DocFlow: Bridging the document automation gap

SigniFlowStandard

G10167-MSSigniFlow now integrates a document management and process automation tool that seamlessly manages business processes, from A to Z.

Document management is without doubt one of the most important functions in a business, regardless of its size. In many ways, document management is the heartbeat of an organisation – the foundation upon which many other functions are built, and that enables a company to run smoothly.

Despite this, many organisations struggle to adequately manage this core of their business, which is heavily reliant on efficient, traceable business processes and corresponding archives.

This is where DocFlow – a powerful combination of document management and process automation systems – comes in. Created by SigniFlow engineers, DocFlow is an integrated extension to SigniFlow workflows, which seamlessly manages the automation of business processes, from A to Z.

Released in 2018,  DocFlow is set to become an indispensable component of businesses’ process and document management in the coming years.

The creation of DocFlow comes in the wake of the discovery of a gap in the document management space. SigniFlow found that a number of clients were in serious need of auxiliary functions, such as meta matching through barcode scanning, barcode decryption, auto filing, and managing physical artefacts that lacked electronic artefacts. Following painstaking research and design by the SigniFlow team, we are now able to bridge this gap.

How DocFlow works

As an extension of SigniFlow, DocFlow works by allowing business owners to create input and output rule-based folders, following the mapping of a business process, to manage the flow of data and documents from the initial input, to the ultimate archiving destination.

Based on pre-configured process workflow rules and security-based user roles, DocFlow manages the workflow of all business documents, through automated and controlled digital processes.

DocFlow utilises the SigniFlow workflow and digital signature signing capabilities to ensure processes that require documents to be signed can be automated, while processes remain fully digital at all times.

DocFlow also allows businesses to link physical paper documents kept in filing rooms or cabinets, or at branches, to digital records using structured file plans – as well as to manage physical documents that are in transit, ensuring that what is sent from a location, is exactly what arrives at the intended destination.

An essential for businesses of any size, document management has never been so secure and failsafe.

As of Q1 2019, this powerful new tool will be available for all SigniFlow customers at no additional licence costs, with a basic setup for document archiving.

For more information on DocFlow and what it can do for you and your business, please feel free to contact us via any of these channels:

Email: support@signflow.co.za

Tel: 010 300 4898

Visit our website at www.signiflow.com

Source: SignFlow News

Introducing the most powerful consumer signing tool in the world

SigniFlowStandard

SigniFlow Featured Image

https://signiflow.com/wp-content/uploads/2018/12/happy-computer-woman-logo.jpg

The SigniFlow team has come up with a sophisticated and secure – yet simple and easy to use – consumer signing tool, set to revolutionise the digital signature market in 2019

When our clients – and the market they serve – speak, we listen. Carefully. So when a number of SigniFlow clients, who serve private customers from all walks of life, told us they needed an uncomplicated signing tool that could be used by anyone, anywhere and on any device – without security ever being jeopardised – we put our heads together and came up with what we have dubbed EasiSign.

Simple and unassuming by name, EasiSign is by no means that at the core. On the contrary, EasiSign is the most powerful consumer signing tool yet. Paradoxically, our latest consumer signing tool is something so intricate and sophisticated, something so watertight and secure on the inside, yet on the surface – for the end user – a simple, clean and uncluttered, easy-to-use interface.

Currently in Q4 2018, EasiSign is only available to customers with existing, or new, SigniFlow Hybrid Server licences. EasiSign is set to officially be launched into the SigniFlow technology stack during Q1 of 2019.

This revolutionary consumer signing tool will essentially replace the existing signing interface when SigniFlow Version 4 is launched during Q2 2019. Don’t get us wrong – the current interface in SigniFlow Version 3.3 is a great business process tool – but we have learnt that for private consumers, especially in the lower LSM groups, signing documents electronically can be overwhelming.

EasiSign eliminates complexity entirely. It is fast and very easy to use, on any device. Best of all – you can rest assured that security and authentication will never be compromised.

The A, B, C of EasiSign

With EasiSign, the authentication configuration can be set by each customer, and on a document level.  Authentication methods include any one, or a combination of, any of the following options: full registration, ID number verification and input matching, SMS One Time Pin (OTP), USSD OTP, password and email verification.

EasiSign is mostly driven by API integration with document composition systems or enterprise resource planning systems (ERPs) in the background producing the documents, and triggering the SigniFlow EasiSign workflow.

The new interface features a multi-document portfolio environment that simulates attachments to an email, and can group multiple documents together – which are then presented to the signer as a single document, for easy reading.

EasiSign also features a secured document upload portal, through which the sender (workflow creator) can request that the signer upload additional documents (such as proof of residence, identity documents, etc) when signing.

A great tool for carrying out FICA processes, EasiSign also has huge advantages in terms of the POPI Act, which calls for stringent private information protection.

