Case Study: Digital Transformation of “justSajid Bank”

by

In this current era of what we call “digital first”, industries are repeatedly changing and evolving with the help of technology. So as the banking industry is reshaping itself, banks need to keep adopting positive changes to counter and overcome the key challenges of the modern world to overcome the challenges against the business drivers.

And with the addition of AI and advanced data analytics part of the banking processes, and collaborations with Fintechs are increased to support innovative financial services adding more competition among the traditional banks to evolve themselves at the right pace.

In which COVID-19 played a significant role to let the banks redefine their basic banking definition, where we have seen the rise of Neobanks (aka online banks, internet-only banks, virtual banks, or digital banks) who are using the full use of technology to perform the basic banking operations that were even unable to imagine little while ago.

Perhaps along with this fantastic evolution, financial crimes are also rising, demanding more and more regulations to prevent any possible risk. That is what banks always need to keep as the top priority before accepting any change.

Case Study || justSajid Bank

justSajid Bank is a traditional bank, facilitating people through their traditional banking operations. Perhaps to compete against the modern day challenges, looking to evolve their banking operations according to the modern day digital banking solutions, without distrubing their exisitng banking operational paradigm.

* The existing system is working with internal organizational systems like HR, and Resource Management, also there are Mobile and Internet banking solutions to facilitate their banking customers through their Omnichannel, Customer Experience, Ecosystem & Partners, and Back Office. Also its connected with the 1Link as well as phone banking to facilitate their customer support. WSO2 API Manager is helping to manage their banking API endpoints and products across the platforms.

So, before we design the solution, its important to keep in mind some of the key complexities as banks normally have two to four major lines of business, which includes following;

1. Investment banking (Mergers and Acquisitions); Offer Services related to capital markets, mergers and acquisitions, and finance by dealing with corporates and governments.

2. Retail banking (Deposits and Loans); Offer services to individual customers and small businesses by facilitating them through Fund transferring, loans etc.

3. Commercial banking (Credit and Financing); Offer services as per the needs of large companies, including loads and other credit products, treasury, cash management, and trade finance including issuing letters of credit, factoring, export credit, and insurance.

4. Asset and wealth management (Private Banking); Targeted at providing advisory and portfolio management services to high-net-worth individuals. Manage asset, wealth and securities portfolio.

Adoption of Modern Banking Industry Architecture

In order to transform justSajid Bank ecosystem, the adoption of modern architecture is important in providing key features.

justSajid bank can take advantage of operational flexibility and ensure that security and compliance are met through the identification, deployment, and management of controls. Data and AI accelerate to establish strategies for collecting and organizing data by using various data techniques such as virtualization, edge processing, and data topology analysis. The platform enables open-source tools and techniques for exploratory data analysis and training advanced machine learning models. Industry accelerators include a starter set of models for banking use cases.

On the top of that, bank can provide state of the art user experience to their customers along with the Omnichannel, with the help of ecosystems and partnerships and most importantly through their back office.

Adoption of Component Business Model (CBM)

This is a technique developed by IBM as a set of non-overlapping components to identify opportunities for innovation, improvement, or both.

Adoption of Modern Banking Architecture

As the main goal is to evolve the key banking operations according to the modern-day solutions without disturbing the existing banking operations paradigm. So we can define the three major domains as the heart of architecture.

1. Digitial Agility Services; Provides a Microservices platform such as Financial Services Workbench, used to create container and containerized components running on highly secured environments.

2. Business Automation: Provides a set of methods and tools to deliver on a value proposition to support business process transformation. Data and AI capacities are used to collect, prepare and govern data and to analyze and infuse insights in applications, processes, and business microservices.

3. Analytical insights: Helps financial institutions transform to cognitive enterprises by gaining the most value from the data. Highly valuable to provide digital experience to users. AI and Analytics play a key role in banking operations through this domain.

Security and Compliance

As security and compliance is the most challenging aspect of modern-day banking, so key measures are important to take in order to protect from any kind of risk. That involves, depth in defense, restricted privileged rights, safeguard data, continuous controls assurance, detection and response, and service resilience.

Mobile Banking Solution

If we talk about key aspects of digital banking, the one of the key aspects of using banking services is through mobile banking. So with the help of Integrated banking APIs, we can provide the best possible digital banking experience to the users.

