Monday, Sep 28

Consummating ties with online retail banking for improved transactions in a new era

She walked in like a true princess on that sunny day, in her flowing white dress. With a tiara draped on her pristinely coiffed hair, her contoured and well-made face betrayed her nerves which bulked up in her smile. One can readily spot an admixture of excitement and anxiety over the unknown once she commits a forever to a better-half in the presence of loved ones. Right at the altar was her husband to be with his chiseled abs clearly defined in his buttoned double-breasted suit, sheepishly smiling and holding back some few sobs upon seeing his beautiful bride. At this point, cold feet anyone? Walking down the aisle to swear your forever commitment and dedication to a person is certainly the highest form of trust and a huge gamble as everyone goes down the aisle with half the story hidden regardless of the number of years playing ‘knowing me knowing you’.

The ‘nuptial vows’ in Banking

The wind of change blowing across the world transcends a pandemic reaction to an insurmountable challenge. Organizations are scaling the wall of mechanical and bland regurgitation of the status quo and embracing rather cautiously a new love. The not too rare occurrence means jilting conservative and traditional ways of attending to business and life. Hitherto, there was rarity in making such life changing decision as there wasn’t any inclination and external interest to topple the dominant theme of workplace ethics. Wedding bands of conformity have gone full circle, and guess what, the mundane is starting to strike a raw nerve quite often. Banks are expressly beginning to rethink interaction and distribution channels and are by every means maximizing the opportunities presented by the pandemic to implement a technological necessity.

 Mincing no words, the court battle rages on in the divorce settlement between traditional banking and online banking.  Most banking firms in Africa have been held hostage and practically trapped in a bubble of convenience and ‘utopia’ in this season of banking unrest, sinking them in a quagmire of stunted growth. This Stockholm syndrome characterizes firms who have an inexplicable affinity to a hurting and sinister subject. Regrettably, the soul ties of confusion, relative fear of the unknown and ‘what ifs and buts’ cloud the judgments of such banks attached to sentimentalities and cliché trinkets of loyalty. The banking industry has rapidly evolved in the past few decades. They have become global institutions, operating in multiple countries around the world—and, perhaps more importantly, online.

Physical distancing versus social distancing

Undoubtedly, the lockdown period was the recess the world needed in reassessing its protracted direction when it comes to new and improved ways of doing things. The culture of banking changed faces in a long blink of an eye which is painfully overdue. Currently, physical distancing has gained a new perspective with social distancing galvanizing a change in attitudes of customers who have strong inclination to not just convenience and cost effectiveness but time management. Bottom line is, the lines of physical and social distancing have been blurred out by the technological response of online transactions. A 2016 Global Consumer Banking Survey conducted gauged 55,000 consumers in 32 countries. 60% revealed they would want to visit a physical branch or speak with a real person in order to purchase a new financial product or ask for advice. Traditional banks, with their focus on in-person customer service, may prove more trustworthy than banks that lack brick-and-mortar operations. This is especially the case when the consumer is opening an account.

In order to stay competitive and ensure their customers are satisfied, most traditional banks have incorporated internet banking in their services. Online portals allow these customers to view their balances, transfer money, open new accounts, and even apply for a mortgage— all of which is available round the clock unlike physical branches. Essentially, most banks are losing footprints at various branches as customers have taken a strong liking to manage their money, have access to credit, and deposit their money in a secure manner and done remotely and electronically. Also, online customer service, including e-mail and chat and video call, are overtaking phone calls and visits to a bank branch. According to McKinsey’s Africa Consumer Sentiment Survey of May 8, 2020, “customers have reported a 30 to 40 percent increase in their usage of online banking, mobile banking and mobile payments in recent weeks. This is linked to the imperative of physical distancing. Going forward, once ‘normal life’ resumes, 30 to 40 percent of consumers expect to increase their use of digital channels, while 30 percent expect to reduce their branch visits.”

Indeed, there has been significant change in branch usage as a result of physical distancing. In March 2020, McKinsey posited that, “25 percent of branches globally were closed, and 15 percent remained shuttered by May. However, even before the crisis, branch contribution to core banking unit sales had fallen from 75 percent in 2015 to 55 percent in 2019 (although average sales value remains higher in the branch than other channels). During this same period, the number of branches declined by 18 percent, and branch staff by 16 percent. A closer analysis, however, reveals two distinct groups: banks that made bold reductions and banks that moved cautiously. A bold transformation of the branch network delivered four times higher productivity gains than incremental adjustments and produced a 23 percent leaner network”.


