Electronic identification (e-ID)
Updated: October 2020
PROPOSED SOLUTIONS AND ACTIONS
The provision of interoperable e-identity tools will boost cross-border transactions, paving the road for a
Single Digital Market in the EU. High acceptance rates and technical neutrality will be key in determining the
success of European e-IDs. It is now time for the EU to push the harmonisation of its electronic identification
regulatory and supervisory framework. In order to facilitate the process, the following initiatives should be taken:
- Harmonise the documents required for the verification of identity (e.g. passports, utility bills, municipal
records, tax documents) and their format (acceptability of electronic copies in addition to physical copies);
- Provide further guidance or standards in support of the customer due diligence process (e.g. detailed ID
elements, eligible trusted sources; risk assessment of remote identification technologies);
- Put forward a common regulatory approach for customer identification and due diligence processes when
performed remotely;
- Adopt a high level of assurance approach for increased electronic KYC for financial services;
- Broaden access for obliged entities to publicly held information (public databases and registers) to enable
verification of customer identities;
- Provide further guidance relating to reliance on third parties for carrying out identification and verification
through digital means, including on issues relating to liability
IDENTIFIED CONCERNS
In an increasingly digital world, where most customer interaction happens online, an e-ID can considerably
smoothen the customer journey across digital channels, while safeguarding privacy and security. A harmonised
e-ID framework at European level would be a key driver to achieve a digital single market and increased
mobility for European citizens.
ESBG welcomes the objective to facilitate the cross-border use of electronic identification based on eIDAS,
a fundamental requirement to build the Digital Single Market. ESBG believes that an optimal implementation
of e-ID solutions in Europe can only be reached by directly involving the relevant industries, ensuring the
participation of the private sector at par with the public sector.
However, ESBG considers the current regulatory, supervisory and technological fragmentation of crossborder electronic identities (e-ID) across member states as very disadvantageous for the EU, both in terms of
operational and regulatory requirements. Additionally, the identification requirements of European consumers
in digital channels differ vastly between member states, especially due to the different interpretation,
implementation and applications of for instance AML-requirements and PSD2 by both legislators and
supervisors. This has created a fragmented and ineffective market environment across the EU, hindering
European citizens and corporations.
The provision of interoperable e-identity tools will boost cross-border transactions, paving the road for a
Single Digital Market in the EU. High acceptance rates and technical neutrality will be key in determining the
success of European e-IDs. Therefore, ESBG believes that it is important for the EU to empower its financial
institutions with the abilities to identify customers through digital means.
WHY POLICYMAKERS SHOULD ACT
At this point in time, developing a specific financial digital identity would not be ideal for
consumers. Rather, we welcome broader solutions that would allow citizens to use their e-ID
for different purposes. To do so, the EU should work towards a harmonised framework,
first on member state level and then on union level, where consumers are able to decide which
e-ID to use for identification in each daily use case and are certain that the chosen e-ID will be
accepted (irrespective of the scheme being private or public-led).
Here the ESBG strongly believe banks are well positioned to not only participate but drive the
development of e-IDs, given that they have already verified their customer’s data during onboarding processes. Additionally, customers are already used to accessing their bank accounts
online and would thus benefit from an e-ID created without the need to provide personal data
to a third party. This, in turn, would enhance customer protection and ensure a higher level of
personal data privacy.
The current availability and offer of electronic trust services in the EU is not sufficient. Additional
trust services should be regulated at EU level, such as electronic identification and authentication,
and provision of trusted attributes linked to a verified identity (e.g. proof-of-age, credentials,
KYC). At the same time, it is important to build on already existing knowledge and best
practices, rather than requiring the development of new solutions from scratch. For instance,
in some parts of Europe, already existing efficient solutions and well-established routines at a
national levels, should be protected and taken into account by the regulator.
BACKGROUND
Regulation EU No 910/2014 commonly known as eIDAS Regulation is an EU regulation on electronic
identification and trust services for electronic transactions in the EU. It seeks to establish a single legal
framework for recognizing electronic signatures and identities throughout the EU. eIDAS Regulation entered
into force on 1 July 2016 making the European Union the first and only region in the world offering a viable
and common framework that allows the cross-border user of trust and electronic identification services,
which include electronic signatures, timestamps and web authentication services.
eIDAS foresees that if an EU Member State offers an online public service to citizens or businesses for which
access is granted based on an electronic identification scheme – for example for tax declarations – then they
must also recognise the eIDs of other Member States for the purposes of cross-border authentication.
The regulation creates thus an internal market for electronic trust services and ensures that they will work
across borders and that they have the same legal status as the traditional paper-based processes.
In other words, the eIDAS Regulation provides for a clear and predictable regulatory framework for secure
and seamless electronic interactions between businesses, citizens and public authorities within the EU.
This regulatory environment is provided by eIDAS, the European regulation on electronic identification and
trust services for electronic identification in the internal market. The opportunities offered by eIDAS go beyond
payments. Banks can offer consumer or SME-loans to customers that are on-boarded in a digital way, or they
can offer investment services to customers based in other countries.