Box clever on Identity verification compliance
When the Home Office rings the bell shortly for the final round of remote digital Right to Work checks, which have been a real boost to recruiter reach and candidate experience, continuing to duck and dive after the bell may not be the wisest strategy to avoid painful civil penalties. Neither is throwing in the towel on the significant new business that remote digital has clearly enabled.
Whilst it is not mandatory for employers to use a certified Identity Service Provider (IDSP), for the purposes of right to work checks, the Home Office recommends employers do so and the DBS insists on it. Employers have and will remain liable so are expected to assess and be satisfied that a chosen IDVT will be achieving digital compliance to all of the Good Practice Guideline (GPG45) criteria and to the correct Level of Confidence. Whilst the Home Office appreciates the benefits remote digital channels bring to all, it rightly acknowledges this is a preferred attack surface by bad actors and labour abusers.
I know first-hand just how rigorous the UKAS auditors are to ensure government guidance, and the standards set-out by DCMS for their Trust Framework, are strictly adhered to. The UKAS audited certification absolutely provides that robust assurance to employers and the Home Office.
Avoid putting your compliance controls and cashflow on the ropes
Manual checks have always been acceptable but recruiters are typically not document experts and border guard trained or regulatory wizards. Neither is it cost-effective or friction-free to impose travel or courier costs on the business or customers. There are also such a variety and combination of documents for different job roles that are acceptable, and could be presented to evidence identity or a right to work, these become ongoing business risk decisions that individuals are subjectively making.
Mitigating these risks is a costly compliance challenge and never a simple process. For most businesses this may mean mixed risk models for different channels, industry sectors, and job types including: multiple safety-measures, risk assessments, ongoing monitoring and metrics, training, quality assurance, quality control and probably multiple systems that will need regular compliance assessments to support all of this.
Any compliance head or operational manager would recommend and prefer having one uniform standard of good governance across an organisation and its people, over disjointed or variable methods of compliance control. Not only saving cost but reducing the compliance burdens that prevent great staff from just getting on with doing what they do best.
Businesses are witnessing an inflection point that is not dissimilar to the proverbial “Kodak” or “BlockBuster” moment. Digital credentials will become an increasingly simpler and more secure method of accessing services globally over Physical ID and other documents. That is why many countries, like the UK, have government backed Trust Framework initiatives with regulatory governance and legislation in flight right now, to support the change. Existing ID service providers in this space and all businesses offering regulated services will have to choose to embrace the change or deny it. It is happening. The Home Office and DBS are just the first movers.
Being prepared for the re-usable digital identity credentials and services, that governments are supporting and encouraging, will change operating models. If a customer when asked for their ID, online or face to face, takes out their phone and says “Here is my digital ID, what documents or data do you need me to share.” The right choice of certified IDSP will have you covered. These advancements in technology are enabling even greater opportunity to deliver significant cost saving and compliance assurance, with reduced administration overheads.
Choosing a service provider that can future proof your business model is not only prudent but will be essential, to keep cashflow and productivity levels off the ropes and give you competitive advantage.
Making it a fair fight for consumers
The race to achieving compliance is critical but exclusion is an essential consideration, for your operational agents, your compliance team but most importantly for your clients and customers. The government is placing ever greater expectations on business to evidence how they are being more ethical, diverse and inclusive. This is not just a case of writing an inclusivity policy or signing up to the disability measures on your website. This is a culture shift that starts at the top and needs to be embedded into operational thinking.
The same challenge to evidence auditable ongoing improvements in an Inclusivity Report have been placed on certified ID service providers. To ensure vulnerable and excluded groups are treated fairly, can achieve equal access and not be left behind, particularly in the evolving digital world.
This is now an additional important consideration to ensure you are not inadvertently in breach of your own policy but also missing great business opportunities by using tools that indirectly or directly exclude parts of society.
Our approach started with Technology Poverty by securely supporting informal assisted digital access making our services more accessible to the 10-12% with no smart phones. Importantly no data is held on any device or App. Then we added a compliance wizard that auto-guides our App users, particularly the 24% of the UK population that are Identity poor and do not possess Passport or a driving licence.
Creating positive digital journeys only for “Happy Path” customers, and following the disability guidelines, is less than what good should look like. The excluded need help finding ways to navigate unique digital challenges. Our self-service and aided self-service options encourage everyone to help those in need. Empowering them with the ability to create their own happy paths and yes, we also follow the disability guidelines of course.
Will user experience float like a butterfly
I cannot speak for what you or other providers envisage as the elegantly simple digital journey a customer expects, and should be aspired to. Technology has been shaping our society for decades but the impact of our rapid race to the future is commercially driven design flaws, that only now are becoming more apparent. We are all more connected but less protected and less respected. Communities and our individual wellbeing are very negatively being impacted.
The Spotlite design ethos is grounded in ethical best practice, inclusivity and community, with data privacy for all. Our view is that if we design technology to encourage social good, then technology will more positively shape society.
When your auditors offer unprompted and unbiased praise on the quality of the user experience you know you are on the right track. However, it is the agent user and end customer user feedback that is most important to us, so far this has been equally glowing, with adjectives like: quick, simple, easy, brilliant. Finding a user experience that complements the quality of your own brand will not be found in good marketing material or using price as a metric. That’s why we let clients try before they buy.
Your choice of the right tools may be the key to successfully navigating the challenges ahead. Some businesses will continue to struggle while others may come out of this stronger, more agile, and ready to face the future. Choose Spotlite and your user experience will float like a butterfly but your audit ready compliance will sting like a bee.