Watershed moment in online transaction

Digital banking is of utmost importance to modern consumers and the next face of retail banking and a general acceptance and incorporation into respective banks operations and activities will spare banks needless problems, debts and irreparable damage to their firms. Retail banking has largely transitioned from a crossroad where indecisiveness was a harbinger of shrewdness to a more intentional habit of satisfying a growing number of tech savvy customers. In the same survey conducted by McKinsey, 66% of consumers said a great digital presence was an important characteristic of their chosen bank. A majority of Europeans are proving it, with Eurostat data showing that 59% of European internet users bank online.

Candidly, traditional banking organizations are crumbling from the inside and coughing up the consequence of limited footprints in the banking hall, which are gradually transmuting into ghost towns. Mckinsey states, “to stay competitive and ensure their customers are satisfied, most traditional banks have incorporated internet banking in their services. Online portals allow customers to view their balances, transfer money, open new accounts, and even apply for a mortgage— all of which is available 24 hours a day, seven days a week, unlike physical branches. Online customer service, including e-mail and chat and video call, are overtaking phone calls and visits to a bank branch”.

Banks who look back at this point will be crystallized in a retro captured shot as mobile banking has risen as well, “with one report showing that 47% of global consumers did so in 2016. Banking apps are skyrocketing in usage as well, allowing consumers to make fast digital payments at stores, events, and online”.

The double sided coin of online comes at its price like most ingenuities. The surge of digital banking has also created a surge in cybercrimes, as online banking opens up a new avenue for criminals. “If a customer accesses his or her banking information over an unsecured network, anyone could listen in and access the log-in credentials or other information. E-mail phishing attempts may convince the less digitally savvy to click links that appear to originate from the bank itself. Banks offering online banking products can secure their own sites and apps, but they must also inform their customers how to use them safely”.

That notwithstanding, a new category of banks has emerged, banks that operate only online, also called direct banks or branchless banks. Direct banks offer all the functionality of a bank, but without any local branches. They often offer more attractive rates, but fewer financial products as well as the face-to-face customer service that global consumers still crave.


Extinction of fossil banks

Evolve or die. Evolution supports change with strong aversion to conservatism. Accessibility is a significant component in online banking, and so entrenched traditional banking will be lacking in online banking capabilities. Subsequently, customers will have reduced access to their own banking information outside of business hours; when traveling, they may not be able to find a branch or ATM without high fees.

 As digital financial services evolve, banks will face mounting competition from three main nonbanking competitors, (i) telcos that are expanding their activities into payments (via mobile finance and beyond); (ii) major global technology players, such as Alibaba and Tencent, which have already developed a strong activity in financial services outside Africa and who are now showing increasing interest in the continent; and (iii) digital attackers such as FinTechs, which have made inroads both in the consumer services and in corporate services spaces . This competition from non-banking players will be enabled by regulation and technology: for example, regulations issued in Morocco and Nigeria in 2018 are enabling payment-service providers, mostly telcos, to provide payment services”.

COVID-19 has accelerated the shift to digital in retail banking. McKinsey latest data suggests that, industry leaders are driving digital log-in growth at five times the rate of slow adopters.  “It also indicates that consumers intend to sustain their new digital behaviors and visit branches less often following the pandemic. Banks should reshape their distribution models to thrive in a post-COVID-19 world, as transformation becomes an immediate imperative, not a long-term option. Due to the pace of disruption, what was previously a gap between leaders and slow adopters may become the gap between average and poor performers”.

Banks that do not embrace mobile finance and integrate it seamlessly into their banking activity face the threat of losing market share to these nonbanking competitors. To adapt successfully to the long-term shift to digital, banks can accelerate their digital transformation by prioritizing milestones such as the coverage of 100 percent of simple sales and servicing with digital, and especially mobile, solutions—in other words, rapidly digitize the customer journey. Also, implement mature digital sales to match assisted channels to close the gap in performance with branches and call centers in terms of conversion rates, cross-selling, and ticket sizes. Similarly, banks must simplify the consumer and commercial product catalogue to broaden the scope of “simple” (to include, for example, no-frills investment and lending propositions) and make the digital channel easier to navigate. More than ever before, they need to raise the bar on cyber security and technological resilience, including having zero tolerance for outages of ATMs or mobile platforms.

Traditional banking certainly has its allure but it has outlived its purpose particularly when juxtaposed to online retail banking. The schadenfreude of the pandemic in seeing things fall apart can only be foiled when innovators take over from conformers. A resonating belief is that, banking and financial institution will realize the indispensable position they occupy in the world’s economy and develop a clear view on the target role and competitive differentiation of online channel, integrating customer preferences and economics and leveraging on technology to bolster retail banking.

