$15 trillion a year in financial agreements still depend on manual or fragmented processes. They are inefficient, prone to human error and, often, legally unenforceable.
They are, in short, a huge risk to businesses. Risks created by substandard agreement procedures, as well as those that include a human element, have contributed to the $204billion that financial institutions have been fined since 2008 (CNBC).
Events such as the PPI miss-selling scandal in the UK exposed a flaw in financial services companies’ procedures when dealing with customers: they lacked the evidence to prove that correct and compliant processes had been followed. When customers claimed that they had not seen or understood the terms and conditions of loans, regulators stated that the onus was on lenders to prove otherwise.
With the evidence to fight these challenges almost impossible to gather, millions of agreements were rendered unenforceable. That flaw has cost financial institutions a massive £26.9 billion in PPI compensation claims since 2011, according to monthly figures released by the FCA.
To fix this flaw, financial services companies must be able to ensure and then prove that a compliant onboarding and agreement process has taken place, and that the customer was aware of the terms of the agreement they were entering into at the time the agreement was made.
That means evidencing the process at every stage – from checking the customer’s identity right through to ensuring that they read the small print. Even if you have that evidence, you must be able to show it in a way that’s easy for a regulator or judge to understand, and prove that it couldn’t have been tampered with during, or after the process.
If you’re dealing with paper, that whole process can be a massive headache. Even when companies have attempted to automate part of the process, for example using electronic signature as part of anti-impersonation measures, they can’t prove that that the entire agreement process was compliant. How do you prove, for example, that the customer spent time reading the contract or received pre-contract information prior to signing?
Read more: Beyond the buzzwords – the three factors stopping ‘digital transformation’ becoming a reality
It is time for a complete overhaul of how financial agreements are managed. Large finance companies are starting to ask the right questions: how can they automate the whole process to reduce risk? How can they minimise reliance on humans to create watertight contracts? How can they protect themselves from challenges of mis-selling?
To create an enforceable agreement of any sort, a financial institution must prove four ‘Is’ in the event of a challenge:
At its most basic, can you prove that the person who signed the contract exists and is your customer? To use the Financial Conduct Authority’s language, do you ‘Know Your Customer’, and can you ‘Prove Your Customer’? For this, you need the obvious things, like identity data from government sources, address, and bank data. But you also need to be able to prove that your customer is who they say they are. Knowledge Based Authentication – personal questions that only your customer can answer – comes in to play here. Information should be independently verifiable. For example: what was your previous address, who is your mortgage provider and so on. For high-value deals, you could add in facial recognition and biometric verification too.
Did the customer mean to sign the contract? How did they progress through it? How long did they spend on the Ts and Cs? Did they download or print the document? You need to provide a full audit trail, including the visual screens presented to a customer, recording the interactions they make. An end-to-end automated workflow, which prevents customers from skipping any stage of the process, will prove that customers followed the mandated, compliant process.
In other words, the process is either done correctly or not at all. In this way, you have mandated and recorded that a designed compliant process has been adhered to, giving you demonstrable evidence in the event of a challenge.
Most technical evidence is complex, and sits in bits and bytes in various places across a business. If requested by the customer, the evidence you provide needs to be understandable and comprised of a single package of evidence. This evidence pack will show them exactly what they saw and did during the agreement process, and will be more likely to lead to a deflection (a decision not to move forward in their challenge). If the customer can’t be persuaded then it may need to be shared with regulators, ombudsmen or judges, all of whom can be non-technically minded. Administrators also need to be able to access and explain the evidence without the need for legal or IT. Simple, non-technical and persuasive evidence, such as visual evidence, will ensure accessibility and intelligibility.
Read more: The digital balance – getting it right
In many instances, electronic evidence can be hacked, amended or deleted, either by accident or design. Therefore, the strength of any evidence gathered is directly linked to its integrity. All the evidence should be held together in a single, tamper-evident package that includes proof of identity, intent and process, and a clear audit trail. By using a Digital Signature, which is a tamper-evident seal, an agreement is given integrity.
As we know from the PPI scandal, there is a difference between an agreement being legal, and being truly enforceable in the real world. Digitising the entire agreement process from end to end, and not just parts of it, not only drives the broad digitisation agenda of increasing efficiency and driving revenue, but is the only way to ensure you have enforceable, and not just legal, agreements.