Identity theft, automation and the digital future of private banking
Having spent a career as a regulator and then investment banker in Europe and the Middle East, I have seen the fascinating evolution of the way clients interact with their banks. Customers the world over are increasingly adopting digital channels to interact with their relationship managers and wealth managers. This trend is set to continue with the rise of affluent millennials, who value efficiency, convenience and on-demand solutions driven by technology.
Digitisation has greatly enhanced the overall customer experience, but at a cost. Identity theft is on the rise. Globally, financial institutions are being fined up to tens of millions because of poor controls. According to the 2018 Identity Fraud: Fraud Enters a New Era of Complexity from Javelin Strategy & Research, the amount stolen hit $16.8 billion last year in the US alone.
The acceptance of electronic instructions for standard transactions is commonplace. Within private banks, relationship managers continue to contact and receive customer instructions, often for complex transactions by phone and email. Compliance with regulation such as MiFID and PRIIPs requires that warning notices are issued periodically and are acknowledged by the client. The process of updating terms and conditions and receiving confirmation from clients and follow-up is costly and often still largely paper-based and spread across multiple online and offline channels. The acceptance of instructions-related transactions and acknowledgement of risk warnings via unsecured channels has led to an increased threat of identity theft and higher operational risk.
With the levels of fraud increasing, regulators are reacting. The Monetary Authority of Singapore (MAS) has issued guidance to financial institutions requiring that they authenticate and verify customer instructions by parties independent of the front office. This means that relationship managers can no longer receive instructions directly from the client and act upon them, which changes their fundamental relationship and communication with clients.
Instructions must first be authenticated and verified by an independent party. Clients must also give informed consent for higher risk transactions. This consent must be subject to enhanced verification and authentication.
Granular consent is now a priority. A private bank may disclose customer information if the customer agrees, but the bank must ensure the information is correct and within the scope of the customer’s consent. The customer needs to provide ‘informed’ consent, meaning that he or she understands exactly what is specifically being agreed. A catch-all blanket consent is no longer sufficient.
Having seen the way that private banking and technology have evolved over the years and the increasing pace of change and regulation, I believe that automation of the consent process will be crucial for private banks to remain competitive and offer the level of service clients expect.
Why automate the consent process in an area of banking which has been largely traditional and relationship-based and in which face-to-face interaction is equated with prestige, client value and discretion? Automation can provide enhanced flexibility and data-driven insights. Banks must match their clients’ digital affinity with segment-specific service experiences.
Automating the consent process will allow private banks to capture value from the fast-growing digitally active segment and free up the time of relationship managers to focus on value-add services. Such automation adds to the digital experience, reduces friction in the user journey and reduces capital and operating expenses, thereby enabling private banks to expand into segments that may previously have been viewed as too costly to service.
At Priviti we are helping private banks meet their regulatory obligations, improve the efficiency of relationship managers and reduce operational risk by implementing secure, authenticated and verified granular consent. Our technology enables private banks to obtain, verify, authenticate and match consent transaction by transaction, with audit trails for compliance, dispute resolution and analytics.
We are always happy to debate and discuss these ideas further. Please comment, email info@priviti.com and tweet us @getPriviti.
