The Promise of Biometric KYC and Remote Account Opening for Branchless Banking in Pakistan

The time is right to turn the tide on branchless banking account adoption in Pakistan, and mobile operators are leading the way. Operators are seizing a new opportunity to leverage the mandatory biometric verification of GSM SIM cards to open branchless banking accounts, and the initial results are energizing for a market where services are predominantly offered ‘Over-the-Counter’ (OTC). [1]

Branchless banking services in Pakistan are thriving, with Rs 372 billion (USD 3.6 billion) in transaction value and 71.8 million transactions in volume processed in Q4 2014. However, the vast majority of these services, 86% by volume and 88% by value, are offered OTC [2] and only 6% of branchless banking users in Pakistan have a registered account.[3] As the GSMA has noted before, accounts are an entry point for providers to broaden the mobile money ecosystem – to drive next generation services that include a range of convenient payments and a gateway to additional financial services such as credit, savings, and insurance. Until now, limited physical outreach for account opening has been one stumbling block to account opening: the State Bank of Pakistan (SBP) reports that at the end of December 2014, only 22% of agents were able to perform Know Your Customer (KYC) procedures to open accounts.[4]

A confluence of new developments in Pakistan holds promise for opening accounts. Early in 2015, mobile operators in Pakistan were in a race against time to meet a Pakistan Telecommunications Authority mandate to verify the ownership of all 130 million active SIM cards in the country using biometric verification. Every SIM owner was required to visit an operator outlet where their MSISDN and CNIC number (Computerized National Identity Card) were confirmed or updated in the existing ownership database and then their biometric data (fingerprints) were matched with the National Database and Registration Authority (NADRA). It was a monumental undertaking for mobile operators, and when the dust settled, the owners of 78 million SIM cards had been verified and registered using biometric data, and 23 million SIM cards were blocked where ownership was not verified.[5]

Seeing the opportunity in SIM verification

Ignoring for a minute the immense effort required for compliance and the potential impact that mandatory SIM registration may have on mobile penetration, there has been a very fortunate by-product of this massive effort and investment: NADRA now possesses a robust, biometrically verified database of MSISDNs and their owners, and the SIM re-verification drive equipped many branchless banking agents with biometric readers, which can be used to open mobile accounts.

Even as the SIM registration drive began, branchless banking providers devised innovative ways to leverage the verification to open branchless banking accounts that would not disrupt a politically and commercially sensitive process or raise data privacy concerns. Operators sought permission from the SBP to allow users with verified SIMs to request a branchless banking account remotely from their handset using a USSD string. A new account can be verified and authenticated against the NADRA database, which now links an owner’s MSISDN, CNIC, and biometric data. On the back end, the customer is identified via a direct verification of the incoming registered MSISDN on NADRA and the corresponding CNIC number inputted by the customer.  The account is then opened, without requiring a user to visit an agent outlet.

The initial fruits of biometric verification bode well for account adoption. In the quarter that ended in December 2014, the number of branchless banking accounts in Pakistan increased by 15% with 701,510 accounts opened, of which 53% of these were entry-level accounts opened through biometric verification readers, prior to the SIM registration drive. We look forward to seeing results from the first quarter of this year which will offer a first glimpse at the number of accounts opened through the USSD string option – but unofficially Mobicash, UPaisa, and Easypaisa are reporting high levels of account activation in June 2015 via the USSD string and making a significant push for account opening via USSD.

Proportional KYC and improving the user value proposition

The standard of verification used to link a user with their SIM card – biometric data – is one of the highest standards of identity verification available and offers a more robust solution to meet KYC obligations that mitigate integrity risks. It surpasses the current standard used for entry level (Level 0 and Level 1) branchless banking account opening in Pakistan, whereby a CNIC number and photograph is verified against the NADRA database. To date, entry-level accounts have balance and transaction limits to create a product with a lower risk profile and thus allow for these simplified KYC requirements, commensurate with the level of risk. [6]  In 2012, the Financial Action Task Force (FATF) updated its standards to emphasise that countries should assess risks and apply a ‘risk based approach’, that is; the measures to prevent or mitigate money laundering and terrorist financing should be commensurate with the risks identified.[7]  The introduction of the enhanced, biometric standard of verification is also an opportunity to increase the transaction limits on the mobile accounts to support an enhanced value proposition for potential users.

Targeting financial inclusion

This timely innovation can help accomplish national goals for financial inclusion. In June, the Ministry of Finance and SBP released the National Financial Inclusion Strategy, which makes a commitment to support the growth of digital transaction accounts (DTAs), including branchless banking accounts. The strategy recognizes that ‘seamless account opening procedures will be key to allow such growth, which requires proportional KYC regulations and near-to-zero costs to verify customer identification information electronically.’ These words are matched with a target of 50 million DTAs by the year 2020.

The SBP should be commended for encouraging this innovation in line with its policy objectives– offering provisional permissions on a bilateral basis to branchless banking providers wishing to leverage the SIM registration data, with slightly enhanced limits. With SBP permission, UPaisa, Easypaisa, and Mobicash have increased daily branchless banking transaction limits from Rs 15,000 to Rs 50,000 and monthly transaction limits from Rs 25,000 to Rs 80,000 on their entry-level accounts.[8] To attain the desired impact, this permission should be offered consistently and transparently across the industry to all interested providers, and there is certainly room for further increasing transaction limits to improve utility of branchless banking and to align with international levels. Furthermore, while NADRA has dropped its verification fees for the SIM re-registration drive to Rs 10, verification via the USSD string is much higher.

While biometric KYC and remote account opening are important steps in the right direction, we should be careful not to paint this as a silver bullet for OTC to account migration for mobile money. As noted in a previous blog, remote account opening comes with its own limitations: face-to-face customer on-boarding is critical both for exposing the user to the product and helping the user become familiar enough to transact easily. Focus groups conducted as a part of the Financial Inclusion Insights survey last year in Pakistan indicate that a lack of education, insufficient awareness about available services, unfamiliarity with options, and perceptions that branchless banking accounts are for the rich are amongst the top six reasons for not registering a mobile money account – and agents echoed these same challenges in a recent Helix survey.[9] These existing barriers will limit both account opening and usage if remote account opening is not bolstered with the requisite focus on marketing and awareness building.[10] Branchless banking providers are already beginning to think critically about how to bridge this gap and avoid inactive accounts.


[1] In such cases, a mobile money agent performs the transactions on behalf of the customer, who does not need to have a mobile money account to use the service.

[2] Branchless Banking Newsletter 14th issue Oct-Dec 2014


[4] Branchless Banking Newsletter 14th issue Oct-Dec 2014


[7] Recommendation 1 – The FATF Recommendations: International Standards On Combating Money Laundering And The Financing Of Terrorism & Proliferation. February 2012.




Join the Conversation (one comment)

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.