Blog

Insights Into Austria’s Biometric KYC Onboarding [2022 Updates]

Richard Marley
April 18, 2022
7 minutes read
7077

Biometric authentication is considered a convenient approach for onboarding online customers that is completed entirely or partially by automated electronic procedures without the intervention of a human. This means that, unlike video identification, a natural person will no longer be required to be present during the onboarding process. Businesses can expect that the new biometric identification technology will make operations smooth, easier and faster. In comparison to conventional remote identification processes, it should also help save money.

The use of biometric KYC procedures is contingent on a number of factors, including the use of cutting-edge, constantly updated biometric techniques, proper security measures, thorough documentation of customer information and maintaining records of the verification results. In compliance with Austria’s current data protection regulations, businesses need to implement the biometric verification procedure.

Overview of Biometric KYC Onboarding in Austria

Biometric technology has been permitted for online client onboarding in Austria since 2021. Let’s take a look at what this means for businesses operating in Austria. Despite being located in one of Europe’s most crucial financial centers, Austrian businesses took a long time to onboard consumers manually. This was a concern because traditional Know Your Customer (KYC) methods were time-consuming, error-prone, and necessitated a significant investment of both financial and human resources.

The Austrian Financial Market Authority (FMA) made video-based identification for onboarding new clients mandatory for financial as well other businesses on January 3rd, 2017, as it was the country’s first move toward digitization. This assisted financial institutions particularly banks to onboard clients remotely by authenticating their identities through video chat.

However, the Austrian Financial Market Authority (FMA) has also issued an amendment to the Austrian Online Identification Regulation (“Online-Identifikationsverordnung“) in November 2021, allowing fully automated biometric procedures for identity verification under the Austrian Anti-Money Laundering Act (Finanzmarkt-Geldwäschegesetz). This means that banks, financial institutions, and other companies subject to AML legislation can now use biometric identity verification in addition to other methods of identification.

New Changes In Austria’s Digital Onboarding Requirements

In the context of the amendments, the FMA’s legal provision on Online Identification Regulation describes the following terms:

Document Authentication: an official photo identification document with optical security measures at least as good as holographic elements.
Capturing Image: Electronic data processing generates and stores a graphical representation. As a visual component of the online identification procedure, it reproduces the content displayed on the screen. For verification and documentation purposes, the quality of the screenshot adheres to the applicable criteria. There is no need to store screenshots if a consumer delivers electronically-signed photo identity documents for verification.
Third-Party Verification Vendor: a legal person, public authority, agency, or other body that processes personal data on the behalf of financial service providers.
Automated identification processes: Automatic online identification techniques that do not require the input of a team member totally or partially.

Updated Requirements for Biometric Authentication in Austria

Customers need to be onboarded by financial service providers via operator-assisted video identification. Financial service providers can now integrate fully automated biometric verification solutions for online identity verification without requiring the need of human involvement.

The biometric identification method, according to the modifications, includes a presence check, a multi-step customer verification process that includes a liveness check, collecting government-issued identity documents embedded with NFC chip data instead of taking pictures and agreement to biometric data processing. Furthermore, the procedure must be technologically advanced and adhere to the same security standards as “in-person” identification.

Presence Check

To verify whether the customer is present at the time of the onboarding process, clients are required to place their faces in front of the camera for authentication. However, biometric solutions embedded with lioness detection features are best at filtering out bad actors at this stage.
In case, the customer is flagged as a potential client, in addition to liveness detection, the serial number of identity documents and the string of characters that are provided by the banks is to be provided to the firm.
The compliance officer then records a video of the whole biometric authentication procedure as per FMA requirements for presence checks.

NFC-based ID Verification

Only NFC-based identity documents issued by the government can be used for biometric verification. Instead of images of the ID, data from such ID documents are to be retrieved using NFC readers. In addition to the data recording, the FMA still recommends storing electronic copies of the front and back of IDs.

In addition to this, from January 1st, 2023, all financial firms operating in Austria are required to validate the electronic signature’s legitimacy as well as the data’s integrity from NFC-based documents.

Client Сonsent

Under Article 9 (2) a) of the EU GDPR, if financial institutions need to use customers’ biometric information to fulfill KYC verification procedures, they must get consent from the customers and seek their agreement to the use of biometric data legally.

