A smarter, more social bank

From a customer perspective I find banks extremely frustrating, difficult to deal with and behind the times. With the launch of Metro bank, the first UK high street bank to be launched in something like a 100 years in the UK, surely this was the time to do something different......

The emails

So I saw on the BBC that Metro was launching, I was quite interested because I have found my current bank HSBC simply awful and just plain arrogant about it. The only reason I don't change is because when I tried I found the customer service in the others such as NatWest just as bad. I was seriously considering a building society or credit union but I couldn't find one with a branch close to me and of course I need to go to a branch to open and transfer my accounts.

So anyway I was interested in what Metro would do, so I went to their website, hoping to open an account. Found that the site didn't work in Chrome, so I sent the following email:
"Hi I'm browsing your site using Chrome and Firefox on Ubuntu and I can't see anything on this page on how to open an account: https://www.metrobankonline.com/personal/savings/How-to-open-an-Account/ By the way the website looks terrible, the blue and red and that logo, just bad. I am really keen to move my personal and small business account to you guys though because I am sick of HSBC"

Response received 5 days later (hm.. so far no good):
"Thank you for your enquiry.
We would love to help you open your account. We offer a great range of competitive products and Amazing customer service.Our products cover both personal and business accounts* (*may require additional business information). To open a new account, all you need to do is visit our new store in Holborn (One Southampton Row, Holborn WC1B 5HA). Bring your photo ID (Passport) with you and proof of address. We will go through all the details with you and even print your new debit card in the store.
There is more information available at our website, metrobankonline.co.uk or you can phone our call centre on 0345 0808 500."
Fantastic. So I can't do anything online, and there are no branches even close to me brilliant.

Next email:
"Are you planning to open a branch in Canary Wharf? Why can't I open my account online and send you scanned versions of documents. If you don't have convenience, especially online convenience for busy people good luck to you - I will stay with HSBC who I hate because they don't care about their customers. Do you want to be different? Do you want my personal and business account? Give me what I want and you will."
Response (3 days later):
"Thank you for taking the time to contact. We have been overwhelmed with the interest from the public, please allow me to firstly apologizes for the delay to our reply.
We would love to see you in one of our stores, unfortunately we are unable to open accounts online as this is a huge safety risk. As you can appreciate this is a decision we have taken to protect our customers and possible clients against identity fraud but also remaining inside the current UK banking legislations.
At the moment we have a further four sites planned on top of Holborn which is already opened, these are Earls court, Kensington High Street, Fulham Broadway and Borehamwood. We are currently looking at further site in Inner London.  We have extended opening hours at all of our stores."
So seriously not good, I love how security gets blamed for their lack of convenience and modernity.

The counter-arguments 

Before I start with some ideas of how Metro (or anyone who seriously wanted to disrupt and innovate in this industry) could have done it better, to address the standard responses that these ideas would be too insecure, create too much risk and/or be against the law:

A) Security: There is no reason why any of these cannot be done securely. It just takes the right people to properly design the security controls. All existing security controls, fraud detection systems etc can still be leveraged

B) Risk: Banks loose money all day every day on virtually all their channels like Internet banking, credit cards, ATM's, even Cheques for the antiquated Americans that still use them. It is simple a cost of doing business and that's how they treat it. Loosing $3M a year on online banking or $180M a year on credit cards seems like a lot to you and me, for a bank it is nothing against what these channels earn. I am just asking a pragmatic bank to treat these ideas in the same way - sure they will loose money to fraud but the benefit to the 99.9% legitimate customers and the additional revenue they will earn from these will outweigh the costs

C) Law: Banks break the law all the time, there is no bank that is currently complaint with all the laws they need to be compliant with. Hell majority of them are not even PCI-DSS compliant even though they have plenty of reports saying they are. So again from the view of the top bosses it is all relative, all a matter of what they can get away with and not get caught, just apply the same principles here: no need to overtly break the law, secure it well, present a good argument for why it complies, don't have any big public incidents and you will be fine.

A smarter more social bank

So the ideas of how to do a smart, social retail bank in 2010:

Account creation

Why can't you apply to create a new bank account online? What assurance do you really get when you see someone in person? A two second glance at a passport/drivers licence and a few electricity and gas bills? Guess what anyone with decent scanner, Photoshop and a colour printer could beat that check. I loved this article on how through a fake utility bill a woman registered her dog to vote. Think beyond the "this is always how we have done it" to what is it actually doing to reduce the risk?

Why isn't a scanned copy of your passport and utility bills acceptable? Especially when many bills (and bank statements) are only available online now (to save the environment and money of course). Betting agencies, FX trading and spread betting companies, insurers (all subject to tight legislation, fraud, anti-money laundering, 100 point checks etc) all accept it now - why not banks?

Hey while we are at it lets make this actually stronger require that the user provides a credit report (e.g. from Expedia) with their application, and also link a few of their social identities to the account e.g. their Google, Facebook and Twitter accounts under the same name. Now isn't that stronger proof of who you are the the bored person at a branch taking a 2 second look at your documents? And guess what? How much would your marketing guys love this extra info about a customer at account creation?

You can also create a digital signature based on the info provided and like what the Companies House does last 3 characters of three secret questions. Create a digital cert and provide this to the customer to download at account creation, they can use this when they authenticate to online and mobile banking systems and for signing transactions.

