The Know your Customer – KYC procedure, definition that includes also the Know your Business (KYB) and the Know your Customer’s Customer (KYCC), is becoming an increasing factor for worldwide businesses and activities, from public administration to private sector (above all financial, professional services, online retail or energy and telecom sectors).
The core need of the KYC process is the correct identification and authentication of the potential customer, natural or legal person, including natural person representing the legal person, and the plausibility of their activities.
GRIDS project has the objective to enable private players across Europe to effectively and simultaneously access and process KYC and eIDAS identity information, using eIDAS identity verification to create and maintain a consistent single view of their customers and perform effective and accurate screening, in order to guarantee compliance with applicable regulations mandating enhanced the due diligence procedures, thus increasing, where applicable, the operational efficiency of anti-money laundering and, more generally, preventing and recognising financial crimes.
GRIDS enables KYC Data Providers and Data Consumer to connect KYC information with eIDAS authentication data. This service may be defined as a new generation of “KYC as a Service”, that makes the provision of commercial services based on EU interoperable authentication services more transparent and accountable and more respectful of citizens' privacy.
The access to and interoperability of strong means of secure electronic identification and authentication are based on the legal certainty provided by the eIDAS Regulation and its materialisation both technically and organisationally as well-supported nodes.
Indeed, the key attributes related to identity are obtained across borders and in a certified way by the foreign Member State eIDAS node from trustworthy sources, such as recognised identity providers asserting the authenticity of the electronic means of authentication and optionally additional attribute providers, in a transparent and reliable way, in accordance with eIDAS Regulation and General Data Protection Regulation (GDPR) principle of data minimization, among others. eIDAS nodes allow to link cross-border to the eID trustworthy source of information to make a check against the customer’s claimed identity and also replace the need to additionally provide face-to face identity altogether, taking innovation one step further costly operator-managed video and biometric remote verification procedures when allowed by national law.
In specific sectors, as the financial and banking, compliance is also needed with additional regulations related to the prevention of financial crimes, like the Anti-Money Laundering Directive and second Payment Services Directives that request a safe data governance and streamlining of the related business operations.
GRIDS architecture enables such private sector to receive reliable identity data through a fully automatic and secure transfer from the eID itself to the end-receiving service provider for verification, all allowed thanks to a trustworthy interoperability infrastructure.