Introducing the first fully digital end-to-end FICA system

Featured

KYCFactory is the first fully digital end-to-end electronic FICA/AML solution that requires no supporting documents, whether a business is onboarding a consumer or a business.

As a chief provider of customer verification and risk management services, pbVerify understands time is too valuable to spend on onerous KYC processes.

The pursuit of compliance today, particularly in the financial services industry with its stringent regulation milieu, has many businesses troubled. It is something that consumes an enormous amount of their time – not to mention energy and resources.

Perhaps one of the biggest headaches, is the Financial Intelligence Centre Act, (FICA) which came into effect in 2003 after being introduced two years prior, with the aim of combatting financial crimes such as money laundering, tax evasion, and terrorist financing activities.

More recently, in May 2017, even tighter regulation was introduced with the FIC Amendment Act. Essentially, FICA makes sure that institutions know exactly who they are doing business with – i.e. Know Your Customer, or KYC.

Because the pbVerify team understands how valuable time is in today’s business world, we have introduced a revolutionary new FICA product that offers businesses a fast and easy means of ticking all the compliance boxes when building customer-facing onboarding systems: KYCFactory.

Fully digital FICA compliance

Launched this year and developed by our pbVerify software team, KYCFactory is the first fully digital end-to-end electronic FICA/AML (Anti-Money Laundering) solution on the market that requires no supporting documents, irrespective of whether a business is onboarding a consumer or a business.

KYCFactory’s consumer verification comprises configurable, automated processes, including a slick new online 3D liveness test that biometrically matches the person to their national identity document photo, identity data, and alive-deceased data while retrieving their address from over 100 trustworthy SACRRA sources.

Thanks to SigniFlow’s advanced digital signature and workflow automation software, KYCFactory offers businesses the ability to workflow the KYC process, including all requisite information, to multiple people who may need to sign a declaration in observance of the applicable laws.

In accordance with the FIC Amendment Act of 2017 (which accountable institutions had to comply with by April 2019), KYCFactory takes care of compliance for all juristic persons via a brand-new approach to FICA verification – an electronic declaration that caters for Directors, Signatories and UBOs (Ultimate Beneficiary Owners).

Sanctions screening

KYCFactory incorporates pbVerify’s new Sanctions, PEP and PIP (Politically Exposed and Influential Persons) reporting tool, which enables businesses to manually screen prospective clients and perform enhanced due diligence on anyone, from any country.

This service instantly reports on over 2.5 million detailed PEP profiles and detects individuals, organisations and vessels linked to more than 50 risk categories, including Sanctions, Foreign Officials, and State-Owned Enterprises.

The second part of our Sanctions screening service relates specifically to sanctions and embargoes – i.e. political trade restrictions put in place against target countries to maintain or restore international peace and security. KYCFactory automates reporting on business with individuals who pose a threat and are listed on OFAC (The Office of Foreign Assets Control) Mission. Read more here.

Total technology             

In addition to the aforementioned technology that makes KYCFactory the world-class, comprehensive FICA solution it is, other platforms used to authenticate customer identity beyond a shadow of a doubt include:

  • Department of Home Affairs ID Photo Biometric Verification
  • Google Geolocation & Street View
  • CIPC Company & Director Verification
  • SACRRA Address Source Validation
  • Social Media for Business (Instagram, Facebook & LinkedIn)
  • Website Verification (SSL Authentication)

KYCFactory is available via API & integrates seamlessly with business systems, according to individual KYC and compliance management methods and policies.

Say goodbye to time-consuming manual & paper-based FICA processes, and find out how headache-free compliance can be: Give us a call on +27 (0)10 300 4898 or email support@pbverify.co.za.

pbVerify is a registered Credit Bureau in terms of section 43 of the National Credit Act 34 of 2005. Its data-systems, data-security and data-processing protocols are audited annually in accordance with the NCA. pbVerify follows strict ISO9001:2015 quality management processes that are audited and internationally certified by TUV Rheinland Germany. pbVerify engineers are certified in ISO27001 IT Security Management.

