There is a poor level of security while manually verifying original documents. Documents can be misplaced, misfiled, and misused, during photocopying, during emailing and during storage.
This manual handling of documents may result in simple human error, which can expose the customer’s identity to fraud, and can expose law firms to claims of negligence. This can have a detrimental impact on a customer’s finances and a law firms integrity.
Australasian Lawyer (2021) states that there were 539 data breach notifications received by the Australian government in 2020. There has been a 5% rise in data breaches in the last six months. An alarming 38% of breaches are due to human error (Australasian Lawyer, “Exclusive Feature: Business Safety”, 15th June 2021).
The Australian Taxation Office, in its recent consultation paper on client verification, themselves note: “A lack of common approach leaves individual practices vulnerable to.. insufficient client verification [and] unsecured documents [being] stolen through a physical break in.”
Best practices will take into consideration the customer experience, the security of of their information, the privacy of their data and compliance with ARNECC’s model participation rules.
The best solution to ensure security, privacy and compliance is to use a digital tool for the capture, examination, storage and deliver of a customer’s highly sensitive data. These tools will ensure that a customer never has to hand over their original identity documents, provide hard copies of their identity documents and ensure they are never asked to email copies of their identity documents.
Moreover, the best solution will ensure that a lawyer will be able to handle customer information securely, while having the benefit if digital tools to assist in the validation of data, facial recognition and the validation of identity document against government sources.
Manual process will not provide a lawyer with all the digital tools required to meet best practice standards in verification of identity.
ARNECC’s model participation rules requires a legal professional to take reasonable steps when undertaking the verification of identity of a client.
ARNECC’s model participation rules provide two ways in which a legal professional can satisfy the ‘reasonable steps’ rule:
As a result, a legal professional can conduct the verification of identity of a client either:
And a legal professional may conduct the verification of identity either manually or digitally.
InfoTrackID ensures that you have a tool that follows the same process each and every time, stores all the key information and data, and provides you with all the information you need to meet an audit and demonstrate you have undertake reasonable steps to verify the identity of the client.
In its recent consultation paper, the Australian Taxation Office affirmed that it’s proposed visual identification method can be conducted with the client in person or by video.
The model participation rules require the practitioner to take ‘reasonable steps’. The practitioner can take ‘reasonable steps’ by either implementing a process that constitutes the taking of reasonable steps or by applying the Verification Of Identity standard.
InfoTrackID provides you with a digital tool, that takes the professional and client through a process, whether in person or remote, that ensures the practitioner is able to demonstrate they have taken reasonable steps with verifying the identity of a client.
AWS is know as the most secure global infrastructure. All data flowing through the AWS network is encrypted, all data stored in the AWS centres is encrypted and any data flowing outside of the centre is encrypted.
All data is protected against unauthorised access by using ‘keys’ managed by the AWS Key Management System. And the centre complies with all local, regional and global data privacy and regulations.
All the client’s information is stored in Amazon Web Services, in Australia. No data is ever removed from Australia.
