Financial Profile: Difference between revisions

From IDESG Wiki
Jump to navigation Jump to search
Line 9: Line 9:
*Each jurisdiction creates their own [[Identifier]] domain for financial services and for the users of financial services, many of which are legal persons, but not natural persons.
*Each jurisdiction creates their own [[Identifier]] domain for financial services and for the users of financial services, many of which are legal persons, but not natural persons.
*In all cases that are known in 2018, a natural person is required to take responsibility for the financial institution (FI) or other money handling organization for regulatory reasons.
*In all cases that are known in 2018, a natural person is required to take responsibility for the financial institution (FI) or other money handling organization for regulatory reasons.
*Customers (or account holders or subjects) in a financial transaction need to be identifiable to money laundering governmental agencies, for example [https://corpgov.law.harvard.edu/2016/02/07/fincen-know-your-customer-requirements/ Fincen in the US]. This "know your customer (KYC)" requirement puts special meaning on the validation of the subject, but that is normally the responsibility for the FI. If both the sender and the receiver of financial assets are banks, then both are responsible to to know the customer. Some jurisdictions may place a burden on any recipient, and the Financial agency would need to recognize that requirement.
*Customers (or account holders or subjects) in a financial transaction need to be identifiable to money laundering governmental agencies, for example [https://corpgov.law.harvard.edu/2016/02/07/fincen-know-your-customer-requirements/ Fincen in the US]. This "know your customer (KYC)" requirement puts special meaning on the validation of the subject, but that is normally the responsibility for the FI. If both the sender and the receiver of financial assets are FIs, then both are responsible to to know the customer. Some jurisdictions may place a burden on any recipient, and the Financial agency would need to recognize that requirement.


==Solutions==
==Solutions==

Revision as of 00:36, 11 October 2018

Full Title or Meme

A profile of the Identity Ecosystem Framework Profiles for Financial Services

Context

  • As a part of the creation of a set of Identity Ecosystems this profile is targeted to apply to any transaction that puts a user's financial assets at risk.
  • The most fully developed profiles are now in development in Europe, especially the UK Open Banking effort. Those have been consulted in creating this profile

Problems

  • Each jurisdiction creates their own Identifier domain for financial services and for the users of financial services, many of which are legal persons, but not natural persons.
  • In all cases that are known in 2018, a natural person is required to take responsibility for the financial institution (FI) or other money handling organization for regulatory reasons.
  • Customers (or account holders or subjects) in a financial transaction need to be identifiable to money laundering governmental agencies, for example Fincen in the US. This "know your customer (KYC)" requirement puts special meaning on the validation of the subject, but that is normally the responsibility for the FI. If both the sender and the receiver of financial assets are FIs, then both are responsible to to know the customer. Some jurisdictions may place a burden on any recipient, and the Financial agency would need to recognize that requirement.

Solutions

  • PSD2 and the UK open banking effort are well on their way to establish criteria for exchanging financial information and instructuions.
  • FSISAC
  • ISO TC-68 has begun

References

  • The page Financial Profile Sandbox details a test suite that will allow developers of code and user experience to assure the compliance of their products to the framework.
  • The OpenID federation is currently in development of Financial-grade API specifications which have been consulted. Since they do not actually require a user Identifier they are of limited value. Also the last time that web page was accessed it was out-of-date.