Introducing the first fully digital end-to-end FICA system

Posted on November 28, 2019

KYCFactory is the first fully digital end-to-end electronic FICA/AML solution that requires no supporting documents, whether a business is onboarding a consumer or a business.

As a chief provider of customer verification and risk management services, pbVerify understands time is too valuable to spend on onerous KYC processes.

The pursuit of compliance today, particularly in the financial services industry with its stringent regulation milieu, has many businesses troubled. It is something that consumes an enormous amount of their time – not to mention energy and resources.

Perhaps one of the biggest headaches, is the Financial Intelligence Centre Act, (FICA) which came into effect in 2003 after being introduced two years prior, with the aim of combatting financial crimes such as money laundering, tax evasion, and terrorist financing activities.

More recently, in May 2017, even tighter regulation was introduced with the FIC Amendment Act. Essentially, FICA makes sure that institutions know exactly who they are doing business with – i.e. Know Your Customer, or KYC.

Because the pbVerify team understands how valuable time is in today’s business world, we have introduced a revolutionary new FICA product that offers businesses a fast and easy means of ticking all the compliance boxes when building customer-facing onboarding systems: KYCFactory.

Fully digital FICA compliance

Launched this year and developed by our pbVerify software team, KYCFactory is the first fully digital end-to-end electronic FICA/AML (Anti-Money Laundering) solution on the market that requires no supporting documents, irrespective of whether a business is onboarding a consumer or a business.

KYCFactory’s consumer verification comprises configurable, automated processes, including a slick new online 3D liveness test that biometrically matches the person to their national identity document photo, identity data, and alive-deceased data while retrieving their address from over 100 trustworthy SACRRA sources.

Thanks to SigniFlow’s advanced digital signature and workflow automation software, KYCFactory offers businesses the ability to workflow the KYC process, including all requisite information, to multiple people who may need to sign a declaration in observance of the applicable laws.

In accordance with the FIC Amendment Act of 2017 (which accountable institutions had to comply with by April 2019), KYCFactory takes care of compliance for all juristic persons via a brand-new approach to FICA verification – an electronic declaration that caters for Directors, Signatories and UBOs (Ultimate Beneficiary Owners).

Sanctions screening

KYCFactory incorporates pbVerify’s new Sanctions, PEP and PIP (Politically Exposed and Influential Persons) reporting tool, which enables businesses to manually screen prospective clients and perform enhanced due diligence on anyone, from any country.

This service instantly reports on over 2.5 million detailed PEP profiles and detects individuals, organisations and vessels linked to more than 50 risk categories, including Sanctions, Foreign Officials, and State-Owned Enterprises.

The second part of our Sanctions screening service relates specifically to sanctions and embargoes – i.e. political trade restrictions put in place against target countries to maintain or restore international peace and security. KYCFactory automates reporting on business with individuals who pose a threat and are listed on OFAC (The Office of Foreign Assets Control) Mission. Read more here.

Total technology             

In addition to the aforementioned technology that makes KYCFactory the world-class, comprehensive FICA solution it is, other platforms used to authenticate customer identity beyond a shadow of a doubt include:

  • Department of Home Affairs ID Photo Biometric Verification
  • Google Geolocation & Street View
  • CIPC Company & Director Verification
  • SACRRA Address Source Validation
  • Social Media for Business (Instagram, Facebook & LinkedIn)
  • Website Verification (SSL Authentication)

KYCFactory is available via API & integrates seamlessly with business systems, according to individual KYC and compliance management methods and policies.

Say goodbye to time-consuming manual & paper-based FICA processes, and find out how headache-free compliance can be: Give us a call on +27 (0)10 300 4898 or email support@pbverify.co.za.

pbVerify is a registered Credit Bureau in terms of section 43 of the National Credit Act 34 of 2005. Its data-systems, data-security and data-processing protocols are audited annually in accordance with the NCA. pbVerify follows strict ISO9001:2015 quality management processes that are audited and internationally certified by TUV Rheinland Germany. pbVerify engineers are certified in ISO27001 IT Security Management.

REFERENCES

  1. Fic.gov.za – Financial Intelligence Centre Act (Act No. 38 of 2001) [PDF]
  2. SigniFlow – KYC
  3. The Banking Association of South Africa – Financial Intelligence Centre Act
  4. SABRIC – FICA (KYC)        
  5. Law Society of South Africa – FIC Amendment Act published
  6. Financial Intelligence Centre – Who are we?
  7. BBrief – FICA amendments deadline fast approaching
  8. International Compliance Association – What is compliance?
  9. Financial Action Task Force – Who we are

Dalimfundo & PBSA honour little learners

Dalimfundo Day Care & Preschool Graduation 2019

PBSA Compliance Manager Deon Joubert (left) and Dalimfundo Grade R Teacher Nokuthula Masango with some of the school’s young graduates.

As part of its Socio-Economic Development Programme, PBSA assists one of Mpumalanga’s NPO institutions prepare SA’s children for the future workforce.

“Our children are the rock on which our future will be built, our greatest asset as a nation. They will be the leaders of our country, the creators of our national wealth who care for and protect our people.” – Nelson Mandela, June 1995.

As a company committed to ensuring the economic longevity of our business, to the benefit of our employees, our clients and our home country, South Africa, at large, PBSA believes it needs to proactively foster the development of the future workforce.

As such, our company is proud to be able to contribute to the success of Dalimfundo Day Care & Preschool, which honoured 2019’s young graduates on 23 November.

Situated in Botleng, a rural township outside Delmas in Mpumalanga, Dalimfundo is a non-profit organisation (NPO) that was founded by local leaders, with the aim of providing a future for the children in their community.

Dalimfundo not only fulfils the crucial role of providing quality education and training to the children of South Africa, it is ultimately responsible for helping lay the foundations of the country’s future.

As an NPO, the institution is wholly reliant on donations to carry out its good work. In a bid to do our part, PBSA contributes to the institution on a monthly basis, with donations going towards the school’s daily nutritional programme that ensures its learners have a healthy meal each school day.

It is a privilege for PBSA to be a small part of our children’s education, and we salute the founders and staff of Dalimfundo Day Care & Preschool for their ongoing commitment to our nation’s greatest asset – its children.

International firm opens office in Horsham

Published by West Sussex County Times on 15 November 2019

SigniFlow Directors AGS 2019

After opening their first UK office in Horsham on September 1, SigniFlow, celebrated in style this week, by holding their official launch event at the South Lodge Hotel.

With SigniFlow top management flying in from South Africa, Australia and the United States to attend, there was no doubt as to the significance of the UK launch for this international company.

South African director, Leon Van Der Merwe, was quick to commend the warm reception the team received from the Horsham business community, before asserting that ‘modern businesses had to move forward with technology in order to survive in the modern world’.

Attended by many of SigniFlow’s existing Sussex customers, along with local businesses keen to modernize their procedures and increase productivity, the launch event was abuzz with talk of digital innovation. SigniFlow, which has its roots in South Africa, rapidly reduces the costs, time and money spent on processing, managing and physically signing paper documents, through the use of unique, legally approved cryptographic digital signatures.

“Located in the heart of Sussex, with the county being widely recognised as being a hub for technology and digital advancement, Horsham is the perfect fit for us,” said Greig Orrell, Director of GB and EU Sales and Business Development. “Our worldwide ethos is to support our local and regional communities and our Horsham team will be expanding in the months to come. This is the first of many satellite offices, and we look forward to seeing our team continue to develop and grow accordingly, as they have across the world.”

Already benefiting from SigniFlow’s next generation E-Signer and Document Management technology, Anthony Neal from Maylark Property Management, was keen to talk about how the solution had already worked for their business, just months after deployment. “This unique system has saved us a huge amount of time and its ability to track, file and document our workflows is impressive. All signature requiring documents can now be emailed, and our clients are able to securely and digitally sign the paperwork without the need for an appointment. And, we can access this web-based service from all of our phones, iPad or PCs, so we can respond and sign paperwork whilst out of the office too.”

Recently lauded as being one of the most revolutionary women in IT security, SigniFlow Americas CEO Laila Robak – who is also head of SigniFlow’s cyber security development – is a firm believer in the “better safe than sorry” approach when it comes to the security of companies’ data. And for businesses that do have cyber security as one of their primary concerns, SigniFlow has you covered, with solutions that have been developed by some of the greatest minds in the information technology arena.

For more information and a free trial of the SigniFlow solution, please contact Greig Orrell on 07395 650738, email uk@signiflow.com , or visit http://www.signiflow.co.uk.

Airtight security introduced for airline boarding passes

SigniFlow November 4, 2019

airport-1515431

Because airline boarding passes can be issued up to 24 hours before a flight departs, and due to security gaps in existing boarding pass technology, fraudsters with even limited technical know-how could tamper with and gain access to the information they contain.

The problem

While measures around privacy and security within the air transportation industry have remained largely unchanged over the years, fraudsters’ modi operandi have not. In fact, fraudsters have become more sophisticated with the rise of digital and the proliferation of data – putting both airlines and their passengers, today more than ever, at significant risk.

Airline boarding passes, in particular, have seen numerous systems put in place over the past decade, to help authorities and airline officials identify fake boarding passes, with most of these relying on advanced printing techniques.

The bar-coded boarding pass (BCBP) became widely available in 2010 and comprises a 2-dimensional (2D) bar code printed on a paper boarding pass or sent to a mobile phone for electronic boarding passes (e-boarding passes).

The BCBP standard was originally published in 2005 by the body responsible for global standards for airlines’ safety and security, the International Air Transport Association (IATA), which updated it in 2008 to include symbologies for mobile phones, and again a year later to include a field for digital signatures in mobile bar codes.

While the move to BCBP has made travelling more convenient, in many instances, for travellers who are able to use mobile boarding passes, the technology behind it has not eliminated the risk of ticket fraud or identity theft, because data is not encrypted.

Not only does unencrypted travel material leave it susceptible to being tampered with and being used unlawfully and dangerously, it also leaves passengers wide open to identity fraud, given that airline tickets contain a great deal of personally identifiable information (PII).

SigniFlow Americas CEO, Laila Robak, explains: “Besides the risks involved with ticket fraud, even companies that apply digital signatures to its boarding tickets do so only from a ticket integrity point of view. However, there is still unencrypted data within those tickets, and anyone with access to the bar code has access to the passengers’ data, creating a risk of identity fraud, which is certainly a security and compliance concern.”

The solution

With a team of cryptographic experts and experienced engineers behind it, the SigniFlow solution, which operates in a cryptographic signing environment, is a natural fit to build, develop and enhance the available technology behind boarding passes, and to irrevocably seal the data they contain.

According to IATA’s BCBP Implementation Guide, which outlines the existing barcoded boarding pass solution: “Bar Code on Printed Boarding Pass: the default Bar Code presented on printed boarding pass is a 2-dimensional Bar Code in PDF417 standard containing a structure data message (SDM). On the request from the Airlines version 7 extend the standards to allow Aztec, Datamatrix or QR code formats on printed boarding pass those formats are currently used on Electronic (Mobile) Boarding Pass only.”

SigniFlow Director of Development Eugene Smit explains: “SigniFlow’s microservice architecture allows for signing, encrypting and verifying data on all boarding passes, enabling the generation of datastreams, signature streams or image-based bar codes, such as Aztec, QR, PDF417 and Datamatrix.

“The system produced by SigniFlow, allows a ticketpass generator to issue a unique private key for the signer, using our microservices, and the signer is then able to sign any datastream, and use complimentary methods to produce bar codes of the data.”

SigniFlow offers two solutions, both of which extend on and secure existing boarding pass technology:

  • The Full Package solution: SigniFlow integrates with the airline’s existing system. When passenger data is inputted, SigniFlow collects the data string, creates the 2D bar code (Aztec, PDF417, QR, Datamatrix), embeds the data string, then encrypts and signs with an ECC (Elliptic Curve Cryptography) certificate, after which it is sent back to the airline for the boarding ticket.
  • Data string encryption & signing: In this case, the airline continues to use its current 2D bar code generation system, and SigniFlow integrates via API to collect passengers’ data, encrypt and sign the string, and then send it back to the airline, which will embed it in the bar code.

Either way, explains Robak, the idea is to provide not only the required digital signature itself, but also encryption of the data, so that only electronic devices – terminals and readers – will have the ability to recognize authenticity, and to decipher the embedded data.

“We also provide the instruction and processes to the certified authorities for access to the public key through either a key distribution to its devices, in case of no network connectivity, or the public key to be included in their key store system where devices can access it and recognize/decode the data.”

