The provision of interoperable e-identity tools will boost cross-border transactions, paving the road for a Single Digital Market in the EU. High acceptance rates and technical neutrality will be key in determining the success of European e-IDs. It is now time for the EU to push the harmonisation of its electronic identification regulatory and supervisory framework. In order to facilitate the process, the following initiatives should be taken:
- Harmonise the documents required for the verification of identity (e.g. passports, utility bills, municipal records, tax documents) and their format (acceptability of electronic copies in addition to physical copies);
- Provide further guidance or standards in support of the customer due diligence process (e.g. detailed ID elements, eligible trusted sources; risk assessment of remote identification technologies);
- Put forward a common regulatory approach for customer identification and due diligence processes when performed remotely;
- Adopt a high level of assurance approach for increased electronic KYC for financial services;
- Broaden access for obliged entities to publicly held information (public databases and registers) to enable verification of customer identities;
- Provide further guidance relating to reliance on third parties for carrying out identification and verification through digital means, including on issues relating to liability
Identified Concerns
In an increasingly digital world, where most customer interaction happens online, an e-ID can considerably smoothen the customer journey across digital channels, while safeguarding privacy and security. A harmonised e-ID framework at European level would be a key driver to achieve a digital single market and increased mobility for European citizens.
ESBG welcomes the objective to facilitate the cross-border use of electronic identification based on eIDAS, a fundamental requirement to build the Digital Single Market. ESBG believes that an optimal implementation of e-ID solutions in Europe can only be reached by directly involving the relevant industries, ensuring the participation of the private sector at par with the public sector.
However, ESBG considers the current regulatory, supervisory and technological fragmentation of crossborder electronic identities (e-ID) across member states as very disadvantageous for the EU, both in terms of operational and regulatory requirements. Additionally, the identification requirements of European consumers in digital channels differ vastly between member states, especially due to the different interpretation, implementation and applications of for instance AML-requirements and PSD2 by both legislators and supervisors. This has created a fragmented and ineffective market environment across the EU, hindering European citizens and corporations.
The provision of interoperable e-identity tools will boost cross-border transactions, paving the road for a Single Digital Market in the EU. High acceptance rates and technical neutrality will be key in determining the success of European e-IDs. Therefore, ESBG believes that it is important for the EU to empower its financial institutions with the abilities to identify customers through digital means.
Why Policymakers Should Act
At this point in time, developing a specific financial digital identity would not be ideal for consumers. Rather, we welcome broader solutions that would allow citizens to use their e-ID for different purposes. To do so, the EU should work towards a harmonised framework, first on member state level and then on union level, where consumers are able to decide which e-ID to use for identification in each daily use case and are certain that the chosen e-ID will be accepted (irrespective of the scheme being private or public-led).
Here the ESBG strongly believe banks are well-positioned to not only participate but drive the development of e-IDs, given that they have already verified their customer’s data during onboarding processes. Additionally, customers are already used to accessing their bank accounts online and would thus benefit from an e-ID created without the need to provide personal data to a third party. This, in turn, would enhance customer protection and ensure a higher level of personal data privacy.
The current availability and offer of electronic trust services in the EU is not sufficient. Additional trust services should be regulated at EU level, such as electronic identification and authentication, and provision of trusted attributes linked to a verified identity (e.g. proof-of-age, credentials, KYC). At the same time, it is important to build on already existing knowledge and best practices, rather than requiring the development of new solutions from scratch. For instance, in some parts of Europe, already existing efficient solutions and well-established routines at a national levels, should be protected and taken into account by the regulator.
Background
Regulation EU No 910/2014 commonly known as eIDAS Regulation is an EU regulation on electronic identification and trust services for electronic transactions in the EU. It seeks to establish a single legal framework for recognizing electronic signatures and identities throughout the EU. eIDAS Regulation entered into force on 1 July 2016 making the European Union the first and only region in the world offering a viable and common framework that allows the cross-border user of trust and electronic identification services, which include electronic signatures, timestamps and web authentication services.
eIDAS foresees that if an EU Member State offers an online public service to citizens or businesses for which access is granted based on an electronic identification scheme – for example for tax declarations – then they must also recognise the eIDs of other Member States for the purposes of cross-border authentication. The regulation creates thus an internal market for electronic trust services and ensures that they will work across borders and that they have the same legal status as the traditional paper-based processes.
In other words, the eIDAS Regulation provides for a clear and predictable regulatory framework for secure and seamless electronic interactions between businesses, citizens and public authorities within the EU. This regulatory environment is provided by eIDAS, the European regulation on electronic identification and trust services for electronic identification in the internal market. The opportunities offered by eIDAS go beyond payments. Banks can offer consumer or SME-loans to customers that are on-boarded in a digital way, or they can offer investment services to customers based in other countries.
related
April 28, 2022
ESBG response to ESMA’s consultation on guidelines of MiFID II suitability requirements
ESBG's response to the European Securities and Market Authority (ESMA) consultation on some MiFID II sustainability aspects. European banks calls for clear procedures and to avoid unnecessary…
April 4, 2022
Developing a proportionate, fair and efficient IRRBB framework in the EU
On 4 April 2022, ESBG responded to the EBA consultation specifying technical aspects of the revised framework capturing interest rate risks for banking book (IRRBB) positions.
March 7, 2022
European Commission review of the Mortgage Credit Directive
SBG sent its response to the European Commission questionnaire on what to include in the upcoming Review of the Mortgage Credit Directive (MCD).
March 4, 2022
Customer protection
The ESBG, together with eight other associations has written to the European Data Protection Board, the European Commission and the European Banking Authority about the EDPB Guidelines 06/2020 on the…
March 3, 2022
Strengthening the quality of corporate reporting and its enforcement in the EU
The consultation aims to evaluate the impact of the EU framework on the three pillars of high quality and reliable corporate reporting: corporate governance, statutory audit and supervision. This…
February 25, 2022
European Commission Banking Package proposal
ESBG responded to the European Commission “have your say" consultation on the Banking Package proposal.
February 24, 2022
Considerations on the BCBS principles for the management & supervision of climate-related financial risks
Considerations on the BCBS principles for the management & supervision of climate-related financial risks
February 24, 2022
Considerations on the BCBS principles for the management & supervision of climate-related financial risks
Considerations on the BCBS principles for the management & supervision of climate-related financial risks
February 16, 2022
Clear and fair rules for the use of machine learning in Internal Rating Based models
The European Savings and Retail Banking Group welcomes the initiative of the European Banking Authority to discuss the implications of the use of machine learning in the internal rating based models…
December 23, 2021
Daisy chain of internal MREL
Resolution groups with entities in only one member state should be exempted from the “daisy chain” deduction framework.