Key priorities for virtual bank

David Haynes May 27, 2022 06:00

The virtual banking race has been heating up in Asia in recent years. While virtual bank operations in Hong Kong commenced only two years ago, this year the Bank of Thailand plans to implement regulations on virtual banks and Singapore is due to see the launch of a virtual-only bank. Virtual banks continuously introduce new banking products to the market, starting from deposits and credit card spending offers, to personal credit and insurance products.

Both virtual and traditional banks are also upping their digital offerings in the region to meet growing consumer expectations on accessibility and efficiency fueled by the pandemic. While restrictions on visiting physical stores were lifted in many parts of the world, the continuing strong growth of online payments shows that consumer behavior has fundamentally shifted to digital, according to the latest Cybercrime Report.

Digital Banking and Today’s Regulations

Regulatory changes are also playing a part in the relentless growth in digital acceleration. For example, the Hong Kong Monetary Authority (HKMA) launched its FinTech 2025 strategy in June 2021 to provide a clear framework for banks to foster FinTech innovation. Hong Kong and mainland China have been relatively active in licensing virtual banking business models, whereas regulations in Malaysia and Singapore where draft regulations exist, virtual banks are still under establishment.

Although banks and financial services organizations are no strangers to technological disruption, the shift to digital banking is putting fraud prevention techniques at risk. Regulators, investors and market watchers are now asking whether the new banking model, which promises faster, more convenient and accessible financial services, elevates the role of risk management.

Elevated Customer Experience

The virtual bank initiative was first introduced in Hong Kong in 2017 under HKMA’s Smart Banking Era Strategy. With 162 licensed banks already operating locally, eight virtual banks have shaken up the highly mature banking market in the city. ZA Bank attracted more than 500,000 registered users as of December 2021. Mox went live in September 2020 and had 200,000 users after one year of operation.

Consumers embrace low friction, convenient experiences such as app-based QR code payment processing, 24/7 in-app customer service and account opening that only takes a few minutes.
To further improve customer satisfaction, virtual banks have also focused on creating a fun and exciting banking experience through gamification – the largest virtual bank in Hong Kong sought to set itself apart in the saturated sector by engaging customers with incentives in its in-app mobile games.

Product Innovation

Many digital banks have leveraged their core characteristics to establish a unique presence. China’s first virtual bank, for example, offers financial solutions to underbanked younger customers and loans to small and microbusinesses in remote areas. In Hong Kong, Mox Bank plans to establish an ecosystem comprising services from its backers, including HKT, PCCW and Trip.com.

As digital banks in Hong Kong continue to roll out new products, some are now venturing into wealth management after building up their customer base. WeLab Bank has soft launched digital wealth advisory services for select customers in April. We expect to see more wealth management solutions and products launched by digital banks this year, which will attract asset managers to open accounts for their clients. From our experience of working with four out of eight virtual banks in Hong Kong, although consumers will undoubtedly benefit from the convenience, it also leaves them more vulnerable to fraudsters, exposing them to new cybersecurity and identity fraud risks.

Prudent Risk Framework for All-Around Defense

Virtual banks still adhere to the strict anti-money laundering and cybersecurity rules that govern the traditional banking environment. However, the ease of opening accounts and using digital banking applications has meant that the virtual banks have had to double down on improving the security of their entire ecosystem from the frontend to the backend.

A critical priority for virtual banks is to put in place a prudent risk framework. Virtual banks should deploy multi-layered, risk-based authentication that adapts to each of their customers, including:

• 1st line of defense: Risk Assessment. Know the risk before you know the person. Establish risk for a sign in attempt or other user activity based on factors such as location, network reputation and device footprint. The higher the risk, the more authentication layers should be considered, such as a one-time password to grant user access.

• 2nd line of defense: Identity Verification. Know the identity – Verify the supplied bank account details associated with the identity and compare identity evidence against public records and information from multiple data providers to ensure an identity exists.

• 3rd line of defense: Fraud Assessment. Know the risks associated with the identity. Identify fraud risks posed by the individual’s digital or physical identity and behaviour to make a more informed decision.

• 4th line of defense: Identity Authentication. Know the person is who they say they are to protect your organization and maintain a seamless digital experience for your customers. Dynamically assign additional identity authentication checks to higher risk identity scenarios.

The Role of Collaborations and Data Sharing

Virtual banks have expanded security and compliance by collaborating closely with the growing regulation technology (regtech) community to test out new approaches and further accelerate innovation. For example, virtual banks have identified considerable advantages in using regtech for transaction monitoring.

Virtual banks’ effective use of developing regtech is utilizing industry knowledge sharing. The joint belief was that sharing expertise and experience would make the overall virtual banking industry stronger. When it comes to data sharing, the HKMA’s initiative for commercial data interchange includes building a consortium to gather external and internal information so that the industry can leverage the database collectively to better assess risk across all data, not just credit risk.

The concept of consortium is likely the key to future developments and fostering collaborations between financial institutions in Hong Kong. Financial institutions could gather data in the initial processes of onboarding or share data about their customers on an ongoing basis. Companies could mitigate most of the onboarding challenges, such as multiple onboarding for the same entity.

Both virtual and large established banks are stoking fierce competition around customer experience without adding unnecessary friction for customers. Since the pandemic has pushed digital services to the fore, financial institutions that struggle to innovate quickly enough will see customers leaning towards nimbler, more user-friendly products and services offered by competitive virtual banks.

-- Contact us at [email protected]

David Haynes

Vice President, Asia Pacific, LexisNexis® Risk Solutions