User-friendly onboarding processes for FinTech or Banking products
This blog post was co-authored with Jacek Zdziarstek, Experienced Compliance Executive.
The customer experience at leading banks and fintech organizations is undergoing a revolution. Technological innovation has brought with it a whole wave of changes, meaning that account holders can not only transfer money online, but also log in using facial authentication and perform a whole range of tasks using just their fingerprint on their smartphone. Over the past decade, technology in this sector has made things faster, simpler and safer.
Increasingly digitally driven customers have come to expect the financial services they want, when and where they want them.
We might even go as far as to suppose that children today will have no need to visit a high street bank when they become adults - as all money management will be done online. Increasingly digitally driven customers have come to expect the financial services they want, when and where they want them. So why has the user experience in many cases still failed to match expectations? We explore the answer to this question and suggest the steps that both FinTechs and banks can take to improve their onboarding process and ultimately to satisfy and retain their customers.
This report is useful to you:
- You’re looking to improve the user experience on your existing FinTech product
- You’re launching a new FinTech product and want to ensure that you get your onboarding process right
- You’re seeking a balance between creating an efficient onboarding process and not spending too much on the technology needed to make it happen
- You want to speed up the onboarding process and therefore improve your client relationships
- You want to understand the risks involved in substandard customer experience in FinTech.
What is ‘onboarding’ in the financial context?
Onboarding is an integral part of the process of preventing money laundering and the financing of terrorism, and from a legal standpoint, it is a key element in the application of financial security measures. It is formed, among other things of:
- Customer verification
- Identification of the real beneficiary
- Verification of tax residence status
- Identification of the nature of the client’s business.
The scope of the above-mentioned client monitoring depends on the risk that he or she generates.
Creating client records: This process is associated with creating an appropriate record of the client in the systems of a financial institution. This designation refers to the client's risk class and the actions that must be taken to counter possible threats of criminal activities on the client's accounts. Each financial institution is required to verify the risk of the opened client and assign it an appropriate assessment. Most often it is a 3-level rating (low, medium, high). The result of such a research process will be one of the following:
- impossible to start cooperation
- possible to start cooperation based on additional documents or information
- possible to start cooperation without additional documents or information
The client’s risk class also determines how often the client’s activity should be monitored.
Customer identification and determination of the beneficial owner take place at the beginning of the relationship, and should be closely monitored thereafter, e.g. if the beneficiary changes. It is quite another thing to monitor the relationship in terms of the KYC process and it depends on the client's risk class and related obligations (more on this below).
Publicly Exposed Person (PEP): At the stage of identifying the client and his risk class, a necessary element is the identification of PEP, i.e. Publicly Exposed Person. Determining the PEP status has a significant impact on setting the client's risk class and deciding on the frequency of the ongoing monitoring.
Most often, people who have been publicly exposed automatically jump to high risk classes and their processing is significantly more demanding.
Onboarding for different types of clients:
Onboarding varies depending on the type of client. This process is different for an individual and different for a company (except for sole traders where the real beneficiary is simply the owner of the company). For retail customers, there is usually no need to provide additional documents and information. The situation becomes more complicated in the case of private banking customers, where both the size of the transactions and the advancement of financial instruments are much greater and these make the process more demanding. Onboarding also varies depending on the client’s legal status, which may involve the verification of additional documents. Here, even the process of determining the beneficiary will be different - the level of complication may vary.
Verification of tax residence status
Foreign Account Tax Compliance Act (FATCA) is an act passed by the Congress of the United States of America, which, requires foreign (non-US) financial institutions to identify financial accounts held by individuals and entities with specific links to the US (e.g. US tax residency). Euro-FATCA is a model of the automatic exchange of tax information between the Member States of the European Union.
Common Standard on Reporting and Due Diligence for Financial Account Information (CRS) is a standard for the automatic exchange of information on financial accounts of residents of countries belonging to the Organization for Economic Co-operation and Development, which was developed by the OECD in cooperation with the G20 countries and the European Union.
