Sunday, November 25, 2018

7 Speakers Shared Their Views on eKYC in Kuala Lumpur

That’s a wrap on “The ACE Cards in Digital Customer Onboarding”, a seminar focused on eKYC topics held in Kuala Lumpur and Jakarta on the 9th and 12th of Nov respectively.

Even without the “e”, KYC (know your customer) for the regulated financial and banking sectors comprises a wide spectrum of activities. And the responsibility of KYC scope expands over time to cope with prevention of financial crimes, especially the AML/CFT/ABC (anti-money laundering/countering financing of terrorism/anti-bribery and corruption) compliance. Prior to assessing a customer’s financial risk, identity verification (IDV) is traditionally the first and an important pillar within KYC process. Australian’s system uses the 100-point check, while Malaysia’s financial system relies on MyKad-fingerprint verification in face-to-face IDV.

And as electronic KYC is becoming the new normal due to evolving landscape in client onboarding trends, most if not all of the KYC activities are to be automated online with straight through processing, such as facial recognition for facial sighting and online API for financial risk assessment. At the same time, deep techs such as artificial intelligence and big data analytics are embraced to unlock new possibilities in financial crime prevention and create new opportunities from financial inclusions.

If we speak to 1 person to understand eKYC, we may only gain a tip of an iceberg. That is why, we gathered 7 speakers in Kuala Lumpur, and 6 speakers in Jakarta, to share their respective views on eKYC.

Microblink Sees Beyond Text Recognition

Microblink is a R&D company developing proprietary computer vision technology optimized for real-time text recognition locally on a mobile device. Innov8tif is a regional distributor of Microblink in Southeast Asia, and we are using Microblink’s OCR technology as part of EMAS eKYC suite, to recognize ID card details as part of the ID verification process.

Valentina Kusek and Boris Trubic came all the way from Zagreb, and shared with us exciting updates about Microblink’s next generation OCR technology – DeepOCR, and its model trained for bank/credit card scanning. In addition to ID card recognition on mobile, DeepOCR will also be made available to server-side processing as Web API. Seeing beyond text recognition, Microblink is also working on document authentication technology, such as hologram detection to prevent identity fraud.

Cyber Ethnography

Today’s consumer behaviors are getting more sophisticated to be generalized by traditional demographics, such as gender, age group, ethnicity, education level, income group and marital status. Dr. Ian Tan, Data Scientist from Priority Dynamics, pointed out a fact:
“In this room, we have 25-year-old and 45-year-old. It shows that there is a common trait between these 2 age groups and they do behave the same in some aspects, or share common interests”
Thus, the traditional market research or consumer analytics is no longer entirely valid to derive customer insights and profiling. This leads to Dr. Ian’s sharing on “Cyber Ethnography Support for Risk Mitigation”. The word ethnography, is a new word to most of the event attendees. By definition, cyber ethnography is explained as:
online research method that adapts ethnographic methods to the study of the communities and cultures created through computer-mediated social interaction

Tuesday, September 11, 2018

What can Your Business Do to Comply with Singapore PDPA for National Identification Numbers?

The Personal Data Protection Commission (PDPC) of Singapore updated NRIC rules (PDF) to enhance consumer protection from 1st Sep 2019.

  1. If not required by law, companies are not allowed to obtain user’s/customer’s NRIC number. Thus, requesting for photocopy of identity document in this instance, will be absolutely illegal.
    • Such instances include but not limited to redemption of free parking, signing up for retail membership, submitting feedback or registering interest in a product/service, online purchase of movie tickets, and participating in lucky draw.
  2. Companies can only collect and use NRIC number if required by law, or when it is necessary to accurately establish or verify the identity of an individual to a high degree of fidelity.
    • Examples of such instance are: seeking medical treatment, checking into hotel, subscribing to mobile telephone line, enrolling into private education institution, new employee joining an organization.
The ruling isn’t just limited to citizen’s and permanent resident’s NRIC, but also Foreign Identification Number (FIN), Work Permit number, Birth Certificate number, as well as any document containing these numbers.

Check-out the Advisory Guidelines (PDF).

Alternatives to NRIC

In event where your business is not allowed to collect user’s NRIC, some alternatives suggested by PDPC are:
  1. User-generated ID
  2. Tracking number
  3. QR code
  4. Monetary deposit
  5. Partial NRIC (e.g. last 3 numerical digits and checksum of IC)

Protect Your Customer’s IC Document

And to organizations who are allowed to collect customer’s NRIC, you may want to consider taking measures to uphold information security, and to protect your customer’s personal data.

Tuesday, August 28, 2018

What Have We Implemented on Joget Workflow for Our Client's Process Automation Needs?

In year 2009, Joget Workflow began as an GPL open source project on SourceForge. Back then, Joget Workflow was just a humble workflow engine with some wizard-based administrative UI and form designer tools. Compared to today's Joget Workflow as a full-fledged enterprise workflow application builder, it has progressed a lot in less than 10 years. Of course, this journey was challenging to be witnessed, and was only possible with a sustainable commercial open source business model and healthy growth of world-wide customer base.

