With Digital Banks booming in the UK, one of their biggest attractions is the ease and speed of their onboarding processes. Often able to be completed in minutes through an app or online, there are some concerns to the risks that these processes may pose, with digital banks needing to be compliant with anti-money laundering (AML) and know your customer (KYC) regulations.
Aravind Narayan is a Global Director at Refinitiv, An LSEG Business, in the Sales Readiness function for customer and 3rd party risk solutions with a primary focus on product GTM, commercial & sales strategies across our digital identity and customer screening propositions. Aravind joined Refinitiv about 2 years ago from Amazon.
Aravind has over 14 years of experience in the technology industry working with various organisations such as EMC, PwC and Amazon, living and working in the US, India and the UK. Aravind is an evangelist for disruptive technology as a means to solve everyday problems faced by organisations, from onboarding to fraud detection and beyond. He also speaks passionately about digital banking, payments and open banking.
Here he shares his thoughts on how to reduce digital banking onboarding risks.
Digital banks are growing in number in the UK, putting pressure on retail banks. Clients are attracted by the ease of the onboarding process. But digital banks need to be vigilant during onboarding to comply with anti-money laundering (AML) and know your customer (KYC) regulations. How can digital banks reduce onboarding risks by partnering with AML data providers?
- Many of the growing number of digital banks in the UK employ cutting-edge technology and have no physical branches. This means they can reduce costs and repurpose their staff to more effectively serve customer needs.
- Digital banks have made onboarding an easier process to navigate. This has made them more attractive to clients, resulting in huge growth.
- Partnering with AML data providers as subject matter experts can help digital banks to mitigate their money laundering and financial crime risk and comply with regulations.
In the UK, the first digital bank was granted a licence around six years ago. This was the first banking licence issued in more than 100 years.
Since that first licence was issued, there are now over 15 digital banks and fintechs in the UK alone. This influx has started to put pressure on the traditional retail big banks.
Most of these digital banks use cutting-edge technology, do not have physical branches and conduct all due diligence online.
‘Mobile first’ model and digital banks
Using a ‘mobile-first’ business model, digital banks can cut costs and repurpose their staff to serve customer needs more effectively.
By significantly lowering friction during the onboarding process, digital banks have created a broader appeal among consumers. As a consequence, many of them have attained a growth rate of 500 per cent.
For example, in 2017, one digital bank had a customer base of 900,000. By 2020, this had grown to 35 million.
However, digital onboarding can be challenging.
On the one hand, banks need to comply with Anti-Money Laundering (AML) and Know Your Customer (KYC) regulations. And on the other, they are obliged to ensure that the customer experience is the best it can be.
The ease of setting up an account is a significant factor in attracting customers to digital banks.
Fulfilling such a promise creates myriad issues for banks because of the requirements to conduct proper checks during the onboarding process and to conduct ongoing monitoring thereafter.
To expedite the onboarding process, a digital bank typically categorises its customers into various risk tiers.
In effect, a tiered onboarding process can have several pitfalls. For example, when using technology to onboard customers end-to-end, poorly configured systems could allow a higher-risk client to be incorrectly categorised as low risk and enter the financial system.
Once they enter the financial system, they could easily remain under the radar, facilitating criminal activity while ostensibly carrying out typical daily transactions. Poor risk analysis could further enable criminals to scale their criminal operation by harvesting synthetic identities and consequently creating multiple accounts.
Anti-money laundering and digital banks
Under the European Union Fifth Anti-Money Laundering Directive (5AMLD), all providers of virtual currencies and electronic money are considered to be regulated entities for AML purposes as service providers.
Regulators are in a difficult position because they don’t want to appear to be trying to stifle innovation in the financial services sector. However, as with all technical advancements, there are always threats and risks. Regulators just need to be aware of them and can then require the banks to mitigate those risks.
Regulation and Fintech
In addition to the financial services sector, there are also fintech companies. The ‘correct’ regulatory approach to fintechs has yet to be properly defined by regulators.
This is primarily because fintech company business models often fall outside the regulatory perimeter, therefore making them harder to monitor. We believe that regulations will change in the coming years, for example, if a channel for currency transactions exists, money laundering and other financial crime risks may arise.
If you are based in the EU, data privacy concerns take these risks to a whole new level. In 2018, a digital bank was under scrutiny following the sharing of customer data online as part of the due diligence process. Cybercriminals are often waiting to take advantage of such incidents to tap into that data and perform identity theft to launder money.
Therefore, in most cases, digital banks partner with AML data providers as subject matter experts to help them meet their legal and regulatory requirements. A chosen partner should take into consideration the customer’s needs in their solution, including from a design, functional and operational perspective.
Design and functional product aspects
A product should not be:
- Just a database of entities with a basic search mechanism. It should be a curated, structured database with an enhanced (easy-to-use) search capability.
- Just explicit global sanction lists such as U.S. Office of Foreign Assets (OFAC) or UN sanctions, but should also include so-called narrative sanctions as well.
- Just any politically exposed person (PEP) based solely on blanket inclusion criteria. It should have a carefully curated list of PEPs as per local laws.
- Based on ‘once a PEP always a PEP’ approach. It should have a clearly defined end of term.
Most significantly, these KPIs include:
- Availability; live and accessible data.
- Total cost of ownership, which can be achieved by reducing false positives. A provider who is committed to minimising false positives using artificial and human intelligence can consequently lower operational costs.
- The availability of additional exclusive features and specific content sets and functionalities, to increase operational efficiency while saving time and resources.
There is so much more to consider once a customer has been onboarded. Customers may need ongoing monitoring to reflect changes in status or to identify anomalies in their transactions and trigger alerts.
Providing trusted quality data is at the forefront of everything we do at Refinitiv. We can provide our customers with the means to conduct initial and ongoing screening, digital onboarding and enhanced due diligence via various delivery channels to suit their needs.