EasiSign is included free of charge with any SigniFlow licence and, as always, there are no costs involved for the consumer, who can sign in EasiSign using their free SignFREE licence.

Existing Hybrid Server customers that wish to switch to EasiSign, can do so without any cost implications.

For more information on our awesome new consumer signing tool, please feel free to contact us via any of these channels:

Email: support@signiflow.com

Tel: 010 300 4898

Visit our website at www.signiflow.com

Source: SignFlow News

Local digital signature company cements global alliance

SigniFlowUncategorized

itologo

Posted by IT Online on 19 November 2018.

 

South African-born digital signature and workflow solution, SigniFlow, offering socially responsible product for business process automation, has landed on American shores.

A woman-owned small business based in New Hampshire, SigniFlow Americas is a member of the New Hampshire Tech Alliance, an affiliation committed to nurturing a technology ecosystem by building partnerships, enhancing knowledge, and shaping public policy.

The woman behind the new digital signature solution is Laila Robak, a Brazil-born entrepreneur with a passion for information technology and the power it has to transform and improve lives.

“We are very excited about the launch of SigniFlow Americas, and with Laila at the helm, this business is destined for greatness. We are proud to welcome all our Americas customers and partners to the global SigniFlow family,” says Leon van der Merwe, director of digital technologies at SigniFlow.

SigniFlow delivers enterprise-grade on-premise, private cloud and cloud solutions with a high level of integration, allowing companies to customise the solution to suit both their specific needs and their budgets. The solution provides legally valid digital signatures (cryptographic e-signing) and accepts digital certificates from almost any e-identity provider, publicly trusted certificate authorities (CAs) and privately signed public key infrastructures (PKIs).

Robak comments: “SigniFlow is a solution that can revolutionise business processes. It has various APIs that give us flexibility to create and integrate with existing systems and platforms, allowing organisations to choose from a range of options, from cloud to local deployments and hosted environments, and to use a mix of digital and electronic signatures – all while guaranteeing the legal validity of documents.”

SigniFlow lands on American shores

SigniFlowStandard

SigniFlow Globe croppedA new alliance between PBSA and a Brazilian-born IT enthusiast and security specialist has given rise to SigniFlow Americas.

The technology giants we have all come to know so well – to mention just a few, Google, Apple and Microsoft – would be nothing today if it were not for the formidable partnerships they were founded on. Larry Page and Sergey Brin, Steve Jobs and Steve Wozniak, Bill Gates and Paul Allen – all of these dynamic duos go to show that great things begin with great partnerships.

Which is why we are so excited to announce the recent alliance that has given rise to SigniFlow Americas, between PBSA and US-based Laila Robak, former Director of Partnerships at Digicert and Vice President of Latin America GlobalSign.

It is now official: South African-born digital signature and workflow solution, SigniFlow, has landed on American shores, to provide the Americas with an innovative, highly efficient and socially responsible product for business process automation.

A woman-owned small business based in New Hampshire in the United States, SigniFlow Americas is a member of the New Hampshire Tech Alliance – an affiliation committed to nurturing a vibrant technology ecosystem by building partnerships, enhancing knowledge, and shaping public policy.

The woman behind this exciting new digital signature solution is Laila Robak, a Brazil-born entrepreneur with a passion for information technology and the power it has to transform and improve lives.

“We are very excited about the launch of SigniFlow Americas, and with Laila at the helm, this business is destined for greatness. We are proud to welcome all our Americas customers and partners to the global SigniFlow family,” says Leon van der Merwe, Director of digital technologies – SigniFlow headquarters in Kyalami, Johannesburg.

Setting it apart from other solutions present in the market today, SigniFlow delivers enterprise-grade on-premise, private cloud and cloud solutions with a high level of integration, allowing companies to customise the solution to suit both their specific needs and their budgets. The leading-edge solution provides legally valid digital signatures (cryptographic e-signing) and accepts digital certificates from almost any e-identity provider, publicly trusted Certificate Authorities (CAs) and privately signed Public Key Infrastructures (PKIs).

Often bound by endless red tape, many processes in the Americas remain onerous and complex – particularly when it comes to contracts or documents that require approval and/or signatures. SigniFlow takes these processes, which can take anything from days to weeks to finalise, and transforms them into seamless digital processes that reach completion in just minutes.

Speaking of the power SigniFlow puts in business owners’ hands, Robak says, “SigniFlow is a solution that can revolutionise business processes. It has various APIs that give us flexibility to create and integrate with existing systems and platforms, allowing organisations to choose from a range of options, from cloud to local deployments and hosted environments, and to use a mix of digital and electronic signatures – all while guaranteeing the legal validity of documents.”

In addition to this, SigniFlow fulfils the social responsibility role that so many organisations today strive to fill, to the end of doing their bit for the environment – and society at large.