It's an open secret that, I was part of the Joget's early founding team till year 2011, before Innov8tif was founded. Back then, my role with Joget Workflow was primarily in product evangelism, technical consultancy and training services.

Innov8tif is probably one of the very very very few early partners of Joget to focus on providing end-to-end Joget Workflow related services. It was certainly not easy to convince enterprise segment adopters in the early years of Joget Workflow, due to lack of successful implementation use cases to begin with.

When promoting Joget Workflow as a low-code application builder platform, it is much seen as a Lego-like toolbox. You can digitize many different types of processes on top of Joget platform, the constraint is only limited by your imagination. And companies who are looking out for a low-code workflow platform, understand the benefits they are incentivized with, or looking forward to embrace:

  1. Long-term cost effective business-wide digitization: We are not just speaking about automating a leave application process or a purchase requisition workflow, but potentially tens of processes and company-wide request forms that used to be powered by paper forms or even Word/Excel documents circulated through unmanaged email conversations.

Thursday, August 9, 2018

RM1.3 Million Savings by Enabling Debt Collection Team with Mobile Workforce Capability

Lately, our team in Kuala Lumpur learnt an encouraging news from one of our flagship clients in the financial services sector. Over the past 12 months period, the mobile debt collection system we implemented to the financial services company has recorded a total of RM1.3 million (appx. USD 320K) savings to the operations!

"Sometime, encouraging comment like this is what makes us feel achieving at our jobs," said Ken Wei our CTO to the team in a daily stand-up meeting. 

We did not reinvent the wheel of loan collection core system, which was present in the infrastructure prior to our implementation. By integrating with the loan collection core system, our solution extends modern mobile workforce capability to the client's debt collection operations. Some capabilities are aimed at improving operational efficiency, while some are targeted at curbing expense wastage.

  1. Real-time statement of account. No longer does the debt collection team relies on printed copies for debtor's statement of account. Real-time and on-demand information are available at fingertips to suit the real-life use cases of mobile workforce. 
  2. Swift assignment of jobs. In today's agile world, pre-planned job assignments may not be entirely relevant to be followed-through, and it's becoming challenging for the traditional job scheduling method. With mobile workforce capability, collection personnel's tasks can be swiftly adapted to arising changes and needs. Personnel can also grab a new job nearby on ad-hoc basis, thanks to the GPS.
  3. Paperless digitization. From job plan to statement of account and visitation report, everything is recorded and presented paperless. Most importantly, data is digitized for real-time reporting and analytics.
  4. Automation-assisted mileage claims. Collection personnel's travel mileage is automatically calculated from the map, simplifying daunting, non-value added task, and at the same time mitigating frauds.
Digital transformation is often being presented in a multi-year and huge roadmap. What's important, is modernization and digitisation in operational efficiency and customer journey which translate to one or combination of these positive outcomes - happier customer, higher revenue, lower cost.

For this client, aside from improvement in debt collection, the million of Ringgit savings captured in the first 12 months is impactful. 

On a related note, we have another Japanese MNC client in the manufacturing industry who used to pour in USD 12K every month, on office printing! Which includes leasing of photocopier and cost of paper. Through digitisation of office workflows, the need for hand-drawn signature and request approval are eliminated, and thus greatly minimising paper printing needs within the office which ultimately derives into clearly visible cost savings.

Saturday, July 7, 2018

Thomson Reuters on Cashless Malaysia and BNM's ICTF

It was 3 days before the Bank Negara Malaysia's Interoperable Credit Transfer Framework (ICTF) came into effect on 1st July 2018. Thomson Reuters' Risk Management team organised an event to discuss the role of ICTF in Malaysia's move towards a cashless society. This event held in Kuala Lumpur was joined by respectable industry players, legal & compliance practitioners and government agency in the form of discussion forum.

Innov8tif was at the event to share our latest development in e-KYC for "document not present" use case, which now also features an out-of-the-box integration with Thomson Reuters' World-Check to support our client's risk management needs.

The ICTF seeks to foster an efficient, competitive and innovative payment landscape in Malaysia by enabling the interoperability of credit transfer services and promoting collaborative competition between banks and non-bank electronic money (e-money) issuers through fair and open access to shared payment infrastructure. (source: Bank Negara Malaysia). When fully embraced by banks, e-money issuers and fintechs, Malaysia's residents would witness cashless experience on daily routines. For example, splitting of lunch bill among colleagues will no longer involve bank notes and small change. It may become second nature for me to re-pay my lunch bill to another co-worker, electronically from e-wallet, without even considering if we are sharing the same e-wallet platform or having an account with the same bank - all these with zero transaction charge!

What Came into Effect from ICTF?

Since 1st July, the following aspects of ICTF have been observed:
  1. All banks have waived transaction fee for instant interbank fund transfer of RM5,000 or below (per transaction). This is one of the key aspects in ICTF to spur and encourage e-wallet or e-money use cases and adoption. 
  2. Most if not all, of the e-wallet apps observed in Malaysia, are using QR-based cashless payment. ICTF requires eligible e-money issuers to adopt a common and standardised QR code format for merchants. Though it doesn't preclude e-money issuers from offering their own QR, but at minimum – the universal format must be offered. This measure helps merchants to embrace and accept cashless payment from multiple e-wallets, without having to display 10 or more QR at the cashier. Maybank QRPay is one of the earliest banks that already adopted the standard – PayNet QR.

