The German financial market supervisory authority, Bafin, found online lender N26 Bank GmbH in breach of regulations, Handelsblatt reported Oct. 12.

The client authentication procedure used by the bank is not compliant with the existing rules and can be manipulated, according to a Bafin spokesman cited by Handelsblatt.

N26 uses a photo ID procedure in which clients can use an image of their passport as identification to open a new account. However, under German regulation, new bank customers are required to provide their passport in person or via live video chat with their bank.

A spokeswoman for N26 argued that the bank follows up the photo identification with a number of other security measures, such as transaction monitoring, with the aim to prevent money laundering and terrorism financing, according to the report. The spokeswoman also pointed out there is no evidence that the photo ID process has led to increased fraud cases, Handelsblatt said.

However, the newspaper referred to an investigation by its Wirtschaftswoche publication that showed that tests to open an N26 account with a false ID have been successful.

N26 has 1.5 million clients in 18 countries and launched in the U.K. earlier in October.