“The launch of SigniFlow Americas not only centres around innovation in the tech space to help companies become more effective, it also goes around environmental awareness. So it’s a win-win situation. We have the opportunity to make business people’s lives better and contribute to the ecosystem at the same time. Signiflow’s solution goes above and beyond,” says Robak.

Go paperless…go green

According to environmental facts and live statistics website The World Counts, 50% of business waste composed of paper.

And here are some related – and scary – facts:

  1. More than two pieces of paper are used per person on Earth every single hour. It is expected demand for paper will have doubled by 2030, from 2005.
  2. The average person in the USA, Japan, and Europe uses between 250 and 300 kilograms of paper every year. In India this figure is five kilograms, and in some countries it is less than one. If everyone on Earth used 200 kilograms of paper, there would be no trees left.
  3. It takes 10 litres of water to produce a single A4 sheet of paper. The pulp and paper industry is the single largest industrial consumer of water in Western countries.
  4. Producing one kilogram of paper requires two to three times its weight in trees. Paper can be recycled, yet 55% of the global paper supply comes from newly cut trees.
  5. Each ton of recycled paper can avoid the use of 17 trees; 1 440 litres of oil; 2.3 cubic meters of landfill space; 4 000 kilowatts of energy and 26 500 litres of water.

SigniFlow not only brings to the Americas the opportunity to expand horizons by automating internal and external business processes, it also assists companies in going green by helping them cut down on resources, costs and by-products of paper-intensive processes – including ink, printers and mailing procedures – ultimately increasing overall environmental awareness, decreasing carbon footprint and bettering companies’ return on investment.

The power it has to transform business and the world it runs in, says Robak, is what makes SigniFlow the most powerful business process automation tool on the market. Coupled with a formidable partnership, the sky is the limit.

“A strong business partnership can be summarised in two words: trust and collaboration. Trust speaks for itself and that is what I have with the amazing team at PBSA. Collaboration means aligning ideals, understanding and supporting each other’s growth and walking towards the same goal – in this case, improving people’s lives through technology and contributing to the environment,” concludes Robak.

To find out more about how we can assist you in your digitisation journey, click HERE


Source: SignFlow News

Brand new Hybrid Server range in the offing

SigniFlowStandard

SigniFlwo Hybrid Servers

SigniFlow Hybrid Servers

The SigniFlow team has once again gone all out to ensure all our customers’ needs are met in every way, with our latest range of Hybrid Server licences.

Following an overwhelmingly positive response to our hybrid server solution, SigniFlow has pulled out all the stops to create a product that covers all bases, serves every one of our customers according to their specific needs and – above all – is first-class and failsafe.

A native cloud application utilising cloud computing frameworks and network-attached Hardware Security Modules (HSMs) to perform cryptographic signature operations, the SigniFlow solution was born out of the need for enterprise-level businesses to have maximum control over their data.

“For most small-to-medium businesses, accessing applications in the cloud was no problem, in fact it was in many cases preferred, but at an enterprise level, where highly sensitive documents and international legislation were involved, the need for more control was imminent,” explains Leon van der Merwe, Digital Director at SigniFlow.

In response to this need, SigniFlow launched its first open-enterprise on-premise SigniFlow Hybrid Server in 2017.

The term ‘Hybrid’, which we’ve used to name our server offering, refers to the combination of technology it employs – a dedicated hosted server, virtualisation technology and cloud-based cryptography.

Although often referred to as an on-premise solution, the SigniFlow Hybrid server is at home in a private server room or data centre, as well as in any hosted environment (private or public-cloud) and in a secure cloud services platform, like the popular Amazon Web Services (AWS) or Microsoft Azure.

The SigniFlow Hybrid brought about the ultimate in customisation, rebranding, enterprise information control, and an unrivalled bespoke integration landscape.

Highly successful among the big businesses the solution was intended for at the time, the technology drew such interest in the market at large during 2018, that suddenly businesses from across the spectrum wanted it.

“By listening to our customers, we realised that the solution, originally built for the enterprise, needed to be more flexible and scalable, to cater to medium – and even smaller – businesses,” says Van der Merwe.

“The SigniFlow team has once again gone full tilt in the idea factory, and we are very excited about our brand new Hybrid Server offerings for 2019.”

How the new licences work

The new SigniFlow Hybrid Server range consist of five new licences, the NANO-50, MEGA-250, TERA-500, PETA-1000 and the exciting new document-based open-enterprise license, the EXA-OPEN.

As its name suggests, the NANO-50 is a single tenant Hybrid that caters for up to 50 users, unlimited documents and unlimited signatures.

Similarly, the MEGA-250, TERA-500 and PETA-1000 cater for up to 250, 500 and 1 000 users respectively, all with document limits removed, and fully scalable and upgradeable licence plans.

