How a Scalable Onboarding Platform Rescued a Credit Union and Transformed SME Banking

Solution Overview

This solution is designed to simplify the onboarding process for business clients of a leading credit union. It ensures compliance and enhances user experience with a strong, modular architecture. The system includes several core modules. These modules are tailored to the specific roles of stakeholders, such as Admins, Compliance Officers, and End Users. The system can be accessed through both web and mobile applications. It provides a comprehensive platform with the following key features:

1. Seamless Digital Experience for SMEs

• Onboarding Process: Business clients navigate onboarding easily through an intuitive interface, providing necessary documentation and information.
• Document Signing: Integration with DocuSign enables digital signatures, streamlining the onboarding process.
• Account Management: Users can manage accounts, view transaction history, and access tailored financial tools.
• Support and Help Center: Access FAQs, support tickets, and contact information for assistance.

2. Improved Compliance & Risk Management

• Audit Trail Management: Compliance officers can access detailed audit logs to ensure adherence to regulatory requirements and facilitate security audits.
• Risk Assessment Tools: Tools for evaluating potential risks associated with new clients, ensuring that all onboarding processes meet compliance standards.
• Compliance Reporting: Tools to generate reports that demonstrate adherence to regulatory requirements.
• Document Operations: Capabilities to create, review, and approve client documentation submitted during onboarding. This includes generating essential PDF documents, such as Form 41 and Form 130, which can be signed electronically via DocuSign.
• Additionally, it supports Single Sign-On through the financial institution’s identity provider.

3. Complete Control & Real-Time Insights for Admins

• User Management: Administrators can efficiently manage user accounts, assign roles, and monitor interactions to ensure compliance and security.
• Reporting and Analytics: Generate detailed reports on user activity, subscription statistics, and financial performance to inform strategic decisions.
• System Configuration: Manage system settings and integrations, ensuring optimal performance and security.
• Incident Management: Respond to system alerts and manage incidents to maintain operational stability.
• Access Control: Mechanisms to regulate user access and permissions for security purposes.
• Issue Tracking: A system for logging and tracking technical issues reported by users.
• Knowledge Base: Access to a repository of troubleshooting guides and FAQs to assist users in resolving common issues.
• User Feedback Collection: Tools for gathering user feedback on the onboarding process and overall platform experience.

4. Integration with Third-Party Services

• The system connects with legacy core banking systems and payment rails. 
• This ensures compatibility with existing client systems, facilitating smooth data exchange for operational continuity.
• DocuSign provides electronic signatures via APIs, enabling users to complete paperwork digitally and ensuring compliance with legal documents like Form 41 and Form 130.
• Identity management systems such as FIS Global allow users to log in with existing accounts, enhancing security and experience.
• SBA loan systems streamline lending, allowing users to efficiently access financial tools.
• GBG provides identity verification, flagging users in adverse media checks for further investigation.
• API links to the government’s OFAC (Office of Foreign Assets Control) services to provide screening of sanctioned entity lists.
• Plaid allows for secure bank account linking, enhancing data accuracy and simplifying onboarding.
• Integration with USPS validates user addresses, ensuring that only legitimate addresses are used during onboarding.

5. Mobile and Web Access

• The solution provides seamless access through a dedicated mobile app and an intuitive web platform, enabling users to engage with the system anytime, anywhere.

6. Architecture and Design

• The architecture allows for both cloud and on-premises deployment, featuring proprietary middleware for core banking APIs. A virtual local network was established in Azure, linked to the credit union’s local network via a VPN tunnel. Two database systems enhance sustainability by allowing for seamless switching.

7. Security and Compliance

• Robust security measures ensure compliance with SOC 2, ISO 27001, and National Credit Union Administration (NCUA) standards, instilling user confidence in data safety.

8. Marketing

• Campaign Management: Tools for creating and managing marketing campaigns targeted at potential clients.
• User Engagement Tracking: Features to monitor user engagement with marketing materials and onboarding processes.
• Promotions and Offers: Capabilities to manage and communicate special offers or promotions to users.