The incidence of financial crime, fraud and cybercrime

The incidence of financial crime, fraud and cybercrime

In 2018, the World Economic Forum noted that fraud and financial crime was a trillion-dollar industry, reporting that private companies spent approximately $8.2 billion on anti-money laundering (AML) controls alone in 2017. The crimes, themselves, noticed and unnoticed, have become more numerous and costly than ever. In a widely cited estimate, for every dollar of fraud, institutions lose nearly three dollars, once associated costs are added to the fraud loss itself.

Hence, an intensification of the activities of cybercrime and malicious hacking. As a result, rules with regards to financial crime are being revisited, as authorities continuously revise the rules. Within the domain of financial crime, the governments have ratcheted up the use of economic sanctions, targeting countries, public and private entities, and even individuals in accounting for illegal trafficking and money laundering. Because it has become difficult for institutions to fight these financial crimes, leaders are transforming their operating models to obtain a holistic view of the evolving landscape of financial crime. This view becomes the starting point of efficient and effective management of fraud risk.

Risks faced by Banks

Some of the risks faced by banks include the following: vulnerabilities to fraud and financial crime inherent in automation, digitization, massive growth in transaction volumes and greater integration of financial systems within countries and internationally.

The evolution of fraud and financial crime

Fraud and financial crime adapt to developments in the domains they plunder. With the advent of digitization and automation of financial systems, these crimes have become more electronically sophisticated and impersonal. One series of crimes, the so-called Carbanak attacks beginning in 2013, well illustrates the cyber profile of much of present-day financial crime and fraud.

These were malware-based bank thefts totaling more than $1 billion. The attackers, an organized criminal gang, gained access to systems through phishing and then transferred fraudulently inflated balances to their accounts or programmed ATMs to dispense cash to waiting accomplices. These, however, became a syndicated attack on many banks since the attackers vividly understood the cyber and banking environment.

Channels for the activities of cybercrime

Several channels for the operation of financial crime, fraud and cybercrime include automated teller machines (ATMs), credit and debit cards, and wire transfers. The attacks revealed that meaningful distinctions among cyberattacks, fraud, and financial crime are disappearing.

A siloed approach to these interconnected risks is becoming increasingly untenable. As banks begin to align operations to the shifting profile of financial crime, they confront the deepening connections between cyber breaches and most types of financial crime. Banks counter such fraud with relatively straightforward, channel-specific, point-based controls.

Banks that offer a seamless, secure and speedy digital interface will see a positive impact on revenue, while those that do not will erode value and potentially lose business. Modern banking demands faster risk decisions so banks must strike the right balance between managing fraud and handling authorized transactions instantly. The growing cost of financial crime and fraud risk has overshot expectations.

Bringing together financial crime, fraud, and cyber operations

Anti-Money Laundering (AML), while mainly addressed as a regulatory issue, is seen as being on the next horizon for integration. All risks associated with financial crime involve three kinds of countermeasures: identifying and authenticating the customer, monitoring and detecting transaction and behavioral anomalies, and responding to mitigate risks and issues. Each of these activities, whether taken in response to fraud, cybersecurity breaches or attacks, or other financial crimes, is supported by many similar data and processes. Indeed, bringing these data sources together with analytics materially improves visibility while providing a much deeper insight to improve detection capability. In many instances, it also enables prevention efforts.

In taking a more holistic view of the underlying processes, banks can streamline business and technology architecture to support better customer experience, improved risk decision making, and greater cost efficiencies.

From collaboration to holistic unification

There are three models for addressing financial crimes. They are distinguished by the degree of integration they represent among processes and operations for the different types of crime. It has been shown, largely, that organizational and governance design are the main considerations for the development of an operational model. It is entirely feasible that an institution will begin with the collaborative model and gradually move toward greater integration, depending on the design decisions.

Firstly, the collaborative model. In this model, each of the domains of financial crime, fraud, and cybersecurity maintain their independent roles, responsibilities, and reporting. Each unit builds its independent framework, cooperating on risk taxonomy and data and analytics for transaction monitoring, fraud, and breaches. The approach is familiar to regulators but offers banks little of the transparency needed to develop a holistic view of financial crime risk. The model's reliance on smaller, discrete units also means banks will be less able to attract top leadership talent.

Secondly, a partially integrated model for cybersecurity and fraud. This model has been widely used. Many more institutions seem to be now working toward this model, in which cybersecurity and fraud are partially integrated as the second line of defense. Each unit maintains independence in this model but works from a consistent framework and taxonomy, following mutually accepted rules and responsibilities. The approach remains, however, consistent with the existing organizational structure and little disrupt current operations.