From the MEGA-250 onwards, the servers can be duplicated to cater for more than 1 000 users and farmed for high-volume load balancing. Each comes with a second licence that can be used for disaster recovery (DR), or user acceptance testing (UAT or pre-prod). These models are also multi-tenant and can feature multiple business profiles per server.

The EXA-OPEN introduces a new approach to enterprise licensing. Documents, which may contain any amount of signatories, are bought in packs, ranging from 1 000 to 400 000 documents per pack, at incredibly low rates per document.

The real benefit of the EXA-OPEN kicks in for customers with document volumes above 400 000 per year, as the licence has a ceiling-charge equal to the 400 000 pack’s price. This means that after 400 000 documents, a flat annual rate is charged – no matter how many documents are involved or how many users are utilising the system.

The new Hybrid Server Licence Models are available in South Africa, South America, the United States, Europe, the Nordics and the United Kingdom.

For more information on how our Hybrid Server range can benefit your company, contact the team via support@signiflow.com  or phone:

South Africa : (+27) 10 300 4898

Americas: (+1) 603 717 4248

Europe: (+32) 494 102 095

Source: SignFlow News

Geospatial tech solves FICA, KYC challenges

SigniFlowUncategorized

geospatial image.PNGpbVerify’s ground-breaking KYC API transforms laborious manual processes into fast, effective and secure verification.

In our ongoing quest to build a digital future based on holistic online solutions to help our clients maximise operational efficiency, pbVerify has developed a Digital KYC API like no other.

Designed for institutions accountable to the Financial Intelligence Centre Act (FICA) – specifically its know your customer (KYC) requirements – our Digital KYC API (application programming interface) takes the pain out of the on-boarding process for both accountable institutions, and their customers.

pbVerify’s API transforms an onerous, time-consuming and expensive manual process into a convenient, fast-moving and inexpensive online one.

KYC hurdles

KYC, a risk-based assessment of customers (individuals and businesses), is an integral part of FICA which makes it incumbent on accountable institutions to carry out extensive due diligence on all financial services applicants.

This typically involves a list of documents, including minimum requirements such as proof of residence and proof of identification for individuals; and evidence of shareholding, director information and company history for businesses  (either originals, or sighted by an institution employee).

Steeped in red tape and paper documents, the manual KYC process has long been the bane of institutions and potential customers alike. Not only is it costly and time-consuming, it can be incredibly frustrating, given South Africans’ unique circumstances.

Moonstone, a Stellenbosch-based independent support network for financial service providers, cites residential transience and “an inefficient postal service” as aggravating factors in the KYC process.

API answer

Instead of spending unnecessary time and money trying to acquire the list of documents and physical verification required by FICA’s KYC rules, financial institutions can now – by running pbVerify’s Digital KYC API – get identification and residential verification directly from the HANIS (Home Affairs National Identification System) and SACRRA (South African Credit & Risk Reporting Association) databases, respectively, instantly and online.

Coupled with advanced algorithms, which were built to eliminate all the challenges South African address databases face, this makes pbVerify’s latest solution the most powerful one on the market.

In a nutshell, the KYC API works like this:

  1. Applicant requests an account with a registered credit provider.
  2. Applicant completes the credit provider’s online form, linked to the pbVerify KYC API.
  3. Applicant’s identification information (names and ID number) are instantly verified against the HANIS database.
  4. Applicant’s address (residential information) is verified against the SACRRA database, based on two parameters set by the credit provider, i.e. over what period – 3, 6, 12, 24 or 36 months; and how many address matches required, obtained from other credit providers.
  5. If the Digital KYC API returns the applicant’s address data as matching the database, as per credit provider’s criteria, the system automatically approves the KYC process.
  6. The system sends a response to the compliance department, indicating whether or not the consumer is FICA compliant.

API differentiator

What sets pbVerify’s KYC API apart from other digital KYC verification products on the market, is the advanced method is uses to not only effectively, but to irrefutably verify applicants’ information.

Our API uses geospatial technology, as well as multi-paradigm geodistance algorithms, to determine and compare address data between data received from applicants, and data on file from at least one hundred registered credit providers across South Africa.

Essentially, our technology loops through credit provider data to find similar address matches, within the said specified time parameter (3 to 36 months), within a few metres of the pinned geolocation of the applicant’s input.

One of the biggest challenges in South Africa when it comes to address verification by credit providers, is the fact that many citizens live in townships and townhouse setups, where the address does not conform to the standard street address format.

To overcome this challenge, pbVerify’s algorithm pinpoints the applicant’s address via geospatial location, strips all anomalies and/or conflicting information from the address, and finds other credit providers that have similar address details. Only if these are also within a few metres of the applicant’s original input, will the API accept the address and report the credit provider sources where it was found.

In other words, only if enough data exists to satisfy your unique KYC requirement-settings, will the API return positive results, together with the source of the data matches, e.g. Vodacom, Edgars, FNB Home Loans, etc.

