On 12 February, the SEPBLAC (Executive Service of the Commission for the Prevention of Money Laundering and Monetary Offences) issued the authorization procedure for non-contact identification via videoconference.
This authorization came into force on March 1, and is issued based on Article 21.1.d) Royal Decree 304/2014, of 5 May, which enacted the Regulations for Act 10/2010, of 28 April, and the Financing of Terrorism Act 12/2003, of 21 May.
Therefore, possibility of using a new path taking advantage of the digital transformation opens up.
Firstly, it should be noted that the authorization itself states that the execution of procedures for non-contact identification via videoconference can be outsourced, keeping the legally bound reporting party full responsibility. In this regard we must consider the content of Article 8 of the Law 10/2010 Act of 28 April, prevention of money laundering and terrorist financing, which specifies that the due diligence measures which specifies that the due diligence measures may be provided by a third party with a prior written contract between the parties, keeping the legally bound reporting parties(financial institutions in this case) all responsibility.
As set by the authorization, in order to use the video conferencing system in the contracting of financial services, the following requirements must be met:
Normative criteria for non-contact identification via videoconference
1) Before implementing the system.
a) A previous specific risk analysis of Article 32.2 of the Regulation shall be conducted
b) The procedure shall be documented and its effectiveness tested, the reviewing the results shall be recorded in writing. It will not proceed to the effective implementation of the procedure if the test results do not prove their effectiveness.
c) The non-contact identification procedures via videoconference should be managed by personnel with specific training.
2) During the identification process
a) The identification process recorded by video conference must record date and time of the event , and must be preserved in accordance with Article 25 of Law 10/2010.
The client, must expressly consent to carrying out the method of non-contact identification through videoconferencing, recording and preserving the process, before or during the same. Please note that Article 25 of the Act requires preserving the record for 10 years, keeping the integrity, correct reading, impossibility of manipulation and proper storage and location.
b) During the course of the video conference, the legally bound reporting party shall take measures as to ensure the privacy of the conversation with the customer.
c) During the videoconference session, the client must visibly display the front and back of the document used for identification.
d) The identification process may not be completed when (i) there is evidence of forgery or manipulation of the identification document, or (ii) there is evidence of lack of correspondence between the holder of the document and the client, or (iii) the conditions of communication prevent or hinder verification and authenticity as well as integrity of the identification document
e) The legally bound disclosing party must obtain and retain a photograph or a snapshot of the front and back of the identification document.The quality of the photograph must meet the conditions of quality and sharpness ensuring its effective use in investigations or analysis and it will be storedin accordance with the provisions of Article 25 of Law 10/2010.
f) Prior to the execution of any operations, the legally bound reporting party must verify that the customer is not subject to any sanction or international financial countermeasures, under the terms established in Article 42 of Law 10/2010.
3) Monitoring procedure
The external expert report referred to in Article 28 of Law 10/2010 shall expressly rule on the adequacy and operational effectiveness of non-contact identification procedure via videoconference.
Lleida.net is committed to providing outstanding solutions so that clients could take advantage of this new authorization procedure. Should you require any further information, feel free to email us at firstname.lastname@example.org
We are The first registering operator – Registered electronic messages