italy-under-eidas. Accessed 20 June 2018
European Commission (2017c) Proposal for a Regulation of the European Parliament and of the Council on establishing a framework for interoperability between EU information systems (police and judicial cooperation, asylum and migration), 12 December 2017. https://ec.europa.eu/info/publications/home-affairs/sites/homeaffairs/files/what-we-do/policies/European-agenda-security/20171212_proposal_regulation_on_establishing_a_framework_for_interoperability_between_eu_information_systems_police_judicial_cooperation_asylum_migration_en.pdf. Accessed 11 Dec 2018
Financial Action Task Force (2018) Outcomes FATF plenary, 21-23 February 2018. 23 February 2018. http://www.fatf-gafi.org/publications/fatfgeneral/documents/outcomes-plenary-february-2018.html. Accessed 11 Dec 2018
FINMA (2016) Circular 2016/7 Video and online identification. Due diligence requirements for client onboarding via digital channels. 3 March 2016
Global Partnership for Financial Inclusion (2017) 2017 Financial inclusion action plan. July 2017. https://www.gpfi.org/sites/default/files/documents/2017%20G20%20Financial%20Inclusion%20Action%20Plan%20final.pdf. Accessed 8 Jan 2019
Hardjono T, Shrier D, Pentland A (eds) (2016) Trust:Data: a new framework for identity and data sharing. Visionary Future LLC, Massachusetts
Hong Kong Monetary Authority (2016) De-risking and financial inclusion. 8 September 2016. https://www.hkma.gov.hk/media/eng/doc/key-information/guidelines-and-circular/2016/20160908e1.pdf. Accessed 2 July 2018
IIFL (2014) Axis Bank introduces a paperless, eKYC based a/c opening. India Infoline News Service, 26 February 2014. https://www.indiainfoline.com/article/news/axis-5875391291_1.html. Accessed 11 Dec 2018
International Bar Association Legal Practice Division Working Group (2015) Digital identity: principles on collection and use of information. Report of IBA Legal Practice Division Working Group. https://www.ibanet.org/Document/Default.aspx?DocumentUid=2E931F85-C5D0-4952-A6E6-6EA48C593155. Accessed 11 Dec 2018
International Finance Corporation (2017) De-risking and other challenges in the emerging market financial sector. World Bank Group, 1 September 2017. http://documents.worldbank.org/curated/en/895821510730571841/De-risking-and-other-challenges-in-the-emerging-market-financial-sector-findings-from-IFC-s-survey-on-correspondent-banking. Accessed 28 July 2018
International Finance Corporation (2018) Increased regulation and de-risking impeding cross-border financing in emerging markets. World Bank Group, January 2018. https://www.ifc.org/wps/wcm/connect/9e5b33c0-63a2-4ab4-bf54-b87c539538d4/EMCompass_Note_48_R2.pdf?MOD=AJPERES. Accessed 28 July 2018
Kirova M (2016) eIDAS regulation. eIDAS Observatory, 28 June 2016. https://ec.europa.eu/futurium/en/content/eidas-regulation-regulation-eu-ndeg9102014. Accessed 11 Dec 2018
Kulp P (2017) Facebook quietly admits to as many as 270 million fake or clone accounts. Mashable, 3 November 2017. https://mashable.com/2017/11/02/facebook-phony-accounts-admission/#3Jg1dt85kPqZ. Accessed 11 Dec 2018
Kumar L, Pathak A (2014) Aadhaar based e-KYC service—the much needed change catalyst for financial inclusion! MicroSave, July 2014. http://blog.microsave.net/aadhaar-based-e-kyc-service-the-much-needed-change-catalyst-for-financial-inclusion/. Accessed 5 July 2018
Lanier J (2013) Who owns the future?. Simon & Schuster, New York
LexisNexis (2016) Banks willing to collaborate on shared KYC utility. Finextra, 28 September 2016. https://www.finextra.com/pressarticle/66294/banks-willing-to-collaborate-on-shared-kyc-utility. Accessed 11 Dec 2018
Litan A (2016) The global identity dilemma—static biometrics are NOT the answer. Gartner Blog Network, 16 September 2016. https://blogs.gartner.com/avivah-litan/2016/09/16/the-global-identity-dilemma-static-biometrics-are-not-the-answer/. Accessed 2 July 2018
Morozov E (2013) Your social networking credit score. Slate, 30 January 2013. https://slate.com/technology/2013/01/wonga-lenddo-lendup-big-data-and-social-networking-banking.html. Accessed 11 Dec 2018
