Frequently Asked Questions

• Authenticate themselves - proving in a binding, non-repudiable fashion that they are who they say they are
• Protect information - allowing them to lock down documents or material being sent electronically so that it cannot be tampered with or viewed without their permission
• Digitally sign - allowing them to replace ink signatures with an electronic signature that is the legal equivalent and that is accepted around the globe

• Banks have always played the role of trusted intermediaries for financial transactions, whether on a consumer or corporate level In terms of managing identities, whether digital or physical, banks are uniquely positioned as providers
• Banks are regulated, operating under independent oversight where failure to comply leads to serious financial implications and thus creating a strong incentive to behave properly
• Banks exist everywhere, with a broad reach into even the smallest town or location, and are subject to global requirements that ensure consistency across multiple legal or regulatory jurisdictions
• Banks have experience in dealing with information that needs to be managed carefully
• Some banks have a global scale and a scalable information systems infrastructure to support large volumes of transactions
• Banks have experience in dealing with risk management and mitigation - they are fundamentally in the business of transferring and managing risk, which makes them uniquely positioned to price and manage the risk elements of identity

• Citi is the trusted partner for the world's top corporations and governments operating in more than 100 countries
• Citi is a regulated entity, with a long history of successfully complying with the KYC and AML requirements of the world's financial business centers and across its physical footprint
• Citi has a long experience in providing transaction and processing capabilities for its customers, leveraging the economies of scale, experience and expertise that only an entity with the size and scope of a Citi can do
• Citi has a history of providing a broad set of skills, products and services to its customer base - digital identities are a logical extension

Working with high-assurance standard rule sets such IdenTrust which provides banking interoperability in a trusted network, or SAFE which provides biopharmaceutical interoperability in a legally binding manner Citi's full digital certificate lifecycle management and related services provide a secure platform for digitally signing legally binding transactions in an auditable manner. Citi's portfolio of identity management services include:

• Issuance Services - involves the issuance of bank-grade, high assurance digital certificates used within the your internal applications or within a Citi application. These high-assurance certificates enable authentication and authorization, creating binding transactions. You can implement the fulfillment of these digital certificates to end users in a manual or automated fashion, according to your requirements.
• Secure Payment Authorization - enables higher assurance authorizations when initiating payments using Citi's award-winning CitiDirect Online Banking platform or via a file sent to Citi's CFS application. Our solution allows for digital signing at each authorization point linking the authorized individual in a non-repudiable way to their transaction.
• Digital Account Management - an innovative solution enabling you to streamline account maintenance and signatory management in an end-to-end, straight-through process enabled with digital signatures. Digital Account Management provides account and signatory management via a web-based application, reducing the expense, risk and inefficiencies associated with "wet signature" and traditional forms of communication. The vastly improved electronic workflow enhances client's ability to more effectively and efficiently manage processes around the account management in an online straight-through process.
• eVault Services - the credibility of digitally signed transactions hinges on the organization's ability to store and archive data in a manner that is compliant with regulatory requirements throughout the entire workflow. The eVault Service facilitates the archiving of cryptographically linked, signed transactions/documents in a highly secure manner. Our web-based portal allows you to manage, search and monitor transactions based on entitlements.

Our position as the top global financial services institution uniquely qualifies Citi to address identity assurance challenges in establishing trust in B2B transactions by coupling our rigorous KYC processes with proven identity management technology to create value for our clients including:

• Greater visibility into the actions of authorized end users and their role as defined by internal processes
• Control and governance over the access and activities of end users
• Assurance of identity, non-repudiation and document integrity to mitigate risk associated with sensitive business processes when transacting with business partners
• By focusing our efforts in these areas, we are able to help our clients better manage their risk, while meeting their compliance and regulatory obligations. Citi-issued, high-assurance digital credentials allow clients to verify "who", "did what" and "when" in online interactions. Citi's role is that of a trusted third party. The value-add to clients is "bank-grade" process controls and KYC rules applied in the issuance process as well as banking system acceptance, liability for misuse and legal compliance.
• As a participating member and issuer of IdenTrust and SAFE^TM certified credentials, Citi provides certificate lifecycle management capabilities to its clients in a flexible and cost-effective manner.

By virtue of commonly accepted policies, IdenTrust certified trading partners will also know: their dealings are legally binding; they can protect themselves from the unlikely event an electronic identity is faulty; they have recourse in the event a trading partner attempts to defraud them; and they comprehend the meaning — both legal and practical — of an IdenTrust electronic identity.

Citi has outsourced our Identity Certificate Authority for IdenTrust compliant and SAFE compliant certificate production and lifecycle management (back office) to IdenTrust.

SAFE is designed for the purpose of simplifying, securing, and streamlining business-to-business and business-to-regulator information exchange. The SAFE standard consists of policies, procedures, guidelines, technical specifications and a legal and liability risk management framework for ensuring the validity of the electronic signatures used for information exchange and electronic submissions to regulators.

• Provide bio-pharmaceutical industry collaboration and information sharing through an interoperable network of trust
• Streamline business processes by eliminating "wet" signatures and paper-based workflows
• Clinicians and employees can digitally sign documents that are legally enforceable and 21CFR11 compliant
• Support long term vision for fully integrated, enterprise-wide processes and tools for budgeting, forecasting, reporting and expensing of clinical trials resources.
• Electronic work flow and automation should
  • Improve the number of orders completed online. Currently 50% of the 6,000 Samples Orders initiated per month never complete.
  • Eliminate an inefficient and inaccurate process of re-keying each Sample Order form captured on-line.
  • Reduce the cycle time from order placement to delivery from 14 days to 4 days.
  • Lower the cost of practitioner acquisition and maintenance
  • Deepen and extend relationships with practitioners
• The ability to demonstrate regulatory and audit compliance around KYC and other forms of identity proofing in a consistent, easily audited and legally binding fashion

There are many options for coexistence and integration of internally-issued digital credentials with the digital identities issued by Citi. Hence allowing organizations to manage the level of identity assurance they require for credentialing their employees.

Our partner network includes solutions from Avoco Secure and Arcot Systems, among other leading technology vendors.