Customer onboarding: An overview

In May 2024, San Francisco-based investment firm SoFi was forced to pay $1.1 million in fines. Federal investigators found that from December 2018 through April 2019, this fintech company had been lax in verifying the identities of customers opening cash management brokerage accounts. Using hundreds of fictitious or stolen identities, fraudsters were able to steal $2.5 million through a complex money transfer scheme.  

Due diligence during customer onboarding is the first and most critical opportunity for businesses to stop fraud before it begins. At the same time, companies must ensure that they’re making the new customer’s journey proceed as smoothly as possible. Here’s a look at how to prevent fraud without losing legitimate clients.  

Jump to ↓

Fraud prevention: The importance of customer onboarding

Designing a secure yet seamless experience

Understanding onboarding compliance requirements

White paper

Building digital trust into your onboarding tech stack

Access full insights ↗

The importance of customer onboarding

Customer onboarding is the process of adding a new customer. It typically includes check-in practices such as welcome emails along with guidance on products and services via tutorials or other “walkthroughs.” Effective onboarding requires careful planning and execution to balance security with user experience. 

Onboarding also involves (or should involve) verifying the potential customer’s identity by collecting documentation and performing risk assessments. The costs of not ascertaining potential customers can be high. It’s crucial to ensure that new users aren’t putting a company at risk financially or reputationally.  

Digital technology has generated new ways to attract and onboard clients. Risk and fraud professionals know all too well that tech also has opened the door to increasingly sophisticated forms of fraud. Understanding these use cases helps organizations develop better prevention strategies.  

Here are some of the most widespread and most worrisome types that can originate during onboarding:  

Synthetic identities

Synthetic identities represent the fastest-growing form of identity theft. Fraudsters use a combination of stolen information of a real person with made-up identification data. Once this synthesized identity is established, it’s used to set up accounts for malicious purposes such as money laundering and invoice fraud. Synthetic fraud costs U.S. financial institutions alone billions annually.  

Bot signups

This could be considered a variant form of synthetic identity fraud. Cyber-criminals unleash bots that create fake accounts by exploiting vulnerabilities in businesses’ online registration systems.  

Account takeovers

In an account takeover, a fraudster leverages a customer’s credentials to take control of their financial, credit, email, or social media accounts. The bad actor then uses the stolen account for retail thievery or other fraudulent activity.  

Designing a secure yet seamless experience

There are several early-warning signals and monitoring techniques that can reveal that a customer is perpetrating fraud. The most common include:  

• Behavioral anomalies, which are deviations from normal customer online activity, such as a sudden burst of purchases or transactions. 

• Device mismatches, inconsistencies in a customer’s device usage. An example is a steady customer that suddenly initiates transactions (often large ones) from a different device or IP address. 

• Velocity metrics, which monitors the frequency and rate of actions, such as transactions or logins. A customer performing more of these actions than usual during a specific time frame could indicate fraudulent activity.  

One of the biggest and most complex onboarding challenges is balancing robust fraud protection and a seamless onboarding experience. Customer retention depends heavily on getting this balance right during the initial customer experience. If a potential customer thinks identity verification is taking too long, he or she may choose to log off and move on to a competitor.   

IT experts use the term “friction” to describe a sluggish online experience. Friction can drive high rates of customer churn (also called customer attrition). A high churn metric can signal problems negatively impacting growth and profitability.  

If a potential customer thinks identity verification is taking too long, he or she may choose to log off and move on to a competitor, which is why customer support during this process is crucial. Implementation should include step-by-step procedures and clear milestones for verification completion. 

Related blog

5 essential steps for KYC/AML onboarding and compliance

Read blog ↗

Ways to securely minimize onboarding friction

There are several techniques that organizations can use to verify and monitor customer identities while minimizing friction: 

Biometrics

This term refers to measurable human biological and behavioral characteristics that can quickly verify a person’s identity. It also describes automated methods that recognize individuals based on their distinctive biological and behavioral characteristics.  

Artificial intelligence (AI)

AI tools can automate and streamline due diligence workflows, including background checks, document verification, and ongoing monitoring of a customer’s online business and financial activities. 

Device fingerprinting

This technique gathers data points from a customer’s devices to generate a unique digital identifier. This data includes browser type, operating system, and IP address. Device fingerprinting can help businesses detect fraudulent activities such as multiple accounts created on the same device. 

Liveness detection

This biometric-centered technology pinpoints human characteristics that can’t be replicated electronically. “Passive” liveness analyzes and verifies “background signals” like skin tone and facial movement. “Active” liveness requests the user to perform a real-time action (such as blinking) to prove he or she is a real person.  

Adaptive or risk-based authentication

This approach assesses the risk of a potential customer based on the first login attempt. It scrutinizes the user’s location, device, network, and behavior. The goal is to provide low-friction access for clients deemed to be lower-risk. If a company determines that a potential customer poses a higher risk, it can activate more rigorous verification requirements, such as multifactor authentication.  

Progressive profiling

A similar technique is progressive profiling. A business will request very basic identification information during check-in. By simplifying account setup, the company is more likely to onboard the customer. Later on, it can request additional information. This approach allows companies to track onboarding metrics while maintaining a positive first-time user experience. 

Understanding onboarding compliance requirements

Rigorous onboarding is a strategic investment in fraud prevention and customer trust. You should prioritize secure, low-friction onboarding and ongoing verification to outperform competitors in customer success and regulatory compliance.  

A comprehensive onboarding program should address both security requirements and customers’ needs for convenience. 

Federal regulations relating to onboarding

Protecting yourself from fraud should be enough reason for your organization to establish thorough customer onboarding processes. Another reason to do so are regulatory requirements. These are federally required rules intended to protect businesses, customers, and the public at large from fraud, money laundering, terrorist financing, and other financial crimes.  

The most significant of these are know-your customer (KYC) and anti-money-laundering (AML) protocols. Not surprisingly, banks have the most rigorous onboarding obligations. The Bank Secrecy Act (BSA) was passed in 1970 to strengthen KYC and ​​AML processes. It also requires that financial institutions establish internal controls, procedures, and independent auditing programs. 

Using the right technological solution

Optimizing the functionality and security of the customer onboarding experience requires deep expertise, proper project management, and agility. Thomson Reuters Risk & Fraud Solutions empowers risk teams to quickly yet safely onboard clients as well as vendors and other third parties. 

Successful onboarding sets the foundation for long-term client relationships and business growth. 

CLEAR

Quickly onboard clients, vendors, and third parties

Request free demo ↗