You have the power of a financial institution in the palm of your hand with your smartphone. Digitalization is transforming financial services in a permanent way so when can you, the customer, start seeing the benefits and what will be your first thoughts?

By José Díaz

We can now send money with 3 clicks, we can set up a standing order, check our balances, etc. all done on a smartphone while being in the comfort of your sofa or in the back of a taxi. But what is one critical product feature that remains painful? The on-boarding process. All after which, you may not choose to be a customer!

The whole process from registration, open an account and identify who we are, is done often in person or manually without making the most of the available technologies. As we live in a more consumer-directed world with a clearer definition of products, the need for more emphasis on a smooth and secure on-boarding is more important than ever. Through the article, we will showcase innovations from Europe, India and Singapore, and how sensible policies and the right technologies can improve the customer experience and the security of their financial assets and personal data.

A key trend that financial institutions are experiencing today is that in an increasingly globalised world with heightened cross-border security controls, the emphasis has shifted from the customer to the need to protect the financial institution. As a result, on-boarding processes have not improved to reflect new technologies, customer behaviours and a better understanding of the risks. And a clear example is how customer on-boarding with a smartphone device has been slow to capitalise on these developments.

The idea of putting the customer first has fallen behind covering the risks to the service provider.

1. Leading with the Customer experience

When we talk about security and protecting our customers, we need to think more about customer-first mindset leveraging new technologies (e.g. smartphones, video/photo verification), new data sources (e.g. government ID databases, biometrics) and better risk management (e.g. minimum balances before which ID verification is required or light-security checks for pre-paid products with less risk exposure, etc.). The customer ultimately ends up with an easier product with a better customer experience and improved capabilities to detect fraudulent activities. In parallel, the financial institution can maintain compliance with regulations.

An example of this lack of customer focus was surfaced in some recent customer feedback that was shared in social media circles from a bank branch experience in Singapore, but could have been any bank from any other country. Are we really moving to a “digital friendly banking” at a deep enough level?

The German next-generation Neo-bank Number26 powered by Wirecard Bank wants to disrupt traditional models of banking and good job so far. A good example is how they have built a regulation-compliant virtual mobile on-boarding process using a third-party solution, IDnow, who provide video-identification and electronic signature solutions on the smartphone, replacing antiquated branch-based processes. This is what the future will look like for on-boarding process across financial institutions that are required to do Know Your Customer (KYC) and Anti Money Laundering (AML) checks across financial products for all customers.

Customers can supposedly open an account with Number26 in 8 minutes[1] with an excellent integration across devices. The magic of Number26’s on-boarding process is the beautiful design, the ease of the process and the security reassurance during all the phases. Surprisingly, the smooth on-boarding includes human interaction – a five minutes video face-to-face powered by IDnow technology where customers need to complete some simple tasks. They must show their passport to a compliance agent who will take a picture for biometric verification purposes and will send a One Time Password (OTP), as a part of the 2 steps verification process, to verify the smartphone associated with the account. Below 2 captures when I opened my account with them in January 2016, starting on my smartphone and ending on my computer.

The UK’s first 100% mobile banking service Monese also wants to remove the restrictions of opening a bank account, for example, when you move to a new country. Monese claims that anyone can open an account faster that boiling an egg, in 120 seconds, without living the phone, with any European proof of address and no credit history required. A walk-through will help you to complete the 4 steps of the on-boarding process in a way that make you feel you are just opening another social network account with the only difference that you are submitting a picture of your passport, the process is insultingly easy and interactive. Below some captures when I opened my account with them one or two days after they went public in September 2015.

Video face-to-face as in the Number26 case, or photo capture as in the Monese example, removes the need for in-person verification and the unnecessary queues in the branch, the asking your boss for a few hours off to open a new bank account and having to bring a folder of archived documents with you. A five minutes video call, or a photo capture of your face, change the whole experience for customers convenience and also reduce the cost per acquisition for financial institutions (£3.3 billion per annum is the estimated total cost of ID assurance for financial institutions in the UK alone and not including the costs of fraud)[2]. This should allow for a more customer friendly experience, will be as secure as a physical human verification, if not better as humans are still the weakest link on security [3], all while still protecting threats to the financial system.

