Response to consultation on draft Guidelines on the use of remote customer onboarding solutions
Go back
Also, please note that although Fintechs are not under the control of the EBA, Fintechs should also comply with these guidelines, since those Fintechs carrying out the same activity must have to comply with the same obligations.
Furthermore, Spanish legislation already contemplates approved identification systems. We believe that a European-regulated identification system is needed.
Concerning Guideline 21, we believe that a continuous monitoring of the proper functioning of remote identification systems must be regulated.
Concerning Guideline 45, please note that it is very complex to introduce randomness, although the Guideline says, “where possible”. Currently there are no providers that can offer this service.
Concerning Guideline 46, and in our opinion, it is not necessary since double verification procedures are already in place, through an independent channel.
1. Do you have any comments on the section ‘Subject matter, scope and definitions’? If you do not agree, please set out why you do not agree and if possible, provide evidence of the adverse impact provisions in this section would have.
Since these guidelines are indeed a guide, and their application is discretionary, we believe that a direct application through a different legislative tool is necessary.Also, please note that although Fintechs are not under the control of the EBA, Fintechs should also comply with these guidelines, since those Fintechs carrying out the same activity must have to comply with the same obligations.
Furthermore, Spanish legislation already contemplates approved identification systems. We believe that a European-regulated identification system is needed.
2. Do you have any comments on Guideline 4.1 ‘Internal policies and procedures’? If you do not agree, please set out why you do not agree and if possible, provide evidence of the adverse impact provisions in this section would have.
In relation to Guideline 10, it is already mandatory in Spain to establish procedures for the identification in the admission of remote customers. Therefore, we believe that is not necessary to establish “ad hoc” policies for the incorporation of remote customers.Concerning Guideline 21, we believe that a continuous monitoring of the proper functioning of remote identification systems must be regulated.
5. Do you have any comments on the Guideline 4.4 ‘Authenticity Checks’? If you do not agree, please set out why you do not agree and if possible, provide evidence of the adverse impact provisions in this section would have.
In relation to Guideline 39, we believe that Biometric systems, from a Data Protection point of view, can be used for Remote Customers Identity Verification Processes, while the explicit consent of the customer for video identification processes is recommended.Concerning Guideline 45, please note that it is very complex to introduce randomness, although the Guideline says, “where possible”. Currently there are no providers that can offer this service.
Concerning Guideline 46, and in our opinion, it is not necessary since double verification procedures are already in place, through an independent channel.