Version 1.0
Prepared by: @Lorraine Sebata
Approved by: @Simon Cooper
Reviewed date: 2025-12-17
Next review date: 2026-11-17
This policy applies to all staff members, agents, and authorized representatives of Easyterms. who handle customer communications via telephone, email, web portal, or chat platforms.
To provide step-by-step instructions for verifying customer identity across all remote communication channels to ensure compliance with Policy OPS-002.
This SOP applies to all personnel handling inbound or outbound customer queries via telephone, email, web portal, or chat platforms.
Client Data Privacy Policy
Anti-Money Laundering (AML) Policy
Step | Action | Description |
4.1 | Initial Greeting | Greet the customer. Confirm you are speaking with the person named on the account. Do not disclose any account details yet. |
4.2 | Request Details | Request the 4 parameters (Name, Email, NI Number, DOB). Ask in a random order to prevent scripted fraud attempts. |
4.3 | Compare Records | Match details against the database. Do not repeat the details back to the customer for confirmation (e.g., "Is your DOB 1st Jan?"). |
4.4 | Verification Decision | 3-4 Matches: Proceed with the request. 0-2 Matches: Politely explain that verification failed. Do not specify which details were wrong. |
4.5 | Documentation | Record the outcome in the interaction log including Date, Time, Parameters Verified, and Staff ID. |
Secure Channels: Conduct verification only through authenticated portals or secure links. Do not request NI numbers via unsecured, plain-text email.
Automated Matching: Use the system's automated comparison tool to flag matches.
Notification: If verification fails, send a secure notification. Suggest alternative methods such as a phone call or in-person visit.
Logging: Ensure the system automatically timestamps and encrypts the verification attempt log.
Threshold: If a customer fails more than twice in 24 hours, flag the account for potential fraud.
Escalation: Refer the account to the Fraud Prevention Team. Do not attempt further verification for 24 hours.
Primary Check: Verify the primary customer’s identity using the 4-parameter check first.
Authorization: Confirm the third party has a registered Power of Attorney or valid written authorization on file.
Document: Record the third party’s full details and the basis of their authority.
Vulnerable: Allow extra time. If they cannot meet the threshold, escalate to a supervisor for an alternative (e.g., security questions).
Deceased: Immediately cease the interaction upon notification. Escalate to the Probate/Legal Team.
Mandatory Training: All staff must complete verification training before handling calls and annually thereafter.
Quality Audit: Supervisors will conduct monthly random reviews of call recordings and chat logs.
Retention: All verification logs are retained for seven (7) years, then securely destroyed.
This SOP will be reviewed annually by the Operations Department.