The differentiator

Not only is the SigniFlow solution steeped in cryptography, which eliminates tampering and identity theft risks altogether, it also offers seamless integration into companies’ systems.

Because the solution allows companies to add security component to tickets without having to replace their existing systems, but rather by simply adding a new security module, it is simple and safe, and SigniFlow enables them to be compliant with several industry, national and international standards.

“Stronger policies in national security have been enforced in many countries and companies that issue tickets, whether for air travelling, other transportation methods or entertainment, also need to comply with data privacy standards, such as the GDPR. By using our solution they can target both,” says Robak.

How it works

  • Secure cloud HSM where the keys are stored
  • SigniFlow Hybrid server deployed within client control
  • Signing request issues to the SigniFlow Hybrid server
  • Verification Requests issued to the cloud HSM or to a centralized public key store

There are two main Public Key Encryption algorithms: RSA (Rivest–Shamir–Adleman) and ECC (Elliptical Curve Cryptography). While SigniFlow is compatible with both, the ECC certificate has been specifically identified by the IATA for boarding pass signing requirements.

ECC is, in simple terms, an encryption algorithm with higher capacity and lighter weight than the RSA encryption algorithm, which means you need less bits to for stronger keys. Because the keys are smaller, it means it needs less processing, leading to better efficiency and lighter “documents”. For example, the most commonly used RSA encryption algorithm size is the 2048 bit keys, which is the equivalent in security and strength to a 224 bit ECC key.

To find out more about SigniFlow’s cryptography-based solutions, visit www.signiflow.com or contact us on the relevant number below:

International Contact Centre: 002710 300 4899

South Africa: +27(0)11-516-9403

Americas: +1-603-717-4248

United Kingdom: +44(0)208-611-2681v[REFERENCES]

  1. IATA – Technical Peripheral Specifications
  2. US Department of Homeland Security – Credential Authentication Technology/Boarding Pass Scanning Technology
  3. IATA – Airlines Complete Move to Bar-Coded Boarding Passes
  4. IATA – Passenger Services Conference Resolutions Manual
  5. Red Goat – The Not-So-Secret Life of Boarding Passes
  6. Tech Target – Personally Identifiable Information
  7. Wikipedia – Boarding Pass
  8. com – Ticketprinting.com Security Features
  9. Wandera – Are Airlines Putting Your Data at Risk?


Source: SignFlow News

Debt Relief Bill: 13 Fast Facts

Bonnie van der MerweOctober 22, 2019

debt-1157824_960_720

We explore details around Government’s recently signed National Credit Act amendment, which aims to free low-income earners of crippling debt.

Just over two months ago, the National Credit Amendment Bill – broadly dubbed the “Debt Relief Bill” – was signed into law and, although it has been almost two years since Parliament’s portfolio committee on trade and industry initiated the amendment bill, there are still uncertainties around its implications.

Also known as the Debt Intervention Bill, the bill basically aims to protect low-income earners from what government considers reckless credit lending, allowing consumers who are burdened by debt to have it written off.

While the bill has been welcomed by consumers, around 9.4 million*[7] of whom may qualify for debt relief thanks to it now having been signed into law, it has been met with “extreme concern” by others, including the Banking Association of South Africa (BASA), which said in a statement on 16 August, “The Act, in its current form, will restrict ability of banks to lend to this vulnerable market and increase the cost of credit.”

Treasury estimated government’s debt-relief proposals could result in the write-off of R13.2bn to R20bn of debt.

In response to concerns raised, President Cyril Ramaphosa said the bill and its proposals were within the country’s constitution. Business Day cites Ramaphosa as saying that, regulations and certain provisions notwithstanding, the law is constitutional.

Here are some fast facts relating to the debt relief bill and debt in South Africa to help demystify the controversial piece of legislation:

  1. The National Credit Amendment Bill was signed into law on 15 August 2019.
  2. The Debt Intervention Bill is an amendment to the National Credit Act.
  3. The bill’s primary aim is to provide relief for South Africa’s vulnerable and most financially distressed consumers.
  4. There is no date set yet for the bill to come into operation.
  5. According to the bill, indebted consumers must meet the following criteria in order to have debt extinguished:
    1. They must earn a gross monthly income of R7 500 or less.
    2. They must have unsecured debt amounting to R50 000.
    3. The National Credit Regulator (NCR) must have found them to be critically indebted.
  6. The bill also makes it an offence for a person to intentionally submit false information related to debt relief.
  7. The bill will inevitably result in losses for banks, retailers and other credit providers.
  8. TransUnion’s Q2 quarterly Industry Insights Report shows a significant increase in the amount of credit being taken out by consumers (Unsecured lending was recorded to be up by 12% in the second quarter).
  9. BASA petitioned Ramaphosa in August not to sign the Act in its current form.
  10. According to BASA, existing debt relief measures have proven to educate and rehabilitate debtors and return them to the credit market. “In 2017, banks expunged R30 billion in prescribed debt in line with existing legislation and their own policies.”
  11. Following a government-commissioned study by consulting firm Genesis Analytics, it was suggested that Parliament reconsider the passage of the bill in its current form, and rather introduce the debt-intervention system within the bounds of the current debt-review system, with subsidy mechanisms for low-income consumers.
  12. According to the Genesis Analytics study, it is unlikely that the introduction of law will have a significant economic impact at a macro-economy level.
  13. The study suggests that the law will mostly benefit the informal credit market. On the other hand, the formal sector credit providers could lose about R3.9bn of existing credit book.

pbVerify Business customers who extend credit to consumers are urged to strengthen their KYC procedures to not only ensure legislative compliance, but also to protect them against potential financial losses.

pbVerify is a registered Credit Bureau in terms of section 43 of the National Credit Act 34 of 2005. Its data-systems, data-security and data-processing protocols are audited annually in accordance with the NCA. pbVerify follows strict ISO9001:2015 quality management processes that are audited and internationally certified by TUV Rheinland Germany. pbVerify engineers are certified in ISO27001 IT Security Management.

Phone: +27 (0)10 300 4898

E-mail: support@pbverify.co.za[REFERENCES]

  1. gov.za – National Credit Amendment Act 7 of 2019
  2. Government Gazette – National Credit Amendment Act 7 of 2019 PDF
  3. Fin24 – 5 questions on the ‘debt relief bill’ unpacked
  4. TransUnion – Q2 2019 Industry Insights Report
  5. Moneyweb – Unsecured lending up 12% – report
  6. The Banking Association of South Africa – NCA Amendment Act
  7. *Moneyweb – Close to 9.4m consumers may qualify for debt relief under new bill
  8. Business Day – Cyril Ramaphosa defends controversial debt-relief law
  9. Business Tech – Ramaphosa signs controversial new debt relief bill into law – Here’what it means for you

Source: pbVerify News

Customer satisfaction in the 21st Century: Is your business digitally equipped?

Posted on October 2, 2019

24-7-2019 customer satisfaction SOCIAL MEDIA

A happy customer equals a happy bottom line – but without digital transformation, neither of these are attainable.

The advent of digital has not only changed the way business is done, it has also significantly changed what is undeniably the most important factor responsible for the running of a successful business – customer satisfaction.

In today’s fast paced, digitally charged world, customers want – and indeed, expect – an extremely high quality, and personalised experience from the companies they choose to spend their money with.

As well as dictating the modern-day customer’s escalated expectations, the pervasiveness of digital has prompted companies to be far more accountable, with consumers no longer hesitant to voice their dissatisfaction publicly, thanks to the plethora of social media platforms they have at their fingertips.

It really is a dog-eat-dog digital world out there and, for businesses to thrive – and even survive – they need to offer their customers convenience, speed and seamless service – not to mention assurance that their personal data is 100% secure.

This is where digital transformation comes in. Digital transformation is essentially the implementation of new technology and software tools, primarily reliant on cloud computing, to the end of solving problems and delivering solutions faster, with less operating inefficiencies and costs.

For many businesses, especially those with high levels of bureaucracy, digital transformation may appear to be a long road, but partnering with the right solution provider will facilitate a swift and smooth ride – with the guarantee that your business will come out on the other end more empowered, and able to deliver a far richer customer experience.

As a leading provider of digital solutions that are enabling businesses across the globe to successfully transform their operations, SigniFlow has seen first-hand how the advantages of digital transformation outweigh any change management issues that go with effecting the change.

The benefits, to mention only a few of the most prevalent, include increased profitability, improved customer satisfaction, reduced risk, heightened levels of compliance and more streamlined processes.

The bottom line: Digital is the new oxygen. In order for companies today to firstly survive, and to keep up with their competitors and their customers’ evolving expectations, digital transformation is an absolute must.

SigniFlow is a core workflow and cryptographic digital signature engine that works either on its own, or fully integrated with existing core business systems.

Using only the most advanced & trusted digital signature technologies known to man, SigniFlow offers powerful workflow functionality and ease of document distribution to automate any business process.

To find out how SigniFlow can help your business achieve digital transformation, visit www.signiflow.com or contact us on the relevant number below:

International Contact Centre: 002710 300 4899

South Africa: +27(0)11-516-9403

Americas: +1-603-717-4248

United Kingdom: +44(0)208-611-2681

New partnership simplifies company registration process

Posted on February 1, 2018

company-registration-Malaysia

Company and domain names can now be registered as one, making it easier for companies looking to manage credit risk to access pbVerify’s full suite of services.      

A recent partnership between three South African agencies, allowing company and domain names to be registered together, has streamlined the process of registering local companies and, in turn, of accessing pbVerify’s suite of verification products.

Earlier this month it was announced that the Companies and Intellectual Properties Commission (CIPC), the ZA Domain Name Authority (ZADNA) and the ZA Central Registry NPC (ZACR) had collaborated to make it possible for new companies to register with the commission and claim a parallel co.za domain name at the same time.

The move will not only give new companies greater control over their intellectual property, it also significantly simplifies the process of acquiring unique online credentials – a requirement for access to many professional services, including pbVerify’s credit vetting products.

Daily online news portal, SME South Africa, cites ZACR CEO Lucky Masilela as saying the three-party agreement enables new enterprises to protect their fledgling online identities. “This innovative offering seamlessly combines the offline and online worlds in a way that provides total convenience and protection for start-ups.”

Credit management services

pbVerify is South Africa’s leading data bureau, offering small-to-medium enterprises (SMEs) and corporates all the information needed in order to make informed, intelligent business decisions to the end of mitigating credit risk.

The easiest way to verify businesses, people and property in South Africa, pbVerify’s suite of credit management services includes business credit checks, CIPC business and director searches, Home Affairs ID verification, SARS advanced VAT verification and bank account verification – among others.

Minimum requirements for companies seeking full access to pbVerify’s services are: a business email address; a business landline number and valid business registration details pertaining to an active business.

Now, thanks to the CIPC, ZADNA and ZACR partnership, companies can quickly and painlessly ensure they are able to tick all the above boxes.

Masilela describes the partnership as a “a fantastic example of domain name space pioneering coupled with out-the-box thinking in the area of public-private partnerships” and says the organisation is looking to launch further services for new enterprises, start-ups and other commercial users in future.Masilela describes the partnership as a “a fantastic example of domain name space pioneering coupled with out-the-box thinking in the area of public-private partnerships” and says the organisation is looking to launch further services for new enterprises, start-ups and other commercial users in future.

For more information on pbVerify’s services call 010 300 4898 or send an email to support@pbverify.co.za.

REFERENCE:

SME South Africa – Attention Startups! Company and Domain Names Can Now be Registered Together

Data protection: SA companies need to take a global stance

Posted on March 27, 2018

how-to-comply-with-the-data-protection-act-457501399

With the implementation of the EU’s data protection laws just around the corner, local entities need to study up on how it could affect them.

D-day for implementation of the European Union’s (EU) General Data Protection Regulation (GDPR) is just three months away – and South African organisations are by no means off the hook.

If you are a South African entity that handles individuals’ personal data, you will be acutely aware of our country’s data protection law – the Protection of Personal Information (POPI) Act – but have you considered how the looming GDPR affects the way you manage clients’ personal information?

The fact of the matter is, if you are a locally-based business that offers goods or services to EU customers, you also deal with personal information or data relating to EU citizens’ – and you are just as responsible for complying with the GDPR as any EU business.

Leon van der Merwe, head of digital at customer communication firm PBSA, points out that any entity controlling or processing data relating to EU citizens is affected by the GDPR. “Controlling refers to any organisation that states why and how data is processed, while a processor is any party doing the actual processing of the data, whether based in the EU, or not.”

