What is the purpose of this Quick Start Guide?

Mesh ID is a provider of solutions for automating the onboarding of individuals and companies for regulated institutions in the financial services industry, Mesh ID understands the importance of ensuring our technology is evaluated and approved by the relevant regulators. We have created a set of documents which we are calling a ‘Regulatory Pack’ to help regulated institutions perform internal business risk assessments, get regulatory approval, and streamline the onboarding process.  The Quick Start Guide gives an overview of the regulatory landscape governing the use of digital verification technologies, and outlines what is contained within our Reg Pack.

What global guidelines govern the use of digital verification technologies?

Electronic identification (eID) solutions have become an integral part of the digital transformation of various industries, particularly the financial services sector. However, the use of eID technologies is subject to various regulatory guidelines around the world. Regulated institutions need to be aware of these guidelines when evaluating and implementing eID solutions, such as Mesh ID’s platform.

In this document, we will outline some of the key eID guidelines and regulations from around the world, and how Mesh ID ensures compliance with them.

FATF Guidelines

The Financial Action Task Force (FATF) is a global standard-setting body that promotes effective implementation of legal, regulatory, and operational measures for combating money laundering, terrorist financing, and other related threats to the integrity of the international financial system. In March 2020, FATF released new guidance on the use of digital identity for customer due diligence (CDD) in the financial sector.

The guidance recognizes that digital identity systems can provide efficient and cost-effective ways to conduct CDD, but it also highlights the potential risks associated with the use of these systems. The guidance provides a set of recommended practices for implementing digital identity solutions, such as:

  • Conducting a risk assessment of the digital identity system, including potential risks related to security, privacy, and data protection.
  • Ensuring the reliability and accuracy of the digital identity system through robust authentication and verification procedures
  • Ensuring the confidentiality, integrity, and availability of customer data
  • Ensuring compliance with relevant data protection and privacy regulations

At Mesh ID, we have developed our platform with these guidelines in mind. Our system undergoes regular risk assessments, and we have implemented strong authentication and verification procedures to ensure the reliability and accuracy of our digital identity solution. We also ensure the confidentiality, integrity, and availability of customer data and are compliant with relevant data protection and privacy regulations.

EU eIDAS Regulation for electronic signatures

The European Union (EU) has also established guidelines for eID solutions through the eIDAS Regulation. The eIDAS Regulation provides a legal framework for the use of eID in cross-border transactions within the EU. It establishes a common standard for electronic identification and trust services, including electronic signatures, electronic seals, electronic time stamps, and electronic delivery services.

The eIDAS Regulation aims to create a single digital market in the EU, by ensuring the legal validity of electronic transactions across borders. The regulation provides a set of technical and legal requirements for eID solutions, such as:

  • Ensuring the authenticity and integrity of the eID solution
  • Ensuring the confidentiality and privacy of personal data
  • Ensuring compliance with data protection and privacy regulations
  • Providing a high level of security through encryption and other technical measures

Mesh ID’s platform is compliant with the eIDAS Regulation in relation to the electronic signatures we use when electronically signing and sealing documents. We ensure our certificate issuing partners maintain a high standard in authenticity, integrity, confidentiality, and privacy of personal data through a range of technical and legal measures. We also comply with data protection and privacy regulations and have implemented strong security measures to protect against cyber threats.

US eSign Act

In the United States, the Electronic Signatures in Global and National Commerce (eSign) Act provides a legal framework for the use of electronic signatures and records in interstate and foreign commerce. The act allows electronic signatures and records to have the same legal validity as handwritten signatures and paper records, provided that certain conditions are met.

The act requires that electronic signatures and records be attributed to the signatory, accurately reflect the agreement or record, and be accessible to all parties who are entitled to access them. Mesh ID’s platform allows for the use of electronic signatures and records, and we ensure that they meet the legal requirements set out in the eSign Act.

Conclusion

The use of eID solutions is subject to various regulatory guidelines around the world, such as the FATF guidelines, the EU eIDAS Regulation, and the US eSign Act. At Mesh ID, we understand the importance of complying with these guidelines and regulations, and we have developed our platform with these requirements in mind.