Apart from the immediately evident advantages of replacing manual with digital – primarily time and cost savings – pbVerify’s Digital KYC API underpins POPI (Protection of Personal Information) Act compliance, it adds another dimension in terms of security, and it removes the probability of human error.

 

[REFERENCES]

  1. gov.za – Financial Intelligence Centre Act, 2001 (Act No. 38 OF 2001)
  2. Financial Intelligence Centre – The FIC Act
  3. Financial Intelligence Centre – Frequently asked questions
  4. Moonstone – KYC– Knowing your client or killing your client?
  5. FNB – KYC/FICA information portal
  6. Investec – KYC Requirements

 


Source: SignFlow News

SignFlow broadens horizons, rebrands as SigniFlow

SigniFlowUncategorized

SignFlow rebrandWe have spread our wings and taken to international shores…introducing our new, fresh look.

As a South African technology team with a spirit of innovation at the heart of our being, change and growth are two things we at SignFlow prize very highly.

Which is why we are so excited to announce that SignFlow has spread its wings, recently journeying beyond the African continent, into Europe, the United Kingdom and the Americas.

As an embodiment of this globalisation, we have decided to consolidate our local and international branding, which goes hand in hand with a fresh new look – including an awesome new website and epic new logo…

Introducing SigniFlow

The international offering of SignFlow (.co.za) is called SigniFlow (.com), which – as of May 2018 – is officially the successor to SignFlow.

While all old and existing marketing and training material and other content will still be branded as SignFlow – along with the old logo and look – it all remains 100% relevant.

SignFlow has been around for a few years, having made indelible footprints in cyber space, so the transition to SigniFlow is going to take some time. Our focus right now is on all of our branding going forward, so all new material and content will be branded SigniFlow.

What does this mean for you?

Well, to cite Coca-Cola, “Brand new look. Same great taste.”

SigniFlow, like SignFlow, is still the same world-class, local solution it has always been – just with a facelift. Think of it as a better looking version of the same great product.

SigniFlow is still Proudly South African. Nothing in terms of ownership of SignFlow has changed. SigniFlow – the new, fresh-faced SignFlow – is a 100% South African-owned product.

SigniFlow is also proudly protective of what matters most our customers: sensitive data. In terms of the storage of and access to your valuable files and data, fear not – this, too, remains unchanged. Your files are exactly where they were before, and still just as safe and secure as they have always been, in our South African data centres.

Finally, putting the cherry on top of this exciting transformation, the South African SigniFlow system is currently being revamped, and will be updated with the release of SigniFlow v4.0 during the third quarter of 2018.

Exciting times ahead, indeed. Onward and upward!

Please don’t hesitate to contact us with questions or for more information on 010 300 4899 or support@signflow.co.za.


Source: SignFlow News

GDPR: Data protection D-day is here – SA companies take heed

SigniFlowUncategorized

gdrpGDPR is here, and for organisations that deal with any personal information relating to EU member states, non-compliance will be ruinous.

The countdown has ended. D-day for enforcement of the European Union’s (EU) General Data Protection Regulation (GDPR) is here.

As of today, 25 May 2018, penalties will begin rolling in for organisations that have not yet taken the necessary steps to ensure they are compliant with this restructured – and considerably more stringent – set of data protection regulations.

The GDPR is a regulation borne out of the European Parliament, Council of the European Union and European Commission’s joint intent to strengthen and unify data protection for EU citizens.

But just because the GDPR is an EU regulation, South African organisations are by no means off the hook. On the contrary, experts warn, local companies need to take the GDPR – positioned as one of the most significant changes in data privacy regulation in 20 years – very seriously.

The inescapable fact is, any South African company that handles personal data connected to the EU has to comply with the GDPR, and failure to do so will be met with the same major consequences EU organisations face for non-compliance.

Far-reaching forces

Over recent decades, not only has personal data has become an increasingly important corporate asset that needs to be handled with extreme care, it has also become geographically agnostic. This means that, today more than ever, with the exponential growth of data propagated across borders, organisations globally need to take a staunch and unified approach to guarding it.

South African organisations, big or small, are no different – and the GDPR is not the only government-led product of this hugely digital age, nor will it be the last, it is merely the latest one to be enforced.

Leilani Smit, compliance professional at Smit Compliance (Pty) Ltd, notes that the GDPR applies to any local organisation that holds or processes data on EU citizens, regardless of the location of its head office. “This includes companies that have employees in the EU, sell or market products or services in the EU, or partner with EU organisations.”

Leon van der Merwe, head of digital at customer communication firm PBSA and director of local digital signature and workflow solution SignFlow, adds that any South African entity controlling or processing data relating to EU citizens is affected by the GDPR. “Controlling refers to any organisation that states why and how data is processed, while a processor is any party doing the actual processing of the data, whether based in the EU, or not.”

