Client Data & Your Processes

Over the past month, we’ve taken a hard look at our internal processes. It’s a good opportunity for you to do the same, especially when it comes to handling sensitive client information.

When you’re not meeting clients in person, your standard for verifying identity needs to be exceptionally high. Whether it’s an out-of-town buyer or a fully digital relationship, you are still responsible for properly confirming who you’re dealing with.

There are only a few acceptable ways to do this remotely:

Use an approved platform like ReallyTrusted or Fintracker, or

Have a local agent verify the client in person using the required Mandatory form

A photo of ID sent by text or email does not meet verification requirements. Full stop.

On the flip side, when you are meeting clients in person, it can be tempting to snap a photo of their driver’s licence and deal with FINTRAC later. Don’t. Those images should never live in your camera roll, email, or anywhere on your personal devices.

Take the time to go back and clean house: search your photos and emails for stored IDs and permanently delete them. There is no scenario as an agent, where keeping copies of client identification is appropriate. Storing this information creates unnecessary risk, and if it’s ever compromised, it becomes a serious privacy and compliance issue.

Your role is to verify identity—not to store it.

Once your FINTRAC documents have been submitted and confirmed by the brokerage, any related files in your possession should be deleted.

This isn’t just a process for process’s sake. It’s about protecting your clients and your business. Do it right upfront, and you avoid much bigger problems later.