Finally, in this fully integrated approach, financial crimes, fraud, and cybersecurity operations are consolidated into a single framework, with common assets and systems used to manage risk across the enterprise. The unified model also captures the benefits of scale across key roles and thereby enhances the bank’s ability to attract and retain top talent. The disadvantages of this model are that it entails significant organizational change, making bank operations less familiar to regulators.

Strategic prevention: Threats, prediction, and controls

The idea behind strategic prevention is to predict risk rather than just react to it. To predict where threats will appear, banks need to redesign customer and internal operations and processes based on a continuous assessment of actual cases of fraud, financial crime, and cyber threats. To arrive at a realistic view of these transgressions, institutions need to think like criminals. Crime takes advantage of a system’s weak points. Current cybercrime and fraud defenses are focused on point controls or silos but are not based on an understanding of how criminals behave. For instance, if financial institutions tighten their defense on the protection of consumers, branch operations among others, crime will be evident in the domain of technology.

Adopting the mindset and behavior of the criminals

Banks will be able to trace the migratory flow of crime by looking at particular transgressions or types of crime from inception to execution and exfiltration and by mapping all the possibilities. By designing controls around this principle, banks are forced to bring together which improves both efficacy and effectiveness.

Ensuring the efficiency of scale and processes

The integrated fraud and cyber-risk functions can improve threat prediction and detection while eliminating duplication of effort and resources. Consistent methodologies and processes (including risk taxonomy and risk identification) can be directed toward building understanding and ownership of risks.

Data, automation, and analytics

Through integration, the anti-fraud potential of the bank’s data, automation, and analytics can be fully realized. integrating the data of separate functions, either both internally or externally, banks can enhance customer identification and verification. More appropriately, machine learning and artificial intelligence can enable predictive analytics when supported by the right source of information.

Ensure consumer experience and digital trust

Meaningful improvements in customer satisfaction help shape customer behavior and enhance business outcomes. Digital trust is fostered by unified risk management against fraud, financial crime, and cyber threats. When banks ensure topmost security to consumers, which has often been sidelined, trust is heightened for the bank.

How to proceed

There is the need for banks to inquire into questions relating to activities and processes, people and organization, data and technology, and governance when designing their journey toward a unified operating model for financial crime, fraud, and cybersecurity.

Most banks begin the journey by closely integrating their cybersecurity and fraud units. As they enhance information sharing and coordination across silos, greater risk effectiveness and efficiency becomes possible. To achieve the target state, they seek, banks are redefining organizational “lines and boxes” and, even more important, the roles, responsibilities, activities, and capabilities required across each line of defense.

Most have stopped short of fully unifying the risk functions relating to financial crimes, though a few have attained a deeper integration. A leading US bank set up a holistic “center of excellence” to enable end-to-end decision making across fraud and cybersecurity. From prevention to investigation and recovery, the bank can point to significant efficiency gains. A global universal bank has gone all the way, combining all operations related to financial crimes, including fraud and AML, into a single global utility. The bank has attained a more holistic view of customer risk and reduced operating costs by approximately $100 million.

As criminal transgressions in the financial-services sector become more sophisticated and breakthrough traditional risk boundaries, banks are watching their various risk functions become costlier and less effective. Leaders are therefore rethinking their approaches to take advantage of the synergies available in integration. Ultimately, fraud, cybersecurity, and AML can be consolidated under a holistic approach based on the same data and processes. Most of the benefits are available in the near term, however, through the integration of fraud and cyber operations.


Swipe, Scan, Tap, and Walkaway …the future of money

Swipe, Scan, Tap, and Walkaway …the future of money

Call it changing times as more and more economies are backing the trend towards making transactions without cash.

World banking Annual Review 2019: Need for Urgent Steps in the Late-cycle 

 Signs that the banking industry has entered the late phase of the economic cycle, a decade on from the global financial crisis, are clear. Growth in volumes and top-line revenues are slowing, with loan growth of just 4 percent in 2018—the lowest in the past five years and a good 150 basis points (bps) below nominal GDP growth Yield curves are also flattening. And although valuations fluctuate, investor confidence in banks is weakening once again. 

