America is a strange country to foreigner such as myself. And one thing that is particularly strange about it is the constant demand for identification in a society that lacks an identity infrastructure. The most obvious manifestation of this, as I’ve written before, is that when I am asked for identification (in order to get into a building in America, for example) I can present documents that the security guard cannot conceivably verify or validate (e.g., my UK driving licence) or documents that are not identity documents at all (e.g., my expired building pass for our office in New York) and gain entry. This is, as is often remarked, security theatre not security. It’s like a play about security where we all say our lines and play our parts but there’s no actual security involved at all. When it comes to identity, there’s definitely something odd about America.
Buying an assault rifle is easy. You need not show formal identification… Opening even the most basic bank account is far more arduous. The process begins with a rigorous ID check…
Now, I don’t want to get into the madness of KYC/AML here as that’s not the point I want to make, although I will flag up the fact that America has something in the region of a hundred million unbanked people. The point I’m making here is that I don’t understand why we can’t implement a universal risk-based approach for “small” accounts in order to get people into the financial system (not necessarily through a bank account, of course). In Europe, we have a very interesting case study unfolding in front of us right now.
When Anas Albasha arrived in Germany after fleeing Syria in late 2014, one of the first things he tried to do was open a bank account. “In Germany you need a bank account for everything,” he says.
Indeed. Rich Germans and people smugglers might well keep their cash in 500 euro notes, but poorer law-abiding Germans use debit cards and direct debits. If you don’t have an account, you have no access to the infrastructure of daily life. And, in my opinion, if you keep everyone out because one or two of them might be terrorists, then you don’t get to track, trace and monitor the terrorists anyway. Hence the German plan to give refugees a sort of provisional identity so that they can enter the financial system makes complete sense.
But it has been a struggle to persuade banks, which have to verify their customers’ identities, to open accounts for refugees. The heart of the problem is documentation. “Many refugees arrive in Germany without a passport or ID card; that’s just the way it is after the journeys they have been through,” says Katharina Stamm, an expert on migration law at the charity Diakonie.
In September 2015, the Federal Financial Supervisory Authority (“BaFin”) relaxed the KYC requirements for refugees so that they could gain access to formal financial services.
With immediate effect and for a transition period, refugees will be able to open a basic account even if they cannot produce a document satisfying the passport and ID requirements in Germany.
Later last year, in October, the German government went further and passed a law requiring banks to offer these basic bank accounts to refugees. Unfortunately, and despite that law coming into effect in June of this year, “
Germany’s anti money laundering law still contains a clause that effectively requires a passport or ID card to open an account.
Incidentally, we have the same problem here in the UK because the only ID document that refugees have is the Biometric Residence Permit (BRP) and many bank staff refuse to accept this as an ID document for opening an account. As the British Banking Association point out, “banks have to undertake thorough checks before opening accounts in order to comply with strict anti-money laundering rules”. Once again, as in Germany, it is AML rules trumping KYC rules. And I don’t want to point the finger as to the origin of the problematic AML rules, but the Centre for Financial Inclusion do note that it might be better for society to have people inside a system where they can be monitored and risk managed.
Lower [KYC] requirements also means that governments concerned with international security (particularly the U.S.) must determine how they will mitigate the risk of new financial services innovations.
I’m writing about this because I’m in Ivory Coast for the International Finance Corporation (IFC) and MasterCard Foundation conference on “Partnership for Financial Inclusion”. I was here to keynote about risk management for digital financial services (and how “fintech” and “regtech” can help) but I’ll definitely be hoping to learn more about the relationship between identity and inclusion from the experts here.
I’ve already had a couple of pretty interesting discussions about the idea of building “bottom up” (i.e., attribute-driven) identity to help with inclusion and the relationship between such identities and those KYC/AML issues discussed above. I’m genuinely curious to know what you all think about this stuff – please get in touch – and how some of this thinking might connect with initiatives such as Identity 2020.