Dealflo is now part of OneSpan (previously VASCO).

To learn more about how this will help you in your digital transformation, please read the press release or visit

Dealflo is now part of OneSpan (previously VASCO).

Get in touch


In February 2018, Dealflo CEO Abe Smith took part in a webinar on how financial services companies can improve CX, increase sales, and reduce risk by digitizing the customer onboarding process.



What was your motivation to set up Dealflo?


I spent a couple of years prior to Dealflo in two sectors which Dealflo gets involved with – electronic signature and identity verification. I sold both solutions, separately, into banks. I think what was clear from my involvement with electronic signature is that as an individual solution, e-signature was inadequate to cope with the end-to-end digitising requirements of a large and complex multinational financial services company. The firms needed a more robust and strategic solution than a tactical product. I think that was really the genesis for thinking about how we (Dealflo) could deliver that value proposition. That is really what led to the creation of Dealflo.


How long has Dealflo been operating now?


We founded the company eight or nine years ago, but if you’re trying to pull together a value proposition which is “plug and play” for a bank to automate pretty much any onboarding process regardless of complexity or geography or risk, you’ve got to do a lot of prior work, not least in legal and compliance research across banks’ key territories. So, it took us good full two years before we started developing the products at all. We went live with our first client which was Hitachi capital, who is still a great client of ours, back in 2012.


This webinar is about digitising customer onboarding and how to improve the customer experience without compromising on compliance and risk. Abe, I’ll hand over to you to discuss this topic in more detail.

Digitising Customer Onboarding: How to improve the customer experience without compromising on compliance and risk


I think everyone would conceive that customer experience as important, especially as we’re facing PSD2 and potential competition with retailers who have really nailed the customer experience and value proposition online. These changing conditions have brought this topic into sharp focus.

User Experience Matters

According to J. D. Power, on a survey that they conducted, new customers are three times more likely to leave in the first 90 days of a banking relationship, predominantly due to customer experience reasons. Ernst & Young research interestingly concluded that four out of five customers would consider moving from their bank or using a nonbank provider for their banking activities, purely because of user experience reasons.

Finextra, comparing various improvements in UX onboarding processes for banks, noted anywhere from a 20 to 64 percent uplift in conversion. If you are lending billions of dollars, that’s a significant uptick in conversion, purely driven by user experience.

User experience is important and it’s becoming more important in a diversifying financial services world that we’re facing. But, risk is important too. There’s no point in fantastically improving your onboarding experience if you’re doing so at the expense of risk. Effectively, anyone involved in the financial services industry on this webinar is involved in the industry whose primary function is the management of risk. That is core to what any financial institution does. So, if you increase the risk, that’s generally an untenable situation.

Another fun fact is that since 2008, our target market clients, which are predominantly banks and financial institutions, have suffered something north of $300 billion worth of regulatory fines. Many of these were due to inadequacies in their onboarding processes. More often than not, those inadequacies were driven by manual or human involvement in those onboarding processes. People are great at some things, but in terms of banking onboarding for regulated products particularly, they are fallible. There are variety of causes for those $300 billion worth of regulatory fines, including human error, but also mis-selling.

So, the opportunities that automation presents, not just to improve the customer experience, but also to gain control over the onboarding process and thereby manage that risk, are significant.

What concerns us primarily as a business, at Dealflo, is the question: How can we deliver the joint value proposition to our clients of improved UX and improved risk environment?

This is a kind of a cake and eat it scenario, and it’s a scenario I’d like to unpack today.

To do this, it is necessary to consider the following questions – regardless of who provides the digital onboarding process, what does it comprise of? What are the main steps that you have to go through, in terms of a generic workflow, and how do you control those steps?