REFERENCES

  1. Fic.gov.za – Financial Intelligence Centre Act (Act No. 38 of 2001) [PDF]
  2. SigniFlow – KYC
  3. The Banking Association of South Africa – Financial Intelligence Centre Act
  4. SABRIC – FICA (KYC)        
  5. Law Society of South Africa – FIC Amendment Act published
  6. Financial Intelligence Centre – Who are we?
  7. BBrief – FICA amendments deadline fast approaching
  8. International Compliance Association – What is compliance?
  9. Financial Action Task Force – Who we are

Dalimfundo & PBSA honour little learners

Featured

Dalimfundo Day Care & Preschool Graduation 2019

PBSA Compliance Manager Deon Joubert (left) and Dalimfundo Grade R Teacher Nokuthula Masango with some of the school’s young graduates.

As part of its Socio-Economic Development Programme, PBSA assists one of Mpumalanga’s NPO institutions prepare SA’s children for the future workforce.

“Our children are the rock on which our future will be built, our greatest asset as a nation. They will be the leaders of our country, the creators of our national wealth who care for and protect our people.” – Nelson Mandela, June 1995.

As a company committed to ensuring the economic longevity of our business, to the benefit of our employees, our clients and our home country, South Africa, at large, PBSA believes it needs to proactively foster the development of the future workforce.

As such, our company is proud to be able to contribute to the success of Dalimfundo Day Care & Preschool, which honoured 2019’s young graduates on 23 November.

Situated in Botleng, a rural township outside Delmas in Mpumalanga, Dalimfundo is a non-profit organisation (NPO) that was founded by local leaders, with the aim of providing a future for the children in their community.

Dalimfundo not only fulfils the crucial role of providing quality education and training to the children of South Africa, it is ultimately responsible for helping lay the foundations of the country’s future.

As an NPO, the institution is wholly reliant on donations to carry out its good work. In a bid to do our part, PBSA contributes to the institution on a monthly basis, with donations going towards the school’s daily nutritional programme that ensures its learners have a healthy meal each school day.

It is a privilege for PBSA to be a small part of our children’s education, and we salute the founders and staff of Dalimfundo Day Care & Preschool for their ongoing commitment to our nation’s greatest asset – its children.

 

International firm opens office in Horsham

Featured

Published by West Sussex County Times on 15 November 2019

SigniFlow Directors AGS 2019

After opening their first UK office in Horsham on September 1, SigniFlow, celebrated in style this week, by holding their official launch event at the South Lodge Hotel.

With SigniFlow top management flying in from South Africa, Australia and the United States to attend, there was no doubt as to the significance of the UK launch for this international company.

South African director, Leon Van Der Merwe, was quick to commend the warm reception the team received from the Horsham business community, before asserting that ‘modern businesses had to move forward with technology in order to survive in the modern world’.

Attended by many of SigniFlow’s existing Sussex customers, along with local businesses keen to modernize their procedures and increase productivity, the launch event was abuzz with talk of digital innovation. SigniFlow, which has its roots in South Africa, rapidly reduces the costs, time and money spent on processing, managing and physically signing paper documents, through the use of unique, legally approved cryptographic digital signatures.

“Located in the heart of Sussex, with the county being widely recognised as being a hub for technology and digital advancement, Horsham is the perfect fit for us,” said Greig Orrell, Director of GB and EU Sales and Business Development. “Our worldwide ethos is to support our local and regional communities and our Horsham team will be expanding in the months to come. This is the first of many satellite offices, and we look forward to seeing our team continue to develop and grow accordingly, as they have across the world.”

Already benefiting from SigniFlow’s next generation E-Signer and Document Management technology, Anthony Neal from Maylark Property Management, was keen to talk about how the solution had already worked for their business, just months after deployment. “This unique system has saved us a huge amount of time and its ability to track, file and document our workflows is impressive. All signature requiring documents can now be emailed, and our clients are able to securely and digitally sign the paperwork without the need for an appointment. And, we can access this web-based service from all of our phones, iPad or PCs, so we can respond and sign paperwork whilst out of the office too.”

