About Verifi
Company information
About us and our services
Verifi Identity Services
Verifi Identity Services Limited (“Verifi”) is a leading provider of online electronic identity verification (“EV”) solutions for companies requiring real-time online verification of their customers.
In 2018 & 2019, Verifi placed highly in the Deloitte Technology Fast 500™ Asia Pacific.
Verifi was founded in 2012 in Auckland, New Zealand by legal and financial services professionals Tyler McNamee and Vincent McCartney, and interactive pioneers Karl von Randow and Matthew Buchanan of Cactuslab. Together they provide over 30 years of global financial services experience and 30 years of modern, functional and accessible web solutions.
Vincent McCartney — Managing Director
Vincent is a financial services professional with more than 15 years’ experience in retail and wholesale financial markets across the United Kingdom, Australia and New Zealand. He has significant expertise in developing opportunities in the financial services market and implementing large-scale wholesale partners across Australia and New Zealand. Vincent has developed, launched and managed several successful financial trading products and project managed the roll-out of business-critical online trading platforms, including client migration and integration of equity trading into large banks.
Tyler McNamee — General Counsel
Tyler has 20+ years’ corporate, commercial and financial services legal experience in Canada, New Zealand and Australia. In addition to his role with Verifi, he has had roles in both private practice and in-house, including 10 years as Head of Legal (APAC) for a global online financial services company.
Karl von Randow — CTO
Karl is a highly successful developer and co-owner of Cactuslab, a web and app development studio in Auckland. He is the creator of Charles Proxy, a popular debugging tool used by thousands of companies around the globe, and a co-founder of Camera+, one of the most popular apps in Apple’s iOS App Store. Karl runs Auckland’s monthly iOS development gatherings, and was previously involved as an organiser of the Auckland Web Meetup group. He is also a co-founder of Letterboxd, a social network for film lovers that launched in late 2011.
Matthew Buchanan — Creative Director
Matthew is a creative director, interface designer and typographer, and a co-founder of both Cactuslab and Letterboxd. He has a background in publication design, and has been designing and building for the web since 1994. Matthew is a Fellow of the Designer’s Institute of New Zealand, and spent six years between 2010 and 2017 as interactive judge (and then panel convenor) for our national design awards.
In the News
Electronic Identity Verification - ATTIC Magazine (July 2020)
Cloudcheck being used by the Ministry of Health - Scoop (18 June 2020)
Why law firms should embrace technology — NZ Lawyer (15 April 2020)
Lotto implement Cloudcheck — Reseller News (22 January 2018)
Cloudcheck integration partners
As well as using Cloudcheck directly through one of our products, you can also access Cloudcheck through one of our integration partners. These companies have integrated Cloudcheck into their platforms to simplify your business processes.
Which each of the below, you still sign an agreement with Verifi but you can run your verifications through these platforms.
AMLu
AMLU is an end to end AML/CFT software solution that enables Reporting Entities to implement day to day management, record keeping and reporting of AML/CFT compliance obligations.
FormsByAir
FormsByAir and Cloudcheck improve customer onboarding by providing a seamless experience for data capture and identity verification. FormsByAir also offers workflow management and integration with your IT systems.
Jiggy Interactive
Jiggy Interactive's AML Synaptics platform is an AML case management tool designed specifically designed to manage and meet legislative requirements around AML and risk management.
JuniorPartner
juniorPartner provides law practice management software designed by New Zealand lawyers for New Zealand lawyers. juniorPartner has partnered with Verifi to deliver Cloudcheck to its users.
LexisNexis
LexisNexis is a leading global provider of legal, regulatory and business information and analytics that help customers increase productivity, improve decision-making and outcomes, and advance the rule of law around the world. They have partnered with Verifi to deliver Cloudcheck to Lexis Affinity™ and LAWbase customers.
Wolters Kluwer
Wolters Kluwer fuels global commerce by enabling professionals in tax and accounting firms, governing authorities, and businesses of all sizes, to grow, manage, and protect their business and their clients’ businesses.
Amended Identity Verification Code of Practice — Explanatory Note
Verifi’s opinion on the regulators’ note
In December 2017 New Zealand’s three AML/CFT regulators released an Explanatory Note (‘note’) in relation to the Amended Identification Code of Practice 2013. These two documents should be read in conjunction with one another.
Important: this opinion should not be taken as legal advice and we STRONGLY urge you to seek your own independent advice from an experienced AML adviser or legal professional.
