Hi to all in the thread,
I am one of the Casino Managers at Vernons and have just seen this thread. A request for a player's notarised ID to be mailed to us is an extremely rare occurrence and I can fully understand why the process may have seemed cumbersome. This requirement for proof of identity and for us to be able to verify satisfactorily a person's identity is covered within the player account terms and conditions. Depending upon the value of the transactions and the general pattern of activity within the account this may occasionally mean there is a requirement for the ID to be notarised or certified by a solicitor. This is in line with our enhanced due diligence process. When we are advised by our risk and fraud departments to make these requests our UK compliance officer gives final authorisation. Also, we have since amended all our processes to ensure UK players are always provided with our UK address should we for any reason require notarised ID to be sent via mail. I hope this helps with any questions but would be happy to answer anything further. Vernons is proud of its heritage and will always continue to act responsibly and be a trusted name in gaming.
James
So, why the Phillipines address in the first place, whether or not it is the wrong one to give to a UK player.
It's all very well ensuring CS give the UK address from now on, but this does NOT answer the question. What has this Phillipines based company got to do with it in the first place? You are Vernons, a UK company based in the UK, running your online operations out of the EU. No connection whatsoever to an company in the Phillipines.
Although giving the UK address makes the process less worrying for the player, this is surely only an "interim maildrop", with these notarised documents then being forwarded to the Phillipines company through your internal systems. The worry here is mainly that the Phillipines is NOT on the list of countries considered safe under UK and EU rules for the handling of this type of data, and such data should NOT be going there until such time as the UK and EU add this country to the list. The current situation opens you to action should anything go wrong with the security of such data, and the UK Information Commissioner's office may view your choice of a Phillipines based company, rather than an EU based one, for verifying players' identity as an act of negligence, which would rob you of the defence of "unforseeable circumstances", or that you "did all that was possible" to keep the data secure.
It may not have happened yet, but the risk is that it might, and this issue will blow up in Playtech's face. Nothing they can do now will convince me that they are NOT using this Phillipines company to handle sensitive player documents and data, even though I believe that once it arrives in that building, it will be just as secure as it would be with an EU based company. It is the postal journey that presents the risk.
On the other hand, sending such documents via email is JUST as risky, even more so if done over a public WiFi or insecure home network.
The solution is NOT about giving a country specific address, but finding a more secure way of uploading documents directly to secure servers, coupled with using local notaries to inspect the documents and verifying them WITHOUT the need to send them through the post. It is a bit like how the UK banks work. If you take a certified document to a branch, it can be verified in person, and by an employee who has the authority to clear the documents without the need to have them forwarded to head office.
In the UK, this could be done at high street shops (if present), and the ORIGINAL documents looked at by a local manager, and if they are OK, this is communicated to head office. The local manager could also take copies of the originals, which would immediately make them "certified copies" having been "certified" by having been done by a company employee from the original, and these, if necessary, could be forwarded internally to head office.
Another question for the rep, what about the problems caused by the UK governments decision NOT to introduce national ID cards. It has left no universal photo ID system that is equally available to ALL Citizens. The drivers licence, although generally accepted, is available ONLY to those considered medically fit to drive, and then only if they pass the test. If you have diabetes for example, it is not a case of "can't be bothered", but a case of "not allowed a license for medical reasons". It is insulting for such people to be more or less told that their refusal to get a driving license is evidence that they have something to hide, and should be treated with suspicion.
Although they could get a passport, it is a MAJOR step, and is not an ID document, but a travel document. As such, it does NOT have the holder's address printed on it, as this is held in a database, and linked to the passport number. A player at a different Playtech casino was told he had to have a photo ID with his billing address on it, which appeared to rule out the use of a passport. If medically unfit to drive, there would be no way to get a photo ID that shows the address, as the driving license is the ONLY one that does. The "pass" scheme proof of age cards are the only other photo ID available, but do not show anything other than the holder's name alongside the photo, and conformation that they are above a certain age. They are meant to prove age in a shop, rather than prove identity.
Such players have nothing to send to either the Phillipines nor the UK. I am also puzzled as to why a major company like Vernons would even CONSIDER subcontracting such an important and sensitive matter as player's identity documents to a company with no name (unless you dig really deep
) based in some large multi-occupancy building in Manila.