Agility FinanceTech: Smarter Infrastructure & Technology Management for the New FS Organization. Sponsored by IBM.

Posted by Gary Rylander

Forrester just released a case study of Citibank's redesigned Account Opening process that highlights the fact that good Risk and Compliance practices, rather than being a hindrance to profitability can actually be very good for the bottom line. Starting from the dual requirements to improve their on-line account opening process and a desire to take maximum advantage of the 2001 passage of the ESIGN law that authorized the use of 'electronic signatures', Citi undertook a four year redesign project that resulted in a "30 day manual-intensive process that was transformed into a 10 minute, fully electronic, 'instant' process" and reduced account opening costs from $50.00 to $7.50.

Deposit bank account opening is governed by by a plethora of compliance requirements and buzz words, Bank Secrecy Act(BSA), Know Your Customer(KYC), Anti Money Laundering(AML), Patriot Act, Reg E, Reg DD, TISA disclosures, etc. Some of these requirements are anything but crystal clear, calling for banks to exercise risk based 'reasonableness'. Faced with this situation, many banking lawyers and compliance officers opted to directly carry over to the on-line world the same account opening procedures used in brick and mortar branches. Simply perusing some of the stories on bankersonline.com confirms this.

However, Citi's lawyers and compliance officers astutely read the laws and regulations then filtered them through their 'risk appetite' before deciding to make significant changes to their account opening procedures specifically tailored to the tools uniquely available to the on-line world:

Fist, Citi did away with the paper KYC documentation requirements, opting instead to use on-line questioning and entity resolution to verify identity.

Next, they eliminated a "wet ink" signature card, instead treating the new account like a credit card that must be authorized via an 800 number before being activated and using the initial signed check in lieu of of a typical signature card.

Finally, they decided to make all disclosures and the welcome kit electronic.

There is a great lesson here for both IT and compliance folks. Many regulations are subject to significant interpretation, especially in terms of how they can be operationalized. Very conservative interpretations may hinder the efficiency and profitability of the institution as well as negatively impact customer satisfaction. More creative interpretation, while still within the bounds of what is permissible, can often open the door to order of magnitude improvement. This was the case at Citi where their new process was followed by a 400% increase in on-line account openings bringing in more than $12 Billion in new deposits, but necessitated only a 38% increase in customer service staff.

What is perhaps most confounding to IT and business people is that there is no simple book of rules to be applied. Apart from the variance in interpretation, what is appropriate for a bank with a clean bank examination record may not be appropriate for a bank which has failed elements of a recent bank exam or is laboring under adverse legal judgments or consent decrees.

So, when faced with an opportunity to redesign your institution's operations that may be governed by law or regulation - which is essentially all aspects of Financial Services operations - do what IT and operations people at Citi did, bring a well documented case for both operational and regulatory change to the legal/compliance team based on research about varied interpretations and practices from around the industry. You may pleasantly surprised in the positive outcome.