Steps in the digital onboarding process

I think across the board; the following steps apply

  • First of all, we have to go and get some data from an applicant, from an applying customer. This is often done through an online application. That’s not a new area, most of our clients – long before dealing with Dealflo – were doing browser-based application processes. We might want to cleanse and validate the data from the application processes to make sure that when we use it, subsequently for verification, it’s as effective as possible. But, let’s say that is the first step.
  • The second step, and again if we’re thinking about a purely digital approach, is verification. What we really mean by verification is the multiplicity of answers to question that a bank or a financial institution might have to understand in order to proceed with a customer application.For a global financial institution, this could be one of a huge range of things. From identity verification to anti-money laundering, bank checks, document checks and challenge and response questions. If you’re a company with thousands of use cases, across potentially 30 or 40 different countries, the range of checks you might want to digitize can be substantial.
  • If your onboarding process necessitates some kind of agreement, then you need to likely generate that agreement and distribute it across the browsers’ operating systems and devices that your end customers are using to access your onboarding system. Whether that might be in a branch, at a kiosk, remotely or on a phone. Whatever it is, you have to ensure that the way that you generate that document and deliver it results in the customer having a consistent view of a document in the correct and compliance format. This can sometimes be more of a challenge than you might think.
  • Then we have the good old electronic signature. But also, digital signature. In the UK, there’s more of a differentiation in terminology between these two things but for simplicity, let’s think of electronic signature as your customer saying, “I agree with the terms and conditions.” And let’s think of digital signature as the institution applying integrity to all of the evidential data resultant from the onboarding process. Traditionally, digital signature has only been applied to the contract, to the agreement that a customer signs. But, actually all of the other steps, generates important evidential data, particularly the verification steps. Things like identity, anti-impersonation, bank checks – this is all important data pertaining to the onboarding process. If that doesn’t have the integrity conferred by digital signature, that’s a weakness in an onboarding process.

If all these different steps are spitting out evidential data, what do you do with it all? Do you have it all in different places in different formats, some with third parties with different integrity and security policies applied, or do you have it in a single place in a single repository with a consistent application of security and integrity?

Regardless of what kind of use case you are implementing from onboarding and what kind of geography you are implementing it in, these are generic steps which you are going to have to figure out at some point. To manage these steps in an efficient way and to control the evidence, security and integrity of this process, clients want centralised control.

To manage lots of different steps in lots of different countries, for thousands of use cases with multiple different vendors becomes complex, and complexity introduces risk. So, our clients want a centralised way of managing the content, the look and feel, the work flow, the resultant evidence and the security.

Combining these things into more of an end-to-end approach, has certain benefits. As we’re thinking about risk and user experience here, we’ll concentrate on those benefits.

Benefits of a joined-up approach

The first benefit is increasing sales. Why does a combination of different things, or taking a holistic approach to the different components of onboarding, tend to drive better sales?

If you’ve already taken the thoughts into integrate all of these different components into a single service, rather than having multiple different vendor and trying to control all of those different components and vendors separately, we find you tend to end up with a more seamless user experience. As we probably all agree, a good user experience drives sales and a poor user experience restricts sales. If you’re able to automate all of these steps, you will be automating more of the process and you will be less likely to revert to manual intervention, which as mentioned previously in relation to the £300 billon in regulatory fines paid, can create issues.

Not least among these issues is the cost of manual intervention. Simply put, the more you can automate, the more efficient you are going to be in your onboarding processes.

The third point is around risk. If taking a holistic approach to onboarding means that you can design, execute, and evidence all of these different steps in a consistent way (i.e. you have all the data, the verification information, the document, the electronic signatures and apply the digital signature to everything), then you’re going to have more evidence, and the evidence that you do have will be more easily found, and the evidence once found would be more provable to have integrity. All those things, mean for our clients, lower risk. Centralised control does offer greater convenience and less complexity. Again, complexity is a risk driver.

So, from our experience replacing disjointed processes, we believe that taking a more holistic approach tends to deliver the holy grail of improved sales and efficiency, but not at the cost of risk.

Unpacking verification

A lot have been spoken over the years about electronic signature, but I want to unpack the ‘configurable verification’ area of this onboarding workflow in more detail. This is because we believe that, aside from electronically signing documents delivering efficiency and UX benefits, taking a more radical or holistic approach to the customer verification process has massive upsides, both in terms of user experience and risk.