The Global Return on Tangible Equity

These cycles are not new to seasoned industry experts. Global Return On Tangible Equity (ROTE) has flat lined at 10.5 percent, despite a small rise in rates. Emerging-market banks have seen ROTEs decline drastically, from 20.0 percent in 2013 to 14.1 percent in 2018, largely due to digital disruption that continues unabated. Banks in developed markets have strengthened productivity and managed risk costs, lifting ROTE from 6.8 percent to 8.9 percent. But on balance, the global industry approaches the end of the cycle in less than ideal health, with nearly 60 percent of banks printing returns below the cost of equity. A prolonged economic slowdown with low or even negative interest rates could wreak further havoc.

What explains the difference between the 40 percent of banks that create value and the 60 percent that destroy it are geography, scale, differentiation, and business model.

It can be realised that the domicile of a bank explains nearly 70 percent of underlying valuations. Consider the United States where banks earn nearly ten percentage points more in returns than European banks do, implying starkly different environments. 

Global risk costs are at an all-time low, with developed-market impairments at just 12 bps. But just as counter-cyclicality has gained prominence on regulators’ agendas, banks also need to renew their focus on risk management, especially the new risks of an increasingly digital world. Advanced analytics and artificial intelligence are already producing new and highly effective risk tools; banks should adopt them and build new ones. On productivity, marginal cost-reduction programs have started to lose steam. The present need is to industrialize tasks that don’t convey a competitive advantage and transfer them to multi-tenant utilities. Industrializing regulatory and compliance activities alone could lift ROTE by 60 to 100 bps. Last but not least, on generating elusive revenue growth, now is the time to pick a few areas—client segments or products—and rapidly reallocate top customer-experience talent to attack the most valuable areas of growth and take share as competitors withdraw and customer churn increases late in the cycle.

Making the right moves for the right bank

All banks are not the same. The level of strategic freedom every bank enjoys depends on its business model, assets, and capabilities relative to peers as well as on the stability of the market in which it operates.

The Four Archetypes

Each bank can be classified into one of four archetypes, each with a set of levers that management should consider. These archetypal levers form a full picture of the degrees of freedom available to a bank. These are defined by two dimensions: the bank’s strength relative to peers and the market stability of the domain within which the bank operates.

World Bank B


  • Market leaders: Consider them as the top-performing financial institutions in attractive markets. 
  • Resilients: These tend to be top-performing operators that generate economic profit despite challenging market and business conditions.
  • Followers: Tend to be midtier organizations that continue to generate acceptable returns, largely due to the favourable conditions of the markets in which they operate, but whose overall enterprise-strength relative to peers is weak. 
  • Challenged banks: These banks generate low returns in unattractive markets and, if public, trade at significant discounts to book value. 

Strategies of Archetypal Levers

Archetypal levers comprise three critical moves—ecosystems, innovation, and zero-based budgeting (ZBB).  Combining the universal and archetypal levers results in the degrees of freedom available to each bank archetype. 

World Bank C


Market leaders: Priorities to retain leadership into the next cycle

Market leaders have benefited from favourable market dynamics as well as their (generally) large scale, both of which have allowed them to achieve the highest ROTEs of all bank archetypes—approximately 17 percent average ROTE over the previous three years. And they have achieved this leadership without having to focus too much on improving productivity, as reflected in their average cost-to-asset ratio (C/A) of approximately 220 bps. Whereas most of the market leaders in developed markets are North American banks, a significant proportion (approximately 46 percent) of market leaders consists of banks in emerging markets in Asia—mainly China—and the Middle East. These banks, even with declining ROTEs in the previous cycle, still have returns above the cost of capital.

Goals for the late-cycle

These banks must understand their key differentiating assets and invest in innovation, using their superior economics especially when peers cut spending as the late-cycle bites. As noted earlier, history shows us that approximately 43 percent of current leaders will cease to be at the top come the next cycle. The investments made now—whether organic or inorganic—will decide their place at the top table in the next cycle.

Given the scale advantages that leaders enjoy, banks in this group will be challenged to sustain revenue growth, especially as credit uptake typically slows in the late-cycle. The focus now needs to shift toward increasing their share of wallet among current customers by extending their proposition beyond traditional banking products.


Resilients: The challenge of managing returns in sluggish markets

Resilients are almost all in Western Europe and developed Asian markets such as Japan, which have been the toughest banking markets over the past three years. Leading broker-dealers also feature in this group.

They are strong operators and risk managers that have made the most of their scale in what have been challenging markets, due to either macroeconomic conditions or to disruption. This has allowed them to generate returns above the cost of equity, with an average ROTE of 10.7 percent over the previous three years, without taking on undue risk, as reflected in the lowest impairment rates of all archetypes (24 bps). Banks in this archetype have worked hard at costs even as they have struggled to maintain revenues, beating the C/A ratios of market leaders (their peers in buoyant markets) by nearly 50 bps. However, at 170 bps, there is still significant opportunity for productivity improvements when compared with best-in-class peers. 

