Cross-Company Data Exchange in a Cross-Industry Trust Network – Added Value for Customers, Companies and Partners!
We live in a world where companies have an enormous amount of data about us, our consumer behavior, and our values and attitudes. Data is often referred to as the raw material of the 21st century . Yet there are various everyday situations in which we have to record our data anew every time. Why can’t this data be stored once and then transferred again and again?
In particular, more extensive business cases such as opening a bank account or an account with a FinTech require several minutes of time each for a low-value-added customer experience – wouldn’t it be great if you could skip all the tedious steps relating to data collection during onboarding and start right away with the advisory service or the effective satisfaction of your core needs?
These and other questions have been considered for a little more than half a year as part of a workshop series of the OpenBankingProject.ch (OBP) and discussed together with more than 30 companies from the Swiss financial industry. This article is intended to provide an overview of the background, initial delivery results as well as the current state of knowledge of the efforts within the OpenBankingProject.ch workshop series.
Background and Initial Situation
The OpenBankingProject.ch is concerned with the provision of standardized building blocks for the implementation of Open Banking in Switzerland. The aim is to achieve a holistic and standardized opening in all banking areas (payment, investment, financing and financial security). In this context, the project team and OBP’s partners have been focusing on the topics of “customer onboarding” and “client lifecycle management” for some time.
Onboarding new customers is a very resource-intensive process at many banks, especially in the retail segment. In addition to identification data, depending on the business case, further information such as total assets, total income, origin of incoming funds, occupation, origin of assets, knowledge and experience in the investment business, etc. is also required. The latter are an enormous expense point, especially in private banking and cross-border transactions.
To address all these challenges, the workshop series “Customer Onboarding & KYC” was launched in June 2022. The vision of this workshop series was to provide standardized building blocks (e.g. API) for cross-company collaboration along the bank customer lifecycle. The workshops met with a great response and were conducted with 40 participants from over 30 different companies. Initially, a survey was conducted that listed all use cases along the banking customer lifecycle, and the participants were able to select those use cases where they saw the greatest potential and momentum for standardization or harmonization.
The participants saw the greatest potential in the onboarding of private customers. More specifically, in the identification and collection of basic data from private individuals. In particular, the two initial steps of opening an account by a bank client[i] are addressed: the identification of the contracting party (Art. 3 AMLA) and the determination of the beneficial owner (Art. 4 AMLA) .
Key Deliverables from the First Work Package
The first work package “Identification and Collection of Basic Data from Private Customers” was then addressed by a working group over a period of four months, and it was possible to produce initial deliverables in the following areas.
At the beginning, the possible use cases were elicited; in connection with a simple and lean onboarding, the focus was also on a possible transfer of identity and basic data from other banks. Other use cases such as “Age-Check as a Service” (e.g. proof of age on the Internet or in the future at the point of sale) and simplified onboarding in e-commerce similar to logging in via Google or Facebook were also considered exciting by the participants.
In the data set area, two data sets were defined – “Identification” for identifying the contracting party and “KYC Basis” for determining the beneficial owner – and validated by representatives of the relevant banks and service providers. The data sets were created in accordance with the principle of data minimization and can be expanded on a modular basis. Other data sets include, for example, “KYC Extended”, ” KYC Investment” or “KYC Finance”. Depending on the business case and customer segment, the corresponding data sets can then be collected or requested from a third-party company.
In the area of processes and infrastructure, everything revolved around the foundations and prerequisites for a trust network in which data can be collected and exchanged in a standardized manner. Since a bank is liable for the accuracy of its identification data, it is particularly important that participating banks trust each other and apply the same standards to the quality of the data and its collection. In this context, the standard of the European Telecommunications Standards Institute (ETSI), TS 119 461, plays a particularly interesting role, as it greatly simplifies cooperation with trust service providers and the use of a qualified electronic signature (QES). Institutions that have their onboarding process certified in accordance with ETSI will then be able to issue a qualified electronic signature to their customers in collaboration with trust service providers. With the help of this QES, customers will also be able to digitally sign contracts beyond the banking sector and thus carry out all legal transactions, with the exception of those that require public notarization (e.g., transfer of real estate, marriage and inheritance contracts).
The University of Bern supported us in particular in the area of basics and prepared a detailed overview and assessment of all relevant legal bases that apply in the context of onboarding and data exchange.
Following the elaboration of the deliverables, the participants agreed that a series of in-depth workshops on the topic of “Building a network of trust” should be aimed for. In particular, the foundations and prerequisites for such a network should be elicited. Aligning with a common trust framework creates added value for banks, customers and partners. The customer journey becomes simpler, faster and more secure, the onboarding costs per new customer are reduced and, thanks to the jointly accepted and lived standards, the integration and processing efficiency between all parties involved increases.
Current State of Knowledge – Updates from the Ongoing In-Depth Workshops.
The in-depth workshops are divided into four topics and build on each other.
- Workshop 1 “Lean Identification” on 11/30/2021
AutoIdent and QES as new, attractive identification options
- Workshop 2 “ETSI TS 119 461” on 01/18/2022
Requirements evaluation and lessons learned
The key findings from the first two workshops are that the combination of unattended video identification and a QES can make the onboarding process much more efficient. Compared to the conventional digital onboarding process (with unattended video identification), additional sub-steps such as a reference transfer or a confirmation of residence are not required. Furthermore, the new ETSI standard (TS 119 461) mentioned in the last section can serve as a basis for the cross-company use of identification data. According to experts, the ETSI standard is expected to be transposed into Swiss law (Federal Electronic Signature Act (ZertES) or corresponding technical implementation regulations (TAB)) by mid-March 2022. According to the assessment of a majority of the participants, the prerequisites for the cross-company exchange of identity and basic data are also met from a legal and regulatory perspective.
- Workshop 3 “Identification in the Application” on 03/08/2022
User journey scenarios and technical requirements
- Workshop 4 “Identification 2.0” on 03/29/2022
Discussion of future use cases and development trends
In the next two workshops, banks in particular will present their challenges, considerations and possible further development of their onboarding processes. We are looking forward to lean and comfortable user journeys, where hopefully in the near future a field with the keyword “Login with your existing bank XY” will be visible. This has recently been offered in Switzerland by the financial app Yuh, a joint development of PostFinance and Swissquote. Here, the new customer can choose whether he wants to onboard with his PostFinance or Swissquote account or as a new customer, in which case he must enter all data. In the former case, he can open the account quite comfortably within a few clicks and has a new bank account after just under a minute. 
[i] in accordance with the Anti-Money Laundering Act (AMLA) and the Agreement on the Professional Code of Conduct for Banks (CDB).