2. New technologies that can improve risk management

The main objective of KYC is to prevent criminals from using banking channels for money laundering and fraudulent activities, and we now have new technologies to safely deliver the power of digital banking. We show below some notable solutions that are emerging:

• Two-Step Verification: Having a single password as the only protection against cyber-crime is not enough, especially when the word “password” is still the favourite password [4]. During the on-boarding process, a two-step verification adds an extra layer of security that not only confirms you are who you say you are, but also that the device you are using is really your device. Two-step verification can be a push-up notification in the smartphone, an SMS as OTP, or even a passcode.
• Biometric Verification: Biometric verification is any means by which a person can be uniquely identified by evaluating one or more different biological characteristic such as fingerprint, face recognition or iris recognition. Facial-recognition technology is, for example, being implemented by MasterCard and it’s “selfie pay” [5] proving that a selfie/facial-recognition is safer that any password. VixVerify on-boarding process that can be integrated with any mobile solution, ask customers to take a picture and blink twice as a factor of authentication and proof that the person is alive and not a picture, mask, etc. [6]

Image: http://www.ebuyer.com/blog/2015/07/the-selfie-password/ 

• Data Collection: Id verification is only as reliable as the data sources backing it up. In the UK, users of GOV.UK Verify can demonstrate that they are who they say they are online by creating a digital identity. Digital identities created to this standard are sufficient to meet KYC/AML requirements for id verification. Having a verified digital identity will allow customers open a bank account faster and more easily as it would remove the need for financial institutions to request paper id documents.

3. How new policy can spur innovation — Examples from Europe, India and Singapore:

Image: http://ec.europa.eu/index_en.htm

Leading the path to innovation from new policies in the European Union

The recognition and standardising of digital identity schemes across European countries through eIDAS and integrating and improving payment efficiency through the second Payment Services Directive (PSD2) are very important initiatives to attempt to improve the broad payment infrastructure and further promote innovation. This is in part through new rules for internet related business and new guidelines on security standards to be integrated into payment systems. There is also new measures related to the “identification economy” in the digital world.

As a background, PSD1 introduced the definition of Payment Institution for companies in the payment industry but not in the same regulated space as traditional banks, the best example is PayPal. Now PSD2 will open the payment marketplace to new innovative companies by inviting them into the regulated space by using banks API’s (Application Programming Interfaces) that open up systems to new third-party systems. Furthermore, PSD2 have a strong sense of “transaction authentication” with payment providers and banks now being required to better verify customers identity. eIDAS will play a big role here. More extended explanation of PSD2 by Starling Bank [7].

Another example in Europe is BankID in Norway. BankID allows customers to create a single digital identity with a Norwegian bank and then use that unique digital identification to, for example, open an account with any other Norwegian bank removing the need for the customer to identify themselves again. It also applies to other public and private sectors. 80% of the adult population in Norway now has a BankID.

The Aadhaar system in India, the word’s largest biometric database:

Unique Identification Authority of India (UIDAI) is working to identify and enrol all residents of India (estimated 1,2 billion population as in July 2015) into a demographic and biometric database. Aadhaar is a 12 digit individual identification number issued by the UIDAI on behalf of the Government of India serving as a proof of identity (POI) and proof of address (POA) and linked to biometrics including iris scans, face recognition technology and fingerprints.

The system is very simple, once registered for Aadhaar, the resident can easily authenticate their identity bio-metrically through the presentation of their fingerprints or non-biometrically using an OTP sent to the registered mobile phone or e-mail address.

Easy KYC through Aadhaar will allow innovators build new services which in turn will help bring more people under the reach of financial services. Various forms of digital payments such as pre-paid instruments, wallets and others have been able to show they can create efficiency, transparency and have a wider reach in financial transaction[8][9].

