Skip to main content
Sign in
Create Account
Cart
Toggle navigation
Loading
Home
Hidden
Home
2
Guides
/
Global FinTech Guide
Name
Global FinTech Guide
Country _ Name
United Kingdom
SectionTitle
Identification
Body
FinTechs belonging to this category provide identification services, which are required for most banking services.
Introduction
Attitude of the country towards identification services
Several business collaborations have been entered into between well-established banks and FinTechs, providing streamlined “identify-as-a-service” for financial services businesses.
Banks benefit from FinTechs’ digital expertise to assist with their KYC requirements, and consumers benefit from a user-friendly experience. Demand has grown, particularly because of many bank branches closing, and because of Covid restrictions, both of which have reduced the ability of customers to attend branches and verify their identity in person. The increase in online banking has led to consumer demand for easier and secure ways to identify themselves via mobile phone apps. The importance of data privacy and protection and cyber security will remain a key factor in the growth of this market.
Legal affairs
Obligations and requirements to provide identification services
Whilst identification services are not specifically regulated in the UK, and no license is required, identification service providers must process personal data in accordance with the GDPR and UK Data Protection Act 2018. Compliance is overseen by the Information Commissioner’s Office. FinTech firms that control data must consider:
That personal data can only be processed in a lawful manner, for certain specific reasons – particularly with regard to biometric data.
Data controllers, as defined under the GDPR, must set out compliance and other data control requirements.
Safeguards are required where significant decisions are based on automated data processing.
There are restrictions on the transfer of data outside of the UK and EEA.
Data subject rights, including the right for individuals to be provided with data being held that relate to them, and the right to know if automated decision making is used.
FinTech firms must also maintain data security measures that meet the UK’s cyber security requirements. The UK does not have a single cybersecurity law, but rather a patchwork of cyber security, privacy and national security legislation which will apply in various circumstances. Generally, FinTech firms must:
Meet the requirements of the FCA and PRA in relation to management of risks and controls, business continuity, and outsourcing.
Have appropriate data security measures in place relating to backing up data and the processing of personal data.
Notify the ICO in the event of a material cyber breach.
Firms must also comply with the UK’s anti-money laundering laws, including the Proceeds of Crime Act 2002 (“
POCA
”) and the MLRs. These create reporting obligations if a firm suspects money laundering. Firms must maintain good systems and controls for identifying and dealing with money laundering risk, regularly assess those systems, and provide training to staff (amongst other obligations).
Additional comments regarding the legal situation for identification services or what FinTech’s must be aware of in this business area
The Network and Information Systems Regulations 2018 (SI 2018/506) (NIS Regulations) transpose the requirements of the Network and Information Security Directive ((EU) 2016/1148) (Cybersecurity Directive) into UK law. It imposes various cybersecurity and incident reporting obligations on two distinct classes of operators:
Relevant digital service providers (“
RDSP
s”).
Operators of essential services that operate in specific sectors and meet threshold operating re
Loading
BackToCountry
Hidden
Hidden
Back to country
United Kingdom
2
Switch country
Global overview
Authors
Loading
Name
Organisation
Email
Hidden
Hidden
Russell Jarvis
Shakespeare Martineau
[email protected]
0
2142
Teja Picton-Howell
Penningtons Manches Cooper LLP
[email protected]
0
2408
Close
Choose country
Loading
Country
Hidden
Hidden
Albania
164
2
Argentina
509
2
Australia
179
2
Austria
674
2
Bosnia and Herzegovina
194
2
Canada
149
2
Chile
239
2
China
254
2
Colombia
269
2
Costa Rica
284
2
Croatia
299
2
Czech Republic
809
2
Dominican Republic
830
2
Egypt
314
2
France
719
2
Germany
210
2
Hong Kong
734
2
Hungary
344
2
Ireland
689
2
Italy
329
2
Korea, Republic of
359
2
Malaysia
659
2
Mexico
629
2
Montenegro
374
2
New Zealand
389
2
North Macedonia
434
2
Peru
419
2
Philippines
404
2
Poland
479
2
Portugal
494
2
Romania
794
2
Serbia
464
2
Slovenia
524
2
Spain
539
2
Switzerland
704
2
Thailand
554
2
Turkey
749
2
United Kingdom
779
2
United Rep of Tanzania
764
2
United States
584
2
Uruguay
569
2
{1}
##LOC[OK]##
{1}
##LOC[OK]##
##LOC[Cancel]##
{1}
##LOC[OK]##
##LOC[Cancel]##