Digital identities demand a digital infrastructure

Having talked about RBS yesterday, I’m just returning to my other theme of the week: rip out and replace.

I guess it’s interesting that it is a complex situation as I was sitting yesterday talking about KYC, Know Your Client, once more and argued that for a digital age we need digital identities.

This is a way off if you look at the state of KYC.

Today, you have anti-money laundering  (AML) rules that demand proof of identity by showing a passport and utility bills to check address and personage in most countries.  Northern Europe is the exception as the Nordic markets have seen governments and banks working together to promote digital identities (as far as I know, the only place apart from some parts of Asia that has done this).

So I’m sitting arguing about core systems being designed for an era of mag tape and punch card and what I get in return is: “you don’t know how complex this is Chris”.

Take KYC.

We need documentation and signature to prove identity for AML.

We need to then check the identity with global systems to check that the individual is not a Politically Exposed Person (PEP).

We also need to see links between the individual and their company, employment, investments and others, as there may be layers of interlinkage between accounts (think about an account in Switzerland).

Then there is the individual and the company.

An individual may be in charge of multinational and national holding companies, creating an interleaving of tax avoidance that is difficult to unravel and equally complicates the equation (think Robert Maxwell multiplied 1,000 times in complexity).

So what you end up with is this challenge of taking the individual and company account holdings and trying to ensure that there are no exposures here.

As a result of these complexities, banks take simple black and white views, with some ejecting customers generally and others specifically.

Take Barclays providing a blanket ban on money transfer agents that throws Somalia off the network to HSBC ejecting embassy accounts for potentially exposed countries worldwide.

So yes, this is complex.

Routing payments through multiple nested accounts via counterparties that are difficult to trust is complex.

It is the reason we have SWIFT offering cover payments and all these layers of Wolfsburg principles, AML and KYC.

But …

… but …

… but …

Surely all of this dialogue about passports and utility bills, declarations and signatories and KYC and AML is pushing a demand for a new digital infrastructure to cure all of this mess.

The mess has been built up over the years by  our punch card and magnetic tape based infrastructure restricting the sharing and routing of information.

In an age of big data, the fact that we don’t have this data is appalling.

The fact that we cannot even work out, in most cases, whether a customer holds a retail and a business account with our bank is appalling.

Being unable to work out whether someone is a PEP in real-time is appalling.

Surely this demands that we rip out and replace to be effective and appropriate for the 21^st century.

Or maybe not.

Maybe I’m just naïve.

Meanwhile, we have 100 different solutions companies trying to solve the digital identity infrastructure challenge and not a single co-ordinated global initiative to solve it effectively.

This is the third in a three-part series on why our technology and infrastructure is unfit for purpose:

1. A banking system designed for a USB stick
2. If you think 'rip out and replace our systems' is naive ... think again
3. Our challenges with digital identity demand a digital infrastructure

This final piece also relates to an earlier three-part series on KYC:

1. KYC, Laundering and Regulators: a Lose-Lose Situation
2. Why is KYC so difficult?
3. Why is KYC so difficult (part two)