Our platform has been designed to provide a secure, reliable, and compliant digital identity verification solution for regulated institutions in the financial services industry. We undergo regular risk assessments and implement robust authentication and verification procedures to ensure the reliability and accuracy of our digital identity solution.

We also ensure the confidentiality, integrity, and availability of customer data and comply with relevant data protection and privacy regulations. Our platform is compliant with the eIDAS Regulation, and we ensure that our electronic signatures and records meet the legal requirements set out in the US eSign Act.

By using Mesh ID’s technology, regulated institutions can streamline the onboarding process for both individuals and companies, while ensuring compliance with relevant regulations and standards. Our Regulatory Pack provides all the information regulated institutions need to perform internal business risk assessments, get regulatory approval, and streamline the onboarding process.

Working with Mesh ID means that regulated institutions can have confidence in the security and accuracy of our digital verification technologies, and get up and running with our service quickly and efficiently. Our team is also on hand to provide any further information and support needed to speed up the approval process inside their organisation and with their regulatory.

In conclusion, Mesh ID is committed to providing a secure and compliant digital identity verification solution that meets the needs of regulated institutions in the financial services industry. Our Regulatory Pack and compliance with global eID guidelines and regulations make it easier for our clients to get up and running with our platform while maintaining regulatory compliance.

Contents of the Regulatory Pack

The Regulatory Pack created by Mesh ID includes the following:

  1. Questions for Regulated Providers: This document includes a set of questions which regulated providers need to ask themselves before using our technology. The document addresses the FATF guidelines on the use of eID technologies, and covers areas such as data protection, privacy, and security.
  2. Mesh ID’s Answers to the Questions: In this document, Mesh ID provides answers to the questions in the Questions for Regulated Providers document. This document also includes information on how we ensure compliance with relevant regulations and standards, such as GDPR and ISO 27001.
  3. Internal Business Risk Assessment Template: To help regulated institutions perform internal business risk assessments, we have provided a template that covers areas such as reputation risk, legal risk, and operational risk.
  4. Memos: The memos included in the Regulatory Pack provide assurances from Mesh ID on the service, including information on our data protection and privacy policies.
  5. Vendor Due Diligence: We have also included a set of vendor due diligence questions and answers to help regulated institutions evaluate our service.

Key Questions Covered in the Regulatory Pack

The Regulatory Pack covers a range of questions that regulated institutions need to consider when evaluating our technology. Some of the key questions covered include:

  1. How does Mesh ID ensure the security and privacy of user data?
  2. What measures does Mesh ID take to ensure compliance with relevant regulations and standards?
  3. How does Mesh ID ensure that the digital identity verification and address verification processes are reliable and accurate?
  4. How does Mesh ID ensure that the smart forms and document collection and verification processes are compliant with relevant regulations?

Benefits of Working with Mesh ID

By using Mesh ID’s technology, regulated institutions can speed up the onboarding process for both individuals and companies, while ensuring compliance with relevant regulations and standards. Our Regulatory Pack provides all the information regulated institutions need to perform internal business risk assessments, get regulatory approval, and streamline the onboarding process. With Mesh ID, regulated institutions can have confidence in the security and accuracy of our digital verification technologies, and get up and running with our service quickly and efficiently.

Our accelerated Checklist Template

As part of our commitment to making the onboarding process as streamlined and efficient as possible, Mesh ID has created an easy-to-use template checklist in Excel that helps regulated institutions structure their internal assessment of our technology. This checklist provides a step-by-step guide on the questions they need to ask themselves, and allows them to input all their information in one place. This checklist will help regulated institutions to identify potential risks and evaluate whether our technology is suitable for their business needs. By using this checklist, they can ensure that they have covered all the necessary areas and can present a comprehensive business risk assessment to their compliance teams and board of directors. This is just one example of how Mesh ID strives to provide excellent support to our clients, ensuring a smooth and efficient onboarding process.

Mesh ID Regulatory Pack

If you are interested in our “Regulatory Pack” please click the button below.