What Remains Unclear?

  1. ICTF policy outlines the use of common identifiers by customers, through a central addressing repository known as National Addressing Database (NAD). Conceptually speaking, it links a bank account or an e-money account to common identifiers of an account holder such as mobile phone number, National Registration Identity Card number or company/business registration number. However, the actual mechanism of NAD and its ID data sources, remains unclear at the moment. 
  2. Will the access of National Addressing Database be open to entities other than the banks and eligible e-money issuers? The NAD is seen, potentially as a golden source of online ID repository – which, is inevitably useful for e-KYC of any consumer-facing industry.

The e-Wallet Race

The e-wallet race is heating up rapidly. The shift to cashless society requires, not just participation from e-money issuers and innovative ideas, but also - the great behavioural shift among consumers. ICTF policy helps to iron out foreseeable frictions and promotes a more competitive landscape for all participants by lifting transaction fee.

The behavioural shift, could likely only happen from aspects of daily routines, if digital wallet is proven more convenient. Think about a college student's or working adult's daily life. Cash and small change is typically involved in:
  1. Buying a cup of coffee
  2. Paying for parking or transport
  3. Paying for lunch or splitting bill
Currently, there are already 40 licensed e-money issuers in Malaysia, competing to secure top spots. An e-money issuer that can successfully tap onto the above described core daily activities, will most likely win the race. 

Sunday, June 17, 2018

Robotics and Cognitive: How are They Applied in Business Process Automation?

If your job involves looking into digitization opportunities and automation of business processes, it’s not far reaching for you to come across awareness for robotic process automation (RPA) and cognitive automation. RPA is not new; it has been around for many years in the form of screen scraping technology and macro.

There are many bombastic definitions and descriptions for RPA (robotics) and cognitive automation. Often, marketers even refer to RPA and cognitive automation, simply interchangeably with the A.I. (artificial intelligence) umbrella. Perhaps, the easiest way to understand these 2 types of automation, is by looking at its resemblance with human.

  • RPA (robotics) is to mimic human actions
  • Cognitive automation is to mimic human thinking

Robotic Process Automation (RPA)

Look at the robotic arms in assembly lines, such as automotive industry. A robot doesn’t have to “think”, but to repeatedly perform the programmed mechanical tasks. It repeats what have been programmed into it. 

Similarly, in the software context, RPA is about mimicking human actions in an automated process.

  • Automatically extract information (using OCR) from a payroll account statement submitted as part of loan facility application, then, calculate 3-month average income, and compare that with the applicant’s declared earnings.
  • Automatically repeat a sequence of clicks in a standalone software to generate cost analysis over a material costing optimization proposal. 

Wednesday, April 25, 2018

What to Look Out for When Evaluating Low-Code Development Platform?

As described on Wikipedia:
Low-code development platforms (LCDPs) allow the creation of application software through graphical user interfaces and configuration instead of traditional procedural computer programming. The platforms may focus on design and development of databases, business processes, or user interfaces such as web applications. Such platforms may produce entirely operational applications, or require or allow minimal coding to extend the applications functionality or for uncommon situations. Low-code development platforms reduce the amount of traditional hand-coding, enabling accelerated delivery of business applications. A common benefit is that a wider-range of people can contribute to the application’s development, not only those with more formal programming experience. LCDPs also lower the initial cost of setup, training, and deployment.
Low-code development platforms employ visual, declarative techniques, which define data, logic, flows, forms and other application artifacts, without writing code, according to Forrester Research. Imagine Lego blocks for software application development. Developers may code to integrate access to older applications, for reporting, and to customize for special user interface (UI) requirements, Forrester analyst John Rhymer wrote in an October 2017 research report.

Why is There a Shift from Traditional Coding to Low-Code?

Low-code development platform has been gaining widespread tractions from enterprises worldwide to tackle challenges witnessed in traditional coding with programming languages.

1. Difficult to meet desired timeline complementing go-to-market strategy:
Every business unit is crafting its digitization needs and roadmap, yet, time is a fixed constraint. It is challenging to have speedy go-to-market products with traditional coding. Proof-of-concept (POC) with minimal viable product (MVP) is often taking more time than justifiable.

2. Lack of agility:
Change is inevitable in business, so embrace it. The lack of configuration tools for form and process flow changes is making it challenging for programmers to adapt with business rule changes, as it often leads to longer development time and to some extends, unmanaged scope-creep.

3. High long term maintenance costs:
Compared with changes through configuration, an application system developed from coding with programming languages and frameworks will require development continuity and support by qualified and experienced full-stack software engineers. Knowledge and technology transfer from application creator to another person will also require prerequisites for extensive programming competency. Thus, the long-term maintenance cost of such application system also includes the costs associated with talent retention. Otherwise, when maintainability falls-out, the application system eventually suffers along with higher technical debts.

4. Poor quality:
When every feature is developed from coding, a commonly used user interface component such as pagination table with search filters could also present programmatic bug.