GDPR vs POPI

Van der Merwe says it is crucially important for local companies with dealings abroad to do their homework and familiarise themselves with the GDPR’s ground rules. “Companies could be fined heavily under GDPR regulations if they fail to provide evidentiary and auditable processes, as well as adequate IT security, to protect personal data.”

The GDPR is a regulation borne out of the European Parliament, Council of the European Union and European Commission’s joint intent to strengthen and unify data protection EU citizens.

Non-compliance with the GDPR comes with a hefty fine of up to €20 million (about R290 million) – or 4% of annual sales.

Similar to SA’s POPI Act, the GDPR is all about data protection. Data includes things like a person’s name, email address and phone number, as well as information collected by website cookies like internet browsing habits.

Breaching rules laid out in the POPI Act comes with a R10 million fine and/or a jail sentence.

Van der Merwe summarises the parallels between the two data-protection directives: “POPI and GDPR are similar, in that they both aim to strengthen the protection of personal information. They differ in their approach, in that the GDPR takes a wider, more global perspective that includes anyone, anywhere either controlling or processing – or both – data relating to EU citizens.”

Auditable business processes

A big part of compliance, when it comes to both the POPI Act and the GDPR, specifically involves audit trails – something PBSA’s digital signature and workflow product, SignFlow, is heavily centred on.

For evidentiary purposes and in order for any company to assert GDPR compliance, the automated management of an audit trail is imperative.

Van der Merwe says SignFlow is can assist customers in their strategy to automate and digitise processes in a responsible and compliant manner. “Business Process Automation is at the forefront of our technology development at SignFlow, including tools like DocFlow, CaseFlow and our digital customer on-boarding tools.”

At the core of SignFlow, he says, is Public Key Infrastructure (PKI). “PKI manages users’ private keys, and signs and secures documents using Public Key Cryptography. Not only does this make documents tamper-evident after they’ve been signed, but the entire operation is conducted in a secure network over encrypted secure socket layers between the public, personal devices and private servers.”

Unlike paper files and systems managing email attachments, this portal fully controls and audits the workflow and communication channels between interacting parties. “This greatly reduces the risk of data leaks,” says van der Merwe.

“The system enhances non-repudiation, creating a digital trail of undeniable events that prove intent and identity.”

With GDPR set to come into effect on 25 May 2018, and the high stakes attached to non-compliance, South African companies simply cannot afford not to take a global view on data protection. “The protection of personal information goes far beyond just the POPI Act for local companies dealing with international customers,” says van der Merwe.

[REFERENCES]
  1. Digiday – For the GDPR-curious: WTF is the Article 29 Working Party?
  2. The Digiday Guide to GDPR (PDF)
  3. The Sun – What is GDPR, what does it stand for, when is the deadline in 2018 and how can you check if a business is compliant?
  4. Michalsons – What does the GDPR mean for the POPI Act?
    POPI commencement date or POPI effective date starts the clock
  5. Wikipedia – General Data Protection Regulation
  6. IOL – Protection of Personal Information Act soon to become a reality
  7. ITWeb – Unpacking the POPI Act: The ins and outs of protecting personal information

They’re here: pbVerify’s all-new website and enhanced system have landed

Posted on August 28, 2019

Marketing concept with person using a laptop

Our central data-hub of powerful and intelligent credit and identity information has received its long-awaited face-lift – with a faster system and exciting new products to boot.

As a leading data bureau with innovation at its core, pbVerify has been hard at work face-lifting our website and enhancing our service, so that we can bring you the most cutting-edge products, complete with the latest user interface.

Today, we are both delighted and proud to announce that, after months of blood, sweat, tears, late nights and too much coffee, our all-new website and supplemented online service is ready to go live.

On Monday 2 September, when you open pbVerify.co.za, and log in to your account, you will be greeted with a vibrant new interface, and a greatly enhanced system, featuring more comprehensive data and faster response times on all our existing reports.

What can you expect from the new interface?

Dashboard:

An eye-pleasing and functional dashboard featuring customisable weather updates and news strings to accompany your first cup of coffee in the morning. For our new customers, the new dashboard also features a site explaining the system’s main features and how to navigate through them.

We’ve added your Pending baskets to the dashboard, providing a clear view of outstanding bank reports, which are updated in real-time.

The new menu system makes it easier than ever to navigate our extensive range of products, either by product, or by bureaux. We’ve also enhanced the transaction history section, making it easy to search and find past transactions, and to download files.

Enhanced Reports:

Not only are our new reports beautifully formatted for you, they also contain enhanced quality data, which is now fully interactive. When opening a report, you can find the sections that are hyperlinked, and simply click on the relevant one/s. The links provide click-through functionality presenting more in-depth searches and reports on the data-subject.

New Products:

You can now remove customers you previously listed under the TransUnion Default Listing product. You no longer need to send letters for delisting or updating TransUnion, simply use the TransUnion Default Listing Manager on your Dashboard to manage, update or remove any listing.

But that’s not all

Our platform is gearing up to bring all our customers electronic FICA functionality, previously only available to large organisations and banks. These products, already available via API, will be launched within the next two months, so watch your emails for announcements..

KYCFactory

First up on the list, is our new digital KYC (Know Your Customer) tool, KYCFactory. Developed by our SigniFlow software team, KYCFactory offers businesses a compliant, automated and fully digitised FICA system that caters for both juristic and natural persons, as per policy defined by the Risk Management and Compliance Programme (RMCP).

KYCFactory is the first fully digital end-to-end electronic FICA/AML (Anti-Money Laundering) solution on the market that requires no supporting documents, irrespective of whether your company is on-boarding a consumer or a business. You will be able to read all about this groundbreaker under its dropdown menu on the new pbVerify website.

KYCFactory’s consumer verification comprises configurable, automated processes, including a slick new online 3D liveness test that biometrically matches the person to their national identity document photo, identity data, and alive-deceased data while retrieving their address from over 100 trustworthy SACRRA sources. Juristic entities are equally provided for with a brand-new approach to FICA verification, through an electronic declaration that caters for Directors, Signatories and UBOs (Ultimate Beneficiary Owners) compliant with the new FIC Amendment Act.

KYCFactory incorporates our new Sanctions, PEP and PIP (Politically Exposed and Influential Persons) reporting tool, which enables you to manually screen prospective clients and perform enhanced due diligence on anyone, from any country. This service instantly reports on over 2.5 million detailed PEP profiles and detects individuals, organisations and vessels linked to more than 50 risk categories, including Sanctions, Foreign Officials, and State-Owned Enterprises.

The second part of our Sanctions screening service relates specifically to sanctions and embargoes – i.e. political trade restrictions put in place against target countries to maintain or restore international peace and security. KYCFactory automates reporting on business with individuals who pose a threat and are listed on OFAC (The Office of Foreign Assets Control) Mission. Read more here.

RapidLEI

The next new entry, RapidLEI, is just as innovative and powerful. PBSA has teamed up with UK-based Legal Entity Identifier (LEI) innovator, RapidLEI, to build instant LEI registration into the pbVerify system.

Launched last year by our partner Ubisecure, RapidLEI’s pioneering automatic LEI issuance process takes the process of registering Legal Entity Identifiers, and reduces it from days to mere minutes. With regulation mandating the use of LEIs and new use cases now benefitting from the identity assurance LEIs can offer, this G20-endorsed organisation identifier is already achieving mass adoption.

To find out more about the history behind RapidLEI, and how the service automates the LEI issuance processes to deliver LEIs much faster and easier than ever before, click here. You can also watch Ubisecure’s video on this fully automated LEI process here.

We look forward to hearing from you on our new website, system and products. If you have any queries or comments, please don’t hesitate to give us a ring on +27 (0)10 300 4898 or email support@pbverify.co.za.

pbVerify is a registered Credit Bureau in terms of section 43 of the National Credit Act 34 of 2005. Its data-systems, data-security and data-processing protocols are audited annually in accordance with the NCA. pbVerify follows strict ISO9001:2015 quality management processes that are audited and internationally certified by TUV Rheinland Germany. pbVerify engineers are certified in ISO27001 IT Security Management.

[REFERENCES]

  1. SigniFlow – Digital KYC
  2. Ubisecure – RapidLEI From Ubisecure
  3. Ubisecure YouTube channel – RapidLEI fully automated Legal Entity Identifiers (LEI)

E-Invoicing in the spotlight

e-invoicing 20-8-2019 sm

Posted on August 20, 2019

Over 50 countries across the world are looking into implementing e-invoicing systems, thanks to the advantages of true electronic billing and invoicing.

Electronic invoicing (e-invoicing) was brought under the microscope in the United Kingdom in 2014 after the UK Government launched an inquiry into e-invoicing in the public sector, and announced e-invoicing initiatives to be rolled out by April 2019.

At the time, the MP tasked with the inquiry, Stephen McPartland, positioned e-invoicing as a technology that could streamline UK government admin processes “at a stroke”, saving the public sector and its suppliers a minimum of £2 billion a year. “E-invoicing could open up new markets throughout the country and help drive innovation and economic growth.”

This followed a new standard and directive on e-invoicing by the European Parliament in April 2014, which made it mandatory for all EU Member States to adopt a new e-invoicing standard. According to the directive, “all contracting authorities and contracting entities [are to] to receive and process e-invoices complying with the European standard”.

“We live in a world driven by digital innovation where efficiency and productivity benchmark new standards and expectations for business,” states McPartland’s report.

But what does this relatively new billing method – made possible by digital technology – entail, and could it live up to the expectations that have started to gain a foothold not only in the UK and Europe, but in countries all over the world?

A research paper, set to be released in the coming months by the International Monetary Fund (IMF), expounds how mandatory e-invoicing in Peru is helping increase firm sales and tax revenues. “Drawn by its potential to strengthen tax compliance and reduce costs, Peru is among more than 50 countries around the world to have implemented e-invoicing and many others are preparing to follow suit.”

About e-Invoicing

Essentially, an e-invoice is a statement created by suppliers and businesses to send to customers and clients requesting money. Typically, these are sent in PDF form and allow for circumvention of manual paper-based processes and physical paper documents that require a further set of physical procedures.

True e-invoicing – i.e. invoicing that is electronic in nature from start to finish – offers total automation, which in turn enables higher levels of efficiency and productivity, as well as significant financial savings in terms of resources.

Wikipedia defines e-invoicing as a form of electronic billing. “E-invoicing methods are used by trading partners, such as customers and their suppliers, to present and monitor transactional documents between one another and ensure the terms of their trading agreements are being met. These documents include invoices, purchase orders, debit notes, credit notes, payment terms and instructions, and remittance slips.”

The advantages of this system of electronic billing that over 50 countries across the world are looking at implementing, extend to both suppliers and buyers, and broadly include:

  • Process automation, which means time and money savings and, in turn, faster payment time.
  • Less disputes, due to the fact that invoice data is directly transmitted from supplier to customer electronically, creating a full audit trail.
  • Mitigation of human error, thanks to the high level of automation in the invoicing cycle.
  • Better supplier/buyer relationship and improved customer satisfaction, because processes are far more streamlined and reliable.

For more information on the automation of invoices and SigniFlow’s digital business solutions, visit our website, https://signiflow.com/, or contact us on the relevant number below:

International Contact Centre: 002710 300 4899

South Africa: +27(0)11-516-9403

Americas: +1-603-717-4248

United Kingdom: +44(0)208-611-2681

[REFERENCES]  

  1. European Commission – European legislation on e-invoicing
  2. Wikipedia – Electronic Invoicing
  3. Finextra – Electronic Invoicing in the UK Public Sector, post Brexit
  4. European Union – eInvoicing in United Kingdom
  5. NHS – Is your organisation on board with e-invoicing?
  6. PEPPOL (Pan-European Public Procurement On-Line) – e-Invoicing explained
  7. NHS – NHS Shared Business Services eInvoicing Information Guide for Suppliers (PDF)
  8. Future-Focused Finance – eInvoicing: a win-win for providers and commissioners
  9. IMF – Electronic invoicing reform in Peru paying off
  10. Finextr – Electronic Invoicing in the UK Public Sector, Post Brexit
  11. tips – Electronic Invoicing: The next steps towards digital government (2014 Report following Inquiry into electronic invoicing (‘eInvoicing’) in the UK public sector.)
  12. EUR-Lex – Directive of the European Parliament and of the Council of 16 April 2014 on electronic invoicing in public procurement

SHARE THIS:

Data protection D-day is here – SA companies take heed

Posted on May 25, 2018

gdrp

GDPR is here, and for organisations that deal with any personal information relating to EU member states, non-compliance will be ruinous.