KYC, AML and why they matter
As we know, Anti-money laundering (AML) and Know your customer (KYC) are important and prevalent terms in the financial world. But how do they relate to one another and what are the differences between them?
Knowing your customer (KYC)
KYC, or ‘Knowing your customer’ is a standard business practice for financial institutions across the globe. In a nutshell, it is the process of identifying who your customers are, checking whether the sources of their funds are legitimate and that they are legitimate users of the platform that they are trying to access. Getting the detailed information about your customer protects both parties in a business transaction and relationship. KYC therefore services multiple purposes:
- It provides a superior service
- It prevents liability
- It avoids association with money laundering, and other illegitimate money frauds.
To recap, KYC is just the identity verification process for checking the client is who he or she says they are.
In a nutshell, KYC is the process of identifying who your customers are, checking whether the sources of their funds are legitimate and that they are legitimate users of the platform that they are trying to access.
Anti money laundering (AML)
KYC is only one part of AML which is a much broader practice referring to measures used by financial institutions and governments to prevent and combat financial crimes which include the financing of terrorism and money laundering.
A bank or fintech company’s AML policy forms part of its wider AML compliance program which should be created in line with local AML regulation requirements.
There is a blurry line between KYC and AML practices, which makes it even more important to have these processes well organized with specific roles defined and respective tools helping in coordinating these processes. It is a high stakes game which can result in regulators issuing fines.
Anti-money laundering and counter-Financing Terrorism (CFT)
Combating money laundering and terrorist financing contributes to global security, integrity of the financial system and sustainable growth. As terrorists and their supporters constantly modify their ways to collect, move and gain access to funds, banks and FinTech institutions need to regularly adapt their instruments and measures to deprive them of the chance to engage in criminal activity.
The monitoring and update of KYC
Risk statuses: When it comes to KYC, regulators currently expect risk statuses to be made on the basis of predefined algorithms rather than discretionary methods. Most often these are based on several different factors e.g. the client's country of origin, on the planned transactions, their currency, volume, products or services sold, or financial solutions the client will use. On the basis of this analysis, a decision is generated about how often and how the client should be monitored. It may turn out that during the course of the client relationship, law enforcement agencies begin to take an interest in the client, which is a direct reason for increasing the client's risk class and taking related actions by the financial institution. In most of the cases, retail clients are assumed to be of low risk, but private clients need to be investigated more thoroughly.
The reliability and speed of operation of such a system is so important that alerts appearing and actions taken are verified by (on Polish example) General Inspector of Financial Information, the prosecutor's office and other authorized bodies. In the absence of an appropriate customer control system and its enforcement, financial institutions face fines and legal sanctions. Most often, onboarding is imposed at the level of a group of financial institutions, while monitoring may be a local solution, because all scenarios requested by local institutions must be taken into account here.
Customer due diligence and keeping information up to date
The challenge in monitoring is keeping up-to-date customer data as part of KYC and behavioral monitoring. Financial institutions profile clients through Customer Due Diligence (CDD), determining their transaction profile. In doing so, they are able to check whether the clients are operating within the defined profile, which is mainly based on transaction thresholds. If these thresholds are exceeded, they appear in registers as requiring action and are reported to the appropriate institutions.
Most people in business have encountered a transaction threshold of 15 000 EUR, where all transactions above this threshold must be reported to the GIIF (in cases in Poland). The frequency of transactions is also analyzed, whether from and to which countries transactions are performed, e.g. the client declares that he will open one transaction to China once a quarter, and in fact it is 10 letters of credit opened quarterly to Saudi Arabia, it should appear in information systems about the incompatibility of the client's profile with the operations performed.
The difficulty of setting an algorithm for transactions: Setting the above parameters affects the number of alerts, and this in turn impacts the number of specialists that should be hired to process this information and customers. The challenge here is the fact that it is a process that is difficult to automate, because, for example, contrary to the definition of sanction lists, it is difficult to define algorithms that should monitor the client and his behavior.
