Access to financial services can be broadly broken down into four subject areas: 1. Access to product information 2. Access to seamless onboarding 3. Access to product benefits 4. Access to support services While several banks in Sri Lanka excel in areas 1, 3, and 4 and never miss an opportunity to proudly announce the fact, no bank appears to be willing to deal with the elephant in the room, which is area No. 2 – customer onboarding. As of today, the majority of LCBs (licensed commercial banks) follow the below process, with minor variations, when onboarding a new customer to the bank for a CASA (current account/savings account) product. While onboarding for other products like loans carry additional steps related to credit risk evaluation, the KYC component will remain the same. Here is what a completely wasted half a day trying to open a bank account in Sri Lanka looks like: 1. Fill out an extremely lengthy application form which has two main components. The generic KYC information and the specific product-related information. 2. Request the customer to visit a branch to submit above applications. 3. Request an accepted form of identity. This can be your national identity card (NIC), driving license, or passport. 4. If living in an address different to what’s mentioned in the identity document, a billing proof as proof of permanent address will be required. Accepted forms of billing proof being water bill, electricity bill, and fixed line telephone bill in your name. If living on rent, a copy of the lease agreement will also be required. 5. A brief yet boring interview by a bank staff member at the branch. If you are lucky, you’ll get your account opened after fulfilling all of the above criteria, and at times after the customer service agent comes back from lunch, in the case of some super customer-centric banks. There’s also a plethora of minor technicalities that can easily prevent you from getting this done within one day as well, and a couple of these are as follows. 1. 40-year-old NIC document issued on cheap-quality paper and laminate is not clear enough, so go get a new one from the NIC department (Department for Registration of Persons). 2. Current address is not mentioned in the ID document. Working professional but living with parents with the only bill to your name being from your mobile telecom service provider? Obviously not paying rent to your parents, therefore no lease agreement? Sorry, that’s not good enough. You might be 30 years old, but please bring a letter from mommy and daddy confirming you live under their watchful protection. This is the horror story which most customers endure to get the services of our top Sri Lankan banks who charade their awards for being the “Best Bank in” this and “Best Bank in” that. There is a Sinhala saying that is very appropriate for this type of behaviour that goes “kathawa nam dolawen, gamana payin”, which loosely translates to “all talk no action”. However, one might argue that the above is only a one-sided customer perspective without any appreciation of the issues faced by banks and the industry’s concerns. So we will now look at some of the underlying reasons used by banks to justify this process. As per the Banking Act of Sri Lanka and a number of operating guidelines/circulars issued by the Central Bank and its sub departments, all licensed commercial banks and financial institutions have the below stated obligations in terms of KYC/CDD (know your customer/customer due diligence): 1. Ascertain the validity of the ID document presented by the customer 2. Ascertain the identity of the customer against the ID document provided by the customer 3. Ascertain the customer’s eligibility for the product/banking service 4. Maintain an audit trail of the customer’s onboarding application and supporting documents 5. Ensure the above processes are carried out by an active staff member of the bank, which must also be approved by a different staff member of the bank. A common safeguard in banking operations known as maker/checker. A number of other KYC/CDD obligations may exist which are not mentioned here as they are not required for the purpose of this discussion. However, there is one bank that came up with an innovative way to water down this horror story of new customer onboarding to something more palatable – Nations Trust Bank PLC (NTB). Being from the technology sector and a total outsider to the banking community, I was very fortunate to be given an opportunity to lead the technology innovation division of FriMi in early 2018. Since then, FriMi and a number of copycat competitors from other banks have successfully improved their app-based customer onboarding journey. Yet, there are still some strings attached. In order to have a fully fledged account, customers need to be subjected to an interview by a bank staff member face-to-face. While there are some temporary exemptions that have been granted by the Central Bank to enable limited digital onboarding during this curfew period, a long-term solution is nowhere in sight. A study of the local banking regulations, global best practices, and current banking operations shows that the root of this customer onboarding problem stems from the lack of a system to digitally verify the identity of a person. This topic has been debated heavily between the various identity issuing authorities such as the Department for Registration of Persons, Department of Immigration and Emigration, and Department of Motor Traffic, which issue NICs, passports, and driving licenses, respectively. These three documents to date remain the only official valid documents (OVDs) accepted by a financial service provider to fulfil the KYC requirements. None of the three issuing authorities, even with the support of the Information and Communication Technology Agency (ICTA), have introduced simple and secure application programming interfaces (APIs) facilitating electronic data interchange (EDI). The lack of such mechanisms has severely restricted the ability of financial services providers to seamlessly verify and validate the authenticity of the customer submitted ID document. The ownership is a different aspect altogether requiring identity issuers to incorporate biometric mechanisms such as fingerprint, iris scans, and face scans into the identity document. But at least a digital means to verify the validity of an ID document is a good starting point. Lessons from India’s ‘Aadhaar’ To date, the Unique Identification Authority of India (UIDAI) has generated 1.26 billion Aadhaar numbers and facilitated 40.27 billion Aadhaar authentications. The excerpt below from the UIDAI official website explains the purpose and operation of Aadhaar: “The Aadhaar number is a 12-digit random number issued by the UIDAI (“Authority”) to the residents of India after satisfying the verification process laid down by the Authority. Any individual, irrespective of age and gender, who is a resident of India, may voluntarily enrol to obtain Aadhaar number. Person willing to enrol has to provide minimal demographic and biometric information during the enrolment process which is totally free of cost. An individual needs to enrol for Aadhaar only once and after deduplication only one Aadhaar shall be generated, as the uniqueness is achieved through the process of demographic and biometric deduplication.” On 29 May 2019, the Reserve Bank of India (RBI) issued a notification titled “Amendment to Master Direction (MD) on KYC to all banks and entities under its jurisdiction”. The excerpt below from this notification explains the provisions allowing regulated entities to conduct KYC using Aadhaar-based authentication/verification of a customer’s identity: “2. Important changes carried out in the Master Direction in accordance with the aforementioned amendments are listed hereunder: a) Banks have been allowed to carry out Aadhaar authentication/ offline-verification of an individual who voluntarily uses his Aadhaar number for identification purpose. (Section 16 of the amended MD on KYC) b) ‘Proof of possession of Aadhaar number’ has been added to the list of Officially Valid Documents (OVD) with a proviso that where the customer submits ‘Proof of possession of Aadhaar number’ as OVD, he may submit it in such form as are issued by the Unique Identification Authority of India (UIDAI). (Section 3 of the amended MD)” Having this infrastructure has allowed India to empower its citizens with financial inclusivity. In addition to this, it has allowed the Government (of India) to provide numerous financial and non-financial services to citizens in an organised, cost-effective, fair, and transparent manner. The UIDAI is also a very sustainable government service which has a practical fee structure charged to the financial institutions requesting Aadhaar digital verification checks. A country with 55 times the population of our nation and a literacy rate 20% lower than ours has been able to utilise their collective creativity and intelligence to create this much-needed infrastructure. Sri Lanka has some of the greatest minds in Asia, some of its brightest tech companies, and internationally exposed banking veterans. At least spurred on by the realities of Covid-19, it is time for all stakeholders to work on a holistic policy framework and technology solution to enable a digital identity for all residents of Sri Lanka. (The writer is the Chief Information Officer of Global Rubber Industries Ltd. Prior to that, he was an Asst. Vice President at Nations Trust Bank PLC, heading the technology division of its flagship FinTech brand FriMi)