Overview
In our opinion, the note has conflated fraud issues and AML issues by focusing on ‘biometrics’ and the achieving of a link between the customer and the identity document presented. Whilst fraud is a very important issue facing all businesses (especially those that have processes in place that allow for non-face-to-face onboarding of customers), the risk of fraud should not be a barrier to using electronic identity verification services — a view shared by the FMA in its AML/CFT Annual Report 2016, which states:
“…some are concerned about the risk of someone’s identity being stolen and used to open an account. Fraud risk should not be a barrier for REs to use electronic identity verification, as their overall controls should include details about how they plan to reduce the risk of fraud.”
There are many ways to reduce fraud risk and each business should have controls in place to do so. The note even suggests some in paragraph 15.
We provide more detail below around single-source and two sources, but in summary — we believe that with the right controls and tools in place there is no reason why Cloudcheck cannot continue to be used by entities captured under the AML/CFT Act.
Using a single independent source
Paragraphs 8 and 9 of the note deal with the concept of using a single independent source for identity verification. Effectively, the note suggests that in order to use a single electronic source, the source, not the document, must incorporate biometric information. As the available ways of meeting this requirement are extremely limited, we believe that Verifi’s services, including a biometric option, best fit under the two reliable sources provision.
Using two reliable and independent matching sources
Paragraphs 10 and 11 of the note discuss being able to verify the customer’s identity from two “reliable and independent” sources. Referring back to paragraph 15 of the Amended Identification Code of Practice 2013, what needs to be identified is the customer’s name, twice (15.a.b), and their date of birth, once (15.b).
The majority of Cloudcheck users use the service to verify a customer's name, date of birth and address, so this is the scenario we will focus on. To achieve a pass, Cloudcheck users typically conduct the following checks:
1. Name & Date of Birth using an ID document checked against the source database for that identity document, e.g. DIA Passport Database; and
2. Name & Address using a third-party address database, e.g. LINZ
If the above is followed, the customer’s name has arguably been verified twice and their date of birth once (as well as their address) in accordance with the Amended Identification Code of Practice 2013 and note.
Important: Verifi does not promote or recommend which databases should be verified against or should be seen as reliable and independent. The Reporting Entity must make this decision themselves, and Verifi supports this approach by allowing Reporting Entities to determine which databases to verify against, and in which order (no database is mandatory for our users).
Paragraph 12 of the note states that a Reporting Entity must have regard to whether the identity can be linked back to the customer. If you choose to proactively make this link, one easy solution would be to look at using our biometrics solution (Cloudcheck Live), which captures images of the customer’s face and identity document and enables a comparison between the two, in order to achieve this link.
As at the date of this opinion, the comparison between the two captured images is a manual one that you must undertake. A forthcoming update to Cloudcheck Live is expected to be released in Q1 2018 that will support automated image matching.
Paragraph 13 notes that if you do not have the mechanics (e.g. via Cloudcheck Live) in place to perform this link, you must have additional measures in place to satisfy yourself that the customer is the genuine holder of the identity. Paragraph 15 suggests some likely approaches.
Inclusion with AML/CFT Programme
As noted in paragraph 16, whatever you decide to do you must ensure that you have documented it in your AML/CFT Programme.
Pre-AML/CFT Act customers
Paragraph 17 allows for the use of electronic identity verification when verifying your pre-AML/CFT Act (30 June 2013) customers. One way you may wish to consider doing this is via Cloudcheck Go, our tool that enables the sending of a secure, single-use link (via our email system or yours) to your customer to get them to self-verify—including capturing images of their face and identity document (when used together with Cloudcheck Live).
Final word
Whilst we are disappointed with the ambiguity of certain elements of the note, as it has raised more questions than answers, we appreciate the difficult job the regulators have in balancing the evolving nature of the AML/CFT landscape and new technological advances.
We welcome any opportunity to work with the regulators in the future around guidance on electronic identity verification and the practical implications of it in New Zealand businesses.
This opinion is dated 13th February 2018, is for information purposes only and should not be taken as legal advice, we STRONGLY urge you to seek your own independent advice from an experienced AML adviser or legal professional.
Deloitte Technology Fast 500™
Verifi Identity Services has ranked number 281 on the Deloitte Technology Fast 500™ Asia Pacific 2019 (18th within New Zealand), a ranking of the 500 fastest growing technology companies in Asia Pacific. Rankings are based on percentage revenue growth over three years.
Verifi Identity Services grew 253% during this period.
Verifi Identity Services has ranked number 154 on the Deloitte Technology Fast 500™ Asia Pacific 2018 (6th within New Zealand), a ranking of the 500 fastest growing technology companies in Asia Pacific. Rankings are based on percentage revenue growth over three years.
Verifi Identity Services grew 481% during this period.