DAVIES GROUP LIMITED

Data and Compliance Software

Enables regulated-sector digital compliance and onboarding (AML & KYC) processes, optimal CX, regulatory penalty avoidance, and minimized risk and fraud exposure.

We offer access to multiple data processes via single-platform SaaS Veriphy web UI, batch submission, or API.

This enables flexible RPA-friendly workflow and result cascades, or simple manual input.

Features

• Compliant instant secure eIDV checking of individuals/companies for KYC/AML
• Aligns with risk-assessment via database and biometric checking options
• PEP/Sanctions checking integrally or standalone with monitoring option
• Allows for document validation via algorithm and scanning processes
• Permits granular data use to build optimal workflow solutions
• Batch checking options permit cost-effective remediation or client base screening
• Source and proof of funds checking via open-banking powered checks
• Business intelligence/screening via instant UK and overseas corporate reports
• Employee and candidate background screening by online DBS/HR checking
• Multiple data propositions via technically and commercially efficient unitary source

Benefits

• Enable your perfect compliance solution by configuring ideal check workflow
• Comply with 5MLD, GPG45, GDPR and full AML regulations
• Simple set-up permits rapid integration with existing systems
• Benefit from full activity audit trail by agent and case
• Onboard with maximum speed and optimal customer experience
• Underpin your compliance regime with an operationally resilient system
• Manage your sanctions/PEP monitoring processes to provide compliant CLM
• Mitigate risk of loss/fraud by screening bad actors and entities
• Access all your compliance checks within a single digital space
• Use the channel with best-fit: API, web UI, secure batch

£0.70 to £99 a unit

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@davies-group.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

243843346921284

Contact

Gill Gange
01554 700371
bids@davies-group.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Users are required to be within the regulated sector and will be subject to due diligence. API integration assumes familiarity with Web Services and concepts such as SOAP, XML and hierarchical data structures.
• System requirements:
  • Internet access
  • Up to date browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within an hour Mon-Fri 9-5
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Standard support level to all clients for no additional charge.; We also offer AML training on a per student basis.; On site support/training charged on case basis.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Online demo, user guide collateral, guidance call if required, technical assistance for integration as required
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data may be downloaded from the reporting interface.
• End-of-contract process: Data export upon request free of charge.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Chrome
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: There is no difference in functionality of web UI Veriphy SaaS
• Service interface: Yes
• User support accessibility: WCAG 2.1 AAA
• Description of service interface: Icon-accessed input forms within selectable menu
• Accessibility standards: WCAG 2.1 AAA
• Accessibility testing: Beta testing with VI users
• API: Yes
• What users can and can't do using the API: API integration may be directly into your firm’s own systems or through a third party, such as a case management firm, without the need for costly platform fees from multiple suppliers.; Data elements may be used as required within workflows.; C#, VB, Java, PHP, Ruby, Python are supported, allowing flexibility of implementation.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Users may integrate check elements at granular or product level.; ; Service codes are available for all.; ; Customisation is available to all integrators.; ; We also have complementary offerings in Davies Group from our colleagues within the Consulting and Technology division, including: Contact Management, Bespoke Application Development, Intelligent Automation, Voice of the Customer (VoC), RegTech, and Analytics. Often, working with a single vendor across multiple disciplines and business areas can have wide-ranging benefits to all initiatives. So, please do get in touch if you have questions regarding how these elements can work together to provide even greater benefit.

Scaling

• Independence of resources: Our cloud host (Azure) provides load scaling to ensure resource availability.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide reports on usage by product, date, input, result and individual user.
• Reporting types: Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Data may be downloaded from within the management interface as csv, xls or pdf.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Xls
  • Pdf
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: The Azure-based service offers comprehensive 99.99% SLAs which covers the guarantees for throughput, consistency, availability and latency.; Service extensions can be provided at a percentage of a total contract period for any degradation in service below these set parameters.
• Approach to resilience: Available on request.
• Outage reporting: Email alerts and platform message centre.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: All users have unique logins and all actions are logged and identified.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Perry Johnson Registars, Inc.
• ISO/IEC 27001 accreditation date: 20/03/2023
• What the ISO/IEC 27001 doesn’t cover: All controls are included in the scope of the certification.
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 12/04/2023
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: Not applicable
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We operate to ISO27001 standards. All policies are managed by an internal InfoSec and Governance team under our CISO. Staff training is conducted bi-annually or in the event of policy change. Training is delivered via online courses and assessments and is mandatory for every employee as a part of their employment contracts.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All development cycles include functional testing in a dedicated test environment. Once approved, changes are merged onto a Pre-Production environment to mirror Live as closely as possible, where a second wave of functional and regression testing takes place. Once changes are released to Live, testing is once again carried out to ensure functionality works as expected.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Internal assessments involve all relevant parties, including clients. If a threat is detected, we deploy hot fixes to address and resolve it as quickly as possible. We assess in accordance with both industry standards and relevant project requirements. We employ active monitoring processes to highlight issues as soon as they occur. Additionally, we employ network hardware and software to protect our systems.; Penetration testing is undertaken by a third party.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We identify potential compromises, network attacks and/or breaches via manual checks as well as software and supplier alerts. If a compromise is detected we raise issues with senior management and instigate detailed investigations and associated threat assessments immediately. If any deployments are required to resolve compromises these are done immediately as a hot fix.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incidents are categorised as one of the following:; • Minor incident – a weakness, event or incident which cannot significantly impact confidentiality or integrity of information, and cannot cause long-term unavailability; • Major incident – an incident which can incur significant damage due to loss of confidentiality or integrity of information, or may cause an interruption in the availability of information and/or processes for an unacceptable period; ; An internal reporting protocol is in place.; ; Incident Reporting to clients is managed by internal process with delineated responsibility.; ; Reporting to suppliers is managed by the Chief Technology Officer or senior VP.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  As a Group, we have committed to cut our carbon emissions in half by 2030 and to reach carbon net-zero by 2050. This target is aligned with the Science-Based Targets initiative (SBTi) - a globally-recognised framework that provides companies with a clear pathway to support the Paris Agreement’s goal of limiting global warming to 1.5°C above pre-industrial levels. Our targets are due to be verified by SBTi in 2024. Our environmental impact does not stop at GHG emissions. From the raw materials used in our services, equipment and technology, to the water consumption in our offices and the lifecycle of operational waste, we are taking steps to reduce our impact. This year, we implemented a new global procurement system with a focus on building sustainability into the supply chain, with improved tracking and the capability for sustainability reviews of products and suppliers. Our fully-digitised claims management system has reduced printing by 90%, and we already recycle the vast majority of our operational waste. Legal Solutions uses local and ethical suppliers for office equipment with full traceability, and we promote “green parts” within our auto claims. We are aiming to develop and launch Davies’ global waste strategy in the coming year. Several of our offices have already moved to 100% renewable energy. Our ultimate goal is for all of the energy used in our offices to come from renewable sources