The countdown has ended. D-day for enforcement of the European Union’s (EU) General Data Protection Regulation (GDPR) is here.

As of today, 25 May 2018, penalties will begin rolling in for organisations that have not yet taken the necessary steps to ensure they are compliant with this restructured – and considerably more stringent – set of data protection regulations.

The GDPR is a regulation borne out of the European Parliament, Council of the European Union and European Commission’s joint intent to strengthen and unify data protection for EU citizens.

But just because the GDPR is an EU regulation, South African organisations are by no means off the hook. On the contrary, experts warn, local companies need to take the GDPR – positioned as one of the most significant changes in data privacy regulation in 20 years – very seriously.

The inescapable fact is, any South African company that handles personal data connected to the EU has to comply with the GDPR, and failure to do so will be met with the same major consequences EU organisations face for non-compliance.

Far-reaching forces

Over recent decades, not only has personal data has become an increasingly important corporate asset that needs to be handled with extreme care, it has also become geographically agnostic. This means that, today more than ever, with the exponential growth of data propagated across borders, organisations globally need to take a staunch and unified approach to guarding it.

South African organisations, big or small, are no different – and the GDPR is not the only government-led product of this hugely digital age, nor will it be the last, it is merely the latest one to be enforced.

Leilani Smit, compliance professional at Smit Compliance (Pty) Ltd, notes that the GDPR applies to any local organisation that holds or processes data on EU citizens, regardless of the location of its head office. “This includes companies that have employees in the EU, sell or market products or services in the EU, or partner with EU organisations.”

Leon van der Merwe, head of digital at customer communication firm PBSA and director of local digital signature and workflow solution SignFlow, adds that any South African entity controlling or processing data relating to EU citizens is affected by the GDPR. “Controlling refers to any organisation that states why and how data is processed, while a processor is any party doing the actual processing of the data, whether based in the EU, or not.”

World Wide Worx MD, Arthur Goldstuck, says the effects of the GDPR will be far-reaching due to the fact that the EU is SA’s biggest trade partner. “[On top of this], any company that does business with a company that has to comply with GDPR, will also have to comply, to ensure the client is in compliance.”

GDPR vs POPI

Fortunately for SA, details around the country’s own local version of data protection policy – the Protection of Personal Information (POPI) Act – have been highly publicised since 2013, and many companies will already be familiar – some even largely compliant – with what is expected of them in terms of data protection.

Summing up SA’s POPI Act, Michalson’s says: “Essentially, the purpose of [POPI] is to protect people from harm by protecting their personal information. To stop their money being stolen, to stop their identity being stolen, and generally to protect their privacy, which is a fundamental human right.”

Although – unlike the GDPR – it is still not known when POPI will come into effect, what is known is that companies will have a one-year transitional phase in which to comply once POPI’s implementation date is made public.

Smit says, should a local company already be compliant with international legislation such as GDPR, the implementation of policies to comply with POPI “should be a breeze and not require anything other than normal company practices and procedures”.

Van der Merwe says POPI and GDPR are similar in that both are intended to strengthen the protection of individuals’ personal information and privacy, and it is precisely this element – intention – that is key here, says Goldstuck.

The high price of non-compliance

Another area in which both sets of rules are similar, is in the hefty fines that come with non-compliance.

In a nutshell: breach rules laid out in the POPI Act, and face a R10 million fine and/or a jail sentence; fail to comply with the GDPR’s regulations, and be prepared to be slapped with a fine of up to €20 million (about R290 million) – or 4% of annual sales (whichever is greater).

Smit comments: “In South African terms, POPI already poses strict penalties for non-compliance, however as far as our Rand stretches, the GDPR’s penalties will definitely cause sleepless nights.”

Although possibly the biggest concern for companies, Smit notes that financial implications are not the only implications they should be worried about. “Not only can non-compliance result in fines and penalties set by the legislation itself, but [the] reputational damage of not processing information correctly, can often be more damaging that the initial penalty itself.”

It is this high price of non-compliance IT and legal experts hope will drive South African companies to do the right thing – not only for themselves, but ultimately for their customers – and fervently strive to meet GDPR compliance criteria.

Consumer-centric control

Van der Merwe says it is all about the consumer. “Both GDPR and POPI were ultimately created to protect the consumer’s privacy. We are all someone’s consumer, and even small businesses owners need to think carefully and logically about areas in their business where personal information is processed or stored, and what vulnerabilities may exist in their processes.

“For instance, we all receive CVs that contain heaps of personal and even sensitive information. Often, after a host of interviews, only the person’s CV that is employed, is securely transferred to a digital or physical vault in HR. What happens to the rest of the CVs that did not make it? It is the responsibility of any business to have policies and procedures to timeously and responsibly destroy such information. Simply identifying these vulnerabilities and implementing logical measures to manage them, is a good start for any size business.

“GDPR is a good thing that could be very bad news for companies, if they fail to provide evidentiary and auditable processes and adequate IT security to protect personal data.”

Goldstuck adds that it is not only important, but essential, that South African companies have a global view on data protection. “Something as simple as having a website hosted on an international platform can make a company liable to sanction under GDPR.”

Teaming up with tech

When it comes to local companies complying with the seemingly daunting and complicated GDPR in a relatively pain-free way, experts agree technology will be key. Software systems that offer automation, content management, enterprise resource planning and accounting, among others, will become a lifeline for many companies in their quest to comply.

Van der Merwe says existing paper-based processes and antiquated electronic systems that were created prior to factors such as the GDPR and POPI, pose major risks of contravening their laws and directives. “It is all about how businesses – and governments themselves – are going to align their physical and data processing practices with the new requirements and legislation. New regulations that enforce concepts such as the right to be forgotten pose major challenges if not considered in the process from the outset.”

Goldstuck says, while the data protection laws necessitate considerable changes in the ways businesses operate and interact with customers, good compliance systems will provide most of the safeguards they need.

“Businesses will have to get permission for almost every interaction with customers, they will have to become more discerning in what information they require from customers, and they will have to institute strict compliance systems to ensure they do not fall foul of these laws. As a result, compliance officers, CIOs and CTOs will have more direct roles to play in customer strategy.”

Don’t delay

Although not yet enforceable, the commencement date for POPI has been looming large on the horizon for some time now, with many expecting it by the end of 2018.

Despite this, say experts, many organisations are far from being ready. Goldstuck says: “Most large businesses have geared themselves up to comply with POPI, although many have not put this gearing up into effect. However, there is also an impression that many companies are simply not bothering until they are forced.”

Forrester’s 2018 predictions indicate that a whopping 80% of firms will not comply with GDPR regulations by May this year.

This has to change – and fast – says Smit. “Businesses can no longer just take a backseat and hope this will pass by or fly over.  Active steps will have to be taken in an organisation, for instance staff training, risk assessments and creating an ethical culture within an organisation, specifically with regards to processing personal information.”

[REFERENCES]
  1. EUR-Lex – Access to European Law
  2. org – Web learning resources for the EU General Data Protection Regulation
  3. Government Gazette (justice.gov.za) – Act No. 4 of 2013: Protection of Personal Information Act, 2013
  4. Michalson’s – POPI Act Summary in Plain Language
  5. Forrester – Predictions 2018: A Year of Reckoning

SignFlow broadens horizons, rebrands as SigniFlow

Posted on June 5, 2018

SignFlow rebrand

We have spread our wings and taken to international shores…introducing our new, fresh look.

As a South African technology team with a spirit of innovation at the heart of our being, change and growth are two things we at SignFlow prize very highly.

Which is why we are so excited to announce that SignFlow has spread its wings, recently journeying beyond the African continent, into Europe, the United Kingdom and the Americas.

As an embodiment of this globalisation, we have decided to consolidate our local and international branding, which goes hand in hand with a fresh new look – including an awesome new website and epic new logo…

Introducing SigniFlow

The international offering of SignFlow (.co.za) is called SigniFlow (.com), which – as of May 2018 – is officially the successor to SignFlow.

While all old and existing marketing and training material and other content will still be branded as SignFlow – along with the old logo and look – it all remains 100% relevant.

SignFlow has been around for a few years, having made indelible footprints in cyber space, so the transition to SigniFlow is going to take some time. Our focus right now is on all of our branding going forward, so all new material and content will be branded SigniFlow.

What does this mean for you?

Well, to cite Coca-Cola, “Brand new look. Same great taste.”

SigniFlow, like SignFlow, is still the same world-class, local solution it has always been – just with a facelift. Think of it as a better looking version of the same great product.

SigniFlow is still Proudly South African. Nothing in terms of ownership of SignFlow has changed. SigniFlow – the new, fresh-faced SignFlow – is a 100% South African-owned product.

SigniFlow is also proudly protective of what matters most our customers: sensitive data. In terms of the storage of and access to your valuable files and data, fear not – this, too, remains unchanged. Your files are exactly where they were before, and still just as safe and secure as they have always been, in our South African data centres.

Finally, putting the cherry on top of this exciting transformation, the South African SigniFlow system is currently being revamped, and will be updated with the release of SigniFlow v4.0 during the third quarter of 2018.

Exciting times ahead, indeed. Onward and upward!

Please don’t hesitate to contact us with questions or for more information on 010 300 4899 or support@signflow.co.za.

Geospatial tech solves FICA, KYC challenges

Posted on July 2, 2018

geospatial image.PNG

pbVerify’s ground-breaking KYC API transforms laborious manual processes into fast, effective and secure verification.

In our ongoing quest to build a digital future based on holistic online solutions to help our clients maximise operational efficiency, pbVerify has developed a Digital KYC API like no other.

Designed for institutions accountable to the Financial Intelligence Centre Act (FICA) – specifically its know your customer (KYC) requirements – our Digital KYC API (application programming interface) takes the pain out of the on-boarding process for both accountable institutions, and their customers.

pbVerify’s API transforms an onerous, time-consuming and expensive manual process into a convenient, fast-moving and inexpensive online one.

KYC hurdles

KYC, a risk-based assessment of customers (individuals and businesses), is an integral part of FICA which makes it incumbent on accountable institutions to carry out extensive due diligence on all financial services applicants.

This typically involves a list of documents, including minimum requirements such as proof of residence and proof of identification for individuals; and evidence of shareholding, director information and company history for businesses  (either originals, or sighted by an institution employee).

Steeped in red tape and paper documents, the manual KYC process has long been the bane of institutions and potential customers alike. Not only is it costly and time-consuming, it can be incredibly frustrating, given South Africans’ unique circumstances.

Moonstone, a Stellenbosch-based independent support network for financial service providers, cites residential transience and “an inefficient postal service” as aggravating factors in the KYC process.

API answer

Instead of spending unnecessary time and money trying to acquire the list of documents and physical verification required by FICA’s KYC rules, financial institutions can now – by running pbVerify’s Digital KYC API – get identification and residential verification directly from the HANIS (Home Affairs National Identification System) and SACRRA (South African Credit & Risk Reporting Association) databases, respectively, instantly and online.

Coupled with advanced algorithms, which were built to eliminate all the challenges South African address databases face, this makes pbVerify’s latest solution the most powerful one on the market.

In a nutshell, the KYC API works like this:

  1. Applicant requests an account with a registered credit provider.
  2. Applicant completes the credit provider’s online form, linked to the pbVerify KYC API.
  3. Applicant’s identification information (names and ID number) are instantly verified against the HANIS database.
  4. Applicant’s address (residential information) is verified against the SACRRA database, based on two parameters set by the credit provider, i.e. over what period – 3, 6, 12, 24 or 36 months; and how many address matches required, obtained from other credit providers.
  5. If the Digital KYC API returns the applicant’s address data as matching the database, as per credit provider’s criteria, the system automatically approves the KYC process.
  6. The system sends a response to the compliance department, indicating whether or not the consumer is FICA compliant.

API differentiator

What sets pbVerify’s KYC API apart from other digital KYC verification products on the market, is the advanced method is uses to not only effectively, but to irrefutably verify applicants’ information.

Our API uses geospatial technology, as well as multi-paradigm geodistance algorithms, to determine and compare address data between data received from applicants, and data on file from at least one hundred registered credit providers across South Africa.

Essentially, our technology loops through credit provider data to find similar address matches, within the said specified time parameter (3 to 36 months), within a few metres of the pinned geolocation of the applicant’s input.

