Skip to main content

Help us improve the Digital Marketplace - send your feedback

Equifax Ltd

Equifax Customer Due Diligence (inc PEPs & Sanctions)

Customer Due Diligence: the process of gathering facts about a customer then checking those details. These measures must involve identifying the customer as well as verifying their identity. The CDD solutions we offer support identity verification requirements and further checks can be added to support AML and regulatory obligations.

Features

  • Reports delivered in real-time or batch
  • Remote access
  • Instant access to ID checks and AML checks incorporating EWC

Benefits

  • Screens Dow Jones Watchlist data - market leading compliance information
  • Deploys BAE’s sophisticated matching techniques
  • EWC Full Reports provide all enhanced due diligence candidate alerts
  • Data is refreshed daily in our real-time environments
  • Supports compliance with 5th Money Laundering Directive
  • Check customers where financial transactions could pose a risk
  • Assess key company stakeholders before engaging in business

Pricing

£0.16 a unit

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at oliver.abbott@equifax.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

5 5 6 9 7 2 1 5 1 0 7 8 5 2 0

Contact

Equifax Ltd Oliver Abbott
Telephone: +44 7825 313734
Email: oliver.abbott@equifax.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
No
System requirements
  • Users require Citrix Receiver on their local machine
  • Users require a web browser to access the service
  • User requires email address or a mobile phone for 2fa

User support

Email or online ticketing support
Email or online ticketing
Support response times
Email responses are the same at weekends. User support is 24/7.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
The service will be accessed via a standard browser so minimal impact on current infrastructure. We would not anticipate requiring technical support however we would work with any organisation to overcome any potential issues.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Once users have been set up we will engage with the buyer to assess what the training needs are and how best they can be fulfilled. Training options include on site / webinar / train the trainer. Full user documentation can be provided and the system has an online help facility which users can refer to at any time.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
This is an online service which utilises the data provided only when requested by the user. There will not be any data held on Equifax's beyond what is legally mandated for audit and compliance purposes.
End-of-contract process
Once the contract period has ended the account will be deleted so no users can log on in the future. All costs would be clearly marked on the contract which would be agreed at the outset of the arrangement and no further costs will be incurred outside of that.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Reader View is available
Service interface
No
User support accessibility
None or don’t know
API
Yes
What users can and can't do using the API
N/a
API documentation
Yes
API documentation formats
PDF
API sandbox or test environment
Yes
Customisation available
No

Scaling

Independence of resources
Equifax websites are widely used by a wide variety of organisations within the UK and as such have a scalability built in so there is always capacity to cope with additional demand.

Analytics

Service usage metrics
Yes
Metrics types
Equifax can provide usage information based on the actual volume of requests. These can show the volume of and type of reports requested and also details of the request such as the user who performed the request, time and date and details of what was input.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Results from the enquiry will be shown on screen and users can then print or create a .pdf of the results for reference. Should batch requests be submitted these will be provided in .csv format.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Services typically run at around 99.5% availability. Buyers can liaise with Equifax at the outset of a contract to agree on SLA's and what refunds the buyer would be eligible for should the service run below the agreed SLA.
Approach to resilience
This information can be made available on request.
Outage reporting
A public dashboard (on the log on page) will provide information on any known upcoming changes to the products and services. In the case of outages we will communicate the issue and the progress (along with expected resolution times where available) to buyers via email.

Identity and authentication

User authentication needed
Yes
User authentication
2-factor authentication
Access restrictions in management interfaces and support channels
Confidential. We are happy to discuss in further detail with the Equifax Security team
Access restriction testing frequency
At least once a year
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users receive audit information on a regular basis
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users receive audit information on a regular basis
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI
ISO/IEC 27001 accreditation date
29/05/2020
What the ISO/IEC 27001 doesn’t cover
N/a
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
Coalfire Systems, Inc.
PCI DSS accreditation date
10/07/2020
What the PCI DSS doesn’t cover
N/a
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
We follow ISO 27001 best practice, which ensures we comply with various regulations regarding data protection, privacy and IT governance. All employees have to read, acknowledge and sign the information security policy when they join the company. All employees are vetted using previous employment references and internal credit checks as part of the application process. We operate a mandatory induction training programme for all new starters, which includes a detailed study of the company’s information security policy, standards, practices, and the employee’s obligations under that policy framework. All employees have to sign non-disclosure / confidentiality agreements and have clearly defined terms and conditions of employment. There is also a clearly defined and communicated disciplinary process in place. Any specific security requirements over and above the general company ones are included within job descriptions.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Confidential. We are happy to discuss in further detail with the Equifax Security team
Vulnerability management type
Undisclosed
Vulnerability management approach
Confidential. We are happy to discuss in further detail with the Equifax Security team
Protective monitoring type
Undisclosed
Protective monitoring approach
Confidential. We are happy to discuss in further detail with the Equifax Security team
Incident management type
Undisclosed
Incident management approach
Confidential. We are happy to discuss in further detail with the Equifax Security team

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

As a global organisation, we’re committed to minimising the impact we have on our planet. We want to work with organisations that share our values and make ethical and sustainable choices. We have pledged to reduce our global environmental impact, committing and committed to net-zero greenhouse gas emissions by 2040, a sustainability commitment enabled by our Equifax Cloud™.

We have made progress in our sustainability journey with a successful migration to the cloud with the closure of five data centres in 2023. We have also made a significant investment in new facilities to reduce our burden on the environment and contribute to our Net Zero ambitions.

We are committed to being net zero by 2040. Our 2018-2020 energy usage globally has been collated and externally audited to be used as our baseline for a 4% YOY reduction.