Let’s assume that we are a financial institution, and let’s assume that we are trying to roll out digitised onboarding across many of our use cases. There is a huge variety of different check types that we might want to automate in order to be comfortable to onboard that end customer. Let’s assume this is a ‘new-to-bank’ or ‘new-to-institution’ end-customer. Some of these checks will be legally mandated, some will be very sensible, and there will be a range in between.

  • So, let’s start with the legally mandated things like anti-money laundering. There are multiple different services out there who offer anti-money laundering. The only thing to note is if you’re an international institution, then a single bureau provider probably isn’t going to do it for you, and you’re likely to have to integrate with multiple different bureau providers or specialists to access multiple different countries.
  • Secondly, ID verification is similar to anti-money laundering in so far that one bureau may not cover all the IDs you need to verify. When I’m talking about ID verification here, I’m really talking about data checks to find customers in official databases. That, in combination with anti-money laundering checks, is the concept of proving the customer exists and that they are not someone who is excluded from doing business with you.
  • Date of birth and address checks speak for themselves.
  • Then we have things like bank checks. When we started doing business six, seven years ago, the bank check options that were open to us were relatively limited. Today, we have a huge range of different bank checks, from things as simple as modulus checks correlating the bank account number with sort code, to connecting individual customers with individual bank accounts, to seeing if individual bank accounts are associated with fraudulent activity, all the way up to looking into individual bank accounts and assessing independently customers’ ability to pay.
  • Moving on to knowledge-based authentication. This is one of the most widely used functions for anti-impersonation. If you’re thinking about executing an electronic contract with an end-customer and the method of execution is a tick in a box, then, you have to be pretty sure that you can prove that it’s the end-customer who is in control of the advice when they’re ticking that box, and not somebody else. So, anti-impersonation ‘at point of sale’ becomes quite important. Knowledge-based authentication – asking the customer questions based on his/her credit file that only he/she should know the answer to – is in theory a good way of doing that. But, in practice, it’s more of an art than a science. It can be done very badly or very well.
  • Then, you have things like document verification. IP verification is relatively self-explanatory, but document verification rather like bank verification is becoming more and more sophisticated. Today, we’re able to not just validate the algorithms on official documents, like passports and drivers’ license, but optically character-read the entire document. We are also able to do a 30 point check on the document to ensure the document is valid; to cross-reference the identity from that document with AML and ID checks; to do a biometric check looking at the customers’ face, doing likeness checks and comparing that to the photograph on the document; to reading from a phone the near field information contained within the chip in a document like a passport which also has a biometric. Triangulating all of that data with previous checks can serve, in its entirety, as a very robust form of ID verification and anti-impersonation. In terms of the user experience, document verification checks such as these would probably only be only used for more higher value or higher risk onboarding processes.
  • Then, you have things like device identity, which is becoming more interesting to us and our clients. Device identity offered through vendors like Iovation enables us to look down the wire at the applying customer and take a fingerprint of the device that the customer is using. Then we can do a few interesting things. We can figure out if this is a known customer, or a known ‘good’ device, or a known ‘bad’ device, or we can apply algorithms to create a risk assessment – is this a likely good or a likely bad device? We can figure out the location, from where the device comes from and do other different fraud checks.

So, what I’m not saying with this slide is that clients need to implement all these different verification checks to onboard an end-customer, that would be crazy.

But what we are saying is that there is no silver bullet to onboarding verification, and that clients or financial institutions who are serious about digitising onboarding, whilst optimising the customer experience, need access to a variety of different services and may well want to use these different services in a more creative way than having single integrations with a couple of bureaus.

So, we have a range of different check types. The other thing that is interesting from our experience about the way our clients are using these check types today, is that they want to be able to create almost infinite workflows using different checks in different ways, from different end-vendors, to optimise three main things.

Optimising verification checks for customer experience, risk and cost

The first one is customer experience. If you can manage the work flow of your verification efficiently, then you’re going to be less likely to have to revert to a manual intervention for verification. The moment you ask your customer to photocopy their ID or walk into their local bank to verify themselves, is a moment you’re going to lose that customer. If you can retain that onboarding session online, with sufficient fire power, in terms of digital verification to keep that customer in-session, you’re much more likely to convert that customer. You can even do things like add in ‘if then’ scenarios. For example, if a customer doesn’t pass the first round of verification checks you could automatically build in automated document verification, keeping that customer in-session and preventing that customer from going through a manual process. Either way, if used correctly, a creative approach to combining different verification checks, in workflow, will increase customer conversion and will improve user the experience.