One of the biggest challenges in South Africa when it comes to address verification by credit providers, is the fact that many citizens live in townships and townhouse setups, where the address does not conform to the standard street address format.

To overcome this challenge, pbVerify’s algorithm pinpoints the applicant’s address via geospatial location, strips all anomalies and/or conflicting information from the address, and finds other credit providers that have similar address details. Only if these are also within a few metres of the applicant’s original input, will the API accept the address and report the credit provider sources where it was found.

In other words, only if enough data exists to satisfy your unique KYC requirement-settings, will the API return positive results, together with the source of the data matches, e.g. Vodacom, Edgars, FNB Home Loans, etc.

Apart from the immediately evident advantages of replacing manual with digital – primarily time and cost savings – pbVerify’s Digital KYC API underpins POPI (Protection of Personal Information) Act compliance, it adds another dimension in terms of security, and it removes the probability of human error.

[REFERENCES]

  1. gov.za – Financial Intelligence Centre Act, 2001 (Act No. 38 OF 2001)
  2. Financial Intelligence Centre – The FIC Act
  3. Financial Intelligence Centre – Frequently asked questions
  4. Moonstone – KYC– Knowing your client or killing your client?
  5. FNB – KYC/FICA information portal
  6. Investec – KYC Requirements

pbVerify renews data protection promise

Posted on August 17, 2018

Blog pic

SA’s number one data bureau has renewed its status as an official credit bureau, reinforcing customers’ trust in our services.

We are living in the Information Age, and there is an intense air of nervousness and reluctance when it comes to the sharing of personal information. And rightly so – given the proliferation of data breaches and brazen data misuse by marketing companies across the globe.

As SA’s leading data bureau, pbVerify fully understands these concerns and continually takes decisive measures to address them, ensuring our customers’ data remains private and secure at all times.

To this end, pbVerify recently cemented its status as an official credit bureau in terms of Section 43 of the National Credit Amendment Act, 19 of 2014, serving as a stamp of surety and our promise to you, our customer, that your data is safe with us.

In a nutshell, a credit bureau is as company that holds information on credit-active individuals, and uses that data to advise businesses and consumers as to their credit risks associated with a given application or transaction, using complex algorithms.

pbVerify’s status as an official credit bureau, in line with the National Credit Act, validates the fact that we are a professional business, bound by and compliant with all local and international data policy and privacy policy regulation. It also verifies that we have a failsafe disaster recovery system, so both ourselves as a service provider, and our customers, can have total peace of mind when it comes to the protection of the valuable data we deal with.

You can rest assured, your data – including identity data – is secure with us and will stay with us. We will never trade customer information with another company, nor share it for marketing purposes.

pbVerify offers a range of Credit Risk Management and Credit Check products for businesses and consumers.

For more information on pbVerify’s suite of B2B and B2C products click HERE.

To view pbVerify’s NCR Credit Bureau certificate click here: NCRCB343 Certificate – Valid 2018-2019

What is a Credit Bureau?

To manage credit risk and for the sake of general financial health, it is vital that you have a grasp on your credit history. As a consumer, it is important that you understand your credit score and report, as well as the bodies that compile that information, i.e. credit bureaus.

The National Credit Regulator (NCR) describes a credit bureau as “A company that gathers information and updates each consumer’s credit history. A credit bureau creates a record of a consumer’s credit information indicating how the consumer manages his/her credit.

“The credit bureau supplies these records to credit providers, such as banks, retailers and other credit providing companies. The information indicates each consumer’s payment record. It is also used to detect fraud, corruption or theft.”

What rights do I have?

When it comes to the accessing of credit history by a credit provider, you have the right:

  1. To be informed that the credit provider intends to report negative information on you to a credit bureau before the credit provider actually reports you.
  2. To receive a copy of your credit record from a credit bureau when you request it.
  3. To challenge information kept by the credit bureau if you are unhappy with the information.
  4. For your information to be kept confidential, and for your information to be used only for purposes allowed by the National Credit Act.

Click HERE to learn more about credit bureaus and the National Credit Act.

REFERENCES 

  1. National Credit Regulator – National Credit Act pamphlet
  2. Fin24 – Five massive data breaches affecting South Africans
  3. Business Live – All your personal information is up for sale to debt counsellors for 55c

pbVerify bolsters risk management portfolio

Posted on October 31, 2018

pbVerify qv4b pic

SA’s number one data bureau has added a new TransUnion product to help companies eliminate risk when it comes to choosing who they do business with.

As South Africa’s number one data bureau, pbVerify is constantly striving to put the power of knowledge and sound decision making in the hands of local businesses.

To this end, we have bolstered our TransUnion Business Report with Quick Vet 4 Business (QV4B) – an instant online commercial credit vetting tool that will allow businesses to quickly and comprehensively make informed decisions with regard to the customers they onboard.

The new business score gives businesses an accurate overview in one quick view as to what the status of a potential business or customer is, without them having to go through the lengthy process of investigation and manual vetting. Via just one automated online process, businesses can now identify who the profitable and low-risk customers are, and move swiftly forward.

The latest addition forms part of pbVerify’s expansive range of credit risk management products, which come with a top-notch support system. Businesses can access all Credit Bureau products via one secure, efficient online platform.

“This new score is going to make the decision-making process a lot easier and quicker for our customers, and give them total peace of mind that they have made the right credit decision,” says System admin-support manager Sean Bennett.

Seeding success

Understanding and implementing risk management is absolutely crucial when it comes to the success of your business. In today’s volatile financial milieu, no company can afford to enter business deals with businesses that have questionable financial footing.

Unfortunately, too many honest businesses fall prey to dishonest or irresponsible parties that don’t fulfil their end of the business deal, whether it’s failure to repay a loan, defaulting on payments or being dishonest about credit histories, and this ends up hurting profits, productivity and reputation.

pbVerify takes the risk factor out of your business decisions with its risk management tools. And it couldn’t be easier to sign up. After registering for free, you will have instant access to detailed financial information, credit histories, public trace record information and more. There’s no monthly fee – you only pay per search.

pbVerify offers reports on individuals, companies, closed corporations, consumers and properties in South Africa.

For more information or to get in touch with one of our dedicated pbVerify support agents, go to www.pbverify.co.za.

Local digital signature company cements global alliance

Posted on November 22, 2018

itologo

Posted by IT Online on 19 November 2018.

South African-born digital signature and workflow solution, SigniFlow, offering socially responsible product for business process automation, has landed on American shores.

A woman-owned small business based in New Hampshire, SigniFlow Americas is a member of the New Hampshire Tech Alliance, an affiliation committed to nurturing a technology ecosystem by building partnerships, enhancing knowledge, and shaping public policy.

The woman behind the new digital signature solution is Laila Robak, a Brazil-born entrepreneur with a passion for information technology and the power it has to transform and improve lives.

“We are very excited about the launch of SigniFlow Americas, and with Laila at the helm, this business is destined for greatness. We are proud to welcome all our Americas customers and partners to the global SigniFlow family,” says Leon van der Merwe, director of digital technologies at SigniFlow.

SigniFlow delivers enterprise-grade on-premise, private cloud and cloud solutions with a high level of integration, allowing companies to customise the solution to suit both their specific needs and their budgets. The solution provides legally valid digital signatures (cryptographic e-signing) and accepts digital certificates from almost any e-identity provider, publicly trusted certificate authorities (CAs) and privately signed public key infrastructures (PKIs).

Robak comments: “SigniFlow is a solution that can revolutionise business processes. It has various APIs that give us flexibility to create and integrate with existing systems and platforms, allowing organisations to choose from a range of options, from cloud to local deployments and hosted environments, and to use a mix of digital and electronic signatures – all while guaranteeing the legal validity of documents.”

Brand new Hybrid Server range in the offing

Posted on December 4, 2018

carbonite-hybrid-server-for-business2

The SigniFlow team has once again gone all out to ensure all our customers’ needs are met in every way, with our latest range of Hybrid Server licences.

Following an overwhelmingly positive response to our hybrid server solution, SigniFlow has pulled out all the stops to create a product that covers all bases, serves every one of our customers according to their specific needs and – above all – is first-class and failsafe.

A native cloud application utilising cloud computing frameworks and network-attached Hardware Security Modules (HSMs) to perform cryptographic signature operations, the SigniFlow solution was born out of the need for enterprise-level businesses to have maximum control over their data.

“For most small-to-medium businesses, accessing applications in the cloud was no problem, in fact it was in many cases preferred, but at an enterprise level, where highly sensitive documents and international legislation were involved, the need for more control was imminent,” explains Leon van der Merwe, Digital Director at SigniFlow.

In response to this need, SigniFlow launched its first open-enterprise on-premise SigniFlow Hybrid Server in 2017.

The term ‘Hybrid’, which we’ve used to name our server offering, refers to the combination of technology it employs – a dedicated hosted server, virtualisation technology and cloud-based cryptography.

Although often referred to as an on-premise solution, the SigniFlow Hybrid server is at home in a private server room or data centre, as well as in any hosted environment (private or public-cloud) and in a secure cloud services platform, like the popular Amazon Web Services (AWS) or Microsoft Azure.

The SigniFlow Hybrid brought about the ultimate in customisation, rebranding, enterprise information control, and an unrivalled bespoke integration landscape.

Highly successful among the big businesses the solution was intended for at the time, the technology drew such interest in the market at large during 2018, that suddenly businesses from across the spectrum wanted it.

“By listening to our customers, we realised that the solution, originally built for the enterprise, needed to be more flexible and scalable, to cater to medium – and even smaller – businesses,” says Van der Merwe.

“The SigniFlow team has once again gone full tilt in the idea factory, and we are very excited about our brand new Hybrid Server offerings for 2019.”

How the new licences work

The new SigniFlow Hybrid Server range consist of five new licences, the NANO-50, MEGA-250, TERA-500, PETA-1000 and the exciting new document-based open-enterprise license, the EXA-OPEN.

As its name suggests, the NANO-50 is a single tenant Hybrid that caters for up to 50 users, unlimited documents and unlimited signatures.

Similarly, the MEGA-250, TERA-500 and PETA-1000 cater for up to 250, 500 and 1 000 users respectively, all with document limits removed, and fully scalable and upgradeable licence plans.

From the MEGA-250 onwards, the servers can be duplicated to cater for more than 1 000 users and farmed for high-volume load balancing. Each comes with a second licence that can be used for disaster recovery (DR), or user acceptance testing (UAT or pre-prod). These models are also multi-tenant and can feature multiple business profiles per server.

The EXA-OPEN introduces a new approach to enterprise licensing. Documents, which may contain any amount of signatories, are bought in packs, ranging from 1 000 to 400 000 documents per pack, at incredibly low rates per document.

The real benefit of the EXA-OPEN kicks in for customers with document volumes above 400 000 per year, as the licence has a ceiling-charge equal to the 400 000 pack’s price. This means that after 400 000 documents, a flat annual rate is charged – no matter how many documents are involved or how many users are utilising the system.

The new Hybrid Server Licence Models are available in South Africa, South America, the United States, Europe, the Nordics and the United Kingdom.

For more information on how our Hybrid Server range can benefit your company, contact the team via support@signiflow.com  or phone:

South Africa : (+27) 10 300 4898

Americas: (+1) 603 717 4248

Europe: (+32) 494 102 095

China’s social scoring system takes the idea of credit vetting to another level

Posted on February 26, 2019

chinasocialcredit

Picture credit: Kevin Hong

Your credit score makes up a significant part of the whole when it comes to your social status – something we at pbVerify value, and use to promote sound decision making.

As SA’s leading credit data bureau, pbVerify knows how important it is – for businesses and consumers alike – to be familiar with their credit history, and well aware of their current credit status. There are good reasons for providing access to credit score information, all of which are aimed at promoting financial health and good business decisions.

The same beneficial system, however, has seemingly seen a more sinister twist, with the well-publicised move by the Chinese government to take it to a whole new level – one that instils fear, rather than protecting the people it is in place for.

We all know about social status and, whether we like to admit it or not, it is important to us. Nowadays we use social media platforms like Facebook, WhatsApp, Instagram and Snapchat to project a certain idea about ourselves to the world around us – a feature these platforms refer to as a user’s “Status”.

pbVerify specialises in one of the most influential aspects or “scores” that make up a personal status – your credit score. While most consumers are all too familiar with what a credit score means, the implications of a negative score and the importance of knowing your score, the system the Chinese government plans to implement over the next few years, in which every citizen is tagged with a social score, sounds like the makings of a science fiction novel.