In the UK, our efforts have been focussed on:
Workplace Enhancements - Energy usage reduction targets and waste management initiatives
Space Utilisation- In 2023 we have reduced our space requirement and associated environmental impacts - Surrendered 16,822 Sq Ft in 2023 (20% of UK&I’s Real Estate Portfolio)
Renewable Energy - Purchasing of 100% of energy from renewable sources through our landlords
Purchased Goods & Services - Sustainable location and procurement strategies for new premises
Employee Commuting - Electric Vehicle and cycle to work incentives: 3% of eligible employees have consumed our EV benefit since July 2023
Business Travel - Investment in Video Conferencing technology and a 3 + 2 strategy to balance office and home working

Our volunteering programme also recognises the impact we can have on sustainability where we live and work and we actively support projects in our local communities promoting biodiversity and better green spaces. In 2023 we planted more than 400 trees.

Tackling economic inequality

In 2023 we have revised our approach to our equality, diversity and inclusion programme with a complete review of our provision. As well as re-establishing a number of employee-led forums to drive cultural understanding and awareness in our organisation, we have also committed to a data-gathering exercise to better understand the diversity within our workforce, create targets for the future and establish measurement. Our staff-initiated ‘self-ID’ survey will be launched in Q1 2024 and by Q2 2024 we will have a reportable view of our workforce diversity characteristics. Q1 2024 survey launch Q2 2024 review data, create KPIs and begin reporting We will record the diversity characteristics of employees in our HR system which in the longer term will also allow us to track and measure career progression and learning interventions. We currently invite employees to disclose their gender however, the campaign will extend voluntary disclosure to capture: - ethnicity, - sexual orientation, - religion, and - disability to include types of disability. A future phase of the campaign will consider the inclusion of social mobility identifiers as part of our commitment to the Social Mobility Pledge. Upon completion Equifax will have a clearer view of its workforce diversity. The data set will be used to analyse the impacts of policy and business decisions on particular cohorts of both the organisation's potential pool of candidates and existing headcount. Targets will cover the employee life cycle beginning with attraction through to the employee experience and career progression. Data will be captured in Workday (our internal HR system) during Q1 following an internal marketing campaign championed by our employee-resource groups. We will target a 50% completion rate and incentivise participation. Once a baseline and targets have been established, we will report uplift and progress against targets on an annual basis.

Equal opportunity

In 2023 we revised our approach to our equality, diversity and inclusion programme and re-established a number of employee-led forums to drive cultural understanding and awareness in our organisation. We have also committed to a data-gathering exercise to better understand the diversity within our workforce, create targets for the future and establish measurement. Our staff-initiated ‘self-ID’ survey will be launched in Q1 2024 and by Q2 2024 we will have a reportable view of our workforce diversity characteristics. Q1 2024 - survey launch; Q2 2024 - review data, create KPIs and begin reporting. We will record the diversity characteristics of employees in our HR system which in the longer term will also allow us to track and measure career progression and learning interventions. Ethnicity; Sexual orientation; Religion, and; Disability to include types of disability. A future phase of the campaign will consider the inclusion of social mobility identifiers as part of our commitment to the Social Mobility Pledge. Upon completion Equifax will have a clearer view of its workforce diversity. Anecdotally, we are aware that the business is under-represented across key sections of society e.g. disability and ethnic minority representation, relative to the general participation of individuals from these groups in the UK workforce. Targets will cover the employee life cycle beginning with attraction through to the employee experience and career progression. Aspirational targets will be set to increase numbers of those employed in these areas and for opportunities such as apprenticeships and promotions. Data will be captured in Workday (our internal HR system) during Q1,2024 following an internal marketing campaign championed by our employee-resource groups to target a 50% completion rate. A baseline/targets will be established to report uplift and progress against targets on an annual basis.

Wellbeing

In Q1 2024 we are partnering with LiveSmart to measure our team’s physical wellbeing, giving people tailored support and informing organisational health. The scheme will engage our teams to share personal data with an optional blood test and MOT. Each employee will have a personalised digital health report with advice on how to improve their physical and mental health with the option of engaging with a personal health coach to help them achieve their personal goals such as weight loss, active lifestyle or healthy habits. With an anticipated take up of around 50%, we will utilise data collated by this partnership to baseline our health, measuring our improvement year on year and, inform our calendar of events so we can tailor it to our employee population needs. Q1 2024- Live Smart launch and data collation; Q2 2024 - Benchmarking of data and delivery of tailored advice; Q4 2024 - Live Smart year end data collation and review. Financial wellbeing We believe in supporting our team to ‘live their financial best’. We have an existing partnership with Nudge to deliver financial education in-house and have run sessions on ‘Combating Financial Worries’, ‘Supporting the Sandwich Generation’, ‘Wealth health and happiness’ and ‘The Journey to Financial empowerment’ delivering more than five hours of live content delivered virtually through ‘lunch and learn’ sessions. Mental wellbeing We recognise the importance of good mental health and signed up to the ‘Time to Change’ pledge in 2019 and are committed to the Mental Health at Work Commitment Standards. . We encourage our team to be open about wellbeing and as at December 2023, we have built a network of 29 trained Mental Health First Aiders and 16 mental health champions - an uplift of 80% in 2023 - to support our team with their well-being needs.

Pricing

Price
£0.16 a unit
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
For a limited time or an agreed volume of reports Equifax would be willing to provide a trial of the full service in order for an assessment to be made by the supplier of its suitability.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at oliver.abbott@equifax.com. Tell them what format you need. It will help if you say what assistive technology you use.