Link to payment providers

How about the web account you just created is linked on creation to a Paypall, Google Checkout and Amazon checkout. How good would that be? The bank will actually cut down on fraud costs because the customer doesn't have to use their credit/debit card online as much.


How about two factor authentication for all retail customers using a one time password to a registered mobile. Digital certificate discussed above.

How about getting  phrase and a picture from the customer so that the bank can authenticate themselves to the customer everytime you contact them


  • All debit and credit cards issued with Visa Wave pay for contactless banking
  • A unique barcode is generated for the customer that can be scanned by participating merchants for use in payment
  • iPhone and Android native apps for Internet banking
  • Use of Bump and similar technologies to make payments and and transfers to other users
  • If another user that is friend on a social network also has an account with the bank simple transfer of funds
  • An aggregation service for all bills and one click or auto payment
  • Simple and easy reconciliation of all social media advertising spending and merchant funds received (e.g. with Adwords or Facebook advertising billing, Paypall for customer payments received)
  • Micropayment service or integration with services such as Flattr and the new Paypall micropayments

There is no reason why any of these ideas could not be done by an innovative bank today which really wanted to disrupt the industry. Don't just do last centuries ideas like more branches and friendly customer service - who the hell as time to go to a branch today? Leverage technology and social media and bring banking into this century.


  1. Some food for thought there. On the point regarding the web browser visibility I can understand why this wasn’t tested. I worked for a financial services provider many years ago and we had complaints back then that Safari wasn’t supported when it accounted for about 10 of the 2 million hits a month we received. Maybe you shouldn’t be so bleeding edge ;-)
    I do however love their response email that totally doesn’t address your original statement. It looks like a marketing person wrote it.
    Can all the controls still be leveraged? You cannot verify to the same degree the validity of certain documents when presented with a scan. The security controls in a real passport and driving license certainly require physical access to the item in question.
    Contentious issue however I will bow to your banking experience on this point.
    Smart and Social Banking
    The word social is used a lot but its definition is very ‘wooly’ at best. What does it mean in this context? Does it mean a bank that’s looking out for me? This is not a bank then but a co-operative because banks look after their shareholders and NOT their customers. I my opinion the word social cannot be associated by any organisation, especially a bank, that doesn’t represent its customers in every way. A social bank would be completely the opposite of what you are currently describing e.g. banks that break the law etc.
    Digital Identity Aggregation
    We have talked about this a lot recently but one thing I that I didn’t in my blog post regarding managing digital identities is trust. If you could link your bank account to your Google account would you trust Google? I wouldn’t, for a few reasons:
    1 – I consider a Google account to have absolutely no trust what so ever. This cannot be used a method of identification. Imagine if the police relied on a rent book for proof of being able to drive a car. The levels of security and trust are just too far apart. They are too easy to create and dispose of. A form of identification should require the person to go through security checks to validate their identity.
    2 – Google do not have my interests at heart. My data would be sucked into the machine and god knows what would happen to it. Next thing I know I am being subjected to adverts related to fishing equipment because I bought a fishing rod online and paid with my account.
    Your point about Companies House is interesting, if only we could get everyone in the country to register with a database and be issued a digital identity, oh wait we did that then scrapped it.

    Visa Wave contactless payment – don’t get me started on this. Great for sub £10 payments but I don’t trust it. Fancy having your pocket picked at 20m?
    Native Apps for web banking – With the security of the mobile platform? I surprised Barclays release their app but if people want convenience they will have to give up some security.
    Bill aggregation – I believe some banks have implemented some of the first systems to do this. I know what VocaLink (formally BACS) has a bill payment platform called OneVU

  2. "You cannot verify to the same degree the validity of certain documents when presented with a scan."

    RS: But do they do that validation? Everytime I have opened a bank account they have taken a photocopy and that this. Fair enough if they validated the biometric etc but if they do no validation or just validate via the number or barcode then a scan is just as good

    "The word social is used a lot but its definition is very ‘wooly"

    RS: I was using it in this article to mean more integration with social media tools

    "I consider a Google account to have absolutely no trust what so ever"

    My point was more that each account you link to it the more you add credibility to your identity. Fair enough if you don't trust Google but if I have a Facebook, Twitter, Google, Live, Open-ID all with my name and contact details matching then there is a better likelihood that I am who I claim I am. Certainly a lot better than just relying on my passport which they glance at and photocopy.

    "Visa Wave contactless payment – don’t get me started on this. Great for sub £10 payments but I don’t trust it. Fancy having your pocket picked at 20m?"

    Fine there is a risk appetite issue here but ok support max payments of only £20 or £10 or user defined but support the technology in all your cards

    "Native Apps for web banking – With the security of the mobile platform? I surprised Barclays release their app but if people want convenience they will have to give up some security"

    No reason why you can't secure it, in a total sandbox it is pretty good. Again you can limit exposure and impact by limiting things like only transfer to established payment recipients, max transfer amount total and daily limit, add 4 hour delay to run fraud checks. It can be done.

    Thanks for reading and your comments again mate.

  3. two words "First Direct".

    Best bank I've ever dealt with, deal exclusively online, best customer service (guaranteed to get a person within 3 rings at any time of day) and all round just amazing.

  4. Thanks Ben, I'm going to try First Direct, also considering Metrobank (I was impressed that they answered the phone first time with a real human being)



Written by