The other thing that clients and banks particularly really want from this kind of approach is to mitigate risk. Simply put, the more options you have, to verify your customer in different ways, the more evidence you’re going to have both at point of sale and retrospectively for compliance purposes (presuming you collate and utilise the evidence from those different checks).

Lastly, the added benefit of this approach, or of thinking about verification in this workflow-driven multi-vendor way, is the management of cost. If you have three different checks that are all binary (i.e. they all have to be passed), and if one costs 10p, one cost 50p, and cost £1, just make sure you’re doing the one that cost 10p first, and if prices change, make sure your work flow changes.

These are all considerations that make themselves possible if you’re taking a multi-vendor, workflow-driven approach to verification as part of your onboarding processes.


You’re obviously speaking to a lot of banks and financial institutions about this issue at the moment. What tends to be the main challenge in trying to do this that you’re hearing from them? Is there a common theme?


The institutions with whom we’ve had conversations recognise the upside of a more sophisticated approach, particularly around verification and particularly around multi-vendor workflow-driven verification. Sometimes the challenge is that they have is getting their head around the fact that – if the verification processes are going to end up in an electronically signed agreement – you have to think about them slightly differently, and you have to treat the result and evidence slightly differently, which I’ll move on to discussing now.


So far, we’ve concentrated on verification processes, or verification checks as part of onboarding. If that onboarding process is purely digital, it’s going to end up in an electronically signed agreement. That has certain implications for a) the way you go and get that verification evidence and b) particularly, what you do with it once you’ve got it.

Our clients want to able to prove a few really important things with the output of the onboarding process. The output that I’m referring to is the digital evidence they are left with, as a bank or financial institution, after the onboarding process.

The first thing they want to prove is that all the evidential data relating to one transaction (onboarding process), is:

  1. findable;
  2. provably uniquely connected with each other; and
  3. has integrity, i.e. not just hasn’t changed since it was created, but couldn’t have changed since it was created.

It would be very difficult to argue that actually none of those are important. To be in a position where you can’t find all of the data from an onboarding process, or to be in a position where you can’t prove the data was linked (i.e. not being able to prove that identity was linked to the signed contract), or you to be in a position where you can’t prove that none of that data has changed (i.e. you can’t prove its integrity), are all situations that are not acceptable in the digital world moving forward. But, it’s surprising the number of financial services companies, who, due to either traditional e-sign systems or own build systems that we end up replacing, are in exactly this situation.

So, the output of all of those different check types needs to be embedded within the end-contract, or some repository, with a digital signature (in this context analogous to a tamper-evident seal or a wax-seal on an envelope), proving none of the data has changed.

If you can do that, then you mitigate all of those risks that I talked about.

You end up with a single repository with all of the evidence you need to not just enforce that agreement in front of the customer, but also demonstrate you have all of the evidence potentially to a regulator or a judge in an easy and practical way. Very few banks operate in this way across the board today, but certainly that’s the direction of travel. Banks are starting to realise that traditional methodologies of having lots of different bits of data in different places in different formats is simply not a viable long-term ‘system of record’ for their onboarding evidence.

Benefits to a joined-up approach to digital onboarding

Lastly, I would say, taking this approach to verification drives the three things that we started out as a premise in the beginning of this webinar. If you’re less likely to revert to manual ID processes, you’re going to increase sales. If you can fail over one ID provider, for example, to another, if you are interconnected with multiple different providers, you’re likely to have higher resilience, which means you will be down less, which means you will sell more. If you’re automating more, you’re going to be reducing your costs and managing costs better, and if you’re capturing more evidence and if you’re treating your evidence more robustly, you are reducing risk.

