|
Post by yorkshireman on Mar 18, 2015 2:11:54 GMT
So, who's had to send in documents to Money Thing to get their identity verified? My wife signed up, got the following email and yet was still allowed to deposit money.
“To verify your identity we require some further information before you can begin lending on MoneyThing.
Please provide by replying to this email copies of the following: 1) A scanned/photograph copy of your current passport or your current driving license (with paper counterpart). 2) A scanned/photograph copy of your proof of address. This may include any of the following: An account statement or letter from a recognised bank or credit card company, a utility or tax bill from a recognised source (excluding mobile phones) or your driving licence (if not already used as ID). This information must be provided within 30 days from receiving this email.”
I don’t reckon much to outfits that ask for identification then accept your brass therefore MT can forget it as we don’t do paper anymore.
Admin seems to be a weak area for a number of platforms.
|
|
JamesFrance
Member of DD Central
Port Grimaud 1974
Posts: 1,317
Likes: 893
|
Post by JamesFrance on Mar 18, 2015 6:41:36 GMT
I would think the ID is needed before you withdraw money and not before you make a deposit., so this seems quite sensible,
|
|
|
Post by MoneyThing on Mar 18, 2015 7:16:57 GMT
Morning,
We use a platform called TraceSmart for identity verification which most of the time comes up with a 'Pass', but sometimes 'referred' whereby we then have to undertake additional checks.
This can often be the case in households whereby one partner is named under the majority of household bills, etc., but the other partner is not and is often the one that is not named that we receive a referral.
From a regulatory point of view, there is nothing stopping us taking on a client subject to checks being complete within a timely manner and not mandatory to complete these prior to take on. (You may well have experienced this with lawyers/solicitors, CSP, etc.)
We have written this in to our policies to allow users to sign up quickly and supply additional documents later in the event of 'referred' for the benefit of users. (Subject to receipt within 30 days or prior to withdrawal).
Kind regards,
Ed
|
|
|
Post by yorkshireman on Mar 18, 2015 10:56:27 GMT
Morning, We use a platform called TraceSmart for identity verification which most of the time comes up with a 'Pass', but sometimes 'referred' whereby we then have to undertake additional checks. This can often be the case in households whereby one partner is named under the majority of household bills, etc., but the other partner is not and is often the one that is not named that we receive a referral. From a regulatory point of view, there is nothing stopping us taking on a client subject to checks being complete within a timely manner and not mandatory to complete these prior to take on. (You may well have experienced this with lawyers/solicitors, CSP, etc.) We have written this in to our policies to allow users to sign up quickly and supply additional documents later in the event of 'referred' for the benefit of users. (Subject to receipt within 30 days or prior to withdrawal). Kind regards, Ed It strikes me that the left hand does not know what the right hand is doing, you have accepted a second deposit which, out of curiosity, prompted us to attempt a small investment which in turn you have accepted and now shows on the account as invested. What happens when you don’t receive the requested proof of ID? We have opened a number of P2P accounts in my wife’s name with various platforms and in only one case was ID requested, in fact she has opened more than 1 account with one platform without any need for ID. I’m only a layman but I fail to see why, when you already have bank details, should an account statement or letter from a recognised bank be needed or indeed acceptable?
|
|
|
Post by MoneyThing on Mar 18, 2015 12:18:42 GMT
Morning,
I have asked Andrew, our compliance advisor, to explain this in further detail. Please see his response below. Kind regards, Ed.
From Andrew:
Further to Ed’s response – As a regulated business MoneyThing is required to meet UK and Isle of Man anti-money laundering and countering the financing of terrorism legislation.
Regulations require MoneyThing to establish and maintain client take-on procedures to ensure that they identify and validate that clients exist, and understand where monies arise from, both at the time the business relationship is established, and on an on-going basis thereafter.
Regulations and related guidance require businesses to consider a number of factors, including nationality, residence etc., allowing a risk based approach. Regulations also allow businesses to adopt a pragmatic approach to the timing of client take-on, and have procedures in the event criteria is not met.