World Wide Worx MD, Arthur Goldstuck, says the effects of the GDPR will be far-reaching due to the fact that the EU is SA’s biggest trade partner. “[On top of this], any company that does business with a company that has to comply with GDPR, will also have to comply, to ensure the client is in compliance.”

GDPR vs POPI

Fortunately for SA, details around the country’s own local version of data protection policy – the Protection of Personal Information (POPI) Act – have been highly publicised since 2013, and many companies will already be familiar – some even largely compliant – with what is expected of them in terms of data protection.

Summing up SA’s POPI Act, Michalson’s says: “Essentially, the purpose of [POPI] is to protect people from harm by protecting their personal information. To stop their money being stolen, to stop their identity being stolen, and generally to protect their privacy, which is a fundamental human right.”

Although – unlike the GDPR – it is still not known when POPI will come into effect, what is known is that companies will have a one-year transitional phase in which to comply once POPI’s implementation date is made public.

Smit says, should a local company already be compliant with international legislation such as GDPR, the implementation of policies to comply with POPI “should be a breeze and not require anything other than normal company practices and procedures”.

Van der Merwe says POPI and GDPR are similar in that both are intended to strengthen the protection of individuals’ personal information and privacy, and it is precisely this element – intention – that is key here, says Goldstuck.

The high price of non-compliance

Another area in which both sets of rules are similar, is in the hefty fines that come with non-compliance.

In a nutshell: breach rules laid out in the POPI Act, and face a R10 million fine and/or a jail sentence; fail to comply with the GDPR’s regulations, and be prepared to be slapped with a fine of up to €20 million (about R290 million) – or 4% of annual sales (whichever is greater).

Smit comments: “In South African terms, POPI already poses strict penalties for non-compliance, however as far as our Rand stretches, the GDPR’s penalties will definitely cause sleepless nights.”

Although possibly the biggest concern for companies, Smit notes that financial implications are not the only implications they should be worried about. “Not only can non-compliance result in fines and penalties set by the legislation itself, but [the] reputational damage of not processing information correctly, can often be more damaging that the initial penalty itself.”

It is this high price of non-compliance IT and legal experts hope will drive South African companies to do the right thing – not only for themselves, but ultimately for their customers – and fervently strive to meet GDPR compliance criteria.

Consumer-centric control

Van der Merwe says it is all about the consumer. “Both GDPR and POPI were ultimately created to protect the consumer’s privacy. We are all someone’s consumer, and even small businesses owners need to think carefully and logically about areas in their business where personal information is processed or stored, and what vulnerabilities may exist in their processes.

“For instance, we all receive CVs that contain heaps of personal and even sensitive information. Often, after a host of interviews, only the person’s CV that is employed, is securely transferred to a digital or physical vault in HR. What happens to the rest of the CVs that did not make it? It is the responsibility of any business to have policies and procedures to timeously and responsibly destroy such information. Simply identifying these vulnerabilities and implementing logical measures to manage them, is a good start for any size business.

“GDPR is a good thing that could be very bad news for companies, if they fail to provide evidentiary and auditable processes and adequate IT security to protect personal data.”

Goldstuck adds that it is not only important, but essential, that South African companies have a global view on data protection. “Something as simple as having a website hosted on an international platform can make a company liable to sanction under GDPR.”

Teaming up with tech

When it comes to local companies complying with the seemingly daunting and complicated GDPR in a relatively pain-free way, experts agree technology will be key. Software systems that offer automation, content management, enterprise resource planning and accounting, among others, will become a lifeline for many companies in their quest to comply.

Van der Merwe says existing paper-based processes and antiquated electronic systems that were created prior to factors such as the GDPR and POPI, pose major risks of contravening their laws and directives. “It is all about how businesses – and governments themselves – are going to align their physical and data processing practices with the new requirements and legislation. New regulations that enforce concepts such as the right to be forgotten pose major challenges if not considered in the process from the outset.”

Goldstuck says, while the data protection laws necessitate considerable changes in the ways businesses operate and interact with customers, good compliance systems will provide most of the safeguards they need.

“Businesses will have to get permission for almost every interaction with customers, they will have to become more discerning in what information they require from customers, and they will have to institute strict compliance systems to ensure they do not fall foul of these laws. As a result, compliance officers, CIOs and CTOs will have more direct roles to play in customer strategy.”

Don’t delay

Although not yet enforceable, the commencement date for POPI has been looming large on the horizon for some time now, with many expecting it by the end of 2018.

Despite this, say experts, many organisations are far from being ready. Goldstuck says: “Most large businesses have geared themselves up to comply with POPI, although many have not put this gearing up into effect. However, there is also an impression that many companies are simply not bothering until they are forced.”

Forrester’s 2018 predictions indicate that a whopping 80% of firms will not comply with GDPR regulations by May this year.

