Regulation: For AML, fintech is both problem and answer
One subject never fails to light up the eyes of senior bankers and regulators when they’re questioned about their efforts to end the money laundering-related scandals that have spread across northern Europe over the last two years: technology.
There can be no more damning indictment of the integrity of a bank, or its host nation, than the public revelation that a licensed institution is being used as a laundromat for ill-gotten gains.
And what is more enlivening for money-laundering supervisors and bank-compliance officers than showing your firm and country is at the forefront of a technology that could make these troubles disappear?
Some of the biggest actors in Europe’s financial sector are converts.
The UK’s Financial Conduct Authority is particularly enthusiastic about using technology to fight money laundering.
If you want to do KYC and anti-money laundering right, you can’t do it in a manual way
HSBC, too, has spent hundr of millions of pounds on financial crime technology in the last few years, including integrating data analytics software from London-based financial crime fintech Quantexa.
“The challenge is you’re looking for a low-frequency event in a high-volume environment,” says HSBC’s global head of compliance, Colin Bell. “There’s an opportunity to have a far richer view of the level of risk. Technology allows us to do that.”
Over the last two years, continental Europe – Germany and especially the Netherlands and Scandinavia – has discovered bigger money laundering scandals than the UK. Have firms in those countries also caught the bug for regulation technology, or regtech?
Euromoney’s conversations, notably at the Paris Fintech Forum earlier this year, suggest it is so.
Bart Leurs,
Rabobank
“Artificial intelligence is crucial in fixing these big societal issues,” says Bart Leurs, chief digital transformation officer at Dutch mutual group Rabobank, when Euromoney meets him over a cramped coffee table in Paris. “If you want to do KYC [know-your-customer] and anti-money laundering right, you can’t do it in a manual way.”
Overall, there’s a lot of enthusiasm in the financial community about algorithms that can allow banks to immediately spot unusual patterns of activity in a way that humans never could, something which is vital in the electronic banking era of greater volumes and spe of transaction.
Industry insiders also claim that using things such as biometrics and optical character recognition is more accurate and trustworthy than using human methods of client identification, not least because it is less susceptible to rogue employees who might either be negligent or open to bribes.
Many fintech companies and banks are also making more use of artificial intelligence at the on-boarding stage to search in a quicker, cheaper and more thorough fashion for suspicious connections, whether it’s to known criminals, sanctions or corrupt politicians.
Negative publicity
However, the more conversations Euromoney has, the more scepticism starts to creep in – especially at the repeated suggestion that fintech can solve the underlying issue rather than just save money.
As always in fintech, bankers’ attempts to join the counter-culture by dressing in brand–new white trainers and throwing in the odd “cool” to the conversation, does little to alleviate our concerns.
One of the biggest benefits for the banks could be if this technology reduces the proportion of false positives – incorrectly flagging a legitimate client or transaction and investigating it as a money laundering risk. This should allow them to avoid mistakes that “piss off the client and cost the bank money,” says David Christie, chief executive of Paris-based fraud detection firm Bleckwen.
Rob Evans,
Fintrail
Negative publicity around frozen assets and account closures, however, is just as much if not more of an issue for the fintech industry as it is for the traditional sector, says Rob Evans, co-founder of Fintrail, a fintech-focused financial crime consultancy.
“Because of the online nature of the communities they serve, they can be vulnerable to pressure applied by legitimate customers with legitimate complaints and vulnerable to misinformation,” says Evans, discussing the neobanks. “Fraudsters have learnt that applying pressure via social media is a way to release funds that have been frozen for good reasons.”
Can the industry really be sure that fintech will stop the root of money laundering?
It would be a noble motive, but these firms are businesses not charities, so the main appeal to their clients is more likely to be that their technology could make it cheaper to avoid reputational damage and big fines.
Money-laundering scandals have been a dampener on investor appetite for bank shares over the last two years, but this is not the result of incorrectly closing accounts or having missed minor frauds, instead banks have allowed corporate-scale flows of suspicious money to wash through them, notably from the former Soviet Union and Latin America.
About €200 billion of non-resident money flowed through Danske Bank’s Estonian branch between 2007 and 2015. Even basic checks would have resulted in much of this money being reported to the police.
There are plenty of other examples. ING allowed a firm in Curaçao purporting to be a women’s underwear trader to launder €150 million through its accounts, according to Dutch prosecutors.
Technology won’t make much difference if your profitability depends on turning a blind eye to obvious money laundering risks or if you’re not doing enough to discourage bad actors inside your organization.
“It’s a human thing,” says Christie. “It’s about governance, culture and having the right controls.”