Ways Financial Institutions Can Stay Compliant

For businesses, there are a few crucial points to keep in mind in order to stay put with Austria’s biometric identification requirements. Financial service providers are obliged to perform the following to onboard consumers online using biometrics in accordance with the FMA’s online identification regulation:

Implementing Rigid Security Measures: Banks and other financial service providers including cryptocurrency exchanges need to take effective steps to ensure the integrity and security of verification measures stay preserved, including ongoing monitoring of customers’ activities on a regular basis. This will help them to detect and deter any kind of suspicious activity.
Liveness Detection: This process will permit businesses to determine if the customers are present during the onboarding procedure or not. To stay put with the requirement, banks must record a video of the presence check process.
Record-keeping: Biometric identification processes must be documented in a clear and understandable manner by financial service providers. This includes archiving recordings made for online identity purposes, such as opening a bank account or other transactions; and storing records of the presence check procedure.

How Shufti Pro Can Help

Biometric authentication is one of the best ways to combat financial crimes, especially 2D and 3D masks, and deep fakes. Skin texture analysis, 3D mapping, depth sensing, liveness detection, and other techniques have enhanced the accuracy of biometric authentication.

Shufti Pro’s state-of-the-art facial biometric verification solution is powered by thousands of AI models to authenticate customer identities and verify the live presence of the customer, helping businesses to meet Austria’s new identity verification requirements. With 98.67% accuracy, our solutions ensure that your company stays safe from facial spoof attacks.

Want to know more about facial biometric authentication for financial services?

Talk to us

Disclaimer: No warranty is herein provided that the information contained in this document is accurate, up-to-date, and/or complete. In no circumstance(s), does such information constitute legal or any other advice. Any person who intends to use, rely, pass-on, or re-publish the information contained herein in any way is solely responsible for the same. We suggest to verify the information and/or obtain expert advice independently if required.

Latest News

News
Qatar Takes Steps to Strengthen its AML/CFT and Sanctions Compliance
Overview of Biometric KYC Onboarding in Austria
New Changes In Austria’s Digital Onboarding Requirements
Updated Requirements for Biometric Authentication in Austria
Ways Financial Institutions Can Stay Compliant
How Shufti Pro Can Help
A webinar organised by ICC Qatar emphasised the efforts of Qatar to strengthen its AML/CFT and sanctions compliance across financial and non-financial sectors.

The International Chamber of Commerce Qatar (ICC Qatar), held a webinar on “Spotlight on the latest risk and financial crime trends” in collaboration with Refinitiv Protiviti and FinScan on 18th May.

Keynote presentations were given in the virtual event by Nipun Srivastava, Managing Director and the Middle East Leader of Financial Crime and Regulatory Advisory Practice at Protiviti, Marina Agathangelou, Customer Success Manager at Refinitiv, and Ibrahim Doubli, Regional Director, Middle East & Africa at FinScan Compliance & Data Quality Solutions.

Depicting the latest events in Eastern Europe, and how the problems related to data security with advanced matching technology can help in making the risk and compliance measures of the company more robust, major attention was paid to Financial Action Task Force (FATF) Mutual Evaluations inspections of the Gulf Cooperation Council (GCC); the sanctions and the recent financial frauds trends in the webinar.

Srivastava told the participants about the actions Qatar has been implementing to strengthen its AML/CFT and sanctions compliance framework across various financial and non-financial institutions.

Agathangelou said the Mutual Evaluation is just an initial phase of work to prepare the country to combat current and emerging financial threats. With the implication of the automation/machine learning based programs, Qatar will be able to invest its resources efficiently in combating financial frauds.

“Implementation of the Public Private Partnerships among the National Anti-Money Laundering and Terrorism Financing Committee (NAMLC), Qatar Central Bank (QCB), Financial Information Unit (FIU) and other bodies may bring out the best industry tools for aiding the government to complete their national agenda” added Agathangelou.

Doubli showed appreciation towards the ICC Qatar for conducting an effective webinar while saying “I look forward to continuing working with the institutions in Qatar in their efforts to comply with fast-changing local and global regulations”.

Suggested Read: China Strengthens Anti-Money Laundering Rules for Financial Institutions

Insights Into Austria’s Biometric KYC Onboarding [2022 Updates]

Overview of Biometric KYC Onboarding in Austria

New Changes In Austria’s Digital Onboarding Requirements

Updated Requirements for Biometric Authentication in Austria

Presence Check

NFC-based ID Verification

Client Сonsent

Ways Financial Institutions Can Stay Compliant

How Shufti Pro Can Help

Cryptocurrencies and AML Compliance

Challenges Faced by Crypto Firms

Crypto AML Regulations

US and Canada’s Crypto AML Regulations

Europe’s Crypto AML Regulations

Asia Pacific’s Crypto AML Regulations

What Shufti Pro Offers

Let’s prove your

customer’s identity

with Shuftipro.

Let’s prove your customer’s

identity with Shuftipro.