Secure Share vs Reliance: what's the difference?
Published November 8, 2022
AML Services Manager
At the end of October we launched Secure Share - a way to share your clients' completed KYC and AML reports with authorised third-parties securely through Thirdfort. But does using Secure Share qualify as reliance? And if not, what exactly is the difference here? Let’s explore both of those questions, and get to know Secure Share better in the process.
What is Secure Share?
With Secure Share you can now share your clients’ completed Thirdfort reports with trusted third parties and colleagues, all while keeping their sensitive personal information in the Thirdfort portal. Keeping your clients happy, and their data secure.
What are the benefits of using Secure Share?
One of the most frustrating parts of buying or selling a property is having to repeat the same due diligence checks over and over. Both for clients, and the regulated professionals who represent them. Often there are a number of parties involved in one transaction, such as an estate agent, lawyer, mortgage broker and accountant.
All regulated parties to the transaction will need to undertake the same identification and verification steps. This is non-negotiable due to the Money Laundering legislation here in the UK. Consider how much time is wasted by regulated professionals repeating the same process - this is information if done properly once should be very quick to access.
Through Thirdfort, you can securely share your completed verification report with all of these parties, so your client only needs to complete their checks once. Rather than repeatedly providing the same information and evidence to every party involved in the transaction.
Another key benefit is that electronic identification and verification is provided to all parties. There is no risk that the parties involved in a transaction have a different risk appetite as all parties review the same information, make their own considerations and approach to the mitigation required.
Until now, the technology hasn't been there to facilitate instant information sharing in a secure way. In fact, most electric providers have prohibited the sharing of their reports within strict terms and conditions. In situations where parties do share an electronic verification report, breaching these conditions, they do so via insecure methods (such as over email) which increases the risk of fraud.
What is meant by reliance under the Money Laundering Regulations?
Reliance has a specific meaning within the regulations. It relates to the process under R39 where, in certain circumstances, you may rely on another person to conduct CDD for you, subject to their agreement.
You are required to enter into an official written arrangement with this other person or party. Conditions must be set within the agreement, mainly that the required CDD information will be made available immediately on request and that all records will be retained in line with R40.
In practice, if you are relying on the confirmation of a third party you must obtain;
The identity of the client or beneficial owner whose identity is being verified;
Information regarding the level of CDD that has been carried out; and
Confirmation of the third party’s understanding of their obligation to make available, on request, copies of the verification data, documents or other information.
It is important in practice that you obtain a full explanation of what due diligence has been undertaken. It is not enough to simply ask to rely on what due diligence has been undertaken without more detail. If you rely upon client due diligence that is inadequate you remain liable and could be prosecuted.
Before granting reliance, firms have to consider if by doing so, they would be breaching a contract with another party, such as an electronic verification service provider.
What is the difference between Secure Share and Reliance?
Let's start with the one similarity; your client will only have to provide the information once.
But that is where the similarities end.
With Secure Share, all parties to whom the data is shared will have access to the verification data, documents and other information immediately and are responsible for keeping their own records. All parties are responsible, must carry out their own enquiries and ensure they have complied with the regulations.
Everyone must form their own view in line with each firm's risk appetite and unique policy controls and procedures. The parties with whom the report is shared receive the reports in real-time, and are not relying on each other to confirm that client due diligence has been undertaken; they are solely sharing the information.
In addition to the above, Secure Share agreements are with Thirdfort directly and not between the parties. In other words, the agreements are facilitated by Thirdfort and do not create a relationship between any of the businesses benefiting from or using it.
How Secure Share helps you and your clients
Thirdfort’s Secure Share enables the client journey to be as frictionless as possible. We are all humans and we appreciate how our clients feel when they are asked to repeat the same automated electronic identification and verification process by different parties to achieve the same result. Why do we make people repeat this process when in reality there is no real purpose?
By using Secure Share we can reduce this burden your clients often feel. All parties can now receive the same information much faster, without delays, and in an ultimately more cost-effective way.
Secure Share enables your clients to move fearlessly in a simple, secure and effective manner all whilst achieving our joint mission of fighting fraud and creating a safe world for you, me and our families.
Subscribe to our newsletter
Subscribe to our monthly newsletter for recaps and recordings of our webinars, invitations for upcoming events and curated industry news. We’ll also send our guide to Digital ID Verification as a welcome gift.