As Ed states, MoneyThing has adopted TraceSmart client verification, as set out in its operational procedures. Where a client is not passed by TraceSmart, for whatever reason, MoneyThing has a more manual process, meeting accepted regulatory standards.
Moneything is unable to comment on other platforms, their client take-on policies and procedures. MoneyThing is unable to rely on verification from a client’s bank as it has no formal relationship in this sense, however it can take this into account on a risk based approach, as referred to above.
I am confident MoneyThing and its peers do not wish to create an administrative burden for clients however it must balance this with its regulatory obligations.
I would be happy to discuss any client’s material concerns with any regulatory matter.
--
Andrew Mackenzie
Compliance
T: +44 (0) 8000 66 33 44
E: andrew.mackenzie@moneything.com
|
|
|
Post by batchoy on Mar 18, 2015 12:38:29 GMT
The key issue with this request and I react badly to such requests is that it was done via email and wants the proofs of identity sent via email.
The issue with emails is that they can be easily spoofed, and they are as secure as postcards when it comes to their content, the same thing goes for requests for such information to be faxed.
If platforms want copies of documents then they must use a secure method for requesting them and provide a secure method by which they can be supplied. These documents are obviously key to proving ones identity otherwise they would not be needed so it follows that they need to be guarded since in the wrong hands they can lead to identity theft.
|
|
|
Post by MoneyThing on Mar 18, 2015 12:44:19 GMT
Afternoon. Just wanted to add, that should anyone like a copy of their TraceSmart report and see what checks it undertakes in order to verify your identity - please email us and we would be happy to send you a copy by return. I believe that if users see how these systems work, it would help investors appreciate how client take-on is undertaken. Kind regards, Ed.
|
|
|
Post by MoneyThing on Mar 18, 2015 13:02:03 GMT
The key issue with this request and I react badly to such requests is that it was done via email and wants the proofs of identity sent via email. The issue with emails is that they can be easily spoofed, and they are as secure as postcards when it comes to their content, the same thing goes for requests for such information to be faxed. If platforms want copies of documents then they must use a secure method to requesting them and provide a secure method by which they can be supplied. These documents are obviously key to proving ones identity otherwise they would not be needed so it follows that they need to be guarded since in the wrong hands they can lead to identity theft. Afternoon batchoy. You make a good point and would be happy to look at a more secure method by way of accepting documents. Having been involved myself with encryption technologies and secure email for a number of years I appreciate that there is always a balance between how far you go with encryption vs the simplicity. I will look at seeing if I can incorporate the technology that we developed at my previous company. Having said that, perhaps I will look at a way to allow users to upload documents for review from within their MoneyThing account. Let me get back to you. Kind regards, Ed
|
|
|
Post by yorkshireman on Mar 18, 2015 13:03:32 GMT
Morning, I have asked Andrew, our compliance advisor, to explain this in further detail. Please see his response below. Kind regards, Ed. From Andrew: Further to Ed’s response – As a regulated business MoneyThing is required to meet UK and Isle of Man anti-money laundering and countering the financing of terrorism legislation.
Regulations require MoneyThing to establish and maintain client take-on procedures to ensure that they identify and validate that clients exist, and understand where monies arise from, both at the time the business relationship is established, and on an on-going basis thereafter.
Regulations and related guidance require businesses to consider a number of factors, including nationality, residence etc., allowing a risk based approach. Regulations also allow businesses to adopt a pragmatic approach to the timing of client take-on, and have procedures in the event criteria is not met.
As Ed states, MoneyThing has adopted TraceSmart client verification, as set out in its operational procedures. Where a client is not passed by TraceSmart, for whatever reason, MoneyThing has a more manual process, meeting accepted regulatory standards.
Moneything is unable to comment on other platforms, their client take-on policies and procedures. MoneyThing is unable to rely on verification from a client’s bank as it has no formal relationship in this sense, however it can take this into account on a risk based approach, as referred to above.
I am confident MoneyThing and its peers do not wish to create an administrative burden for clients however it must balance this with its regulatory obligations.