Utilizing this solution, the credit union can facilitate a compliant, efficient, and user-friendly onboarding experience for its business clients. Ultimately, this solution supports the credit union’s strategic goals of driving digital transformation and improving customer satisfaction.

Project Challenges

Developing the onboarding solution for the credit union involved several key challenges:

Challenge 1: Security Compliance 
The previous solution failed a critical security audit, risking non-compliance and fines. A robust security framework was essential.

Challenge 2: Unsuitable Architecture  
The serverless architecture was inadequate, conflicting with the client’s need for an on-premises solution. A shift to a scalable microservices architecture was necessary.

Challenge 3: Lack of Documentation  
The absence of documentation made the code difficult to understand, requiring reverse engineering and slowing the transition.

Challenge 4: Tight Timelines  
The project faced strict deadlines, with no room for extensions, demanding efficient planning and execution.

Challenge 5: Legacy System Integration  
Integrating with legacy core banking systems and third-party services posed technical challenges, requiring seamless data flow.

Challenge 6: User Experience  
The previous solution lacked a user-friendly design, necessitating a redesign to improve usability for business clients.

Overcoming these challenges was crucial for the successful implementation of the onboarding platform. It was also important for the credit union’s digital transformation.

Project Approach

The project began with a technical audit of the existing onboarding solution for a major credit union, revealing significant architectural and security compliance issues from the previous vendor. Given the urgency to pass a security audit for compliance certification, we prioritized addressing these vulnerabilities.

Faced with the choice of repairing the existing system, which would take months, or rewriting it from scratch in three months, we opted for the latter, a decision that proved effective.

To ensure a smooth transition, we adopted a phased approach to refactor the serverless architecture into a microservices framework hosted on Kubernetes, utilizing Docker for containerization. We employed the Strangler Fig pattern to migrate serverless functions to microservices without disrupting user experience.

Simultaneously, we reconstructed missing technical documentation through reverse engineering, aligning all requirements with client expectations. Our engineering team worked closely with analysts to identify and resolve gaps in business logic.

We integrated various third-party services for identity verification and compliance checks, including OAuth 2.0 for authentication, Plaid for financial data aggregation, and GBG for KYC processes.

The KYC process involved gathering data from multiple sources, including document verification with OC and Idology.com, and accessing information from Opencorporates and government APIs for sanctions lists, including OFAC. We also developed a feature to generate necessary PDF documents, such as Form 41 and Form 130, which applicants signed electronically via DocuSign, ensuring compliance with regulatory requirements.

Additionally, we implemented Adverse Media checks to provide insights into clients’ backgrounds, reducing false positives and enhancing the financial institution’s understanding of potential risks. We integrated USPS to verify the validity of applicants’ addresses, ensuring that P.O. Boxes were not used as shipment addresses.

Utilizing Microsoft Azure for cloud hosting, .NET for backend development, and React for the front end, we established a VPN tunnel to securely connect the client’s on-premise infrastructure with our cloud services.

We maintained two databases, transitioning from Oracle to MSSQL for flexibility.

By the project’s conclusion, we delivered a robust, microservices-based onboarding platform that met security standards and provided a streamlined experience for both end-users and compliance officers.

Results & future plans

Before:

• KYC process taking over 3 days Manual handling of documents and signatures.
• Limited integration with third-party services.
• Security compliance issues resulting in audit failures.

After:

• Instant verification through multiple data sources.
• 100% digital onboarding process with electronic signatures via DocuSign.
• Seamless integration with Plaid for financial verification and GBG for identity checks.
• Enhanced security compliance, successfully passing all required audits.

Result:

• 90% reduction in verification time.
• Immediate transition from application to opened account.
• Improved user experience with a streamlined onboarding process.
• Robust KYC processes that minimize false positives and enhance compliance.

Future Plans: We aim to further enhance the platform by exploring additional integrations, expanding the range of financial products offered, optimizing the user interface, and implementing advanced analytics for deeper insights into user behavior and compliance trends. Our goal is to ensure the credit union remains a leader in digital onboarding solutions, providing exceptional service while maintaining the highest standards of security and compliance.