This has to change – and fast – says Smit. “Businesses can no longer just take a backseat and hope this will pass by or fly over.  Active steps will have to be taken in an organisation, for instance staff training, risk assessments and creating an ethical culture within an organisation, specifically with regards to processing personal information.”

 

 

[REFERENCES]
  1. EUR-Lex – Access to European Law
  2. org – Web learning resources for the EU General Data Protection Regulation
  3. Government Gazette (justice.gov.za) – Act No. 4 of 2013: Protection of Personal Information Act, 2013
  4. Michalson’s – POPI Act Summary in Plain Language
  5. Forrester – Predictions 2018: A Year of Reckoning


Source: SignFlow News

Data protection: SA companies need to take a global stance

SigniFlowUncategorized

how-to-comply-with-the-data-protection-act-457501399With the implementation of the EU’s data protection laws just around the corner, local entities need to study up on how it could affect them.

D-day for implementation of the European Union’s (EU) General Data Protection Regulation (GDPR) is just three months away – and South African organisations are by no means off the hook.

If you are a South African entity that handles individuals’ personal data, you will be acutely aware of our country’s data protection law – the Protection of Personal Information (POPI) Act – but have you considered how the looming GDPR affects the way you manage clients’ personal information?

The fact of the matter is, if you are a locally-based business that offers goods or services to EU customers, you also deal with personal information or data relating to EU citizens’ – and you are just as responsible for complying with the GDPR as any EU business.

Leon van der Merwe, head of digital at customer communication firm PBSA, points out that any entity controlling or processing data relating to EU citizens is affected by the GDPR. “Controlling refers to any organisation that states why and how data is processed, while a processor is any party doing the actual processing of the data, whether based in the EU, or not.”

GDPR vs POPI

Van der Merwe says it is crucially important for local companies with dealings abroad to do their homework and familiarise themselves with the GDPR’s ground rules. “Companies could be fined heavily under GDPR regulations if they fail to provide evidentiary and auditable processes, as well as adequate IT security, to protect personal data.”

The GDPR is a regulation borne out of the European Parliament, Council of the European Union and European Commission’s joint intent to strengthen and unify data protection EU citizens.

Non-compliance with the GDPR comes with a hefty fine of up to €20 million (about R290 million) – or 4% of annual sales.

Similar to SA’s POPI Act, the GDPR is all about data protection. Data includes things like a person’s name, email address and phone number, as well as information collected by website cookies like internet browsing habits.

Breaching rules laid out in the POPI Act comes with a R10 million fine and/or a jail sentence.

Van der Merwe summarises the parallels between the two data-protection directives: “POPI and GDPR are similar, in that they both aim to strengthen the protection of personal information. They differ in their approach, in that the GDPR takes a wider, more global perspective that includes anyone, anywhere either controlling or processing – or both – data relating to EU citizens.”

Auditable business processes

A big part of compliance, when it comes to both the POPI Act and the GDPR, specifically involves audit trails – something PBSA’s digital signature and workflow product, SignFlow, is heavily centred on.

For evidentiary purposes and in order for any company to assert GDPR compliance, the automated management of an audit trail is imperative.

Van der Merwe says SignFlow is can assist customers in their strategy to automate and digitise processes in a responsible and compliant manner. “Business Process Automation is at the forefront of our technology development at SignFlow, including tools like DocFlow, CaseFlow and our digital customer on-boarding tools.”

At the core of SignFlow, he says, is Public Key Infrastructure (PKI). “PKI manages users’ private keys, and signs and secures documents using Public Key Cryptography. Not only does this make documents tamper-evident after they’ve been signed, but the entire operation is conducted in a secure network over encrypted secure socket layers between the public, personal devices and private servers.”

Unlike paper files and systems managing email attachments, this portal fully controls and audits the workflow and communication channels between interacting parties. “This greatly reduces the risk of data leaks,” says van der Merwe.

“The system enhances non-repudiation, creating a digital trail of undeniable events that prove intent and identity.”

With GDPR set to come into effect on 25 May 2018, and the high stakes attached to non-compliance, South African companies simply cannot afford not to take a global view on data protection. “The protection of personal information goes far beyond just the POPI Act for local companies dealing with international customers,” says van der Merwe.

 

[REFERENCES]
  1. Digiday – For the GDPR-curious: WTF is the Article 29 Working Party?
  2. The Digiday Guide to GDPR (PDF)
  3. The Sun – What is GDPR, what does it stand for, when is the deadline in 2018 and how can you check if a business is compliant?
  4. Michalsons – What does the GDPR mean for the POPI Act?
    POPI commencement date or POPI effective date starts the clock
  5. Wikipedia – General Data Protection Regulation
  6. IOL – Protection of Personal Information Act soon to become a reality
  7. ITWeb – Unpacking the POPI Act: The ins and outs of protecting personal information


Source: SignFlow News

The future of digital onboarding is here

SigniFlowUncategorized

An integration between two of pbDigital’s software platforms makes it possible for financial institutions to digitally onboard customers in record time.