Rapid product development through experimentation in Singapore, taking example of more mature markets:

The soon 51-year-old country is rapidly evolving new technologies and regulations to adapt to business and residents requirements of the Singapore SMART nation. Singapore’s financial regulator and central bank, the Money Authority of Singapore (MAS) have announced a number of initiatives such as creating a dedicated FinTech office and committing to S$225 million ($166.48 million) over the next five years, to growing the FinTech ecosystem in Singapore [10]

MAS announced in April 2016 that it will start regulating FinTech companies only when they grow to a sufficient size to pose risks to the wider financial system [11]

“… Regulation should not be too onerous such that it suppresses companies’ ability to experiment in the field of financial technology.” Deputy Prime Minister Tharman Shanmugaratnam

MAS is looking to make agreements with more mature markets, such as Australia and the UK. Two recent agreements have been announced with the Australian Securities and Investments Commission (ASIC) and the UK’s Financial Conduct Authority (FCA), with the purpose to exchange best-practices and to provide a framework for co-operation and referrals between the innovation functions of each authority. [12]

One of the similar approaches take by MAS and FCA is to create a Sandbox environment to try new technologies, policies, process, etc.

The FCA defines the purpose of Sandbox: “The regulatory sandbox aims to create a ‘safe space’ in which businesses can test innovative products, services, business models and delivery mechanisms in a live environment without immediately incurring all the normal regulatory consequences of engaging in the activity in question.”[13]

MAS is due to issue guidelines on exactly how the Sandbox approach will work in Singapore, with the emphasis on ensuring that experiments which fail do so cheaply and safely, without posing a risk to the rest of the financial system. It will be interesting to see how effectively regulators can create a platform and a catalyst for innovation with their safe space for agile product development.

To conclude

Customers seem ready to adopt new technologies allowing for a sexier and much simpler way to interact with financial institutions on a routine basis. The on-boarding process is an indication of what customers can expect from their chosen service provider. Financial Institution incumbents, challengers, startups and governments must work effectively to both their mandates and their relative strengths to deliver an equitable financial system that best serves the customer. As we have highlighted above, there are exciting emerging opportunities in the first-impressions moment that are being driven from new risk-managed policies, the acceptance of new technologies to open new channels and securities measures, and finally, through recognizing the local environments.

This article first appeared here: https://blog.yolopay.com.sg/redesigning-the-customers-banking-on-boarding-experience-in-a-digital-world-369ecc6bf6d0#.v51woidxz

Notes:

1. http://techcrunch.com/2015/01/26/number26-could-be-the-best-banking-experience-in-europe/
2. http://oixuk.org/wp-content/uploads/2014/05/Economics-of-Identity-White-Paper.pdf
3. http://www.cio.com/article/2895404/cybercrime/people-remain-the-weakest-link-in-security.html
4. http://www.telegraph.co.uk/technology/2016/01/26/most-common-passwords-revealed—and-theyre-ridiculously-easy-to/
5. http://money.cnn.com/2016/02/22/technology/mastercard-selfie-pay-fingerprint-payments/
6. http://www.vixverify.com/blog/selfies-could-be-used-to-check-identification/
7. http://starlingbank.co.uk/explaining-psd2/
8. http://www.iamai.in/node/4593#sthash.i2tr8ScU.dpuf
9. http://www.ndtv.com/india-news/pm-modis-2-hour-review-of-aadhar-scheme-shows-big-results-1404803
10. http://www.dealstreetasia.com/stories/mas-commits-225m-to-fintech-growth-in-singapore-8637/
11. http://fintechnews.sg/2006/fintech/singapore-gears-become-fintech-leader-mas-announces-major-initiatives/
12. http://www.fca.org.uk/your-fca/documents/mou/fca-monetary-authority-singapore-cooperation-agreement
13. https://innovate.fca.org.uk/innovation-hub/regulatory-sandbox