Sequence Flow;

  1. The justSajid mobile app starts a transaction. For all app users, including the account holder and bank employee, the fintech, B2C, and B2E apps start transactions by using mobile apps. As for B2E apps, the transaction flow is securely transferred through VPN connections between mobile devices and edge services.
  2. The mobile BFF controls request a transaction. Fintech apps communicate with the mobile BFF to retrieve business data that is managed in core banking systems. Business data can also be cached within BFFs in a fintech company or a service provider that is outside the enterprise to reduce the number of transactions against banking systems. For both B2C and B2E apps, mobile apps directly communicate with the BFF by using edge services. Transaction data for B2C is usually protected by TLS connection via HTTPS. For B2E apps, data flows over VPN connections in most cases for data protection, device authentication, and network access control.
  3. Edge service controls request a transaction. The edge service receives the requested transaction through external and internal networks and redirects it to the back-end component. Depending on the transaction, the redirect destination is either the Mobile BFF or the API gateway. The edge service also transfers the response from the back-end component to the original requester.
  4. The API gateway handles the requested transaction and connects it to the API runtime. The API gateway enforces OAuth 2.0 security, which verifies whether the access token is valid and whether the requested path is in the authorized scope for all banking API requests. It also routes those requests to the preferred microservices. The API gateway might control the number of concurrent transactions based on the usage contract of the client or based on a load of the API gateway.
  5. The API runtime runs a process and connects to integration-layer microservices to provide API-enabled banking services such as account opening, payment transaction, and consent management. Those front-end interfaces of the core banking system connect to the back-end system with the integration layer. A few transaction control and regulation control components are also involved, such as fraud management, state management, and token management.
  6. The transformation and connectivity component handles the requested transaction and integrates with the back-end enterprise systems. The transformation and connectivity component receives the transaction from the API runtime and reroutes each transaction to the appropriate back-end system. When it receives responses from the back-end systems, it merges the responses if needed, creates and formats the message, and transfers the message to the API runtime as a response.
  7. The enterprise user directory handles the requested process. When the validation process of user credentials is requested, this component handles the request and responds to the requester. For an authentication process on an OAuth protocol, the process might be directly requested by a mobile device.
  8. The enterprise data component handles the requested process. This component responds to requests for each transaction and interacts with the transformation and connectivity component.
  9. The enterprise application handles the requested transaction. A transaction that was started on a mobile application or API runtime comes to the core banking application through the integration layer. The core banking application processes the request transaction and responds to the transformation and connectivity component.
  10. The OTP service handles the requested process. The application calls the OTP service, enabling multifactor authentication. The user is asked to enter a one-time passcode that is provided by a specific method such as a security hardware device or a software program on a smartphone. The passcode is transferred to the OTP authentication server. After the passcode is validated, user can access the application. The OTP service is required for a few banking services that need strong customer authentication, such as money transfer and bank account management.
  11. A SaaS application handles the requested process. The SaaS application requests information or transactions that are required for the back-end enterprise application by using APIs and sends that data to the front-end requester.
  12. The push notification component handles the push request. In response to a request from the back-end application, the push notification component calls a service that is provided by push service providers to send a push notification to the specific device.

Customer Account Opening and Onboarding for justSajid Banking

The very first interaction that customers do with a bank directly is account opening, so the user experience should be fast, smart, state of the art and highly secured at the same time.

So, a well-designed solution for opening accounts and onboarding customers is a client lifecycle management solution that is built on a single, intelligent workflow platform that reimagines the customer experience and integrates with bank systems, policies, and rules.

Following is the end-to-end customer lifecycle management:

Logical architecture;

Here would be reference architecture for the onboarding;

Loans for SMEs by justSajid Bank

The SME loan origination solution is designed to make personalized loan product offers for a bank’s small and medium-sized commercial customers and prospects when they apply for a loan to expand and operate the business. The process involves requesting, prescreening, underwriting, onboarding, and approvals from banks. So it should be an easy and smooth process to manage the loans for a company.

When a company decides which bank’s loan offer to take, it weighs several factors including ‘best fit’, financial terms and conditions, speed, and ease of doing business.

Analytics drive the overall loan origination process. This process is enhanced by cognitive capabilities that can lead to differentiated experiences for the customer and lower processing costs, and result in higher profitability for the bank.