Recently lauded as being one of the most revolutionary women in IT security, SigniFlow Americas CEO Laila Robak – who is also head of SigniFlow’s cyber security development – is a firm believer in the “better safe than sorry” approach when it comes to the security of companies’ data. And for businesses that do have cyber security as one of their primary concerns, SigniFlow has you covered, with solutions that have been developed by some of the greatest minds in the information technology arena.

For more information and a free trial of the SigniFlow solution, please contact Greig Orrell on 07395 650738, email uk@signiflow.com , or visit http://www.signiflow.co.uk.

Airtight security introduced for airline boarding passes

Featured

airport-1515431Because airline boarding passes can be issued up to 24 hours before a flight departs, and due to security gaps in existing boarding pass technology, fraudsters with even limited technical know-how could tamper with and gain access to the information they contain.

The problem

While measures around privacy and security within the air transportation industry have remained largely unchanged over the years, fraudsters’ modi operandi have not. In fact, fraudsters have become more sophisticated with the rise of digital and the proliferation of data – putting both airlines and their passengers, today more than ever, at significant risk.

Airline boarding passes, in particular, have seen numerous systems put in place over the past decade, to help authorities and airline officials identify fake boarding passes, with most of these relying on advanced printing techniques.

The bar-coded boarding pass (BCBP) became widely available in 2010 and comprises a 2-dimensional (2D) bar code printed on a paper boarding pass or sent to a mobile phone for electronic boarding passes (e-boarding passes).

The BCBP standard was originally published in 2005 by the body responsible for global standards for airlines’ safety and security, the International Air Transport Association (IATA), which updated it in 2008 to include symbologies for mobile phones, and again a year later to include a field for digital signatures in mobile bar codes.

While the move to BCBP has made travelling more convenient, in many instances, for travellers who are able to use mobile boarding passes, the technology behind it has not eliminated the risk of ticket fraud or identity theft, because data is not encrypted.

Not only does unencrypted travel material leave it susceptible to being tampered with and being used unlawfully and dangerously, it also leaves passengers wide open to identity fraud, given that airline tickets contain a great deal of personally identifiable information (PII).

SigniFlow Americas CEO, Laila Robak, explains: “Besides the risks involved with ticket fraud, even companies that apply digital signatures to its boarding tickets do so only from a ticket integrity point of view. However, there is still unencrypted data within those tickets, and anyone with access to the bar code has access to the passengers’ data, creating a risk of identity fraud, which is certainly a security and compliance concern.”

The solution

With a team of cryptographic experts and experienced engineers behind it, the SigniFlow solution, which operates in a cryptographic signing environment, is a natural fit to build, develop and enhance the available technology behind boarding passes, and to irrevocably seal the data they contain.

According to IATA’s BCBP Implementation Guide, which outlines the existing barcoded boarding pass solution: “Bar Code on Printed Boarding Pass: the default Bar Code presented on printed boarding pass is a 2-dimensional Bar Code in PDF417 standard containing a structure data message (SDM). On the request from the Airlines version 7 extend the standards to allow Aztec, Datamatrix or QR code formats on printed boarding pass those formats are currently used on Electronic (Mobile) Boarding Pass only.”

SigniFlow Director of Development Eugene Smit explains: “SigniFlow’s microservice architecture allows for signing, encrypting and verifying data on all boarding passes, enabling the generation of datastreams, signature streams or image-based bar codes, such as Aztec, QR, PDF417 and Datamatrix.

“The system produced by SigniFlow, allows a ticket\pass generator to issue a unique private key for the signer, using our microservices, and the signer is then able to sign any datastream, and use complimentary methods to produce bar codes of the data.”

