The increased pressure of regulatory compliance, combined with globalisation and the distributed nature of business today, has made e-commerce mission-critical for organisations. Building a strong financial supply chain starts with reliability and assurance - particularly when conducting online transactions, which may contain sensitive information and require many levels of authorisation and approval. Banks are uniquely positioned to address these assurance challenges as we help clients mitigate risk as part of our core business. Introducing parties and establishing trust in business-to-business (B2B) transactions is not new - it continues to be a core competency of banks.
High-value Transactions Need High Assurance via Digital Identity
The expansion of e-commerce and the global reach of supply chains have galvanised the need for paperless workflows. However, all information is not created equal. Even granular access control has become critical. Higher-value transactions and sensitive information require better visibility, control and stronger linkages to the authorised employees associated with these transactions - who you are and what you are entitled to do makes a difference in a fully electronic environment.
To meet the demands of the global economy, firms want to leverage paperless workflows to reduce processing time, internal lag-time and the expense of paper communication without compromising visibility and governance. Our clients have made sizable investments in enterprise financial tools which integrate certain functionality, like payment initiation into their systems. Making this functionality work requires common standards, consistent interfaces and integrated multiple sources and process flows. As this evolution continues to accelerate, the use of high-assurance digital identities will enable greater efficiencies as well as profoundly increase visibility, control and security over business processes.
The Four Pillars of High-assurance Digital Identity
Digital identities offer firms a tremendous opportunity to achieve business process improvement, automation and risk management goals. A high-assurance digital identity is a physical representation of your online identity issued on a smart card or USB token. A bank, as a trusted third party, stands behind the vetting and issuance process of the client and, ultimately, the client's authorised employees. With everything that a digital identity can and should provide, identities alone do not address the entire picture - a broader operational framework is required.
The foundation of high assurance is the policies and procedures in place to identify who should be issued the digital identity (whether a corporate or an individual). The first pillar of high-assurance digital identity revolves around the question does the third party stand behind the due diligence process and hold a level of liability for fraudulent use? (Added to this first principle is that the due diligence and the legal framework have to be globally scalable and acceptable.) Clients need to know the rules up front before they do business. Second, how is the identity stored to protect the privacy of the user? Is it difficult to hack, spoof or replicate? Third, are there real-time operations available to validate that the digital identity is still good at the time of a transaction? And fourth, a common liability and dispute resolution model needs to be put in place that provides assurance of accountability and problem resolution.
Why Look to Banks?
Banks are uniquely positioned to address these issues since introducing parties and establishing trust in B2B transactions is a heritage of financial services. Banks have long held a special role in identity certification as regulated institutions, trusted financial intermediaries and administrators of policies like 'know your customer'.
For years, people and organisations have entrusted banks with managing their sensitive information and financial needs. Trusting the identity assurance of a bank's business partners is a natural evolution of this relationship. Identity is having absolute certainty of the individual with whom you are interacting, being able to verify and rely on that identity, and knowing who guarantees the identity. Banks play an important role in this process helping create the 'chain of trust' that is critical in a digital world.
Interoperability Matters for High-assurance Digital Identity
Banks have many corporate clients and these clients have many bank relationships. Both work across diverse geographies and legal jurisdictions. Banks and corporates need to rely on common processes, systems and standards to interact efficiently and productively.
The reality? Today's process is riddled with pain points and complexity - multiple standards, many bilateral agreements, a variety of pipes and proprietary interfaces. All of these inhibit and challenge basic access, processing and integration of information for basic settlement and reconciliation in the procure-to-pay cycle. The downstream effects? Increased operating inefficiencies, compliance risk, labour-intensive investigations, negative impacts of late cash allocations on customer credit lines and thus on revenue realisation. Ultimately, this creates non-productive customer and business partner interactions.
When it comes to digital identity, less is definitely more. Interoperability through well-defined networks, like IdenTrust, eases the interaction of the applications and the players across the corporate and bank communities. IdenTrust provides an operating model of uniform rules, legal and liability framework, and contractual structure required to operate secure and streamlined e-commerce transactions. These identity schemes work similarly to today's credit card model. A bank-issued digital identity allows interoperability with participants - such as other banks - that have agreed to the terms and conditions of the operating model, so they can rely on digital identities used in transactions from other participants.
The benefits of a single identity for corporates are numerous - from interfacing to their various banks and back office systems to eliminating paper to making straight-through processing (STP) achievable. For the banks, beyond streamlining a single identity to be used in interacting with our applications, we can offer improved services based on a common standard.
Reducing Friction in the Financial Supply Chain
We are realising the potential of digital identities to profoundly change many business processes. High-assurance digital identities provide the following core capabilities: authentication, encryption and digital signing. The opportunities for process improvement based on these capabilities are numerous, from better regulatory compliance to improved privacy protection. Where this really gets exciting is the opportunity for STP and enabling processes within the supply chain with non-reputable, binding digital signatures.
If we focus on enabling paper to electronic, what types of applications are we talking about? Basically anything that requires proof of identity and/or entitlement at both the entity and the authorised individual level, involving multiple corporates, banks and legal entities across multiple jurisdictions involving multiple applications.
And, my personal favourite, those 100-year-old, paper-dependent processes that hold up the speed of business today. In financial services, we are reducing paper-intensive processes, such as account opening, and looking at ways to better connect authorised individuals with the transactions that they are initiating on behalf of their organisation, as with Fileact and SWIFT. In other words, using identity as an enabler and 'enrichment' to existing cash management processes for secure, paperless workflows and legally binding processes.
For example, managing a company's authorised signers with the bank can be cumbersome. It is effectively creating a legal contract to change signers with your bank. Each designation requires a paper trail that needs to be repeated at the subsidiary and bank level. This process has not changed in 100 years. The use of high-assurance digital identity can change this process to a global 'find and replace' while putting visibility and control back into the hands of treasury, where it belongs.
The Path Forward
While the usage of digital identities is not at a mature stage, the industry is not far from the inflection point when we are likely to see much broader usage of digital identities to solve real business problems. Digital identity usage today is analogous to that of a credit card with limited merchant acceptance. That being said, there is a lot of good work being done by the banking industry and bodies such as IdenTrust in looking for the right pain points in places like the financial supply chain where digital identities can be a part of the solution.
The financial services industry is moving forward in this space with a focus on connecting the physical to financial supply chain for our clients using digital identity as an enabler. Dialogue, proofs of concept and standards creation are all actively underway among industry participants, at all roles and levels. There are numerous areas that require industry collaboration among the banks, corporate community and interested third parties, including working on these standards and developing the proofs of concept to explore ways to solve these problems for our common clients. The digital identity space should be co-operative, not competitive. Digital identities represent an opportunity to bring value not only to our clients, but to the industry as a whole. By working collectively as an industry, we can begin identifying and addressing the issues and opportunities that exist.
No comments:
Post a Comment