Electronic identification (e-ID)

• Harmonise the documents required for the verification of identity (e.g. passports, utility bills, municipal records, tax documents) and their format (acceptability of electronic copies in addition to physical copies);
• Provide further guidance or standards in support of the customer due diligence process (e.g. detailed ID elements, eligible trusted sources; risk assessment of remote identification technologies);
• Put forward a common regulatory approach for customer identification and due diligence processes when performed remotely;
• Adopt a high level of assurance approach for increased electronic KYC for financial services;
• Broaden access for obliged entities to publicly held information (public databases and registers) to enable verification of customer identities;
• Provide further guidance relating to reliance on third parties for carrying out identification and verification through digital means, including on issues relating to liability

Identified Concerns

In an increasingly digital world, where most customer interaction happens online, an e-ID can considerably smoothen the customer journey across digital channels, while safeguarding privacy and security. A harmonised e-ID framework at European level would be a key driver to achieve a digital single market and increased mobility for European citizens.

ESBG welcomes the objective to facilitate the cross-border use of electronic identification based on eIDAS, a fundamental requirement to build the Digital Single Market. ESBG believes that an optimal implementation of e-ID solutions in Europe can only be reached by directly involving the relevant industries, ensuring the participation of the private sector at par with the public sector.

However, ESBG considers the current regulatory, supervisory and technological fragmentation of crossborder electronic identities (e-ID) across member states as very disadvantageous for the EU, both in terms of operational and regulatory requirements. Additionally, the identification requirements of European consumers in digital channels differ vastly between member states, especially due to the different interpretation, implementation and applications of for instance AML-requirements and PSD2 by both legislators and supervisors. This has created a fragmented and ineffective market environment across the EU, hindering European citizens and corporations.

The provision of interoperable e-identity tools will boost cross-border transactions, paving the road for a Single Digital Market in the EU. High acceptance rates and technical neutrality will be key in determining the success of European e-IDs. Therefore, ESBG believes that it is important for the EU to empower its financial institutions with the abilities to identify customers through digital means.

Why Policymakers Should Act

At this point in time, developing a specific financial digital identity would not be ideal for consumers. Rather, we welcome broader solutions that would allow citizens to use their e-ID for different purposes. To do so, the EU should work towards a harmonised framework, first on member state level and then on union level, where consumers are able to decide which e-ID to use for identification in each daily use case and are certain that the chosen e-ID will be accepted (irrespective of the scheme being private or public-led).

Here the ESBG strongly believe banks are well-positioned to not only participate but drive the development of e-IDs, given that they have already verified their customer’s data during onboarding processes. Additionally, customers are already used to accessing their bank accounts online and would thus benefit from an e-ID created without the need to provide personal data to a third party. This, in turn, would enhance customer protection and ensure a higher level of personal data privacy.

The current availability and offer of electronic trust services in the EU is not sufficient. Additional trust services should be regulated at EU level, such as electronic identification and authentication, and provision of trusted attributes linked to a verified identity (e.g. proof-of-age, credentials, KYC). At the same time, it is important to build on already existing knowledge and best practices, rather than requiring the development of new solutions from scratch. For instance, in some parts of Europe, already existing efficient solutions and well-established routines at a national levels, should be protected and taken into account by the regulator.

Background

Regulation EU No 910/2014 commonly known as eIDAS Regulation is an EU regulation on electronic identification and trust services for electronic transactions in the EU. It seeks to establish a single legal framework for recognizing electronic signatures and identities throughout the EU. eIDAS Regulation entered into force on 1 July 2016 making the European Union the first and only region in the world offering a viable and common framework that allows the cross-border user of trust and electronic identification services, which include electronic signatures, timestamps and web authentication services.

eIDAS foresees that if an EU Member State offers an online public service to citizens or businesses for which access is granted based on an electronic identification scheme – for example for tax declarations – then they must also recognise the eIDs of other Member States for the purposes of cross-border authentication. The regulation creates thus an internal market for electronic trust services and ensures that they will work across borders and that they have the same legal status as the traditional paper-based processes.

In other words, the eIDAS Regulation provides for a clear and predictable regulatory framework for secure and seamless electronic interactions between businesses, citizens and public authorities within the EU. This regulatory environment is provided by eIDAS, the European regulation on electronic identification and trust services for electronic identification in the internal market. The opportunities offered by eIDAS go beyond payments. Banks can offer consumer or SME-loans to customers that are on-boarded in a digital way, or they can offer investment services to customers based in other countries.​