Noto G (2017) Want mobile banking users? Eliminate the login. Bank Innovation, 30 March 2017. https://bankinnovation.net/2017/03/want-mobile-banking-users-eliminate-the-login/ Accessed 11 Dec 2018
Pesin I (2017) Your online, mobile, and social behaviour are now data-points used by FinTech startups and governments in scoring credit-worthiness. e27, 4 May 2017. https://e27.co/online-mobile-social-behaviour-now-data-points-used-fintech-startups-governments-scoring-credit-worthiness-20170504/. Accessed 5 July 2018
Quarmby B (2003) The case for national DNA identification cards. Duke Law and Technology Review 1. https://scholarship.law.duke.edu/cgi/viewcontent.cgi?article=1071&context=dltr. Accessed 8 Jan 2019
Reuters (2018) US proposes reviewing social media of nearly everyone seeking entry. The Guardian, 31 March 2018. https://www.theguardian.com/us-news/2018/mar/30/us-immigration-social-media-visas. Accessed 11 Dec 2018
Schwab K (2016) The fourth industrial revolution. World Economic Forum, 14 January 2016. https://www.weforum.org/agenda/2016/01/the-fourth-industrial-revolution-what-it-means-and-how-to-respond/. Accessed 11 Dec 2018
Smith C (2017) 65 Amazing WhatsApp statistics and facts. DMR, Expanded Ramblings, 1 July 2017. https://expandedramblings.com/index.php/whatsapp-statistics/2/. Accessed 5 July 2018
Stanley RL, Buckley RP (2016) Protecting the West, excluding the rest: the impact of the AML/CTF regime on financial inclusion in the Pacific, and potential responses. Melb J Int Law 17(1):1–24
Todd S (2014) Manifesto vows to give consumers control of digital identities. American Banker, 20 October 2014. https://www.americanbanker.com/news/manifesto-vows-to-give-consumers-control-of-digital-identities. Accessed 11 Dec 2018
Weigend A (2017) Data for the people: how to make our post-privacy economy work for you. Ingram Publisher Services, New York
World Bank (2017) Principles on identification for sustainable development: toward the digital age. February 2017. http://documents.worldbank.org/curated/en/213581486378184357/pdf/112614-REVISED-English-ID4D-IdentificationPrinciples-Folder-web-English-ID4D-IdentificationPrinciples.pdf. Accessed 11 Dec 2018
World Bank Group (2018) The decline in access to correspondent banking services in emerging markets: trends, impacts, and solutions. http://documents.worldbank.org/curated/en/552411525105603327/pdf/125422-replacement.pdf. Accessed 28 July 2018
World Economic Forum (2018) Digital identity on the threshold of a digital identity revolution. White Paper, Davos-Klosters Switzerland, 23-26 January 2018. http://www3.weforum.org/docs/White_Paper_Digital_Identity_Threshold_Digital_Identity_Revolution_report_2018.pdf. Accessed 11 Dec 2018
Zetzsche DA, Buckley RP, Arner DW (2017) The distributed liability of distributed ledgers: legal risks of blockchain. European Banking Institute Working Paper Series 14. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3018214##. Accessed 8 Jan 2019
Zetzsche DA, Buckley RP, Arner DW, Barberis JN (2018) From FinTech to TechFin: the regulatory challenges of data-driven finance. N Y Univ J Law Bus 14(2):393–446
Acknowledgments
The authors are grateful for comments from Iris Chiu, Emilios Avgouleas, Pierre Schammo, Jean-Louis Schiltz, Anton Didenko, Tsany Ratna Dewi as well as participants of the Alliance for Financial Inclusion Global Policy Forum (AFI GPF) in Sochi (September 2018), and for the research assistance of Rohan Balani, Jessica Chapman and Evan Gibson. All responsibility is the authors. The authors gratefully acknowledge the financial support of: the Luxembourg National Research Fund, project ‘A new law for Fintechs—SMART Regulation’, INTER/MOBILITY/16/11406511; the Australian Research Council, project ‘Regulating a Revolution: A New Regulatory Model for Digital Finance’; and the Hong Kong Research Grants Council Theme-based Research Scheme.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Arner, D.W., Zetzsche, D.A., Buckley, R.P. et al. The Identity Challenge in Finance: From Analogue Identity to Digitized Identification to Digital KYC Utilities. Eur Bus Org Law Rev 20, 55–80 (2019). https://doi.org/10.1007/s40804-019-00135-1
Published:
Issue Date:
DOI: https://doi.org/10.1007/s40804-019-00135-1