Customer FAQs

Onboarding customers: IDV and KYC

IDV - Identity Verification
KYC - Know Your Customers
Q: What is the difference between a Ruleset and a Recipe?
- A Ruleset is the KYC minimum requirements you expect your customers to meet to pass KYC. So this explains whether they need to meet Safe Harbour 2x2 with a Government ID or just need 1 Gov ID, etc.
- A Recipe is a combination of checks your customers pass through in order to be onboarded. This can include KYC, AML, Duplicate checks, Blocklist checks, IDV/Biometrics & Fraud checks.
Q: What are the FrankieOne Recipes?
- These are the different options that are available for the combination checks that can be performed on your customers to validate their identity and suitability, depending on what information you match, and against how many datasets. FrankieOne has 5 base Recipes that cover the full range of checks that you could run. These are all included in the startup bundle.

Q: How do I know which Ruleset to use?
- Check your internal Risk and Compliance policies - it will depend on your reporting requirements and approach to risk.
- Choice will be limited by whether or not you are a reporting entity, most reporting entities have a minimum requirement of Safe Harbour, as outlined above. Outside of KYC, ruleset requirements will depend on your internal policies.
Q: Why should I check Government ID? Is it not more work for the customer?
- GovIDs have very high pass rates and count towards the 2x2 or 1x1 independent data source requirements. They are also viewed as a very reliable data source. The customer doesn’t need to provide photos of their ID for a DVS check so it's not much of an effort at all!
  - Q: Do we only need to complete KYC once? * Document verification is only required at the point of onboarding.
Q: Are we obliged to redo KYC once supporting documents expire? Ongoing due diligence requirements are dependent on your internal KYC policy. The minimum requirement is quite general, advising to "take reasonable steps to ensure customer information is current and up to date" * We would also advise seeking your own independent legal advice
Q: Why would I use Biometrics?
- Biometrics provides an extra layer of security, by checking the legitimacy of the ID and that the person onboarding matches the ID. Biometrics, also known as ID & V, does not contribute to KYC checks but does provide extra comfort that the onboarded person & their ID are authentic.
- Biometrics can be added to recipes as optional which will allow you to trigger the additional level of security as you see fit, rather than it being a minimum requirement to pass through the onboarding process.
Q: Can I change which Recipe I run a customer through?
- Yes - these can be changed in the FrankieOne Portal.
Q: What happens if an individual is from a sanctioned country? (i.e. we want to pass them, but flag them as higher risk)
- The customer will appear in the Portal as needs attention/refer and can be manually passed through.
Q: What do I do if a valid customer cannot pass eKYC?
- You can toggle to ‘mKYC’ on the Edit Customer details page and complete a 100-point check of valid documents to then pass the customer through KYC.
Q: If we manually pass a customer, what does the customer then need to do? (i.e. do they need to re-apply?)

*   They don't need to do anything different, they will receive an acceptance and can just continue on their way. They may need to provide additional documentation to support the manual KYC completion.

Q: Can Proof of Age cards in Australia be verified by a Government source?
- The DVS does not validate proof of age/ photo ID cards. While they are issued by service NSW in NSW, it is not consistent across states so is not seen as a reliable source.

Based on your KYC policy you can accept proof of age/ photo ID cards as part of Manual KYC.

Q: What are parent and child accounts?
- This functionality is all about your control; the parent can be set up to have visibility over the child accounts without reciprocal access. This can be used however you like, typically, it’s more about future-proofing. The main use case is expanding your business to different geographies or subsidiaries and wanting to keep their operations separate. Important to note, however, that there are certain barriers between child accounts, so if someone is onboarded to one child, they are not visible from another. Parent access gives total oversight.
Q: What is the difference between DVS Foreign Passport checks and VEVO?
- If a customer has a foreign passport with an Australian visa, they can get a match on the DVS to contribute to them passing KYC. VEVO checks do not impact KYC results, but instead provide additional information, breaking down the visa conditions of the customer (working rights, expiry date, etc.)
Q: Is there a listing of the types of visas?
- See here for a conclusive list - <https://immi.homeaffairs.gov.au/visas/getting-a-visa/visa-listing>
Q: How do we avoid duplicating checks on mobile numbers/emails that have been identified as fraudsters?
- Duplicate checks prevent this, and fraudulent numbers/emails identified can be added to the Blocklist.
Q: I am locked out of my FrankieOne Portal, what do I do?
- Any of your FrankieOne Portal admins can reset your password by clicking on the ‘unlock’ icon next to your user profile within User Management. Important to note the password reset expires after 1hr
Q: How long is customer data I collect retained?
- Customer data (e.g. the results of your KYC checks) is retained for 7yrs, as per AML/CTF Policy.
Q: How do I verify a customer with a single name?
- In many countries, it is common for an individual to have only a single name. In most cases, there's only a need to store that name in the GivenName field. You can alternatively store it in the FamilyName field too if that is more culturally appropriate. The FrankieOne service will be able to determine which field to use when if comes time to validate the name. You can also use the DisplayName field if there is an alternative/non-official rendering of the person’s name too. Please contact us if you require assistance.
Q: Is there an ability to bulk select customers in the portal, for example, to send them all a biometrics link at the same time?
- Currently we do not have bulk selecting functionality.
Q: How should we collect address information?
- We recommend collecting addresses in structured format (broken down into unitNumber, streetNumber etc.) as opposed to long format.
Q: Do we need both ABN and ACN to verify a business?
- No; you only need one of either ACN or ABN.
Q: What do the icons under the 'Issues' column of the portal mean?
- Refer to the section titled 'Profile Status and Issue Tags' to find answers to this. (https://apidocs.frankiefinancial.com/docs/profile-status-and-issue-tags)

Maximising pass rates

Q: What is the pass rate that FrankieOne can achieve?
- This depends on a number of factors. Typically, we achieve a ~10% higher pass rate for our customers changing from other providers/manual KYC/AML. Actual rates vary by industry, onboarding process, and customer demographic.
Q: What is the pass/fail rate on PEP/sanctions?
- We typically see a 99% pass rate, which does depend on the customer demographic though, and the fuzziness rate (e.g. higher fuzziness rate can get false positive rates), (~30% fuzziness recommended).
Q: What is the pass rate with using Biometrics?
- Typically we see rates more in the 60% range; only for driver's license and passport.
- It does depend on the level of Biometrics you are performing; if you’re just validating the ID it can be higher vs if you require a ‘liveness’ check, which can result in higher dropout rates.
Q: What do you recommend to help increase pass rates for under 18’s?
- Their pass rates can be quite low, given limited digital footprint, one option is to ask for an ID only.

Driver's Licence Number Requirement for ID verification - UPDATE AS OF 27 June 2022

Details have moved here.

Consent

Q: Why is consent necessary if no footprint is left on this person’s report?

Consent is necessary because it’s mandated by law. Equifax doesn’t determine these protocols. Only the Credit Header (name, address, date of birth) is used, and it’s stored in a separate database from the bureau, so it doesn’t leave a footprint. This database is inquiry-only. There might be some confusion with File Access (or Access Seeker), which is a soft credit inquiry that only the consumer can see.
No report is pulled for an ID request on the Credit Header. The only type of inquiry that leaves a footprint is a Hard Inquiry, used by banks, financial services, telecom companies, real estate companies, and utilities. This type of inquiry affects a consumer’s credit score. The other type, File Access, is generally used by brokers and doesn’t leave a footprint.