China’s Social Credit System (SCS), whereby the government plans to rank its citizens based on their social credit, is due to be implemented in full by 2020, although its wheels are already well in motion. It basically allocates each citizen a social score card based on – among other things – their credit history, behaviour, philanthropic contributions and even outlook on life and events. The government will garner this information based on citizens’ accounts and network activities.

Going forward, this social credit score will be used to rank citizens and reward – or punish – them accordingly. Some of the implications include travel bans, exclusion from top schools (for kids of parents with low credit scores) and from certain jobs, slow internet connection, exclusion from hotels, and even registration on a public blacklist.

In development for some time already (reportedly conceived around 2014 in its current form) and set in motion in earnest in late 2018, China’s SCS has already seen millions of Chinese citizens prohibited from travelling, with a reported 1.75 million air ticket purchases, and 5.5 million train ticket purchases denied last year.

While China claims its aim with the SCS is to enhance trust and social stability by creating a “culture of sincerity”, most are less optimistic about the system’s ultimate goal, with many referring to it as an Orwellian Dystopia, and calling it “nightmarish”.

The jury is sure to be out on this one for some time, at least as far as the general public goes. If nothing else conclusive for now, it does go to show the weight social scores – or statuses – can hold.

We are all about empowerment

At pbVerify, we pride ourselves in providing a service that is accessible, easy to use – and above all, beneficial to our customers. Our focus is on empowering our customers every step of the way, by imparting knowledge that enables sound, intelligent financial decisions.

We constantly strive to put the power squarely in the hands of local businesses, to enable them to quickly and comprehensively make informed decisions with regard to the customers they onboard.

To this end, we recently bolstered our TransUnion Business Report with Quick Vet 4 Business (QV4B) – an instant online tool that enables credit vetting decisions in a matter of seconds.

Granting credit to new customers does not need to be a long, complicated process. Read HERE for more on how QV4B can speed up your business’s decision making and credit granting processes, giving you more time to attend to the things that matter most.

For more information or to speak to a pbVerify consultant call 010 300 4898 or email support@pbverify.co.za.

[REFERENCES]
  1. Wikipedia – Social credit system
  2. ABC Australia – China uses social credit surveillance system to ban millions from buying plane and train tickets
  3. Opploans – For people with bad credit, China’s ‘Social Credit’ scores sound like an actual nightmare
  4. Wired – Big Data meets Big Brother as China moves to rate its citizens
  5. Wired – The complicated truth about China’s social credit system
  6. pbVerify Blog – pbVerify bolsters credit risk management portfolio
  7. TransUnion – Quick Vet 4 Business

Paid-up court judgments for bad debt now easier to rescind

Posted on April 29, 2019

Capture

An amendment to the law that governs how courts treat bad-debt judgments against companies and individuals makes it much easier for these to be revoked once paid up.

Finally some good news for South African companies and individuals that have been affected by court judgments for bad debt: Once paid up, bad-debt judgments will now be much easier to remove.

This comes after an amendment (Clause 14 into Section 23A of the Courts of Law Amendment Act No. 7 of 2017) to the law on how courts handle bad-debt judgments.

As of 11 March 2019, a company or consumer that has settled their bad debt no longer needs to prove to the courts that there is a sound reason for their judgments to be removed. Previously, those with bad-debt judgments against them had to follow an arduous process known as rescission of judgment, which basically means having a judgment revoked.

Rescission of judgment historically involved a lot of red tape, including a lengthy application process and solid justification, and often hefty costs – and after all of this, there was still no guarantee that the court would accept the justification provided, and consent to reversal of the judgment.

Now, a company or consumer simply needs to show that their debt – including any interest and/or costs accrued from the judgment – has been paid in full, and the related bad-debt judgment can be reversed by the court. There is also no longer need to obtain permission for reversal from the party that obtained the judgment originally.

What does the amendment mean for pbVerify customers?

As South Africa’s leading data bureau, one of pbVerify’s priorities and chief services to you, as our valued client, is to allow you to grant credit to customers with complete confidence. This is why we welcome the latest amendment to the Courts of Law Amendment Act.

If you are a business that has customers for whom you have requested bad-debt judgments, the amendment means those customers now have far more incentive to pay up their debt, as this will allow them to have the judgment against their name removed. Previously, many individuals may have shirked paying their debts, because the judgment against their name would still stand.

If you are a business that yourself has a bad-debt judgment, you can now rest assured that, after paying the relevant creditor or originator of the judgement, you can wipe your company’s bad-debt slate clean.

While there are still processes and costs involved – and some feel the move may benefit companies more than individual consumers – it has been lauded as largely beneficial for any debtor that wants to clear their credit record.

[REFERENCES]
  1. Business Insider – Bad debt judgments now easier to overturn with new rescission rules
  2. The Department of Justice and Constitutional Development – Self-help guidelines for Consent Rescission of Default Judgment
  3. RNEWS – New provisions for rescissions of Paid-Up Judgements
  4. Fin24 – Rescission of judgment explained
  5. Parliament (PDF) – Portfolio Committee amendments to the Courts of Law Amendment Bill

pbVerify provides an easy to use, web-based system that instantly connects your business to real-time consumer and business information from the four largest credit bureaus in South Africa, the Companies and Intellectual Property Commission, Deeds Office and other business-critical data providers. pbVerify’s business tools enable you to instantly access current and accurate information to assist you in preventing fraud, identifying, tracing and assessing debtors, and effectively managing risk in your business at all times.

New fintech partnership to escalate RapidLEI growth in South Africa

Posted on May 10, 2019

Innovative new partnership sees LEIs encapsulated in digital signing applications.

South Africa-based customer communications company, PBSA, and UK-based Legal Entity Identifier (LEI) innovator, RapidLEI, today announced a strategic partnership that will see PBSA become a regional Registration Agent (RA) for RapidLEI as well as build LEI support into its signing solutions.

RapidLEI was launched in 2018 by Ubisecure and has been taking the world by storm through a growing network of global partners, with PBSA representing the next stage in this continued expansion. RapidLEI’s pioneering automatic LEI issuance process sees it reduced from a few days to a few minutes. With regulation mandating the use of LEIs and new use cases now benefitting from the identity assurance LEIs can offer, this G20-endorsed organisation identifier is already achieving mass adoption and shows no sign of slowing down.

PBSA, as a RapidLEI Registration Agent, will meet client demand for LEIs in South Africa, as well as offering LEIs in other regions they are expanding to, such as Europe and the USA, via their SigniFlow brand.

The RapidLEI solution makes LEIs available through a SaaS service or API. The API allows third party developers to build same-session LEI issuance into their applications, which will be used to its full extent by PBSA in the first stage of this collaboration. While strong identities like BankID & eID are beginning to be used to digitally sign documents, this new partnership adds organisational identity to the digital seal in the form of an LEI. Encapsulating the LEI in the company seal gives the other party the opportunity to check identities against a live global company database – verifying which company signed this document, and also their parent company/group structure.

After this initial phase of the partnership, PBSA and Ubisecure plan to collaborate further on additional pioneering identity assurance solutions. Ubisecure will be launching new services in the coming weeks, where LEIs are central to new organisation Identity Provider (IdP) solutions for advanced KYC (Know your Customer) and RtX (Right to Represent). These cutting-edge services will help enterprises to reduce fraud, lower compliance costs and create new products using verified organisation identities.

Leon Van Der Merwe, Director at PBSA, says “We’re very excited to bring Ubisecure’s pioneering approach to digital identity to the South African market and beyond, and have our global customers benefit from strong organisation identities offered by our signing solutions. Our long-held ideals of collaboration, integrity and accountability go hand in hand with what the LEI stands for – trust in who you’re doing business with.”

Paul Tourret, Corporate Development Officer at RapidLEI, says “We are incredibly honoured to be collaborating with the largest South African signing/workflow provider to connect the LEI ecosystem to the signing ecosystem, and we see a lot of potential to further enhance online trust with LEIs and the Ubisecure IdP services as we connect the various ecosystems together. We see this collaboration being the start of a dramatic shift in how LEIs are used in modern digital transactions.”

Find out more about LEIs at www.rapidlei.com, or get in touch now.

About PBSA

With a rich history of innovation dating back over 90 years, PBSA (formerly Pitney Bowes SA) is a leading customer communications company, offering software, equipment and services to help companies improve operational efficiencies and connect with their customers in more meaningful ways.

Based in Midrand, Gauteng, PBSA understands both hardware and software solutions and is optimally positioned to provide a secure, committed support infrastructure to its international customer base. The company’s solutions help companies engage customers, gain business insight, manage document workflow and ultimately optimise overall business performance.

Visit www.pbsa.co.za to learn more.

PBSA LEI: 984500S5591EMD8BCB56

About SigniFlow

Created in South Africa by a team of passionate Johannesburg-based IT minds, SigniFlow is a core workflow, digital document management and cryptographic digital signature engine that works, either on its own, or fully integrated with existing core business systems.

SigniFlow uses the most advanced and trusted digital signature technologies known to man, enabling powerful workflow functionality and ease of document distribution to automate any business process.

SigniFlow has a team of cryptographic experts, experienced engineers and business process automation architects to assist businesses in their digitalisation journey.

About Ubisecure & RapidLEI

Ubisecure is accredited by the Global Legal Entity Identifier Foundation (GLEIF) to issue Legal Entity Identifiers (LEI). RapidLEI is a Ubisecure service that automates the LEI lifecycle to deliver LEIs quickly and easily. As well as pioneering LEI automation, the company is a technology innovator and provides identity management software and cloud identity services that enable enterprises and governments to enhance customer experience, security and privacy through support for strong identities and management of customer identity data. Ubisecure also provides solutions to companies maintaining their own strong customer identities (such as banks and mobile network operators) to become Identity Providers (IdP) for strong authentication and federation services.

For more information please visit www.rapidlei.com or www.ubisecure.com

Ubisecure LEI: 529900T8BM49AURSDO55

Credit bureaus rebut e-toll blacklisting threats

Posted on March 22, 2019

Etoll pic

SA’s credit bureaus contradict threats by collection company ETC that non-payment of e-tolls could get road users blacklisted.

Road users need not panic – non-payment of e-toll bills will not get you blacklisted.

This is the firm word from SA’s credit bureaus, in reaction to recent news around e-tolls and default judgments that has sparked a new wave of panic around the government’s embattled highway tolling project.

In a statement last week, the Credit Bureau Association (CBA) stated categorically that road users could not – and would not – be blacklisted for not paying their e-toll bills. “Information relating to e-tolls/SANRAL [SA National Roads Agency Limited] will not be held on the credit bureaus.

“The Transport Laws and Related Matters Amendment Act, 2013, which amended the South African National Roads Agency Limited and National Roads Act, 1998, specifically excludes the levying and collecting of e-tolls from the provisions of the National Credit Act, 2005 and the Regulations thereto, as amended from time to time (“the NCA”).

“Credit bureaus receive, hold, display and remove consumer information in accordance with the provisions of the NCA and accordingly are not able to hold information which is specifically excluded from the provisions of the NCA.”

The CBA, an industry body representing 9 of the 14 registered credit bureaus within South Africa, further stated that any information relating to e-tolls or SANRAL, which had been “inadvertently” loaded onto a consumer profile, would be removed.

“If any consumer is aware that information relating to e-tolls/SANRAL has been loaded to his/her consumer profile, please contact one of the [listed] credit bureaus to lodge a dispute and this information will be removed.”

The CBA represents Compuscan, Consumer Profile Bureau, Cred-IT Data Risk Management Solutions, Experian, Inoxico, Lexis Nexis Risk Management Services, Tenant Profile Network, TransUnion and Xpert Decision Systems (XDS).

What sparked the panic?

The CBA’s setting straight of the record comes after reports last weekend that a Gauteng motorist had been denied credit after being blacklisted for owing R60 000 in e-toll fees.

According to IOL, at least 25 other e-toll defaulters had also been given default judgments. Default judgments arise when a debtor does not respond or defend a summons they have received, and a default judgment automatically means blacklisting.

Shortly after reports of the shock discovery by the Gauteng consumer, Electronic Toll Collection (ETC) – the body appointed by Sanral to collect e-toll fees – said it had applied to the courts for about 1 400 default judgments against road users who had neglected to pay their e-toll fees, and had ignored court summonses.

According to Eyewitness News, ETC chief executive Coenie Vermaak said that over 15 000 summonses had been sent to court for e-toll users who had not settled their e-toll accounts.

*To read the law that underpins the CBA’s statement first-hand, click HERE.