Goals for the late-cycle

The first item on their agenda, just like market leaders, should be to focus on increasing their share of wallet among their current customers through enhanced customer experience (CX) and by building a value proposition that extends beyond the traditional set of banking products. Those with a large infrastructure asset (for example, securities companies) should innovate by their platforms across noncompeting peers and other industry participants to find new ways of monetizing their assets. On the cost front, resilients need to pay closer attention to opportunities for improving productivity by exploring the bank-wide appetite for ZBB. They should remain alert to the possibility of a compelling distressed asset becoming available.


Followers: Preparing for tailwinds turning to headwinds

Approximately 76 percent of followers are North American and Chinese banks. Followers are primarily midsize banks that have been able to earn acceptable returns, largely due to favourable market dynamics. However, their returns (on average 9.6 percent ROTE) have been a little more than half of those of market leaders, who have also operated with the same favourable market dynamics. The principal driver of their underperformance relative to market leaders is in revenue yields, where they are 100 bps lower. Again, given their underperformance relative to other banks in similar markets, they have invested in productivity improvements and have C/A ratios 20 bps lower than market leaders but 70 bps higher than similarly underperforming peers in more challenged markets.

Goals for the late-cycle

A clear need for action is needed with bold moves to ensure that returns do not deteriorate materially during a downturn. Furthermore, if they are to be among the 37 percent of follower banks that become leaders regardless of the market environment, now is the time to build the foundation, as they still have time to benefit from the excess capital that operating in a favourable market gives them.

Given their subscale operations and the fact that they are still in a favourable market, they should look for ways to grow scale and revenues within the core markets and customer sets that they serve.  Cost is also a significant lever for this group. With an average C/A ratio that is 70 bps higher than peers in more challenged markets (where challenged banks as a group have pulled the cost lever harder than other archetypes), followers have the potential to improve productivity significantly.


The challenged: Final call for action

Some 36 percent of banks globally have earned a mere average of 1.6 percent ROTE over the past three years. This is the lowest average return of all archetypes and well below the cost of equity of these banks. With an average C/A ratio of 130 bps, they have the best cost performance. However, the problem is in revenues, where they have the lowest revenue yields, at just 180 bps, as compared with an average revenue yield of 420 bps among market leaders. Further analysis of this category also points to the fact that most operate below scale and are “caught in the middle,” with neither high single-digit market share nor any niche propositions. Most of these banks are in Western Europe, where they compete with weak macro conditions (for example, slow loan growth and low interest rates).

Goals for the late-cycle

The sense of urgency for challenged banks is particularly acute given their weak earnings and capital position; banks in this group need to radically rethink their business models. If they are to survive, they will need to gain scale quickly within the markets they currently serve.

Thus, exploring opportunities to merge with banks in a similar position would be the shortest path to achieving that goal. 

The only other lever at hand costs, in which this group already leads other banks. However, there should still be further opportunities, including the outsourcing of non-differentiated activities and the adoption of ZBB, both discussed earlier. With an average C/A ratio of 130 bps, challenged banks as a group still have a good 50 bps to cover before they produce the best-in-class cost bases we’ve seen from Nordic banks.

As the current market uncertainty generates concerns for market players, one question that rests heavily on the minds and lips of stakeholders is ‘what will result in an imminent recession or a prolonged period of slow growth?’ As growth slows and is unlikely to quicken in the medium term, there is no doubt that this is the era of the late cycle. Aggravating this situation is the continued threat posed by fintechs and big technology companies, as they take stakes in banking businesses. Whether a market player or an underdog, the time for bold and critical moves is now.

Building a Sustainable Competitive Advantage in the Financial Market

Building a Sustainable Competitive Advantage in the Financial Market

The prime differentiator among firms and the heart of wholesale banking is talent. A small subset of talent



Money laundering is a serious problem for the global economy, with the sums involved variously estimated at between 2 and 5 percent of global GDP. Financial institutions are required by regulators to help combat money laundering and have invested billions of dollars to comply. Nevertheless, the penalties these institutions incur for compliance failure continue to rise: in 2017, fines were widely reported as having totaled $321 billion since 2008 and $42 billion in 2016 alone. This suggests that regulators are determined to crack down but also that criminals are becoming increasingly sophisticated.