SigniFlow offers two solutions, both of which extend on and secure existing boarding pass technology:

  • The Full Package solution: SigniFlow integrates with the airline’s existing system. When passenger data is inputted, SigniFlow collects the data string, creates the 2D bar code (Aztec, PDF417, QR, Datamatrix), embeds the data string, then encrypts and signs with an ECC (Elliptic Curve Cryptography) certificate, after which it is sent back to the airline for the boarding ticket.
  • Data string encryption & signing: In this case, the airline continues to use its current 2D bar code generation system, and SigniFlow integrates via API to collect passengers’ data, encrypt and sign the string, and then send it back to the airline, which will embed it in the bar code.

Either way, explains Robak, the idea is to provide not only the required digital signature itself, but also encryption of the data, so that only electronic devices – terminals and readers – will have the ability to recognize authenticity, and to decipher the embedded data.

“We also provide the instruction and processes to the certified authorities for access to the public key through either a key distribution to its devices, in case of no network connectivity, or the public key to be included in their key store system where devices can access it and recognize/decode the data.”

The differentiator

Not only is the SigniFlow solution steeped in cryptography, which eliminates tampering and identity theft risks altogether, it also offers seamless integration into companies’ systems.

Because the solution allows companies to add security component to tickets without having to replace their existing systems, but rather by simply adding a new security module, it is simple and safe, and SigniFlow enables them to be compliant with several industry, national and international standards.

“Stronger policies in national security have been enforced in many countries and companies that issue tickets, whether for air travelling, other transportation methods or entertainment, also need to comply with data privacy standards, such as the GDPR. By using our solution they can target both,” says Robak.

How it works

  • Secure cloud HSM where the keys are stored
  • SigniFlow Hybrid server deployed within client control
  • Signing request issues to the SigniFlow Hybrid server
  • Verification Requests issued to the cloud HSM or to a centralized public key store

There are two main Public Key Encryption algorithms: RSA (Rivest–Shamir–Adleman) and ECC (Elliptical Curve Cryptography). While SigniFlow is compatible with both, the ECC certificate has been specifically identified by the IATA for boarding pass signing requirements.

ECC is, in simple terms, an encryption algorithm with higher capacity and lighter weight than the RSA encryption algorithm, which means you need less bits to for stronger keys. Because the keys are smaller, it means it needs less processing, leading to better efficiency and lighter “documents”. For example, the most commonly used RSA encryption algorithm size is the 2048 bit keys, which is the equivalent in security and strength to a 224 bit ECC key.

To find out more about SigniFlow’s cryptography-based solutions, visit www.signiflow.com or contact us on the relevant number below:

International Contact Centre: 002710 300 4899

South Africa: +27(0)11-516-9403

Americas: +1-603-717-4248

United Kingdom: +44(0)208-611-2681

 

[REFERENCES]

  1. IATA – Technical Peripheral Specifications
  2. US Department of Homeland Security – Credential Authentication Technology/Boarding Pass Scanning Technology
  3. IATA – Airlines Complete Move to Bar-Coded Boarding Passes
  4. IATA – Passenger Services Conference Resolutions Manual
  5. Red Goat – The Not-So-Secret Life of Boarding Passes
  6. Tech Target – Personally Identifiable Information
  7. Wikipedia – Boarding Pass
  8. com – Ticketprinting.com Security Features
  9. Wandera – Are Airlines Putting Your Data at Risk?

Debt Relief Bill: 13 Fast Facts

Featured

debt-1157824_960_720We explore details around Government’s recently signed National Credit Act amendment, which aims to free low-income earners of crippling debt.

pbVerify Business customers who extend credit to consumers are urged to strengthen their KYC procedures to not only ensure legislative compliance, but also to protect them against potential financial losses.

This comes after a recent amendment to South Africa’s credit act, which has highlighted the importance of responsible credit lending.

Just over two months ago, the National Credit Amendment Bill – broadly dubbed the “Debt Relief Bill” – was signed into law and, although it has been almost two years since Parliament’s portfolio committee on trade and industry initiated the amendment bill, there are still uncertainties around its implications.