I would be happy to discuss any client’s material concerns with any regulatory matter.
--
Andrew Mackenzie
Compliance
T: +44 (0) 8000 66 33 44
E: andrew.mackenzie@moneything.com
That’s all well and good but haven’t you already flouted the regulations by: 1. Accepting 2, albeit very small deposits? 2. Allowing a small investment? 3. Allowing the full balance of the MT account to be withdrawn and returned to our account? What happened to compliance with the regulations? And you haven’t answered my question about what happens to the investment if you don’t receive the requested proof of ID?
|
|
ramblin rose
Member of DD Central
“Some people grumble that roses have thorns; I am grateful that thorns have roses.” — Alphonse Karr
Posts: 1,370
Likes: 857
|
Post by ramblin rose on Mar 18, 2015 13:34:25 GMT
Afternoon. Just wanted to add, that should anyone like a copy of their TraceSmart report and see what checks it undertakes in order to verify your identity - please email us and we would be happy to send you a copy by return. I believe that if users see how these systems work, it would help investors appreciate how client take-on is undertaken. Kind regards, Ed. Well, that made interesting reading. I don't know if WC (my thread on there having given rise to this one) use the same service or not, but it probably does similar checks, and it does help explain why my mother wouldn't have passed the checks. Interestingly, although I've lived at my current address for about a year now, it showed me as not on the electoral register (which I am) and I probably only passed due to being a company director and my address being traceable that way. Perhaps I should just make her a director and see if that helps?
|
|
|
Post by MoneyThing on Mar 18, 2015 13:52:28 GMT
Morning, I have asked Andrew, our compliance advisor, to explain this in further detail. Please see his response below. Kind regards, Ed. From Andrew: Further to Ed’s response – As a regulated business MoneyThing is required to meet UK and Isle of Man anti-money laundering and countering the financing of terrorism legislation.
Regulations require MoneyThing to establish and maintain client take-on procedures to ensure that they identify and validate that clients exist, and understand where monies arise from, both at the time the business relationship is established, and on an on-going basis thereafter.
Regulations and related guidance require businesses to consider a number of factors, including nationality, residence etc., allowing a risk based approach. Regulations also allow businesses to adopt a pragmatic approach to the timing of client take-on, and have procedures in the event criteria is not met.
As Ed states, MoneyThing has adopted TraceSmart client verification, as set out in its operational procedures. Where a client is not passed by TraceSmart, for whatever reason, MoneyThing has a more manual process, meeting accepted regulatory standards.
Moneything is unable to comment on other platforms, their client take-on policies and procedures. MoneyThing is unable to rely on verification from a client’s bank as it has no formal relationship in this sense, however it can take this into account on a risk based approach, as referred to above.
I am confident MoneyThing and its peers do not wish to create an administrative burden for clients however it must balance this with its regulatory obligations.
I would be happy to discuss any client’s material concerns with any regulatory matter.
--
Andrew Mackenzie
Compliance
T: +44 (0) 8000 66 33 44
E: andrew.mackenzie@moneything.com
That’s all well and good but haven’t you already flouted the regulations by: 1. Accepting 2, albeit very small deposits? 2. Allowing a small investment? 3. Allowing the full balance of the MT account to be withdrawn and returned to our account? What happened to compliance with the regulations? And you haven’t answered my question about what happens to the investment if you don’t receive the requested proof of ID? Afternoon yorkshireman. Please see below follow up from Andrew. Please excuse the long winded reply, however this particular field is not so simple with many specialists employed full-time dedicated to client take-on and verification. Kind regards, Ed. From Andrew: In short no, I do not believe regulations have been flouted, the business is following its documented policy and procedure, which it is required to establish by regulation. The regulations themselves can be interpreted in a number of different ways, by different companies – the test will be regulatory assessment of individual firms, and the industry as a whole. To answer your specific question, hypothetically a P2P business could take a number of options not limited to: (a) review the client transaction, taking a risk based approach, exit the relationship, honour the investment and return capital and interest; documenting and evidencing its decision as required. (b) Alternatively, the transaction could be terminated and the initial capital could be repaid, leaving the investor to decide whether they wanted to pursue the matter through a formal complaint, and if not resolved to the client’s satisfaction they could pursue the matter through ombudsman/regulator or the Courts should they continue to feel aggrieved. In making the above assessment P2P businesses are also required to consider whether the transaction related to the 'potential' laundering of monies for criminal or terrorism purposes; and consider submitting an appropriate disclosure of the transaction to the relevant competent authority. As a Compliance Officer I would consider amending client take-on procedures preventing acceptance of monies and assignment to an investment if this became a frequent issue, however this is a commercial consideration for the business to consider and implement. On a personal level I sympathise with anyone frustrated by client ‘know your customer requirements’, however having also acted as both Regulator and Compliance Officer in industry I am conscious of the broader impact of non-compliance to both clients and industry. It’s unfortunate that AML/CTF regulations are generally written as ‘one size fits all’, if only life was so simple!
