Are you doing all you can to keep your clients ID & personal documentation safe?
Requesting ID documents, asking for proof of address and entity documents from your clients is often the first step of any due diligence process. Given the sensitive and delicate nature of both this information and the way in which requesting the documents are handled, dealers and galleries are naturally concerned about loosing a client or getting it wrong. Both of which could be very costly.
From a client perspective there are also some challenges: What is this information being used for? How and where will this be stored? Many art businesses may wish to educate their buyer(s) before hand as to what to expect. With that said, a process needs to be in place concerning the following key elements:
- Secure Collection and Education (what, where and why)
- Receiving: Avoiding email
- Storage: Security and ensuring access rights are in place
Email is often used out of familiarity and convenience, however it is often a natural 'weak spot' for hackers and scam artists. Add to this that an email inbox was never designed to be a holding pen for highly sensitive client information. This in a sense, is a ticking time bomb.
To illustrate how we can request information, take receipt then store the information to allow for ongoing due diligence - all without sensitive documents landing in email inboxes - we have created a best-practice guide to show that this process doesn't have to be scary or intrusive.
How can I collect client information safely?
Step One - Request
Offer a private, secure portal so your client feels comfortable and confident that their information is safe. This is where you may also with to highlight your own terms and conditions regarding the use of documents and information.
Step Two - Receive
Take receipt of the information by firstly confirming to your client that the information has been succesful received to avoid doubt or uncertainty. Next, your team needs to be notified that the information is ready to review and the designated AML officer and deputy can view said information.
Step Three - Store
As the due diligence process began within arcarta when an information request was shared, all information - including documentation - is stored securely. Upon receiving the information from your client, a report is automatically generated which helps take care of the next crucial steps in your due diligence. These steps include assessing country risk, reviewing positive and negative data sources and commenting.