  Tackling economic inequality

  Our people are at the heart of our business. They are critical to our business success and an integral part of our sustainability ambitions. The variety of skills and perspectives within our workforce drives innovation. We provide a nurturing environment where every employee can develop their professional experience and reach their career ambitions, helping Davies to grow its capabilities from within and retain our brilliant talent. During the year, 345 people were promoted internally.; ; We believe in lifelong learning and are proud to align with UN SDGs 4 and 8: Quality Education and Decent Work. Positive contributions made by employees are recognised through frequent performance reviews and rewarded through the Davies Incentive Plan. These reviews also explore areas for career and skill growth, with our training opportunities delivered by the Thrive at Davies L&D platform, as well as leadership development programmes and even funding for professional qualifications and memberships.; also offers technical apprenticeships, and our Legal Solutions unit was one of the first UK law firms to place aspiring solicitors on the Graduate Solicitor Apprenticeship. In FY23, we offered 169 apprenticeships within Davies Group, and our Learning Solutions unit placed a further 1760 apprentices across the UK.; Our Targets: ; Undertake regular performance and career development reviews with all our colleagues.; Offer career- or skills related training to all colleagues.; Advertise all job vacancies internally, where possible.; Continue to ensure fair pay across the business.; A quarter of Davies’ job vacancies were filled internally in 2023.

  Equal opportunity

  As a group we believe in lifelong learning and are proud to align with UN SDGs 4 and 8: Quality Education and Decent Work. Positive contributions made by employees are recognised through frequent performance reviews and rewarded through the Davies Incentive Plan. These reviews also explore areas for career and skill growth, with our training opportunities delivered by the Thrive at Davies L&D platform, as well as leadership development programmes and even funding for professional qualifications and memberships. We offer professional training to all our colleagues. Davies also offers technical apprenticeships, and our Legal Solutions unit was one of the first UK law firms to place aspiring solicitors on the Graduate Solicitor Apprenticeship. In FY23, we offered 169 apprenticeships within Davies Group, and our Learning Solutions unit placed a further 1760 apprentices across the UK. At Davies, we welcome different perspectives, support each other’s ambitions, and grow together to create a welcoming and inclusive environment that reflects the diversity of our local communities. In 2023, we continued to develop our Diversity, Equity, and Inclusion (DEI) strategy and add to our progressive policies. Working with expert partners, we have delivered webinars on anti-racism and domestic abuse, grown our employee action groups and introduced enhanced inclusive hiring practices, such as the mandatory inclusion of multiple gender candidates in talent selection for senior leadership hires, and using Multiverse and Reach Out to source apprenticeship candidates from diverse backgrounds.

  Wellbeing

  The safety and wellbeing of our colleagues is paramount. Our leading policies and support services around working practices were recognised as a major strength by the EcoVadis ESG framework. In the year, we launched our Global Guiding Principles with progressive new local policies around supporting colleagues and their families.; Davies offers both global and local benefits to improve physical, mental and financial wellbeing. For example, employee assistance programs (EAP), life assurance, enhanced maternity, adoption, paternity and baby loss leave and support, cycle-to-work and electric car salary sacrifice schemes, generous holiday allowances, the Davies Incentive Plan, and access to My Choices at Davies, our wellbeing and discount platform. Our Health and Wellbeing Action Group continues to ensure we’re meeting and exceeding the needs of our people. We monitor employee perceptions and seek feedback throughout the year. We also maintain stringent health and safety standards and ensure ongoing mandatory training. Our Targets: ; • Undertake regular performance and career development reviews with all our colleagues.; • Offer career- or skills related training to all colleagues.; • Advertise all job vacancies internally, where possible.; • Continue to ensure fair pay across the business

Pricing

• Price: £0.70 to £99 a unit
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: We offer sandbox access with test data

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@davies-group.com. Tell them what format you need. It will help if you say what assistive technology you use.