The Challenge of “Identity”
December 22nd, 2020
Are we having an “identity crisis”?
Identity is now a persistent, top of mind concern across many of my recent conversations with both fraud and AML partners. Perceptive folks might have even noticed that titles and organizational structures are changing to address these challenges. Fraud and authentication solution teams are now being further bifurcated into Identity-focused teams with their own titles, projects and budgets.
The challenge of establishing, verifying and persisting a client identity across an organization is an incredibly daunting task. Identity informs your due diligence process, which informs your risk rating, which informs your segmentation, which informs …..I’m going to stop here (apologies to my anti-money laundering friends) because there is so much more to discuss.
Expanding Identity in Financial Crime
This identity (or identities for additional complexity) must now expand to the many devices, channels, products and transaction types available across a wide array of financial services offerings. Verified Identity must now seamlessly morph into sub-identities for mobile phone, web browser, mobile wallet or partner apps, each with its own authentication technique or credential pass through. Established identity then challenged, as needed, through multiple protocols and step ups to re-verify across the client’s interaction and transaction lifecycle. All of which is further complicated by the challenges of device changes, OS updates and new offerings.
By the way, did I happen to mention that this entire process needs to be both instantaneous and frictionless? Any customer experience beyond “click, blink, done” is disastrous.
Real-time account opening, decisioning and payments have driven us to this “identity crisis”. The need to establish and identify the “WHO” is the critical driver across all risk and compliance strategies at this point. But let’s make this even more fun by throwing in some social engineering, account take over and synthetic identity schemes. While you are building your identity teams and solutions, your clients are providing twenty pieces of personal information to find out which Ozark character they would be. (I got Ruth).
Traditional Identity and authentication techniques are being pushed beyond limits and many new providers are jumping into this area. But what is the right approach? Is now the tipping point for the typically siloed fraud and AML teams to be working from a single pane of glass? Identity will be the linchpin that informs risk and compliance decisions from account opening through transaction monitoring and reporting. Layers and layers of identifying data and scores will be required to establish, verify and persist a client identity and risk profile across your organization. Velocity, regulations and client expectations will require a new approach.
Are you ready? Are you already there?