For us, this is very much the ‘cake and eat it’ scenario that was the preamble to this seminar. I can only speak for our experience of the business case. Our experience of the business case from our clients has been significant.

Our experience of the business case

We’ve seen uplift of 25 percent in terms of client conversion. In terms of reducing the onboarding time and improving the customer experience, 90+ percent. In terms of capturing evidence, by executing the entire onboarding process end-to-end and capturing the evidence of that entire onboarding process, our clients have a more robust position to defend themselves against customer or regulator challenge, which reduces their risk. To boot, our clients see a reduction in carbon footprint.

More sales, less cost, less risk, and slightly greener – we think these are outcomes to strive for.

Hopefully that gives you a feeling for how we believe the market is moving in terms of onboarding, and how we think the very real opportunities around the ‘cake and eat it’ value proposition of improving the customer experience whilst reducing risk, are manifesting themselves with our clients today.

Q&A session


How does this approach work across a business that has multiple product types and different customer journeys?


The approach that we’ve taken is to build a modular software-as-a-service, which clients plug into once through a single integration, and which gives them access to limitless configurations of the service to serve a range of diverse different use cases. We have thousands of different use cases running off the same implementation for our clients. The differences are how they can figure each use case. It depends on how the vendor has created their service, and the extent to which it is either a platform or product which is configurable, or off the shelf. A configurable platform is the way forward if you are genuinely a multinational with thousands of different use cases to automate.


How do your clients make a business case for automation? Are there any particular differences in how they do it; any particular advice you can give in that regards?


Generally, the business case builds pretty well, but there are a few fundamental points to cover, and often we will help our clients build out that business case using a defined model. There’s an easy part of the business case and a harder part: the easy part, is cost-savings. If the customer can figure out the true loaded cost of manual processes (and often there are a lot of considerations which aren’t top of mind which you have to tease out, like the cost of error correction, for example), that’s an easy one to model.

Then, getting slightly more difficult is sales uplift. It’s hard to accurately predict the sales uplift which you’re going to generate by automating a previously manual or semi-manual process. But, with experience, you can make assumptions about the likely sales uplift, which then need to be tested.

The hardest part is the change to risk. It’s very hard to attribute a quantitative uplift forecast, or a quantitative business case, to a change of risk. What you end up with prior to an implementation, or prior a go-live, is a set of assumptions that are there to be tested, particularly around sales uplift and risk. Post go-live, your assumptions on sales uplift are tested and proved, but risk always remains a qualitative part of the business case, but it’s one that our clients understand due to the nature of their businesses.


When onboarding business banking customers, we see real value with face-to-face onboarding as it allows us to understand their business better, and make sure we’re offering customers the best possible value. How do you reconcile such a digital approach when a personal touch is valued?


I don’t think digital onboarding necessarily comes at the expense of a personal touch. It depends on what kind of a bank you really want to be. For example, if you take Metro Bank, Metro Bank is winning on the high street because their ‘modus operandi’ is offering a personal touch. We wouldn’t seek to usurp that, as it’s not part of their brand value. But I don’t think the two are mutually exclusive. Take the example of a customer walking into a branch and sitting side by side with someone who is helping them through a mortgage application which happens to be digitised. Those two activities are not mutually exclusive.

However, a lot of banks are not like that. If the choice is between offering an elegant UX for an automated digital onboarding solution or breaking the process and forcing a customer to a branch, even if they have to see someone, I think it’s clear which one resonates better with a customer. At the end of the day, you have to look to customer stats to fuel that argument, and the customer stats are clear. Where we automate processes, we get anywhere between a 25 percent and a 65 percent (sales) uplift. That’s not because customers are unhappy with an automated process.


Do you find this is something banks are looking at exclusively in the UK, or is there growing interest in this across the world?


It’s across the world. We do business in 10 different countries, we do business across continental Europe, we do business in China – the drivers are all the same. They are the same drivers that we opened with in the preamble to this webinar and that is to make the customer experience fantastic but manage risk appropriately in the background. Every financial institution in the world has these two drivers.



Customer Onboarding in the Digital Age


Automating Credit Agreements


Implementing Agreement Automation in Auto Finance