What FRACT actually scrutinises.
The value of a standard lies in the rigour of its assessment. FRACT accreditation is not a badge for completing a form. It is the outcome of a structured, two-stage due diligence process that tests both whether a deployment is lawful and whether the technology behind it performs.
Compliance due diligence
Before any technology is approved, FRACT examines the legal and governance foundations of its deployment: the lawful basis for processing biometric data, the data protection impact assessment, data minimisation and retention, transparency to the public, named accountability across the supply chain, and a demonstrable bias audit. The question at this stage is simple — would this deployment withstand regulatory scrutiny?
Technical due diligence
FRACT then assesses the technology on its own terms: accuracy against recognised independent benchmarks, demographic performance, security, resilience, and the integrity of the human review that must precede any consequential action. No individual is ever subject to an adverse decision on the basis of a facial recognition match alone, and FRACT tests that this safeguard is real rather than nominal.
Why this carries weight
FRACT’s assessment is built and overseen by specialists who have operated at the sharp end of facial recognition regulation in this country — including direct experience of the most significant facial recognition enforcement action brought by the Information Commissioner’s Office to date. That experience is the reason FRACT knows what regulators look for, and assesses against it. The standard is demanding because the environment it serves is demanding.
Get in Touch
If you have any questions or comments about the FRACT Standard or need more information, complete the form on the right.