CMO Vered Gottesman asks CPO Dagan Osovlansky about ThetaRay’s new CRA product
Vered: ThetaRay just launched CRA – Customer Risk Assessment. What differentiates ThetaRay’s CRA from existing customer due diligence products on the market?
Dagan: Customer due diligence (CDD) requires a comprehensive process covering multiple aspects of understanding the customer. ThetaRay’s CRA product focuses on the risk assessment aspect as part of this entire KYC (Know Your Customer) process. With our new CRA product, ThetaRay conducts a continuous risk assessment throughout the full customer lifetime, not just during onboarding.
Unlike traditional CDD solutions, which often rely on broad classifications and stereotypes, ThetaRay’s CRA product takes a deeper dive into who your customer is by assessing risks on an individual basis. This provides a more accurate and fair picture of each customer throughout their lifecycle. ThetaRay does this by taking data from both demographic/static sources as well as from current and historical transactions. We can assess the risk of a particular individual based on behavior, not just demographic information. So while it is true that certain static data points such as country of residence might be more correlated with financial crime, insights from actual behavior including transactions are more accurate.
ThetaRay’s CRA is fully automated and uses machine learning, which is very different from the rules-based systems available on the market today. With rules-based systems, you set certain criteria and give weight to whether or not the criteria were met and so on. The problem with this is the amount of data and indicators that can be included are very limited. Furthermore, current transaction and behavioral data is not even taken into account.
V: CRA allows you to configure the criteria and cadence of risk assessment throughout the customer journey. How does that work?
D: We enable our customers to add criteria or change the weight of criteria, which gives them flexibility.
In addition, CRA allows for cadence calibration. Most due diligence cadences take place once a year for risky customers, or once every two or three years for low-risk customers. While more advanced solutions can trigger an assessment each time your KYC data changes, such as when you move addresses, it’s still based on the same time-limited capabilities.
To truly prevent bad actors from infiltrating banks, one needs to assess risk almost constantly. Thanks to the dynamic, automated process CRA offers, ThetaRay detects high-risk customers much faster compared to three-year-old KYC information that only tells a partial picture at best.
Furthermore, CRA’s superior accuracy means you’ll actually reduce the number of customers categorized as high-risk. That’s because during onboarding, a customer is assessed but only from existing demographic and other static data. As the customer begins to execute transactions every day or week, ThetaRay can assess customers based on behavior and adjust their risk. For example, maybe a customer’s geographic location has a significant amount of financial crime. However, when you see how the customer behaves and that his or her behavior matches the information in the KYC, it becomes clear that this is a customer with lower risk than initially anticipated.
V: Can you explain each step in the CRA process?
D: At the onboarding stage, ThetaRay receives the standard KYC information as well as additional transaction information which can come from payments engines directly. We combine this with data from the transaction monitoring solution to assess a customer’s history. If ThetaRay’s SONAR system is used for monitoring and screening, then we can do this step automatically without customer intervention. If a third-party system is used, we can get this data easily via API. Going forward, ThetaRay will also source more information such as industry data that can provide further context on the entities. All of this is, of course, an ongoing process that continues to use more data points to make smarter, more efficient decisions.
V: Can you clarify what you mean by “real-time” risk assessments? How quickly can institutions receive updated risk scores with the CRA product?
D: Real-time mainly refers to the onboarding process where ThetaRay provides you with the initial customer assessment immediately. This is important, especially when today’s customers expect onboarding to take only a few minutes. ThetaRay’s risk assessment can also be triggered on an ad-hoc basis. For example, negative feedback on a customer could easily trigger a real-time risk assessment.
V: What are your long-term plans for the CRA product? How do you see it evolving to meet the changing needs of the market?
D: I previously spoke about starting to source data as much as possible and to garner as much insight from the market as possible for each customer. An inherent part of CRA’s capabilities is the assessment model that continually improves accuracy and efficiency. ThetaRay has some significant long-term plans across these two arenas. I can’t share information on that just yet. Stay tuned.
V: What specific pain points for customer due diligence (CDD) does the CRA product address for financial institutions?
D: CDD is still a very complex and time-consuming process. Current manual systems can help, but the process is still very complex. Processing an extremely high-risk customer can take a day or two of work for an investigations department. Now, consider financial institutions that have hundreds or even thousands of erroneously labeled high-risk customers and how much time they likely spend on such reviews. That’s only one problem.
The other problem is customer attrition. If a bank is continually hounding its customers for paperwork and due diligence processes for transactions because they are wrongly labeled as high-risk, the customer may take their business elsewhere. With the cost of switching going down and the pace at which a customer can change an institution speeding up, any unnecessary customer friction could impact an institution’s sustainable, predictable growth.
In the past, there was a significant trade-off between speed and efficacy of due diligence and compliance processes. Being fast was associated with greater exposure to risk. As an AI-powered solution, CRA is both far more effective as well as much faster –– a win-win for everyone.
V: Traditional rules-based CDD solutions can be inflexible and lead to mistakes. How does ThetaRay’s AI approach offer better risk mitigation?
ThetaRay technology knows how to combine both worlds – rules-based and dynamic AI. That is a true differentiation from other solutions on the market. Sometimes a customer does hit a certain threshold that is black and white so you might leverage rules to hit an alert. But the heart of the risk assessment, which uses machine learning, allows you to leverage unlimited data points to paint a much clearer picture of who that customer is.
For example, we can take 10, 20, or 50 different data points from KYC, from current transactions, past transactions, and build an accurate customer profile. You can’t do that with a rules-based CDD –– it is too simplistic of a system and by definition approximate. With CRA, the machine is self-learning, so the bank or fintech will automatically see if risk has changed in any way.
D: Can ThetaRay’s CRA integrate with banks’ existing infrastructure? What value can it bring to clients who have sources of data from multiple providers?
ThetaRay built CRA purposely to be an independent solution that can be plugged into existing customer lifecycle management infrastructure. We aren’t a customer lifecycle management platform. We are very flexible when it comes to data sources. That makes the implementation for the bank or fintech far easier and allows for flexibility in upgrading or changing systems.
V: Fintechs and neobanks often struggle with resource constraints for robust CDD, they’re not built to handle it. How can ThetaRay’s CRA alleviate this pressure and improve efficiency?
D: When you speak with some of the smaller financial players you generally see teams trying to manage CDD manually on spreadsheets. This has a significant human resource cost and is prone to mistakes, which results in lost business. CRA automates the entire process, making it easier and faster to identify high-risk customers.
V: Last question: Dagan, you’ve spent over 20 years in the world of banking and banking technology, witnessing firsthand the challenges of customer due diligence. What unique perspective does your experience bring to the development of ThetaRay’s CRA product, and how does it translate into tangible benefits for our customers?
D: Most financial institutions are still not evaluating the actual individuals on the other side of the screen. Rather, they use imperfect probability models. Over the past few years, the growing popularity of remote interactions, increasingly fast-tracked by COVID, has made KYC processes more complex and difficult for institutions. Today, you have an IP address somewhere, either from your phone or your laptop, and who knows who you are. As ironic as it sounds, you need to leverage technology to fight the risks that other technologies have given rise to.