Blog article
See all stories ยป

How to reduce digital onboarding risks

The implementation of remote identification and the ability to become a new customer without physically visiting a branch revolutionized banking services.

In Europe this process remained mostly hybrid and involved only online ordering of a card, but with a mandatory visit to a branch to sign documents upon card receipt. At the same time in Ukraine banks immediately began to focus on implementing fully remote digital onboarding scenarios, using signature with finger in phone screen, EDS or Diia.Signature. Thus, since 2020, about 10 million Ukrainians have gained experience in issuing cards through mobile applications/web interfaces without physical interaction with a branch. Significant competition in this segment leads to the fact that customers tend to change banks frequently or use the products of several banks simultaneously, choosing the best offer for themselves in terms of tariffs and user-friendly interface. According to statistics, one adult Ukrainian has an average of 4 active cards.

Over the past few years, banks have invested and continue to invest heavily in building effective online onboarding processes, trying to make them simple, seamless and user-friendly, but as this technology is rapidly developing, new risks are constantly emerging that need to be anticipated, identified and mitigated in a timely manner.

Which key risks can be identified:

-Fraud. Remote processes of establishing business relationships simplify the opportunities for fraudsters who steal identification data and try to open an account in the name of another person in order to obtain a credit line, use the account for other unauthorized activities, receive prepayment for non-existent goods, etc. To minimize the risk, it is necessary to implement multi-level customer authentication tools using unique combinations of factors that are unique to the customer. It is important that some of the checks, such as comparing a face with a photo in a document, are performed on the backend, so that the user is not aware of their presence and cannot falsify them. In addition, banks should constantly remind customers how to recognize data breaches and fraud, as well as what to do if they suspect their account has been hacked.

Legal risk.  It is associated with the fact that a person who signed an agreement with the bank completely online may at some point say that he or she did not sign it, was in a state of mental disorder, under the influence of drugs, or signed under pressure from the other party.  As a result, such a client will refuse to fulfill its obligations under the agreement and will go to court.  For its part, the bank can record the geolocation from which the agreement was signed using an electronic digital signature or record the signing process on video, which can strengthen the arguments of the financial institution if the case still has to be resolved in court.

Compliance and AML risks. Digital onboarding may complicate banks' compliance with anti-money laundering (AML) requirements and the quality of the know-your-customer (KYC) procedure, as the scenario of opening an account through an app may attract customers with dubious reputations who develop money laundering schemes using accounts of different banks. To mitigate such risks, customer reputation checks, sanctions or other negative actions should be built into the process, and AML policies should be constantly updated to reflect new factors that may emerge.

Particular attention should be paid to the protection of personal data of the client (GDPR) during the procedure, as the client may provide his data on a phishing site that imitates the original one, which will lead to its leakage - therefore, it is important to remind the client about security during the procedure and point out the details that need to be checked before starting.

 Loss of potential customers.When the onboarding process is far from ideal (many items to fill out, duplicate questions, unclear wording, lack of tips, technical errors), the user may not complete the process and choose another bank after a negative experience. Even a customer who has successfully completed the procedure may face problems with further use of the application, lack of support from the bank, and feel disappointed.  To address such situations, it is necessary to develop a Customer journey and model different situations of the process, despite the absence of a personal manager - to establish points of contact with the client throughout the entire journey for support and assistance if necessary

 Thus, the digital onboarding process is very dynamic and new risks can appear suddenly and at any stage. Only through constant monitoring, risk mapping, and risk assessment can the security of both the bank and the user who establishes business relations with it remotely be guaranteed

3899

Comments: (0)

Inna Demchenko

Inna Demchenko

Head of project

Bank

Member since

09 May 2021

Location

Kyiv

Blog posts

9

This post is from a series of posts in the group:

Digital Identity Management

Discuss upcoming trends in digital proofing, authentication, fraud and digital identity management.


See all

Now hiring