The efficiency of such a system is extremely important. A reaction that takes too long might lead to a situation in which it was not possible to block funds from the crime because the circulation of information was too lengthy.This might result in severe penalties.The final element of this monitoring is either closing the alert, e.g. with the status false positive, or it is a premise for reporting the client to law enforcement agencies.
Without such mechanisms, for example, you can not obtain a license if you want to start a new entity on the financial market. Mechanisms of this type must be constructed in such a way that it is possible to indicate responsibility for work on them and the actions taken.
The challenges that banks and FinTechs come up against
Alex Valdes, CFO and EVP at Trust Stamp outlines some of three central pain points for banks and FinTechs when crafting an effective digital customer onboarding program.
The headache of identifying customers - Identifying customers for banking services is a sensitive task that requires thoughtful consideration of all regulatory requirements as well as consideration for how this new process will integrate into your existing system.
Alex advises that, “by using modular tools for authentication flow creation and auto-branding, as well as easy to use plug-and-play integrations, a comprehensive identification process can be quickly designed and implemented to capture customers’ data, verify it and pass the results back to the bank’s database, painlessly.”
Research conducted by Thomson Reuters showed that customer onboarding time increased by 18% in 2017 and was set to continue along this trajectory.
A poor customer experience - Research conducted by Thomson Reuters showed that customer onboarding time increased by 18% in 2017 and was set to continue along this trajectory. According to the same research, a bank spends on average 24 days to complete the customer onboarding process and 89% of clients have reported a bad KYC experience.At least 13% even changed to another service provider as a result.
There has always been a common belief that in order to increase security, you must do so at the expense of customer satisfaction. That is, as security measures become more advanced, there is more scrutiny which causes more friction for the customer, ultimately producing a negative impact on the overall customer experience. With new technology, this belief has been challenged and even flipped on its head.
Alex said, “by coupling biometrics with automated ID validation, not only is security-enhanced through the use of sophisticated machine learning techniques to identify fraud but now the customer can save a trip to the bank, does not have to stand in a long line, and can do all of these steps from the comfort of their own home. Through automation, small things like extracting the personal details from the customer’s ID to prefill the rest of their application will save them additional time and headache, resulting in greater satisfaction.”
Cost - The report entitled The Cost of Compliance and How to Reduce It, published by Mitek Systems in September 2019, shows new EU Anti-Money Laundering and Counter-Terrorist Financing rules have increased the cost of non-compliance fines to almost four million dollars per bank per year in the States. As Financial journalist Chris Burt points out, in addition to fines and fraud losses, “businesses can also suffer reputational loss, and in some cases the loss of a license to operate or personal liability among senior management.”
Alex points out that, “by tapping into digital channels, not only can a financial institution (FI) reach more customers, but the costs will be dramatically reduced on a process that machines can do for them automatically. All of this together saves time and money for everyone and provides more security and better compliance, all while enhancing the customer’s experience and the FI’s competitiveness in a fast-evolving industry.
Moving to digital - impact on business model
The ingredients needed for an effective onboarding process
When it comes to banking, customer needs are evolving with new generations. These customers want convenience and speed. They have less interest in building personal relationships for standard banking products and services and they have less time in their schedules to handle these types of tasks in person.
So what are the ingredients needed for an effective onboarding process?
Compliance - This must always come first. Without “checking off” the regulatory compliance box first, the rest of the benefits don’t matter. Understanding regulatory requirements such as GDPR, Anti-Money Laundering and Terror Funding legislation is a key component of your customer identification process within your onboarding program.
Speed - A lengthy customer onboarding process is no longer acceptable in the current age, but fortunately, the right tools can improve the situation considerably. Alex Valdes from Trust Stamp, explains that their tool, On Board, uses “a series of custom onboarding flows based on our experience in the field. These preset flows have the necessary procedures to assist in collecting and storing all the data needed to meet those regulatory requirements. These flows use tools such as AI-powered biometrics and ID validation to determine the true identity of the person in question and tools like optical character recognition to automatically extract data from a validated identity document to perform over 20,000 global data checks such as sanctions lists, politically exposed persons, negative media, and so on.”