[REFERENCES]  

  1. Credit Bureau Association: Consumer information relating to e-tolls
  2. za – Transport Laws and Related Matters Amendment Act 3 of 2013
  3. Eyewitness news – E-tolls collection company applies for 1400 default judgments for blacklisting
  4. Business Tech – ‘Pay your e-tolls or you will be blacklisted’
  5. IOL – E-tolls blacklist shocker for Gauteng resident

Still reliant on paper processes? It’s time to pull the plug

Posted on June 11, 2019

Stop allowing paper processes to drain your business of money and your employees of productivity, and start reaping the benefits of digital.

Doing business in today’s fast-paced, digitally charged world is nothing short of dog-eat-dog. Companies simply have to be able to operate optimally at all times – or risk being devoured by competitors.

Fortunately, with the Digital Revolution now in full swing, state-of-the-art technology and software make it easier for business owners to keep their eyes on the prize at all times, by ridding operations and employees of distractions and impediments to productivity.

Of course, there are productivity drains that remain – and one of the biggest and perhaps simplest to mitigate these days, is paper.

If your company’s processes are still primarily paper-based, you are putting serious – and unnecessary – strain on your business. It’s a proven fact: Relying on manual methods and paper to complete business processes not only hampers productivity, it is also a huge drain on resources.

Think about this: how much time do your employees spend searching through cabinet upon cabinet of paper records to find the document they are looking for? And how much easier and faster could this process be, if the documents were digitally archived, able to be indexed at the touch of a few buttons or with a few clicks?

Imagine employees no longer had to spend their time printing, filing and sorting paper documents, and could rather use their time constructively, while at the same time cutting out some of the physical costs associated with outdated paper processes.

And how much time, money and physical office space could you save if you were to replace paper with the cloud? Consider costs of not only paper itself, but associated costs like printing and courier expenses.

Going beyond the advantages of digital business processes for your business internally, the ability to offer the very lifeline of your business – your customers – speed, security and innovation, is priceless. It’s a well-known fact that today’s customer wants speed and simplicity – which is exactly what digital offers, from onboarding processes to instant finalisation of agreements and contracts online.

Today, it’s no longer a question of whether to go digital, but of when to go digital. And the answer is now. Stop relying on processes that consume resources and drain productivity – and start enjoying the software at your disposal, the digital resources that enable you to streamline operations and elevate your company’s reputation.

Attention attorneys: Don’t fall prey to bank account scams

shutterstock_561677989

Posted on July 22, 2019

Cyber hackers have made off with hundreds of thousands of rands in their latest sophisticated email interception scam that targets property conveyancers, but this could have been avoided by a simple bank account verification process.

With the recent spate of cyber criminal activity in the real estate industry having left a number of innocent victims in dire straits financially, pbVerify is urging conveyancing attorneys to verify the bank account credentials of home sellers and buyers before transferring funds.

This comes in the wake of last night’s exposé by Carte Blanche, which uncovered the latest email impersonation scam doing the rounds, in which property attorneys are primary targets.

In what is described as a sophisticated email hacking scam, the fraudsters intercept emails between property attorneys and their clients, changing the bank account number of the rightful recipient/s of funds to their own, while leaving the account holder’s name unchanged.

Unknown to the client and without bank account verification, funds are then paid over into the fraudster’s account. Attorneys are shocked to find, upon following up on the funds, that the money was not received by their client.

Unfortunately, because the Law Society indemnifies themselves from cyber fraud, the client has no recourse and the property sale falls through, with an inevitable and devastating impact on all innocent parties involved.

These ruinous incidences could have been avoided through a simple process of bank account verification.

The solution

While industry experts are saying there are issues preventing banks putting a process in place to enable the quick and accurate verification of a bank account holder’s name against the bank account number, for as little as R12, pbVerify offers a solution that does just that.

Launched with the goal of helping businesses and individuals dodge the risk associated with digital payments – such as EFTs – our Bank Account Verification tool completely eliminates unnecessary risks in payment processes.

The importance of verifying financial details in this age of digital proliferation cannot be emphasised enough, with criminals becoming more and more sophisticated and the dangers growing around-the-clock.

As long ago as May last year, in an article by BizCommunity, Lew Geffen of Lew Geffen Sotheby’s International Realty warned about a spike in digital fraud in the industry, saying it was more prevalent than ever before and advising property professionals to verify financial credentials before transferring funds.

At the time, specialist conveyancing attorney from Guthrie Colananni Attorneys, Lara Colananni, was cited as saying there had been such a huge increase in scams enabled by the electronic interception of communication between attorneys, agents and clients, that the Attorneys Indemnity Insurance Fund no longer covered attorneys who fell victim.

Because there is no recourse and there are limited procedures in place to automatically ward off the ever-growing devices of cyber criminals, South Africans need to take risk management into their own hands – but pbVerify is there to make risk management simple and failsafe.

pbVerify is a registered Credit Bureau in terms of section 43 of the National Credit Act 34 of 2005. Its data-systems, data-security and data-processing protocols are audited annually in accordance with the NCA. pbVerify follows strict ISO9001:2015 quality management processes that are audited and internationally certified by TUV Rheinland Germany. pbVerify engineers are certified in ISO27001 IT Security Management.

For more information visit pbverify.co.za, call us on +27 (0)10 300 4898 or email support@pbverify.co.za.

[REFERENCES]  

  1. Business Live – Scam hooks lawyer, but owner pays
  2. BizCommunity – Fraud, an increasingly prevalent threat in real estate industry
  3. Fin24 – Here’s how cyber criminals are targeting attorneys in scams to steal cash
  4. pbVerify Blog – Make payments confidently with pbVerify’s bank verification tool

Top ten benefits of digital signatures

Posted on July 30, 2019

We have compiled a list of the main benefits we’ve seen from companies that have implemented digital signature solutions.  

Blog Digital Signature benefits

The technology we have at our disposal today makes for exciting times, with ever-evolving digital tools drastically changing the way business is done.

As an international provider of digital solutions, SigniFlow is grateful to be at the forefront of this exciting era, and to see the different ways in which our solutions empower businesses of all sizes to streamline processes, become compliant and ultimately serve their customers better.

On the back of this, we’ve put together a list of the top ten benefits we have seen at play in the businesses we serve with our solutions, which have secure digital signatures at their core.

  1. Document Security. Nobody wants to have to go into crisis management mode when important paper documents are stolen, misplaced or destroyed due to a fire, flood or other unforeseen disaster. The fact is, these things happen – and prevention is always better than cure. Digital document management and storage eliminates the chances of physical records going missing or being destroyed.
  2. Company image. Using digital signatures and finalising contracts and agreements so much faster than expectations have always dictated shows clients your business has the latest technology in place, and is serious about efficiency. For one of our clients, the fact that they used a digital signature and workflow solution turned out to be a differentiator when it came to them getting a deal.
  3. Corporate social responsibility. There is without doubt increased awareness and a higher expectation for companies to be environmentally aware nowadays. Using digital signatures and supporting a paperless business model demonstrates that you as a company are aware of the impact using paper has on the environment, and willing to employ solutions to minimise damage. Paper pollution causes serious adverse effects to the quality of air, water and land around us. Not only is discarded paper a major component of landfill sites, paper recycling in itself is a major source of pollution, given all the sludge that is produced during de-inking.
  4. Time management. There is nothing more time consuming – not to mention frustrating – than having to spend hours searching for physical documents that went through a lengthy manual signing, managing & storing process – and straight into a proverbial black hole. Digital Signatures turn hours – sometimes days or even weeks – into mere minutes by allowing you to quickly find the required documents, on a secure server, and then action them.
  5. Simplification of processes. One of our recently acquired customers were pleasantly surprised to see how simple going digital and paperless was, and how quickly our solution was able to save them time and money by simplifying day-to-day business processes. “We initially thought the change to digital processes would complicate things and take so much time to implement, but it turns out it was simpler than any single manual process we’ve done in the past, and our employees were happy and quick to get on board and move away from old manual contract signing and filing systems.”
  6. Customer satisfaction. We love to hear feedback from our customers about their customers, because we understand how much value a customer holds for a company. While organisations stand to benefit hugely from going paperless – in both monetary and time-saving terms – the customers they serve reap just as many rewards, including convenience, speed and efficiency. At the end of the day, a happy customer means a happy bottom line.
  7. Eradication of fraud. It’s no secret that any semi-skilled con artist can forge a physical signature. Digital signatures completely eliminate the risk of forgery, because they are backed by a unique digital identity, based on globally accepted Public Key Infrastructure standards. There is no higher level of security when it comes to signing a document.
  8. Legality. One of the things we frequently get asked by customers, is whether digital signatures are legally valid across all parts of the world. The answer is yes. SigniFlow digital signatures were developed with both security and compliance at their core, and are compliant with European, US, South African and international regulations for electronic transactions and trust services. Our solution uses state-of-the-art digital cryptographic signature technology that allows businesses and their customers to sign documents remotely and securely, with the sound knowledge that they are signing with signatures that are legally binding.
  9. Money savings. This is probably the most immediately raved about benefit see when companies deploy digital signatures. Apart from the obvious money-saving benefits that come with not having to print documents out, such as no more paper, ink, printers and maintenance, there are other associated cost savings enabled by digital document management and storage, such as needing less physical office space (which is often one of the biggest expenses a company has), and document distribution.
  10. Audit trails. In business, the ability to trace documents to their origin is crucial – not only for internal records, but also for the sake of transparency, compliance and protection of company information. Our digital signature workflow system provides businesses with a full digital audit trail, kept with documents in the SigniFlow workspace, stored on secure servers.

For more information on our solutions, visit our website www.signiflow.com or contact us by submitting an online query HERE or calling us: International Contact Centre Tel: 002710 300 4899 / From South Africa Tel: 011 516 9403.

Clean air, longer life

Posted on January 26, 2018

breathe easy indoors

Extend your life expectancy by cleaning the indoor air you breathe with an air purifier.

You eat well, don’t smoke, exercise fairly regularly and drink alcohol in moderation – and yet, some days, you feel like you’ve been hit by a large bus.

Sound familiar?

Because air pollutants are often not visible to the naked eye, many of us don’t realise just how debilitating poor quality indoor air can be on the human body – but the effects of indoor air pollution should not be overlooked. They range from short-term afflictions – like eye, nose and throat irritations – to more serious long-term effects like respiratory disease and even cardiovascular conditions.

And, while we may think we can eliminate common culprits like pet dander, dust, smoke and mould spores by keeping a clean home or office, the fact is that dusting and vacuuming are simply not enough to remove all these daily pollutants from the air we breathe.

But fret not, because it’s not all doom and gloom for those after a life of health and longevity in a world where clean air seems like an unattainable ideal – help is at hand.

Think of air purifiers as pollution-busting superheroes – except these clean air crusaders are by no means fictitious or out of reach – they are practical, affordable and dependable devices that have been proven to improve and lengthen lives, if not save them.

Air purifiers work by way of HEPA (high-efficiency particulate air) filters that clean and purify the air that is circulated – and that you breathe daily – indoors. HEPA filters physically trap the tiny particles that vacuum cleaners and other cleaning equipment merely recirculates into the air.

A health must-have in your home or office, air purifiers not only clear airborne bacteria quickly and quietly, they are also very effective in the removal of odours, allergens and other pollutants that are inevitably present in indoor air. In fact, research has shown that HEPA filters remove about 99.9% of dust particles and impurities from the air.

According to The New York Times, studies have found improved air quality has prevented tens of thousands of premature deaths from heart and respiratory disease. Simply put, “Clean air, longer life” (Harvard Magazine).

The conclusion: air purification equals the removal of impurities…equals clean air…equals better health…equals longer life.

So you have to ask yourself, can you afford not to invest in an air purifier?

For information on pbOffice’s range of air purification systems, visit our Air Purifiers web page, or call 010 300 4893.

Optimise your business mail system with a Relay inserter

Posted on December 4, 2017

Relay 1000

When it comes to the mail you send out to customers, time and cost savings are just two of the many ways in which your business can benefit from a quality inserter.  

pbOffice, a division of customer communication firm PBSA, has just introduced a new, improved range of mail inserters, serving mailing needs from small- to large-scale. Read more about the new Relay range of inserters, manufactured by Pitney Bowes, HERE.

Wondering why you should invest in an inserter for your business in the first place?

Before going into the huge advantages an inserter can bring your business in terms of productivity, efficiency and professionalism, it is important to note that traditional mail as a means of engaging customers is far from dead.

