CIAM Complexity: The Real Cost of Manual Identity Management

By Haider Iqbal

When a financial institution wants to scale, manual processes can almost single-handedly hold it back – or at least destroy its competitive edge. 

Perhaps nowhere is this more pronounced than in the arena of Customer Identity and Access Management. According to the recently published Thales 2025 BFSI Identity Insights Survey, “Identity and Access in Banking, Financial Services, and Insurance: The Change Imperative”, a staggering 98% of all respondents complained of manual pain points in their CIAM process. These include manual holdups in account provisioning, access requests, MFA management, and more. 

When customer identities are projected to grow by 74% over the next 12 months, now is not the time to be doing things by hand. Especially Banking, Financial Services, and Insurance (BFSI) firms that want to expand their customer base. 

Manual Speed Bumps in Customer IAM

In the Thales report, the average respondent noted the CIAM areas in which manual processes were preventing progress, including:

• Registration, onboarding, offboarding and management (41%)
• Access requests and permissions for customer-facing apps (40%)
• Generating reports from CIAM systems (37%)
• Password resets and failed authentication remediation (37%)
• Auditing customer access logs for compliance (36%)

And these are just the top five. The data reveals a general trend that in nearly every category, CIAM processes are slower by hand, and companies across the board are aware of the pain. 

This pain, while felt perhaps most sharply in time and resource deduction, also translates directly into monetary loss. 

The Cost of Manual IAM

Doing things “by hand” in an era when everything moves at the speed of digital business has its downsides, especially in the BFSI sector.

Research from PcW reveals that 80% of American consumers consider speed and convenience the most important contributing factors of a positive user experience. For context, banks lose up to 60% of new customers due to clunky and aggravating onboarding processes. The more automated this CIAM step, the better. 

With user deprovisioning, manual mechanisms not only slow or delay the end result but lead to potentially catastrophic outcomes; data breaches can occur when human error factors into that manual process and a company neglects to revoke permissions entirely. This can result in former employees running around with lingering access, which can lead to costly compromises. The average data breach for the financial industry runs as high as $6.08 million per incident, IBM’s Cost of a Data Breach research reveals, 22% higher than the global average. 

And when it comes to things like access management, Forrester notes that the cost of an average password reset is in the ballpark of $87 per password reset (adjusting for inflation), and about $800 per worker every year. 

These are all manual IAM costs that could be dramatically lessened by implementing automated customer identity and access management protocols. 

CIAM: Boosting Profits with Automation 

Things like password resets, access requests, and onboarding can flow faster with automated processes in place, improving customer experience and potentially even retention rates for BFSI organizations. The Thales report notes that organizations investing in CIAM modernization – which necessarily includes automation – expect these upgrades to translate to better customer retention (84%) and even improved customer acquisition (86%).

This means more customers, less overhead, and higher profit margins.

Financial institutions may have always been at the leading edge of IAM adoption, but if they do not transition, en masse, to automated CIAM, they will be left behind in 2025. Doing so – adopting a modernized, automated CIAM approach – is more than security alone. It is about creating a profit center out of what many still see as a bruise in their costs. 

This transformative potential has everything to do with the force-multiplying power of automated CIAM platforms and the bottom-line boosting good they can do. 

Tangible – and Intangible – Benefits of Automated CIAM

Imbued with automation, a Customer Identity and Access Management solution can:

• Manage BFSI customers at scale. With a single user identity per customer, CIAM solutions can provide a unified digital experience that simplifies management and allows overwhelmed BFSI firms to scale – and to do it safely. 
• Increase compliance and reduce risk. By automatically vetting user sign-ons for authenticity, a CIAM platform can apply Risk-Based Authentication (RBA) principles when something looks suspicious – and only then. This entails implementing additional layers of security (MFA, biometrics, tokenization) as needed to shore up compliance, lower risk, and keep customer access flowing smoothly.
• Increase customer retention and satisfaction. Customer loyalty is fragile at best among financial institutions these days. It’s important not to drop the ball when it comes to providing the kind of automated onboarding – or access management – processes that keep customers happy. 
• Preserve a trustworthy reputation. In a paper published by the Federal Trade Commission, it was revealed that financial service uses that had their data compromised in a breach “were significantly more likely to terminate their relationship with the bank in the six months following the event, even if the user was fully compensated and thus did not suffer a monetary loss.”

According to Verizon, identity-based attacks remain the dominant vector of data breaches across the board, and the financial sector, because of its stores of valuable information, will always be a top target for this brand of exploits. By automating IAM processes with Customer Identity and Access Management solutions, BFSI institutions can stay ahead of the attack curve and securely scale “business as usual” – no matter how booming that may be.

Haider is a technology generalist with experience across strategy, sales, and product marketing in global roles. His career includes management consulting, leading multi-million dollar deals, and contributing to a $100 million acquisition in the identity space. He currently heads product marketing for Thales’s IAM business, where he blends strategic thinking with execution. Passionate about inclusive and responsible tech, Haider is a lifelong learner, always exploring new ideas and innovations. Outside of work, he enjoys cricket, volleyball, and golf—though he admits his sporting success is more enthusiasm than achievement.