Customer risk-rating models are one of three primary tools used by financial institutions to detect money laundering. The models deployed by most institutions today are based on an assessment of risk factors such as the customer’s occupation, salary, and the banking products used. The information is collected when an account is opened, but it is infrequently updated. These inputs, along with the weighting each is given, are used to calculate a risk-rating score. But the scores are notoriously inaccurate, not only failing to detect some high-risk customers, but often misclassifying thousands of low-risk customers as high risk. This forces institutions to review vast numbers of cases unnecessarily, which in turn drives up their costs, annoys many low-risk customers because of the extra scrutiny, and dilutes the effectiveness of anti–money laundering (AML) efforts as resources are concentrated in the wrong place.

In the past, financial institutions have hesitated to do things differently, uncertain how regulators might respond. Yet regulators around the world are now encouraging innovative approaches to combat money laundering and leading banks are responding by testing prototype versions of new processes and practices. Some of those leaders have adopted the approach to customer risk rating described in this narration, which integrates aspects of two other important AML tools: transaction monitoring and customer screening. The approach identifies high-risk customers far more effectively than the method used by most financial institutions today, in some cases reducing the number of incorrectly labeled high-risk customers by between 25 and 50 percent. It also uses AML resources far more efficiently.

Best practice in customer risk rating

To adopt the new generation of customer risk-rating models, financial institutions are applying five best practices: they simplify the architecture of their models, improve the quality of their data, introduce statistical analysis to complement expert judgment, continuously update customer profiles while also considering customer behavior, and deploy machine learning and network science tools.

Simplify the model architecture

Most AML models are overly complex. The factors used to measure customer risk have evolved and multiplied in response to regulatory requirements and perceptions of customer risk but still are not comprehensive. Models often contain risk factors that fail to distinguish between high- and low-risk countries, for example. In addition, methodologies for assessing risk vary by line of business and model. Different risk factors might be used for different customer segments, and even when the same factor is used it is often in name only. Different lines of business might use different occupational risk-rating scales, for instance. All this impairs the accuracy of risk scores and raises the cost of maintaining the models. Furthermore, a web of legacy and overlapping factors can make it difficult to ensure that important rules are effectively implemented. A person exposed to political risk might slip through screening processes if different business units use different checklists, for example.

Under the new approach, leading institutions examine their AML programs holistically, first aligning all models to a consistent set of risk factors, then determining the specific inputs that are relevant for each line of business. The approach not only identifies risk more effectively but does so more efficiently, as different businesses can share the investments needed to develop tools, approaches, standards, and data pipelines.

Improve data quality

Poor data quality is the single biggest contributor to the poor performance of customer risk-rating models. Incorrect know-your-customer (KYC) information, missing information on company suppliers, and erroneous business descriptions impair the effectiveness of screening tools and needlessly raise the workload of investigation teams. In many institutions, over half the cases reviewed have been labeled high risk simply due to poor data quality.

The problem can be a hard one to solve as the source of poor data is often unclear. Any one of the systems that data passes through, including the process for collecting data, could account for identifying occupations incorrectly, for example. However, machine-learning algorithms can search exhaustively through sub-segments of the data to identify where quality issues are concentrated, helping investigators identify and resolve them. Sometimes, natural-language processing (NLP) can help. One bank discovered that a great many cases were flagged as high risk and had to be reviewed because customers described themselves as a doctor or MD, when the system only recognized “physician” as an occupation. NLP algorithms were used to conduct semantic analysis and quickly fix the problem, helping to reduce the enhanced due-diligence backlog by more than 10 percent. In the longer term, however, better-quality data is the solution.

Complement expert judgment with statistical analysis

Financial institutions have traditionally relied on experts, as well as regulatory guidance, to identify the inputs used in risk-rating-score models and decide how to weight them. But different inputs from different experts contribute to unnecessary complexity and many bespoke rules. Moreover, because risk scores depend in large measure on the experts’ professional experience, checking their relevance or accuracy can be difficult. Statistically calibrated models tend to be simpler. And, importantly, they are more accurate, generating significantly fewer false-positive high-risk cases.

Building a statistically calibrated model might seem a difficult task given the limited amount of data available concerning actual money-laundering cases.

But high-risk cases can be used to train a model instead. A file review by investigators can help label an appropriate number of cases—perhaps 1,000—as high or low risk based on their own risk assessment. This data set can then be used to calibrate the parameters in a model by using statistical techniques such as regression. It is critical that the sample reviewed by investigators contains enough high-risk cases and that the rating is peer-reviewed to mitigate any bias.

Experts still play an important role in model development, therefore. They are best qualified to identify the risk factors that a model requires as a starting point. And they can spot spurious inputs that might result from statistical analysis alone. However, statistical algorithms specify optimal weightings for each risk factor, provide a fact base for removing inputs that are not informative, and simplify the model by, for example, removing correlated model inputs.

