The European Fintech Association (EFA)welcomes the opportunity to participate in the European Banking Authority’s(EBA) consultation on its draft Guidelines on the use of remote customer onboarding solutions. Overall,the guidelines provide an important step in the right direction along with the currently negotiated European Framework on Digital Identification (eIDAS) as well as the Anti-Money Laundering (AML) package. The EFA believes that several aspects need to be properly addressed by European regulators to create an efficient and effective pan-European digital market for businesses and consumers.
As highlighted in the EFA’s position paper on the upcoming AML Regulation, we strongly support the EU-wide harmonization of digital identification methods,as it could remove significant cross-border barriers faced by European fintechs when onboarding customers. Moreover, it is critical to remove any gold platingon a national level and foster an interoperable environment that enables fintechs to have broader market access, and offer European consumers a more seamless and inclusive customer journey.
From the vast experience of the EFA members in the remote and digital onboarding of customers some clarifications are still very much needed in the following areas:
● Basic definitions: these need to be clear and straightforward to avoid national regulators adopting different approaches as is currently the case. For example, the definition of Digital Identity Issuer currently includes those market players providing the digital identity (issuers) and those who provide the authentication or verification method (third parties).The EFA would like to highlight this issue, since currently it is repeated across different Regulations, Directives, Delegated Acts and Guidelines. The proposed guidelines run the risk of overburdening certain market players that rely onothers for the identification and verification.
● Remote identification methods: The EFA would welcome a distinction between potential methods of remote identification.The Guidelines should separate in a clearer way and subsequently tackle authority and integrity according to each of the following cases: remote identification that does not involve a live check (videoconference) with no examination of the original document, remote identification with examination of the original documents andother procedures. This would also streamline the approach taken by national regulators.
● Outsourcing activities: The EFA fully understands that this regulation will have to closely integrate with the AML package, and therefore calls on theEuropean legislators to take a consolidated approach to the outsourcing of activities, to avoid burdening small players and to apply a “same risk, samerules” approach. This is of special relevance for the flourishing market of FinTechs that develop very specificactivities in the AML space, specializing on elements of the Customer Due Diligence process. To create a level-playing field between the homegrown European FinTech industry and foreign BigTech, the businesses need to be able to cooperate with each other to provide one joint solution. In the specific topic of these guidelines, this is achieved through the outsourcing of the services to highly specialized third companies.
● Third-party reliance: There should be a full introduction to this section explaining the difference between reliance and outsourcing to make it clearer for the user, considering the scenario where it is carried out by an intragroup company. The Guidelines should spell out the initial CDD requirements under the EBA Risk Factor Guidelines instead of referencing the guidelines to make it easier for the user.
The EFA remains available for furtherenquiries regarding its response to this consultation and looks forward tofuture engagements and opportunities to interact with European regulators.
The EFA provided its detailed response with suggestions to the EBA (available in the attached PDF).