A user-friendly interface - As with any digital platform, the user interface is important, because it engages your customers (both existing and prospective) with your platform and has a huge impact on retention. With a banking or fintech onboarding program, ease of use is paramount, and a simple, step-by-step journey guides users towards the goals that you’ve set for them.
An accessible, easy to use managerial dashboard - It goes without saying that the best, user-friendly onboarding platform means nothing without an effective system of management that backs it up. A central managerial dashboard enables administrators to securely review all identity and compliance data that has been captured, including facial images, images of documents, watchlist results and more.
What can banks learn from FinTechs when it comes to customer onboarding?
Over the past few years it’s fair to say that FinTechs are providing a real challenge to incumbent banks when it comes to customer onboarding, particularly when it comes to offering loans quickly or setting up an account.
The use of online platforms: FinExtra and CNBC have reported that lenders including Sofi and Vola have enabled almost a real-time disbursal of loans within an entirely digital process.
FinExtra reports: “Adaption of online platforms has been one of the biggest enablers for fintechs to gain lightning fast speed. For example, in a peer-to-peer (P2P) lending model, the online platform provides a standardised loan application process and enables direct matching and transacting of borrowers and lenders.” The people seeking loans provide information on their finances, and the lenders review their needs on the platform, thereby quickly satisfying both parties.
Targeting your onboarding processes to your audience: Most fintechs are currently winning market share by focusing on niche client segments and building personalised products for these target demographics and services. There are those FinTechs that are specifically suited to student loans and have a whole onboarding experience that is aimed at young people, integrating social media and leveraging cutting edge collaboration techniques.
Well-established use of data and analytics: FinTechs have got their data and analytics down to a tee, and they have cleverly established shared data connections with banks to speed up the user authentication process while at the same time keeping client details safe. They also cleverly use huge numbers of touchpoints with clients in order to track incomings and outgoings, and to make informed observations about how likely a given client is to e.g. repay a loan. FinExtra reports that some FinTechs have even incorporated data from UPS, Amazon, QuickBooks, Yodlee, Yelp, Facebook, LinkedIn and multiple other sources into their systems for analytics purposes.
Use of Artificial Intelligence: Fintechs are increasingly using machine learning and other artificial intelligence modeling techniques in addition to traditional analytics. One well known example is PayPal, which has reduced its false fraud alerts by 50% through the use of an AI monitoring system.
Custom and off the shelf onboarding solutions
If you have the finances and resources at your disposal, you might consider a custom-built onboarding program to suit your specific business and clients. However, you may not be aware of another solution.
Alex Vales of Trust Stamp explains that their OnBoard platform can be easily tailored to the needs of different banks and FinTechs:
“Through the account management panel, each financial institution can easily choose from a variety of preset authentication flows, such as, for example, ‘KYC/AML for Financial Services’ or build a custom flow with steps that are specific to its business, industry, or regulatory needs. Then, using our auto-branding engine, each flow can be quickly white-labeled for a seamless user experience.
Finally, our APIs make it so simple to drop that new authentication flow directly into your website and/or mobile application. Each flow, and by the way, there can be countless flows depending on types of customers or services or products, or locations of customers or even depending on which stage of the customer journey they’re at, will then feed back into the central account management platform.”
The key is balancing security with user experience
With an increasing number of transactions moving to digital channels, greatly powered by smart devices and even more so with global events such as the COVID-19 pandemic, being able to securely and accurately prove identities is now more important than ever. Yet at the same time, banks and FinTech organizations must remember to balance security with user experience, to ensure that both the requirements of compliance and customer satisfaction are met. If you’re looking for a cost-effective solution when it comes to creating this journey, it is worth considering tools such as Trust Stamp’s OnBoard, which can be white-labelled and tailored to suit your business needs.