Product

Collect sensitive documents securely

June 7, 2023

minute read

A quick how-to guide for delighting customers and increasing conversion rates.

As a product manager at Inscribe, I talk to businesses every day that tell me they need an efficient, secure, and user-friendly way for their customers to provide bank statements, identity documents, formation documents and more

Many of these businesses use email or file shares, and others that have built their own. Unfortunately, these in-house solutions are often neglected due to lack of internal resources. I’ve also spoken to several businesses just getting started that haven’t known where to start. They’re asking …

  • How should I efficiently collect documents from applicants and customers? 
  • How can I remain compliant whilst maximizing response rates and conversion?
  • How can I ensure our document collection processes will scale as we do?

We’re going to explore some of the ways businesses approach this topic, and how Inscribe’s Collect feature enables our customers to collect documents painlessly and compliantly.

Sharing PII over email is not safe

Many companies ask their applicants or customers to provide sensitive documentation to them via email. However these communications will, by their nature, contain PII (personally identifiable information).

Emails can be intercepted (depending on the security measures in place), or even sent to an unintended recipient in error. If this happens, it places a significant amount of your customer’s personal data in the hands of somebody else. Your customer’s unsecured emails are a boon for cyber criminals: Their PII can be used to facilitate identity theft and the financial information could be used to make fraudulent transactions. As well as putting your customers in peril, this type of behavior could land you with fines (remember Equifax’s $575M+ fine?) and some serious reputational damage.

Receiving documents via email is also unsystematic. If you receive a request to delete the data from the data subject, compliance is often difficult because the data is scattered over many email inboxes.

So, if email's out, what other choices are there?

File shares are not tailored or scalable solutions

Another common consideration is using a file share service as a secure alternative to email. Whilst no doubt an improvement, this isn’t likely to provide the flexibility and scalability that you require.

You’ll firstly need to do your homework to make sure this service is as secure as it seems. Is it ISO 27001 compliant? Is it AICPA certified?

Directing customers to a file share means you lose out on any corporate branding and have limited control over the customer experience. This could be off-putting to your customers and lead to poor completion rates. Plus, it normalizes behavior that could lead your customers to being fooled by phishing/email scams.

You also have no control over what your customers provide you. If you need a utility bill issued in the last 3 months, how can you ensure that the document provided is that recent? Or that it’s actually in your customer’s name? Or that it’s even a utility bill? These checks will need to be done manually, slowing down your processing times and creating a lot of back and forth whilst you seek the right content.

Finally, file shares are only going to solve half of your problem. They give you a way to receive content, but what about getting in touch with your customers and directing them to that portal? Or integrating it seamlessly into your onboarding process?

A more controlled approach is required to scale any document collection process.

Building a document collection flow in-house is a headache

Lots of companies choose to build their own document collection process in house. This is a great way to address the issues we’ve looked at so far. 

That said, it’s easier said than done! Not only will you need to receive and retain these documents securely and compliantly, you’ll also need to consider how you will ensure that your customers are providing you the right content. File formats are relatively easy to verify, but how will you make sure it’s the right kind of document (e.g. bank statement), from the right person, containing the right details?

More fundamentally, is building this tooling yourself the best use of your engineering team’s precious time? Often risk teams will struggle to get such tools prioritized on their company’s product roadmap. Even when they do, the prioritization problem will play out again each time an iteration is needed to improve completion rates or customer experience.

Building in-house gives you maximum flexibility, but the upfront cost and build time can be inefficient, particularly when we consider that such a service is available to buy off the shelf. 

A third party could help you, but not all products are created equal

If you have limited or no engineering support, or simply want to focus your engineers on the things that make your business unique, you could partner with a third party to provide your document collection solution. There are even low- and no-code solutions that your team could adopt.

If you choose to outsource, your partner will have done the hard work to create a great UX to maximize the throughput of desired users.

But not all vendors offer an equally compelling product or value for money. Many vendors only offer a document collection solution and not a holistic Risk Intelligence solution, like Inscribe. 

You’ll want to consider whether the vendor you choose can: 

  • Detect fraud in a wide range of document types
  • Ensure the applicant provides the right documents during the submission process
  • Extract, digitize, and verify document details from those documents to automate manual reviews and processes
  • Automatically accept or reject applicants based on rules you define
  • Provide insights into a customer’s creditworthiness using alternative data points
  • Integrate seamlessly into your existing systems and processes

Inscribe offers painless document collection for your customers

By leveraging our Collect feature, fintechs and financial institutions can rely on Inscribe to securely collect and store customer documents through a seamless, custom-branded experience. 

Here’s how it works in three easy steps: 

With Collect, you can increase response rates and decrease onboarding timeframes by sending clear and specific document requests. Applicants can drag and drop documents to a secure portal, and you set rules to ensure the correct documents are uploaded. You can even receive alerts once documents are submitted to keep the process moving.

You can integrate document requests into your existing processes via the API or embeddable iFrame. This makes it possible to automate the ask on your end and makes it simple (and safe) for customers to fulfill requests on theirs. Plus, you’ll have easy access to a central repository for all documents shared, because they’re sent directly to Inscribe.

Collect is fully customizable. You can add your company logo and colors to the email and upload portal to create an experience that feels familiar and instills trust in your applicants. Even customize the content included. With complete control over the experience, there’s no need to tap into your Engineering resources to build a document request portal yourself.

By partnering with Inscribe, Gig Wage was able to increase their response rate to 80%. This is in addition to eliminating 30 minutes of manual processing per application and shaving two days off of their customer onboarding times. Read more about our partnership with Gig Wage here.

Similarly, Inscribe has helped Mercari to improve the security of their document transfer and storage. At the same time, Inscribe has helped Mercari to achieve a 20% reduction in processing time and save millions of dollars in potential penalties and fines for regulatory violations related to sales of counterfeit or embargoed goods. Read more about our partnership with Mercari here.

But Inscribe includes so much more than Collect. Inscribe provides state-of-the-art AI solutions that help risk teams automate manual onboarding and underwriting tasks — without increasing headcount or budget. Using Inscribe’s pre-trained AI Risk Agents or proprietary Risk Models, Inscribe customers can do more with less headcount, eliminate tedious review tasks, and reduce avoidable fraud losses.

Want to learn more? Simply reach out to schedule a meeting with our team.

  • About the author

    Andy Bernard is a Senior Product Manager at Inscribe AI. He has previously served as the product lead for financial crime compliance at Checkout.com, in addition to roles with Hotels.com and HSBC. Andy has his Bachelors from University of Warwick and has a professional degree in banking practice and management from IFS School of Finance. He currently resides in London, England.

Deploy an AI Risk Agent today

Book a demo to see how Inscribe can help you unlock superhuman performance with AI Risk Agents and Risk Models.