Also known as the Debt Intervention Bill, the bill basically aims to protect low-income earners from what government considers reckless credit lending, allowing consumers who are burdened by debt to have it written off.

While the bill has been welcomed by consumers, around 9.4 million*[7] of whom may qualify for debt relief thanks to it now having been signed into law, it has been met with “extreme concern” by others, including the Banking Association of South Africa (BASA), which said in a statement on 16 August, “The Act, in its current form, will restrict ability of banks to lend to this vulnerable market and increase the cost of credit.”

Treasury estimated government’s debt-relief proposals could result in the write-off of R13.2bn to R20bn of debt.

In response to concerns raised, President Cyril Ramaphosa said the bill and its proposals were within the country’s constitution. Business Day cites Ramaphosa as saying that, regulations and certain provisions notwithstanding, the law is constitutional.

Here are some fast facts relating to the debt relief bill and debt in South Africa to help demystify the controversial piece of legislation:

  1. The National Credit Amendment Bill was signed into law on 15 August 2019.
  2. The Debt Intervention Bill is an amendment to the National Credit Act.
  3. The bill’s primary aim is to provide relief for South Africa’s vulnerable and most financially distressed consumers.
  4. There is no date set yet for the bill to come into operation.
  5. According to the bill, indebted consumers must meet the following criteria in order to have debt extinguished:
    1. They must earn a gross monthly income of R7 500 or less.
    2. They must have unsecured debt amounting to R50 000.
    3. The National Credit Regulator (NCR) must have found them to be critically indebted.
  6. The bill also makes it an offence for a person to intentionally submit false information related to debt relief.
  7. The bill will inevitably result in losses for banks, retailers and other credit providers.
  8. TransUnion’s Q2 quarterly Industry Insights Report shows a significant increase in the amount of credit being taken out by consumers (Unsecured lending was recorded to be up by 12% in the second quarter).
  9. BASA petitioned Ramaphosa in August not to sign the Act in its current form.
  10. According to BASA, existing debt relief measures have proven to educate and rehabilitate debtors and return them to the credit market. “In 2017, banks expunged R30 billion in prescribed debt in line with existing legislation and their own policies.”
  11. Following a government-commissioned study by consulting firm Genesis Analytics, it was suggested that Parliament reconsider the passage of the bill in its current form, and rather introduce the debt-intervention system within the bounds of the current debt-review system, with subsidy mechanisms for low-income consumers.
  12. According to the Genesis Analytics study, it is unlikely that the introduction of law will have a significant economic impact at a macro-economy level.
  13. The study suggests that the law will mostly benefit the informal credit market. On the other hand, the formal sector credit providers could lose about R3.9bn of existing credit book.

pbVerify is a registered Credit Bureau in terms of section 43 of the National Credit Act 34 of 2005. Its data-systems, data-security and data-processing protocols are audited annually in accordance with the NCA. pbVerify follows strict ISO9001:2015 quality management processes that are audited and internationally certified by TUV Rheinland Germany. pbVerify engineers are certified in ISO27001 IT Security Management.

Phone: +27 (0)10 300 4898

E-mail: support@pbverify.co.za

 

[REFERENCES]

  1. gov.za – National Credit Amendment Act 7 of 2019
  2. Government Gazette – National Credit Amendment Act 7 of 2019 PDF
  3. Fin24 – 5 questions on the ‘debt relief bill’ unpacked
  4. TransUnion – Q2 2019 Industry Insights Report
  5. Moneyweb – Unsecured lending up 12% – report
  6. The Banking Association of South Africa – NCA Amendment Act
  7. *Moneyweb – Close to 9.4m consumers may qualify for debt relief under new bill
  8. Business Day – Cyril Ramaphosa defends controversial debt-relief law
  9. Business Tech – Ramaphosa signs controversial new debt relief bill into law – Here’what it means for you

E-Invoicing in the spotlight

Featured

e-invoicing 20-8-2019 smOver 50 countries across the world are looking into implementing e-invoicing systems, thanks to the advantages of true electronic billing and invoicing.