Continuously update customer profiles while also considering behavior

Most customer risk-rating models today take a static view of a customer’s profile—his or her current residence or occupation, for example. However, the information in a profile can become quickly outdated: most banks rely on customers to update their own information, which they do infrequently at best. A more effective risk-rating model updates customer information continuously, flagging a change of address to a high-risk country, for example. A further issue with profiles in general is that they are of limited value unless institutions are considering a person’s behavior as well. We have found that simply knowing a customer’s occupation or the banking products they use, for example, does not necessarily add predictive value to a model. More telling is whether the customer’s transaction behavior is in line with what would be expected given a stated occupation, or how the customer uses a product.

Take checking accounts. These are regarded as a risk factor, as they are used for cash deposits. But most banking customers have a checking account. So, while product risk is an important factor to consider, so too are behavioral variables. Evidence shows that customers with deeper banking relationships tend to be lower risk, which means customers with a checking account as well as other products are less likely to be high risk. The number of in-person visits to a bank might also help determine more accurately whether a customer with a checking account posed a high risk, as would his or her transaction behavior—the number and value of cash transactions and any cross-border activity. Connecting the insights from transaction-monitoring models with customer risk-rating models can significantly improve the effectiveness of the latter.

Deploy machine learning and network science tools

While statistically calibrated risk-rating models perform better than manually calibrated ones, machine learning and network science can further improve performance.

The list of possible model inputs is long, and many on the list are highly correlated and correspond to risk in varying degrees. Machine-learning tools can analyze all this. Feature-selection algorithms that are assumption-free can review thousands of potential model inputs to help identify the most relevant features, while variable clustering can remove redundant model inputs. Predictive algorithms (decision trees and adaptive boosting, for example) can help reveal the most predictive risk factors and combined indicators of high-risk customers—perhaps those with just one product, who do not pay bills but who transfer round-figure dollar sums internationally. In addition, machine-learning approaches can build competitive benchmark models to test model accuracy, and, as mentioned above, they can help fix data-quality issues.

Network science is also emerging as a powerful tool. Here, internal and external data are combined to reveal networks that, when aligned to known high-risk typologies, can be used as model inputs. For example, a bank’s usual AML-monitoring process would not pick up connections between four or five accounts steadily accruing small, irregular deposits that are then wired to a merchant account for the purchase of an asset—a boat perhaps. The individual activity does not raise alarm bells. Different customers could simply be purchasing boats from the same merchant. Add in more data however—GPS coordinates of commonly used ATMs for instance—and the transactions start to look suspicious because of the connections between the accounts. This type of analysis could discover new, important inputs for risk-rating models. In this instance, it might be a network risk score that measures the risk of transaction structuring—that is, the regular transfer of small amounts intended to avoid transaction-monitoring thresholds.

Although such approaches can be powerful, it is important that models remain transparent. Investigators need to understand the reasoning behind a model’s decisions and ensure it is not biased against certain groups of customers. Many institutions are experimenting with machine-based approaches combined with transparency techniques such as LIME or Shapley values that explain why the model classifies customers as high risk.

Moving Ahead

Some banks have already introduced many of the five best practices. Others have further to go. We see three horizons in the maturity of customer risk-rating models and, hence, their effectiveness and efficiency.

Most banks are currently on horizon one, using models that are manually calibrated and give a periodic snapshot of the customer’s profile. On horizon two, statistical models use customer information that is regularly updated to rate customer risk more accurately. Horizon three is more sophisticated still. To complement information from customers’ profiles, institutions use network analytics to construct a behavioral view of how money moves around their customers’ accounts. Customer risk scores are computed via machine-learning approaches utilizing transparency techniques to explain the scores and accelerate investigations. And customer data are updated continuously while external data, such as property records, are used to flag potential data-quality issues and prioritize remediation.

Financial institutions can take practical steps to start their journey toward horizon three, a process that may take anywhere from 12 to 36 months to complete.

Rewriting the rules in retail banking

Rewriting the rules in retail banking

  • Four important trends are changing the terms of success in retail banking. Banks need to act now to develop new skills.

  • The Council of Ministers approved the recommendation to move the temporary Headquarters of the Organization from Abuja, Nigeria to the permanent Headquarters in Brazzaville, Republic of Congo.
  • The APPO Headquarters was temporarily moved to Abuja in 2018 when Nigeria assumed the Presidency of the organization with a mandate to execute the approved reform programme.