A recent integration between SignFlow and pbVerify has created a platform for digitally onboarding customers that is about to change the way credit is granted –in terms of risk management, compliance and convenience.

Although pbVerify has offered digital onboarding – an advanced customer activation product designed for financial institutions – for some time, never has this tool been as powerful as it is now, with the incorporation of SignFlow digital signatures.

Digital onboarding was introduced specifically to A) improve the customer experience by making it easier for them to activate and use financial services products, and B) give financial institutions a more secure and scalable means of growing their business.

That said, it makes no sense for institutions and their customers to have to switch back to manual halfway through the digital process of onboarding, to finalise the process with signatures – the old way of doing things.

Since pbDigital is all about innovation, meet the new way of doing things…

Now, with pbVerify’s integration with SignFlow, you can say goodbye to the expensive and onerous manual methods associated with finalising the process of customer onboarding – printing of forms, signing by hand, scanning, uploading and emailing – and say hello to a new fast and fail-safe system that allows institutions to onboard customers entirely online, in a fraction of the time and at a fraction of the cost.

No longer do red tape and geographical circumstances play a part in how long it takes to finalise the onboarding process. With SignFlow, it is simply a case of sending the completed online form to the designated signatory or signatories for approval – all via a secure, legal online platform. No more physical records, no more running around, no more waiting – and, most importantly, no more jeopardising of customer data.

Compliance & security

In today’s legal milieu, with the Financial Intelligence Centre Act (FICA) of 2001 and the Protection of Personal Information (POPI) Act of 2013 binding businesses to stricter data protection criteria than ever before, there is no margin for mistake.

With pbVerify and SignFlow behind your onboarding process, FICA and POPI compliance concerns are a thing of the past.

These software platforms – now integrated into one seamless onboarding solution – offer financial institutions an efficient and guaranteed means of making sure business processes and IT systems comply with the law when dealing with customer data.

 

This is how our new onboarding solution works, in a nutshell:

Front-end: Customer Online App

  1. The customer fills out pbVerify’s intelligent digital onboarding form (complete with auto-population and including Home Affairs/CIPC verification, as applicable).
  2. Details of the designated signatory or signatories (approver/s) are entered.
  3. The signatory/signatories are notified pbVerify has received a customer activation form, of which they are the listed party/parties responsible for sign-off.
  4. The said party/parties follow the link provided, and sign the application form online using SignFlow.
  5. The application process is complete.

Back-end: Admin/Credit Control

  1. Once the customer has completed the application, admin/credit control will get notified of a pending application and can log in to the admin portal, in order to run the required credit and compliance checks.
  2. The digitally-signed agreement/contract can be downloaded online for review and compliance validity confirmation.
  3. If required, different checks can be generated such as CIPC, Bank Code Updates and Full Credit reports.
  4. Once checks are done, the system can notify the relevant department of the application status and pending credit facility.

NOTE: All internal checks are scoped according to customer-specific scope and requirements. This is all customisable, according to business’ specific needs.

Welcome to the future of digital onboarding – an error-free, fast, secure way of procuring new customers.

 

ABOUT OUR COMPANY

pbVerify and SignFlow are products of pbDigital, a division of customer communications firm PBSA.

About pbDigital

pbDigital is the software division of PBSA, which specialises in a range of software products designed to help clients communicate more efficiently with their customers.

pbDigital’s software offerings can be classified according to the following categories:

  • eSign document workflow, digital signature and PKI integration solutions (SignFlow https://www.signflow.co.za/)
  • Credit risk management, data & credit bureau API integration and customer on-boarding
  • Enterprise content and document management
  • Business process automation software with multi-channel output tools and workflow

 

About PBSA

With a rich history of innovation dating back over 90 years, PBSA (formerly Pitney Bowes SA) is a leading customer communications company, offering software, equipment and services to help companies improve operational efficiencies and connect with their customers in more meaningful ways.

Based in Midrand, Gauteng, PBSA understands both hardware and software solutions and is optimally positioned to provide a secure, committed support infrastructure to its Southern African customer base. The company’s solutions help companies engage customers, gain business insight, manage document workflow and ultimately optimise overall business performance.

PBSA believes innovation and growth go hand-in-hand with long-held ideals such as collaboration, integrity and accountability.

PBSA embraces the fast-changing world of technology, which today sets the tone for the business going forward. The company has transformed – and continues to transform – from a purely paper-based to an integrated digital business that serves the market through its own time-honoured patented technology and an extensive network of channel partners.

Everything the company does has one goal – to help its clients communicate more effectively with their customers.

Filed under: Blogs, pbDigital, PBSA, pbVerify, SignFlow Tagged: API, digital onboarding, pbDigital, PBSA, pbverify, SignFlow
Source: SignFlow News