Electronic invoicing (e-invoicing) was brought under the microscope in the United Kingdom in 2014 after the UK Government launched an inquiry into e-invoicing in the public sector, and announced e-invoicing initiatives to be rolled out by April 2019.

At the time, the MP tasked with the inquiry, Stephen McPartland, positioned e-invoicing as a technology that could streamline UK government admin processes “at a stroke”, saving the public sector and its suppliers a minimum of £2 billion a year. “E-invoicing could open up new markets throughout the country and help drive innovation and economic growth.”

This followed a new standard and directive on e-invoicing by the European Parliament in April 2014, which made it mandatory for all EU Member States to adopt a new e-invoicing standard. According to the directive, “all contracting authorities and contracting entities [are to] to receive and process e-invoices complying with the European standard”.

“We live in a world driven by digital innovation where efficiency and productivity benchmark new standards and expectations for business,” states McPartland’s report.

But what does this relatively new billing method – made possible by digital technology – entail, and could it live up to the expectations that have started to gain a foothold not only in the UK and Europe, but in countries all over the world?

A research paper, set to be released in the coming months by the International Monetary Fund (IMF), expounds how mandatory e-invoicing in Peru is helping increase firm sales and tax revenues. “Drawn by its potential to strengthen tax compliance and reduce costs, Peru is among more than 50 countries around the world to have implemented e-invoicing and many others are preparing to follow suit.”

About e-Invoicing

Essentially, an e-invoice is a statement created by suppliers and businesses to send to customers and clients requesting money. Typically, these are sent in PDF form and allow for circumvention of manual paper-based processes and physical paper documents that require a further set of physical procedures.

True e-invoicing – i.e. invoicing that is electronic in nature from start to finish – offers total automation, which in turn enables higher levels of efficiency and productivity, as well as significant financial savings in terms of resources.

Wikipedia defines e-invoicing as a form of electronic billing. “E-invoicing methods are used by trading partners, such as customers and their suppliers, to present and monitor transactional documents between one another and ensure the terms of their trading agreements are being met. These documents include invoices, purchase orders, debit notes, credit notes, payment terms and instructions, and remittance slips.”

The advantages of this system of electronic billing that over 50 countries across the world are looking at implementing, extend to both suppliers and buyers, and broadly include:

  • Process automation, which means time and money savings and, in turn, faster payment time.
  • Less disputes, due to the fact that invoice data is directly transmitted from supplier to customer electronically, creating a full audit trail.
  • Mitigation of human error, thanks to the high level of automation in the invoicing cycle.
  • Better supplier/buyer relationship and improved customer satisfaction, because processes are far more streamlined and reliable.

For more information on the automation of invoices and SigniFlow’s digital business solutions, visit our website, https://signiflow.com/, or contact us on the relevant number below:

International Contact Centre: 002710 300 4899

South Africa: +27(0)11-516-9403

Americas: +1-603-717-4248

United Kingdom: +44(0)208-611-2681

[REFERENCES]  

  1. European Commission – European legislation on e-invoicing
  2. Wikipedia – Electronic Invoicing
  3. Finextra – Electronic Invoicing in the UK Public Sector, post Brexit
  4. European Union – eInvoicing in United Kingdom
  5. NHS – Is your organisation on board with e-invoicing?
  6. PEPPOL (Pan-European Public Procurement On-Line) – e-Invoicing explained
  7. NHS – NHS Shared Business Services eInvoicing Information Guide for Suppliers (PDF)
  8. Future-Focused Finance – eInvoicing: a win-win for providers and commissioners
  9. IMF – Electronic invoicing reform in Peru paying off
  10. Finextr – Electronic Invoicing in the UK Public Sector, Post Brexit
  11. tips – Electronic Invoicing: The next steps towards digital government (2014 Report following Inquiry into electronic invoicing (‘eInvoicing’) in the UK public sector.)
  12. EUR-Lex – Directive of the European Parliament and of the Council of 16 April 2014 on electronic invoicing in public procurement