Often, the first point of contact is when the customer accesses the bank’s loan site through a digital channel to see what products are available. Based on the certain minimal information that the customer provides to describe their need, a “smart product matching” cognitive bot searches for the right product or combination of products and displays them to the customer. The bot uses machine learning techniques and a history of customer decisions with similar needs and characteristics. If the customer shows interest in a product or a combination of products and provides more details about the business and the loan’s purpose, a risk assessment is completed by using IBM’s cognitive assessment capabilities and a competitive offer is generated.

The customer then indicates interest in formally applying for an SME loan. A customized list of documentation that is required by the bank is generated for the loan type and amount, and the bank seeks permission to gather data about the customer and the business from external sources. The customer gives the appropriate permissions and digitally uploads scanned copies of the documents that are requested by using a mobile device camera or a scanner.

Online risk analysis is conducted by using machine learning based on information that the customer submitted and data that the bank gathered. By using the results of the risk analysis, a customized loan offer is generated if the customer is deemed a good risk. The loan origination solution provides a way for an SME customer and a bank loan officer to negotiate online within loan negotiation margins. A final offer is made, which requires the customer to digitally sign the loan documents. The onboarding process then starts, which includes automated KYC and regulatory compliance, and the loan is registered with the bank’s core systems.

When the customer accepts the loan offer, the onboarding process begins. The onboarding process requires the authentication of the loan applicant to verify the identity of the person who is interacting with the bank. For that process, the verification of identity documents and verification by video of the person against the identity document is necessary. This verification process is immediate by using identity verification software and a video connection with the bank’s call center.

During or after the process, the customer can request that the attorneys of the SME business be given access to the contracted products. That request can also be processed online, generating the appropriate permit scheme, registering the people who are empowered in the bank’s loan system, and allowing the customer, through the web, to manage and monitor that access.

Successful Digital Transformation

The continuous adaptation towards the digital transformation will ultimately evolve the justSajid Bank into a Digitial Bank, now using mobile applications and analytics services in the cloud to expand and communicate with new channels. In further transformation, justSajid Bank may want to enable real-time transactions and access to back-end data. The platform can accommodate all the necessary integration patterns to be responsive to the native applications’ fluctuating requirements.

Sequence Flow;

  1. The user accesses the bank services by using a mobile device.
  2. The cloud-native application is invoked.
  3. The application uses all the cloud services that are available on the cloud platform to enrich the user experience.
  4. The application accesses enterprise systems and SOR data through an integration platform in a private cloud that provides all the integration patterns that are needed to run the transactions in line with business rules and approved processes.
  5. The requests go through a secure connectivity gateway that provides access to the private cloud network and the enterprise domain.
  6. Application integration logic is invoked and run on an integration flow runtime that orchestrates access to the back-end systems.
  7. Alternatively, the flows can be invoked by a set of managed APIs. In addition, the integration logic can also be orchestrated by the native application by using fine-grained API calls directly to the back-end system.
  8. Data between enterprise repositories and those in the cloud, such as SaaS applications or DBaaS, can be synchronized through the integration platform with appropriate transformation and normalization.
  9. Asynchronous access to heterogenous and closed systems can be done with enterprise messaging directly from native applications.
  10. Event-driven integration allows enterprise applications to consume and process events that are published by the native applications. It also allows for enterprise events to be published and consumed by cloud services such as analytics and cognitive.
  11. High-speed file transfer capabilities enable the quick synchronization of large content and data among cloud repositories and enterprise back-end systems across global geographies.
  12. The integration platform also integrates with enterprise nonfunctional aspects with a unified perspective on DevOps, logging and monitoring, and security.

So, this is a high-level case study for an imaginary bank ‘justSajid Bank’ through which the bank transform itself from traditional banking to a completely digital bank. And the journey is further continue to add more transformations to facilitate people as per the needs of the modern era.

References:

i) ibm.com Architecture.

ii) microsoft.com Architecture.

Data Scientist & Solution Architect || IBM Recognised Speaker, Mentor, and Teacher || Debater || Blogger || Guinness World Record Holder || Watson Solution Developer || IBM Community Activist || Aspiring to Inspire.

Leave a Reply

Your email address will not be published.

*