Thursday, 5 December 2019
Department of Finance
61. To ask the Minister for Finance the basis on which his Department allows a company (details supplied) to make a demand for a passport and or a driver licence issued here as a method of verifying the identity of a person; if he has consulted with the company in respect of the way in which and or the location it stores of customer identification; if he has consulted with the company on the way in which it shares the information it collects from persons with third parties; if he has met with the owners and directors of the company; and if he will make a statement on the matter. [50839/19]
I am advised that Revolut is authorised in the UK by the Financial Conduct Authority under the Electronic Money Regulations 2011 and is passporting its services into Ireland on a freedom of services basis.
I am further advised that, in the area of financial services legislation, section 33 of the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010, as amended (“the Act”), sets out obligations in relation to the identification and verification of customers and beneficial owners. Section 33(2) sets out the following measures that shall be applied by designated persons (which include banks and credit unions):
“(a) identifying the customer, and verifying the customer's identity on the basis of documents (whether or not in electronic form), or information, that the designated person has reasonable grounds to believe can be relied upon to confirm the identity of the customer, including -
(i) documents from a government source (whether or not a State government source), or (ii) any prescribed class of documents, or any prescribed combination of classes of documents;”.
It is important to note that the Act is not prescriptive as to what documentation and information a designated person must obtain, or the methods by which such documentation and information should be gathered, in order to comply with its customer due diligence obligations. A designated person may apply the measures that it deems appropriate in accordance with the designated person’s own risk based approach; however, the designated person must ensure that the measures applied adhere to the legislative requirements under the Act. The Act also requires designated persons to keep such documents or information used for the purpose of identification and verification up to date.
I have no statutory role in relation to data protection. If the Deputy has any concerns in relation to data protection I would suggest that she contact the Data Protection Commission.
I can confirm that, in my roles as Minister for Finance and Minster for Public, Expenditure and Reform, that I have not met the owners and directors of the company.