Skip to main content

Building Trust in Financial Services through Digital Identity Management

There has always been a need for strong identity and access management capabilities in the financial services industry, for obvious reasons. Authenticating the identity and access privileges of direct customers, employees, partners and consumers is the most powerful tool for preventing fraud.

But, with the massive digital transformation caused by the pandemic and work-from-home trend, digital identity management is more important than ever for many organisations. A recent study of 12 billion financial transactions between January and March of this year found a 159 per cent year-on-year increase in bank fraud attacks and a 728 per cent increase in phone fraud attacks. 90 per cent of all fraud attacks occurred online.

Even before the pandemic, rapid technology evolution was driving banking and capital markets to virtual business models. With the massive acceleration of this trend in the past 15 months, effective digital identity has become a critical competency for establishing and maintaining trust.

Extending Trust

Customer identity has always been at the centre of building and enhancing trust for financial services organisations. With the digitisation of so many internal processes today, equal vigour may need to be applied to managing identities for employees, contractors, vendors, business partners and even devices. However, managing identities across these groups is fundamentally different from traditional customer identity management.

For example, the steps behind authenticating customers may be significantly different from those authenticating employees, contractors or other people who are closely affiliated with the organisations. For customers, identity is not only focussed on ensuring the right people have access to the right resources; it also must factor in the customer experience, which is a critical component to retaining their business. Therefore, organisations need to balance the need to authenticate customer identities with the need to deliver a positive customer experience. For stakeholders closely affiliated with an organisation, the steps necessary to authenticate their identities may be quite different, since they may have already been vetted by human resources, or vendor due diligence processes, and the user experience is not as mission-critical as it is with customers.

There is also a greater number of stakeholders in identity management than in years past. What was once the province of IT and cybersecurity, now extends across other organisations in the enterprise, including legal, marketing, compliance and operations. All have a stake in effective identity management. Add to this an increasingly complex risk landscape, and it suggests that organisations may be well served by adopting a broad approach to developing and supporting strong digital identity initiatives. Taking such an approach need not feel overwhelming, however, since advances in machine learning and artificial intelligence (AI) have made it easier to scale identity initiatives by automating many of the routine tasks associated with establishing and authenticating digital identities.

Following are five steps to consider when developing a modern identity management programme:

Organisations can develop and socialise a plan that encompasses a unified vision, strategy and road map for how they can effectively manage the digital identity of their people, devices and “things” attached to the internet. The plan can reflect broad needs across people and devices, as well as unique requirements for each, enabling security and authentication to work seamlessly with access and customer experience.

As mentioned earlier, there are many stakeholders for modern identity and access management. It’s no longer just the technology and cybersecurity teams, but also units across the business, including legal, HR, compliance, marketing and various operational groups. Involvement of a broad stakeholder group early in the process can lead to conversations and decisions that prompt nimble adaptation.

With a focus on business outcomes, organisations can determine where identity management can help, such as improving customer retention or streamlining HR processes. By focusing on outcomes, organisations may be better positioned to define ROI, which is critical to overcoming resource constraints and supporting larger transformation efforts.

The shift necessary to achieve an effective approach to digital identity management is far-reaching, and any identity program can run into challenges from people who may resist aspects of a transformation that could result in their loss of control. A good plan will anticipate these obstacles and provide strategies for overcoming them.

Machine learning and AI can dramatically enhance digital identity capabilities, not only in improving and securing the environment but also by hastening responses to threat indicators. Because these technologies can learn, they can adapt and respond to potential threats often more rapidly than humans can, thereby creating a human-machine collaboration that can add speed and precision to processes.