|
|
baldpate
Member of DD Central
Posts: 548
Likes: 406
|
Post by baldpate on Mar 18, 2015 14:16:07 GMT
Not only do different platforms take slightly different approaches to client take-on, I can say for sure that even TraceSmart can be inconsistent with respect to the same client. I had no difficulty registering with MoneyThing; but on a different platform, which also uses TraceSmart, having presented exactly the same credentials I was required to show passport & proof of address. Go figure!
|
|
|
Post by mogzi on Mar 18, 2015 18:39:41 GMT
MoneyThing The HMRC guidance and the JMLSG is very clear in respect of suitably verifying identity and carrying out sanction / PEP / AML checks BEFORE you enter into ANY financial transaction with them. You are clearly in breach of this by allowing lenders to move money into your client account before having verified their identity, leaving you wide open. I really do hope you get some legal advice and rectify this situation ASAP. I am absolutely sure that if the FCA found out about this, they would not approve at all to say the least. My personal view is that you are breaching the regulations set out.
|
|
|
Post by MoneyThing on Mar 18, 2015 20:43:27 GMT
MoneyThing The HMRC guidance and the JMLSG is very clear in respect of suitably verifying identity and carrying out sanction / PEP / AML checks BEFORE you enter into ANY financial transaction with them. You are clearly in breach of this by allowing lenders to move money into your client account before having verified their identity, leaving you wide open. I really do hope you get some legal advice and rectify this situation ASAP. I am absolutely sure that if the FCA found out about this, they would not approve at all to say the least. My personal view is that you are breaching the regulations set out. Evening mogzi, HMRC guidance and the JMLSG"... i.e. 'guidance', not the regulations themselves, require policies/procedures to be created and maintained; they don't specify the minute. JMLSG is the 'Joint Money Laundering Steering Group', an industry trade body that sits down with HMRC periodically to discuss industry issues. The IOM has a similar body; JAMLAG, which fulfils the same function ('Action Group'). The important thing to remember they are industry bodies with no regulatory powers. Its also important to remember that HMRC is responsible for overseeing AML/CTF compliance in the UK that fall outside a recognised regulatory body such as the FCA or the relatively recently formed SRA for solicitors, NOT HMRC/JMLSG. I am confident MT complies with FCA Policy Statement PS11/15: Financial Crime. You have presented your interpretation of HMRC/JMLSG guidance, not the regulations themselves which allow 'reasonableness'. As long as this can be demonstrated the FCA will not raise any concerns. The above is more of a holding note and will gladly go into further detail tomorrow when Andrew and myself are in the office and can properly reference the relevant sections and our policies/procedures around them. Kind regards, Ed
|
|
coop
Member of DD Central
Posts: 714
Likes: 571
|
Post by coop on Mar 18, 2015 21:41:57 GMT
I work in finance and am 100% confident the FCA won't give two hoots about this. Far bigger, naughtier and stupider things are done every day by far bigger, naughtier and stupider companies without anyone really batting an eyelid. Sleep well Ed
|
|