Debunking Compliance Myths


When it comes to the customer experience in banking, it often feels like financial institutions must take one step back for every two steps forward. Why? As banks continue to improve their digital customer touchpoints, online and on mobile devices, they face a near-constant increase in the amount (and enforcement) of regulations. As the scope of regulatory focus continues to evolve, new topics such as anti-money laundering, third-party risk and depositor verification continue to emerge. This puts the onus of better managing internal processes while being in compliance with regulations solely on the banks.

For today’s customer, the experience a bank delivers is often more critical than price. They desire speedy transactions coupled with a smooth, seamless, and digital banking experience. Whether it is applying for a new bank account, credit card, or a loan – speed is critical. Banks have to balance the need for speed with risk mitigation and compliance in order to stay competitive. Don’t let these myths hold you back from delivering a competitive and quality digital experience.

Myth # 1 : KYC has to be paper-based

In the case of Know Your Customer (KYC), the burden on customers is so high that banks are actually losing customers in the onboarding process. According to Thomson Reuters, 89 percent of corporate bank customers did not have a good KYC experience with their banks and 13 percent chose another financial institution because of it.

To comply with KYC, banks ask potential new customers for specific information that they use to assess whether the client is likely to be engaged in illegal financial activities, including money laundering. Banks accept or reject applications based on their risk tolerance. Approving nefarious customers can have massive repercussions: Between 2008 and 2018, U.S. financial regulators issued $23.52 billion in KYC and anti-money laundering fines.

The challenge for banks? Juggling how to collect this information without burdening clients. To meet compliance rules, banks at a minimum should follow these tips:

  • Ease the onboarding process by collecting critical data only for KYC
  • During the initial onboarding process, ask clients to use multiple forms of authentication (knowledge based, two factor authentication, digital ID) for KYC and AML checks
  • Score customers on potential risks they pose as it relates to their exposure
  • Seamlessly maintain a digital trail of document access, viewing and sharing

Myth # 2: Customer authentication has to be in-person

According to Deloitte, The Federal Deposit Insurance Corporation (FDIC), recently issued new requirements for all covered institutions with two million or more depository accounts to start complying with the final rule by April 1, 2020.

One of the key requirements of this regulation is that “each co-owner has personally signed a deposit account signature card” in order to be a “qualifying joint account” for purposes of deposit insurance. The FDIC believes that its signature card requirement will ensure safe and sound banking practices. Capturing and updating signature cards digitally ensures faster transaction management.

While you could send paper requests to verify and update signature cards, the process  would be cumbersome for your customers to print, scan, fax or mail paper signature cards back, cost more to mail physical requests, and take longer to get responses. With DocuSign, you can add an alert to your banking app that would request an updated signature from your customer. With one click, you would have a digitally traceable signature card as well as audit trail. This makes it easier for your customers to respond to your requests, your employees to push out bulk requests, and also for your legal team to stay compliant. It’s what we call a win, win, win!

Regulation E: To comply with Reg.E, the consumer’s identity and consent to authorize must be verifiable. Using stronger authentication or multiple layers of authentication lowers the risk of repudiation, ensures consumer validity, prevents fraud, and strengthens dispute handling in the following use cases:

  • EFT agreements during account opening
  • Funds transfer instructions (authentication and consent)
  • Claims or error resolution

The key to meeting this regulation is to assess if you can identify the signer and attribute their signature to a unique electronic document. To satisfy such requirements, DocuSign provides strong evidence to support identity of the signer through a robust assortment of authentication options, including single sign-on, two-factor authentication, voice print, shared secret, knowledge-based or controlled account access. Association of the signer and their signature with the document is supported by a detailed audit trail, which captures information about the transaction from beginning to end, identifying the signing events, locations, authentication measures used, and the unique identity of the document and signers.

Myth # 3: Banks have little control over enforcing data privacy

Buckling to sales and growth pressures, some large banks succumbed to creating accounts or credit card applications without consumer consent. U.S. Regulators, such as the Office of the Comptroller of the Currency (OCC) are looking at governance of sales practices, including instances where customer accounts may have been opened without explicit consent. In particular, the OCC is looking at products and services sold that impact a consumer’s credit score or can generate fees including deposit accounts, credit cards, certificate of deposit, and more.

The DocuSign Agreement Cloud supports the full process by which a transaction is created, executed, documented, and preserved. It integrates into your existing systems, whether it is Salesforce for CRM, Finastra for Lending or any other ERP back-end system. The platform is designed with API and extension capabilities in mind. Capturing data once and maintaining it across the lifecycle ensures there is no document tampering, minimizing risks of fraud.

By adding additional data fields or a simple checkbox on an application, you can ensure that your customers are truly consenting to the creation of a new account or credit card application. DocuSign ensures all documents are encrypted and include a tamper-free evidencet. Every signature is tracked and time stamped. The Certificate of Completion captures key details like IP address, multi-factor authentication, and document history. Such solid document and consent trails make audits faster and stress free.

Banks are under constant scrutiny, subject to frequent audits and regulatory compliance. DocuSign can help you balance the challenges of maintaining accurate data and audit trails while servicing your customers faster. Learn more today.