Why do accountants and bookkeepers need to verify identities

If you have appointed an accountant or bookkeeper, you will likely be asked to provide certain details to verify your identity as part of the onboarding process.

It may be helpful to understand why this is required, and it is also important to know how your data is held, how it may be processed, and how long it is likely to be retained by your accountant or bookkeeper.

Why do I need to provide my identity documents?

Accountants and bookkeepers in the UK are regulated under the Money Laundering Regulations. These regulations exist to reduce criminal activity, including fraud, within the UK. Professional service providers such as lawyers, accountants, and bookkeepers are considered gatekeepers to the financial system, alongside banks, estate agents, and others who are subject to anti-money laundering (AML) laws.

What is customer due diligence?

Under the Money Laundering Regulations, customer due diligence (CDD) must be carried out when establishing new relationships between accountants, bookkeepers, and their customers. CDD also applies to ongoing relationships and may need to be reviewed and renewed periodically.

Customer due diligence will typically include:

  • Verifying the identity of the person seeking the service or the beneficial owners of a business engaging with the accountant.

  • Identifying beneficial owners, usually those who own the business, but it may also include directors or others with significant control over the business.

  • Collecting “Know Your Customer” (KYC) information. Accountants or bookkeepers must understand who their customer is, what their business activities involve, and how they generate income before providing services.

  • Understanding the source of funds. For example, if you want to carry out a high-value transaction, the accountant may require additional details about where the funds come from.

  • Establishing source of wealth. This is similar to source of funds but usually relates to general financial background rather than a specific transaction.

How is your data used?

The data you provide for the purposes of customer due diligence may only be used to comply with the Money Laundering Regulations. Under data privacy laws, accountants and bookkeepers are strictly prohibited from using your data for any other purpose. It cannot be shared with third parties without your consent and cannot be used, for example, for marketing or sales purposes.

As part of verifying your identity, accountants and bookkeepers might use ID verification technology. These checks typically include:

  • Verification of your documents to ensure they are valid and not tampered with or counterfeit.

  • It may also include a biometric check of a selfie where the image on the identity document is compared with your facial features. It is important for an accountant or bookkeeper to have evidence that the identity presented to them was done so by the person who owns the identity.

  • Identity details may also be checked against authoritative sources such as the electoral register and credit databases. Checks carried out against credit reference agencies will not show up on your credit history or affect your credit score.

  • Checks carried out within the Xama AML solution only allows accountants and bookkeepers to check the validity of information they have collected from you. The checks does not provide them any additional information about your identity.

How is your data stored?

It is a legal requirement for accountants and bookkeepers to retain the data collected as part of customer due diligence. They cannot permanently delete identity information until the legally required retention period has passed.

Those using AML solutions like Xama store personal data separately from other records. This ensures that identity documents and other personal information are only accessible within the AML software and only by individuals involved in the due diligence process.

Accountants and bookkeepers remain the controllers of your data. AML systems like Xama act as data processors on their behalf, in line with UK GDPR laws.

How long is your data stored for?

Money Laundering Regulations require accountants and bookkeepers to retain evidence of customer due diligence for the duration of their engagement with you, and for at least five years after disengagement.

Systems like Xama AML help track these retention periods and support the secure deletion of data when appropriate. In certain legal situations, such as an ongoing criminal investigation, accountants and bookkeepers may be required to retain data for longer than five years.

 

 

Share