On the contrary, traditional mail has been widely advocated as the most effective means of communication. People have a strong sense of nostalgia when it comes to physical mail and – if done properly – this means of communication and marketing can really help your business stand head and shoulders above the rest.

Mail folding and inserting machines not only give your business mail the professional touch, they also ensure the right mail gets out on time, to the right customer – and far more speedily and painlessly than with a manual system.

If you are sending mail out the manual way, your process probably goes something like the time-consuming and tedious process outlined below:

  1. Gather all printed documents, inserts and outer envelopes.
  2. Manually fold documents, trying to make them look as professional and neat as possible.
  3. Select and include all the necessary inserts, checking and double-checking these are all in the correct order.
  4. Manually insert the documents and inserts you just put in order into envelopes.
  5. You are now ready to mail the one piece of mail you just prepared (but you probably have hundreds more to go).
  6. Put plasters on your paper cuts.
  7. Repeat

With a Relay inserter, this could be turned into a simple, speedy and precise process – like the one below:

  1. Load documents, inserts and envelopes.
  2. Select job on keypad.
  3. Stand back as the machine prepares the job.
  4. Ready to mail.

But time-saving is just one of the many advantages that comes with investing in a Relay inserter for your business.

An inserter will also allow you to correspond with your customers more regularly; easily add revenue-generating inserts; improve the security of mail with envelopes that stay sealed; align mailing addresses for a precise fit in envelope windows and deliver frequent promotional mailings.

If you are a business that regularly communicates with customers via mail, a Relay inserter is not just a luxury – it is a must-have.

Relay inserters are machines you can stake your business on.

For more information call 010 300 4893.

PBSA upgrades to Relay inserter range

Posted on November 30, 20171

Relay 3000 & 4000

The customer communication firm has just launched a new suite of mail folding and inserting machines that will fit any size business’ needs.

Being a company that believes in moving with the times – and bringing its customers only state-of-the-art technology – PBSA has upgraded its folding and inserting machines to the Relay range from global technology company Pitney Bowes.

The move gives pbOffice – the division of PBSA that provides automation solutions to serve mailing, marketing and communication applications for small and medium-sized enterprises – the ability to better serve its customers by being able to more accurately align machine specifications to specific application needs.

Quieter to operate and more aesthetically pleasing, the new Relay inserter range is more office-friendly. More importantly though, the Relay ranges drives higher performance, increasing productivity and allowing you to focus your time and energy on driving your business.

The Relay range of inserters comes with a number of vital features and scores of benefits. These state-of-the-art machines come with guarantees of:

  1. Data protection for your customers: This is an invaluable benefit, especially given the country’s personal information laws (does the term POPI Act ring any bells?).
  2. More productivity, less wasted time & money: Relay inserters offer a proven, easy-to-use platform that delivers fast, accurate and affordable mail assembly.
  3. 100% Accuracy – every time: The Relay range of inserters was specifically designed to deliver accurate, reliable processing of mail – so you can be confident your mail is not only getting out on time, but the right information is getting to the right customer. Every time.
  4. Ease of use: Even if you’re not technically inclined, you can be up and running with your Relay inserter in no time, ensureing your monthly mail gets out quickly and easily.
  5. Customisation: You shouldn’t have to tailor your mail programmes to the limitations of your equipment. With the Relay range of inserters, you have the ability to process various sizes of letters with the option of processing flat-sized envelopes or mailers.

For more information and model specifications relating to the various machines offered by pbOffice, click on the links below:

For more information on pbOffice products and services call 010 300 4893.

SignFlow engineers terminate menacing Bitcoin virus

Posted on October 18, 2017

pic for SignFlow bitcoin blog

A dangerous Bitcoin-mining virus has been detected and disabled by two of our IT experts.

A potentially devastating Bitcoin-mining virus has been stopped in its tracks, thanks to the vigilance and quick actions of SignFlow (a PBSA brand) engineers William Vermaak and Morne Wilken.

Vermaak and Wilken detected malicious activity on one of their customer’s servers last week, immediately analysed the source of the virus and un-infected the server.

According to Vermaak, the virus had gone undetected by all available virus packages. “We submitted samples to ESET the next day and [the company] immediately responded from its virus lab in Denmark, confirming the virus was wild and that detection for the threat had been added to its latest definition updates.”

Founded in 1992, ESET is a Slovakia-based IT security company that offers anti-virus and firewall products such as ESET NOD32. The security company named the virus winlog.VBS – VBS/TrojanDownloader.Agent.QE trojan winlog.bat – BAT/CoinMiner.UG Trojan.

By the time of detection, the virus had already infected 0.04% of Windows computers in South Africa, while Russia was hardest hit, with 0.5% of all Windows computers infected. Windows is currently the most popular end-user operating system in the world.

Essentially a Bitcoin-mining virus, the Winlog Virus downloads a Bitcoin CPU miner on the victim’s computer, and then mines Bitcoins for the virus originator. Vermaak says this type of virus is particularly evasive. “It tries to make itself resilient and configures various system schedules to start it again if it’s stopped. The virus will also install itself on the system as a system service.

“The virus infiltrates the System Registry and changes some keys to make itself run again if it’s shut down. Shortcuts on the victims’s Desktop are modified to run the virus and these then run the original program, in an attempt to mask it’s presence. The virus also copies itself into various other files on the system – including Microsoft.exe – to try ensure resilience.”

Prevalent pest

According to Manuel Corregedor, chief operations officer at information security company Telspace Systems, Bitcoin-mining viruses have become rampant. “There has definitely, in recent times, been an increase in Bitcoin-mining viruses – in particular the diversification of the type of currencies they mine.”

Almost three months ago, Russian president Vladimir Putin’s Internet advisor, Herman Klimenko, issued a dire public warning that 20 to 30 percent of all computers in Russia were infected with computer malware designed to turn devices into Bitcoin-mining machines.

At the time Klimenko told Moscow-based news broadcaster RBC that viruses that install bitcoin-mining software are the “most common and most dangerous” type of computer malware in existence.

Corregedor says the main issue Bitcoin-mining malware creates, is that it negatively impacts the performance of the victim’s computer. “[The malware] does this by stealing/utilising the infected computer’s resources (CPU, GPU, RAM, etc). This may result, over time, in increased wear and tear, which may cause the computer to fail or cease.” On top of this destructive consequence, he adds, there are other costs associated with increased power consumption.

But this destructive malware goes even further. Apart from the said performance impact, Corregedor notes that – apart from mining Bitcoins – it  has also been seen launching web- and network-based attacks, such denial of service attacks, login brute force attacks and web application attacks.

“It should also be noted that the danger [with Bitcoin-mining malware] is further increased due to the fact that [it] has been found to be infecting Internet of Things devices i.e. web cameras, routers, Network Attached Storage devices, etc.  The infections have mainly occurred due to these devices having default credentials configured on them – for example user name admin and password admin on a router.”

Protection pointers

Corregedor says users can protect themselves against these kinds of malicious virtual attacks by ensuring their operating systems (Windows, Linux etc) are up to date with the latest security updates (patches).

He gives the following pointers:

  • Ensure you have anti-virus software installed and that it is up to date
  • Ensure your devices are not using any default login credentials and/or weak login credentials, in particular devices such as routers
  • Enable/install a Firewall
  • Install a HIPS (Host Intrusion Prevention System)
  • Be cautious/aware when it comes to receiving unexpected emails with attachments and/or installing potentially unwanted software

“Attackers are constantly scanning the internet looking for devices that are not up to date and/or are not configured securely (for example using default credentials).  Once such systems are identified, they are infected with malware,” he warns.

“Additionally, attackers are also constantly sending out spam/phishing emails that contain malicious attachments.”

Corregedor says, while South Africa is just as vulnerable as any country when it comes to infection, the country’s lack of a National Information Security Awareness campaign could render it in deeper danger.

SignFlow ties up with Accfin to digitise accounting processes

Posted on September 11, 2017

The integration of two state-of-the-art software platforms transports the accounting profession into a new world of digitisation.

Digital signature workflow solution SignFlow and accounting software firm Accfin have integrated their respective software platforms, in a move that places the accounting profession securely in a new and exciting world of digitisation.

Accfin, a local software firm leading the way in automation of back-office systems for accounting and auditing companies, grew out of an accounting firm over 20 years ago. The recent tie-up with SignFlow – a locally developed and internationally recognised digital signature solution – essentially automates the entire communication process involved in the accounting practice.

Leon van der Merwe, head of digital at SignFlow parent company PBSA, explains, “By using the SignFlow feature in Accfin software, you eliminate the need for print, courier and e-mailing of sensitive documents to customers – and then having to wait days, even weeks for a response.

“SignFlow is built on a powerful, digital workflow engine that tracks progress and instils accountability and auditability. Apart from the obvious environmental advantages the solution offers, the value of saving time through increased efficiency, is most valuable to accountants, who work under tremendous time pressure.”

Accfin MD Mark Silberman says the integration with SignFlow “changes the state of play” in the accounting market place. “It automates the communication process. Our software allows accounting firms to communicate with their clients. The integration of SignFlow with [Accfin’s] Sky Software allows the customers of the accountant to authorise the filing of tax returns and approve company resolutions.”

Accfin, which strives to provide state-of-the-art back office systems to South African accounting firms, currently provides automation software across the sector – from large international firms, to small sole practitioners.

Van der Merwe says SignFlow is proud to be associated with Accfin Software – a company that is “definitely leading the way in automating back office systems for accounting and auditing firms”.

“SignFlow is fast becoming the most trusted digital signature workflow solution in South Africa, especially within the auditing and financial sectors,” concludes Van der Merwe.

FICA compliance made easy

Posted on August 17, 2017

SA’s leading data bureau gives businesses the key to pain-free compliance.

Although the Financial Intelligence Centre Act (FICA) came into effect almost a decade and a half ago, it is as relevant today as the day it was conceived.

Instituted in 2003 to curb financial crimes, such as money laundering, tax evasion, and terrorist financing activities, FICA is a law that all financial institutions need to comply with. This includes any business that provides credit facilities in any form – whether assets like houses and cars, or retail items like mobile phone contracts and appliance/clothing accounts – or cash in the form of loans.

FICA basically makes it incumbent on all aforementioned financial services companies to reassess their entire client list, in order to ensure that all clients’ identities and finances can be verified. Think of it as a sweeping credit check of every person in an existing database – it is a means of identifying any individual who could potentially pose a threat to your company.

As with any law governing how businesses handle customer identification and verification processes, and how they manage records, FICA is multifaceted, and comes with severe penalties for businesses that are non-compliant.

Pain-free compliance

But, as daunting as this may sound, it does not need to be – nor does FICA compliance need to be another headache you have to deal with as a credit providing company.

South Africa’s leading data bureau, pbVerify, offers a range of services to make your path as a business striving for FICA compliance as straight as possible.

A division of pbDigital, under Customer Communications firm PBSA, pbVerify is essentially a credit risk management tool for any size business in South Africa that grants credit accounts and payment terms to other businesses and/or to South African consumers.

pbVerify’s online web-based tools help companies assess credit risk by evaluating the credit history of any business and its principles and/or any consumer a company wishes to grant credit terms to. This is done via multiple credit bureaus and other business critical data providers, through one easy-to-use website.

Included in pbVerify’s suite of services, are the following consumer credit check products, which offer your business a painless means of becoming FICA compliant:

Consumer traces for address validation: facilitated by three of South Africa’s main data credit bureaus – XDSTransUnion and Compuscan – pbVerify’s consumer trace service gives you access to consumers’ latest  contact information.

Bank account verification: pbVerify’s Bank Account Verification Service allows you to efficiently verify the bank details of a consumer, and determine the status of their account – whether the account is currently active, open or closed and whether it has been open for more than three months. The service is available for the 5 major banks in South Africa only.

CIPC Company & Director Verification: pbVerify’s CIPC Company Search Report – one of the most advanced CIPC search tools in South Africa – allows customers to easily retrieve and verify all registration information related to any registered South African business and its principles. Complementing this search too, is the CIPC Director Search Report.

ID Verification: The pbVerify Home Affairs ID Verification tool is used to determine the correct identity information on South African citizens. (This validates the consumer’s identification, but does not confirm whether or not they are credit active)

Alongside this, pbVerify’s ID verification API is used by various corporations, retailers, telecommunications companies, online service providers and system integrators to instantly verify identities for an range of different functions, including customer identification at point of sale, fraud prevention, online transaction verification, customer relations, human resource software and more.