In financial services, identity defines and permits the relationship between providers and clients. Financial institutions need to know they are lending to genuine, legal and reliable customers, and customers must be able to trust financial providers to protect them from financial crimes. Yet identification and authorisation are not easy in practice. Many citizens in the Middle East, Africa and South Asia (MEASA) region lack standard identification documents such as passports, or the credit data needed to secure loans. However, technological innovations are presenting new opportunities to collect, validate and store client information that are driving efficiencies and reducing costs for financial institutions.
Following the financial crisis of 2008-09, financial institutions have tightened lending in markets across the MEASA region. In parallel, rules on money-laundering, bribery and terrorism-related financing have also become stricter, making lenders more reluctant than ever to take risks. This has led financial companies to focus on clients that they consider “safe”.
While well intentioned, financial reforms and more stringent Know Your Customer (KYC) rules make it costly to process individuals and businesses, particularly small and medium-sized enterprises (SMEs), which often lack formal accounts or official documentation. “KYC is quite a cumbersome activity,” says Lutfi Zakhour, financial services lead at Booz Allen Hamilton, a consultancy. The process starts with the collection of documents at a branch, he explains, and the bank then has to validate these, conducting enhanced due diligence on high-risk accounts. This information not only has to be stored securely, but must be updated regularly. “This is time-consuming, for bank staff or financial institutions in general, and for consumers.” Applicants may be rejected because the risks are not worth the financial reward, which further widens the lending gap in emerging markets.
There are better ways to balance compliance with financial deepening. “Although they’re spending billions of dollars already on KYC-related technology and upgrades, banks still recognise that they have a lot more to do,” says Susan Starnes, head of strategy, trade and supply-chain solutions at the International Finance Corporation (IFC), part of the World Bank. A growing army of technology firms—and some banks—are using algorithms, machine learning, blockchain and biometrics to help. These technologies are being applied to securing and storing information on clients and assessing creditworthiness.
Digital authentication: Biometrics and blockchain
Physical documentation has long been the centrepiece of identification for people and businesses. Such documents include passports and utility bills, which many in the MEASA region lack. Without these, it is difficult to ensure that a person is not planning to use financial services for illegal acts. For individuals and small businesses, this also makes it difficult to identify collateral. With advances in technology, many financial companies are exploring digital alternatives. Biometrics are of growing interest here.
The most common and well-known such metric, the fingerprint, has been used to open many smartphones since Apple’s Touch ID was launched in 2013. Other biometrics that are increasingly being used include the face, voice, eyes, palm veins and behaviour. Unique identification programmes, and more specifically biometric IDs, allow the creation of virtually unhackable identification systems that enable authorisation by combining what a person has (for example, a smart card or mobile phone), what a person knows (a password or PIN) and the person’s biometrics (for instance, fingerprints or iris images). Gulf Bank Kuwait recently launched a facial-recognition mobile banking app that allows users to access services by blinking their eyes at their smartphone camera in addition to scanning their fingerprint. South Africa’s First National Bank has developed its own mobile payment platform which supports fingerprint scanning to log in. In this way, users are able to access services remotely without the need to visit a physical branch, saving time and money not only for the end consumers but for financial institutions. Biometric-authenticated payments are also being enabled by governments, most notably in India, whose Aadhar scheme underpins the distribution of trillions of rupees of welfare payments.
Biometrics do have their critics, though. The risks of fraud are not non-existent, and if fraud does happen the consequences can be severe. Moreover, using biometrics does not solve all of banks’ compliance worries: there is always some level of documentation and conventional verification that will be required.
Yet even here, technology—such as blockchain—can help to lower costs. As a digital, public ledger that is not centrally owned, a blockchain-based KYC registry can greatly improve efficiency, argues Mr Zakhour. Currently, every bank secures and validates each client’s information. “Instead, imagine that you have a central repository where customers go in and submit their documents in a standardised manner. These documents can be validated and stored, requiring the customer to do this just once. Whenever a customer wants to approach a bank, they will just have to give [the bank] access to this repository.” This would turn KYC into a one-stop process, reducing duplication of effort and thus lowering the cost of compliance for financial institutions. The decentralised nature of such a ledger could also help to reduce errors and identify fraud and improve data security. “When you have multiple people on the same registry, you can really start thinking about automated, big-data analysis to check for fraudulent behaviour, fraudulent entities, entities with nefarious objectives, or just pulling out trends at a high level,” says Mr Zakhour. However, specific mechanisms for validating data entered into the system and the entities that will have access to do so have yet to be developed.
Alternative credit scoring
KYC compliance is critical to the process of granting access to financial services, such as loans and credit facilities. Another key component of the provision of these services is credit scoring, which assesses an individual’s or business’s ability to pay back money borrowed from a financial institution. However, formal mechanisms for credit scoring in the MEASA region are weak. Private credit bureaus, which help companies to assess clients, held information on only 16% of adults in the Middle East and North Africa, 14% in South Asia and 8% in sub-Saharan Africa in 2016. Without such information, financial companies are unlikely to be willing to lend.
Innovative lenders are now assessing creditworthiness based on non-traditional metrics such as social-media posts, behaviour patterns and personality traits. Companies outside the MEASA region that are making waves on this front are Lenddo and Kreditech.
“We started with the assumption that we could help individuals to access financial services by using their digital footprint and by leveraging their data to help financial institutions to make better, faster decisions on applicants with little to no credit history,” says Florentin Lenoir, head of business development at Lenddo. The company started operations in 2011, in the Philippines, Mexico and Colombia. “We lent our own money and for four years collected, processed and analysed millions of data points,” says Mr Lenoir. “We used advanced machine-learning technology to build predictive algorithms, and we gained expertise in using non-traditional digital data across the customer life cycle.” In 2015, after a successful research and development phase, Lenddo expanded internationally, supplying its technology to companies across a number of sectors, including telecommunications firms, banks, credit-card issuers, e-commerce platforms and insurers.
From users, with their consent, Lenddo extracts social-media, email and smartphone data and psychometric information. From financial partners, the company gathers transaction history and demographic information, along with more traditional data. It also seeks third-party data, from sources including credit bureaus and government databases. Crunching over 300 variables, Lenddo can then gauge someone’s ability and willingness to repay a loan. “By combining traditional and non-traditional data, we get an understanding of not only capacity to repay, but the willingness to pay,” says Mr Lenoir. “In reality, you need both to make a decision.” Metrics used by Germany-based Kreditech include analysing how an individual behaves on its website, such as time spent reading information before signing up, and browsing history.
The application of these new approaches to all markets in the MEASA region may be a while away, given the lack of credit bureaus and limited internet access in many countries in the region. As a start, this model may be more viable in urban areas in more developed markets, where socialmedia activity and mobile penetration are high.
Big data, algorithms, blockchain and machine learning can all reduce the inefficiencies and inequities surrounding KYC and anti-money-laundering compliance. But they are not without challenges. Algorithm-driven decision-making has raised ethical questions about implicit discrimination, including racial bias, based on the data from which the programmes “learn”. Biometric fraud is difficult, but not impossible. Financial technology companies do not always beat established banks with regard to smart loan-making, with some peer-to-peer loan platforms facing criticism for making inadequate data checks on borrowers., But some short-term pain in achieving compliance will ensure longer-term stability. In the end, says Ms Starnes of the IFC, any technology must be measured by its ability to answer the central question facing the financial system: “How does the world get better at separating those who should be funded from those who should not?”
This article was originally produced by the Economist Intelligence Unit and sponsored by DIFC, ahead of the Global Financial Forum.