Banks: KYC is Killing Your Customers

04/22/2010 05:12 am ET | Updated May 25, 2011
  • Brett King Startup Founder and Bestselling Author

In my discussions with bankers about innovation, I often hear them tell me that perhaps in other industries innovation could be achieved, but due to heavy regulation and the compliance requirements of the banking sector that such is more difficult for financial institutions. This is part of the story, but I'm sure that it is fixable.

I met with a Private Banker from one of the dominant bank brands in Asia this week. In Central Hong Kong this bank has it's own tower, of which three floors are dedicated to the Private Banking unit, but that's only half true. Almost half of that office space is taken up by a team that is designed to reduce risk to the bank by ensuring that customers are accurately informed of the risks their investments will carry, and to ensure that the bank does not commit itself or their client to undue risks. The name of this team within the Private Bank - the Business Prevention unit - I jest ye not.

Has it come to this that regulation and risk aversion is such an important part of the bank that we now actively try to prevent business occurring? It would appear so.

This explains a great deal about the current state of our banking sector. If customers are a risky proposition, then how does the bank make money? Well they invest it in stuff where they know they have an element of control, or in the case of sub-prime they try to actively engineer it so that they make profit regardless of the underlying asset risk. Some banks have even been known to borrow money from the government and margin trade on it in recent times...

The point of this is that banks have become so myopic in respect to customer risk that as customer we've almost become an anathema. In fact, the compliance workload we as customers have to deal with these days is so offensive, that it is almost not worth engaging a bank for an investment deal or asking for a loan. To illustrate, in the mid 80's I recall being a student and walking in to open an account with no identification, I filled out two cards with a specimen signature, my address and particulars, and that was it. Now that same bank requires a 100-point identification scorecard to be realized, and the basic current account application form is some 18 pages long. This is progress apparently.

Internal bank compliance procedures are bad for business...

Now, I appreciate we have Anti-Money Laundering, we have identity theft, we have IRS and tax departments eager to know what we're doing with our money, and we have regulators that are making it their job to ensure we don't invest in a financial product that we don't fully understand. Sometimes, just sometimes, however, we just want a decent banking experience. We just want it to work, and the more paperwork you throw at us, the more hoops you make us jump through - the worse our banking experience is.

The thing with this is, that although there are regulations and legal constraints, most of the work we have to do is due to internal bank policy and process. For example, let's say an existing customer comes to the bank to ask for a loan - this is a customer we've known for 5 years, his salary gets paid every month on time, and he's a low credit risk based on what we already know. Why then is it that this same customer has to fill out an application form with the same details he's provided us with since day one?

There is absolutely no regulatory or legal requirement for the process to be handled in this way. Right now this is all about making it easier for the bank to mitigate risk for their brand. A customer-focused bank would either allow the customer to sign on with their Internet Banking credentials to agree to the loan, perhaps sign on a tablet or digital form or if absolutely necessary generate a paper application form based on existing customer records where all he had to do was sign. All of these solutions would produce exactly the same result from a regulator's or compliance perspective as a hefty paper KYC process.

So why as banks don't we do this way? Firstly, no one senior enough in the bank has sponsored such a move. Secondly, because the internal IT department would probably take 15,000 man days, and $184.63 m to enable this. And lastly, because at the end of the day as bank executives we get rewarded for mitigating bank risk, not for making customer experience better.

Regulators and bankers need to separate 'customer' risk from operational risk, and in this way innovation can still occur.