EXCLUSIVE: “Cracking KYC” – Jonathan Hall, NatWest in ‘The Fintech Magazine’
Does a big bank like NatWest have lessons for challengers when it comes to regulatory oversight? We asked its Head of Digital Jonathan Hall
In March, the Economic Crime (Transparency and Enforcement) Act 2022 came into effect in the UK to make it easier to identify and trace illicit wealth in money laundering and economic crimes. The law was expedited through parliament in light of Russia’s invasion of Ukraine, which prompted the imposition of sanctions on those linked to Vladimir Putin’s regime.
Then, just a month later, the Financial Conduct Authority (FCA) found that some challenger banks need to do more to prevent their platforms being used to commit financial crimes. The UK finance regulator said they were failing to check customer details properly and/or had no financial crime risk assessments, although it added that there were signs of good practice among the challengers, with technology being used to identify and verify customers quickly.
The FCA also pointed out that challenger banks are now in a different growth phase – many are no longer the toddlers of the financial system and their internal controls need to reflect the responsibility that comes with size and maturity. Incidentally, the regulator’s report happened to come out around the same time that Italy’s central bank banned German digital challenger bank N26 from taking on new customers, or offering new services to existing ones, due to ‘significant shortcomings’ in its anti-money laundering controls.
So, where does that leave banks, new and old, big and small?
Jonathan Hall, head of digital at NatWest Group, observes that the incumbent high street banks have been navigating and dealing with regulation for many years, unlike their younger rivals. Does that put them at an advantage? Maybe.
“I think it’s a strength of those organisations, that we’re able to take the regulation and apply it, efficiently and effectively. Largely, we have that on our side, so we’re not creating something from new,” he says. But he stresses there’s no room for complacency, as NatWest itself found when it was fined £265million last December for failing to prevent nearly £400million of money laundering by a Bradford jeweller who used branches to deposit cash between 2012 and 2016.
Technology and processes have moved on significantly since then, but what it illustrates is that knowing your customer isn’t a one-and-you’re-done exercise at onboarding. NatWest had adequately risk-assessed the jewellery business when it opened an account. The company managed to fly under the radar because its transaction behaviour and, therefore, its risk status, weren’t monitored closely enough to raise an early red flag. NatWest Group is the UK’s largest business and commercial bank and counts one in four businesses – from start-ups to multinationals – in the UK and Ireland as its clients. The lion’s share of NatWest’s new customers – 98 per cent – start their application digitally, but Hall stresses it is very much a full-service bank, and NatWest has clear evidence that customers like a hybrid, physical and digital model.
“We recognise that there are segments within a business customer base that are relatively straightforward, and they may feel very comfortable just to service their needs digitally, and we provide propositions for that,” Hall explains. “But as businesses become more complex, they often find points where they need some extra support. So, actually, having that hybrid model – where they want to dip out of the digital channels and talk to someone, be it a service centre or a relationship manager – we feel that’s the best proposition.”
And it goes to the heart of knowing your customer (KYC). One of the biggest ongoing challenges facing banks and other financial service providers, believes Hall, is balancing the necessarily strict compliance around KYC and KYB (know your business) with seamless CX. A degree of positive friction can give confidence to the vast majority of legitimate customers who want to see evidence that a bank is taking security seriously; too much can drive them into the arms of competitors.
“How you balance the need to deliver a really good, enduring experience for customers, with the complex requirements of the regulatory environment, and bring those two things together to make sure that you get that right for customers,” says Hall is something his team strives to reconcile daily. “Banks have to meet those regulatory needs and, at the moment, that drives friction into the process. NatWest and others are still facing into that challenge.
“We have zero tolerance for noncompliance. So that’s our starting point and what we look to do is break down the processes to make sure we understand where the friction is [then] put in place optimisation techniques to smooth the experience for our customers. Our customers tell us frequently that they find the KYB processes frustrating, they don’t understand why we’re asking for some of the information – they say ‘you should have that already’.
“[But] as third parties develop their capabilities, and with the use of third-party data, we can shorten the onboarding processes, over time. For the more simple and straightforward [business] customers that we onboard, it’s pretty much a straight-through process now. Where there’s a bigger number of key parties, or the shareholder structure is more complicated, that’s where it becomes more difficult. There is still some work to do on that, but the process is still based around the customer, and trying to make it as easy for them as possible.
And this may well be where incumbents, challengers and technology providers would benefit from pooling knowledge and resources to everyone’s benefit. There is no shortage of third-party specialists in the area of individual and business identity verification services for banks to partner with. Well-known names in the space include Trulioo, TruNarrative, IDnow, Jumio, ComplyAdvantage, Onfido, Shufti Pro, PassFort, and Detected. NatWest has been working with the regtech HooYu since 2019, when the bank became the first on the UK high street to offer account opening with a selfie. HooYu verifies new business customers’ identity using digital footprints, ID document authentication and facial biometrics and the smoother onboarding experience across NatWest’s personal and business account opening channels has led to a 33 per cent rise in customer conversions.
“I believe that, through the use of data and partnership with third parties, we can nail frictionless KYB and protect customers from fraud and financial crime,” says Hall.
It’s a bold thought. Successfully balancing compliance and usability is one of – if not the – toughest of digital nuts to crack. It’s resource-intensive, too, and could be seen to divert resources away from other, revenue-generating projects at a bank. But gathering and monitoring the data on which good compliance is predicated and building the fintech and regtech ecosystem that’s necessary to deliver it, is the basis for other, more profitable and customer-pleasing outcomes, argues Hall.
“I’ve a data strategy to take my channels, and build them into ecosystems, initially integrating all of our group products and services into the single channel where our customers go to conduct their finances every day – shifting from perhaps a transactional relationship with the bank today, into one in which we can use data to really generate insights that are relevant and meaningful for customers,” he says. “For example, we’re looking at more innovative ways in which our customers can make and receive payments. In the business space, of course, it’s about not just making the and receiving the payment, it’s about how you then help businesses reconcile that in the back end. We can make their lives easier there, too. Another example would be around sustainability.”
The NatWest Carbon Tracker app, currently being trialled among SMEs in the manufacturing and transport sectors, has been developed in partnership with Cogo to estimate their carbon footprint, help manage it, and then offset it, if they choose.
“So, using data to help them manage their business and thrive. That, for me, is where we’re heading,” says Hall.
Perhaps that’s the pay-off from taking such a close interest in data to meet compliance needs – and it’s the lesson for challengers that have failed to give it the attention it deserves.