In a digital world, KYC – knowing someone you’ve never met – is an oxymoron
The Paris forum was in the wake of the Luanda Leaks scandal involving Isabel dos Santos. A panellist there summed up the tech problem with: “You don’t need an algorithm to tell you” about the financial crime risks of dealing with the business interests of Angola’s billionaire first family.
Africa’s richest woman was a sought-after client for many in the international financial sector when her father was Angolan president.
Ideally, technology would make it easier for banks to manage the risks of transacting with lesser-developed countries, allowing those nations to access the global financial system. However, sometimes corruption is so entrenched it is almost impossible to avoid, as in Angola.
As one former executive of a bank active in eastern Europe privately admits to Euromoney: “In anti-money laundering, some things are obvious. The starting point is risk management – what’s your appetite for business in exotic geographies and how many correspondent banks are you happy to deal with in the country in question? That’s got nothing to do with artificial intelligence.”
Legal and political constraints are another problem that the fintech industry has little power to alter. A particular client or transaction may appear entirely innocent, but could trigger warnings if it were legally possible to share more information, including through the use of technology.
Finally, much as the big established banks might like to plug in new ways of harnessing data developed by fintech companies, in many cases they’re unable to do so effectively because of their inability to operate away from their legacy IT systems.
Supply chain
This inability on the part of the big banks to adopt cutting-edge systems is one reason why the real growth behind the regtech sector is its expanding role in the supply chain for the wider fintech industry, rather than from transforming the legacy banks.
Charles Delingpole,
ComplyAdvantage
Charles Delingpole, chief executive and founder of one of the biggest regtech startups, ComplyAdvantage, which has a few large bank clients, readily admits that his firm is doing what companies such as Dow Jones and Reuters have done before, albeit in a more focused manner and one more orientated towards new data technology: intermediating information.
He says the other reason why fintech has driven demand for regtech is because of how neobanks and similar companies have boosted demand for compliance tools in general.
“What you’ve seen is a proliferation of accounts. Each of those clients ne to be monitored,” says Delingpole.
In other words, people use neobanks and similar companies in addition to, rather than instead of, their main bank.
The digital sales channels in which neobanks specialize create greater volumes of paperwork, including, at the most basic level, virtual forms of identification so accounts can be opened without clients meeting a member of staff.
As Christie at Bleckwen quips: “In a digital world, KYC – knowing someone you’ve never met – is an oxymoron.”
Some of the biggest regtech companies, such as Jumio and Onfido, specialize in using selfies and document scans to get around this challenge. Their growth has also spurred traditional banks to do away with the need for new clients to come into a branch, saving them money.
It’s about cutting down the operational costs, so employees can focus on the right things
It seems that regtech is of interest to big banks and fintechs less because it will stop big-time money laundering than because it makes it easier to keep tabs on small anomalies and save money by replacing humans with machines for the processes they’re obliged to do.
“It’s about cutting down the operational costs, so employees can focus on the right things,” says Taavi Tamkivi, chief executive and founder of Salv, an Estonia-based firm focusing on transaction monitoring and data sharing.
At HSBC the number of staff working against money laundering has grown from a few hundred to more than 4,000 since 2012, when the US Department of Justice forced the bank to admit it had allowed hundr of millions of dollars of drug money to be laundered through its accounts.
Colin Bell,
HSBC
Regtech gives head of compliance Bell and his team a chance to bring down that AML cost.
Of course, identifying financial crime on a smaller scale is genuinely useful to society, going beyond picking up small-time drug dealers or fraudsters. The sums involved in terrorism financing and human trafficking can be relatively small, but the damage they do is not.
Fintech also throws up questions about an accelerating shift to a cashless society, something that might greatly increase the scope for surveillance by law enforcement agencies and their proxies in the private financial sector.
New threats
Yet there are serious questions still to be answered about the extent to which the fintech industry, far from simply ending misdemeanours in the old financial sector, may be bringing in its own range of new threats.
As electronic payments replace cash, criminals are also changing their practices. Money laundering is of acute concern to many fintechs, because so much of the sector is about enabling instant and low-cost payments, especially across borders.
Ashish Kumar, a policy analyst at the Financial Action Task Force, a multilateral agency that tests states’ anti-money laundering frameworks, says: “Any new product that’s introduced into the market has to be evaluated to see what factors of the new technology may be of interest to criminals: for example, does it provide anonymity, can you invest large sums of money without proper identification?”
Cryptocurrencies are a notorious target for money laundering in fintech, but digital remittance firms are also a concern, even if the transactions are small, says Kumar.
The development of partnership or so-called ecosystem models also brings risks that need to be monitored.
Fintrail’s Evans says: “We are starting to see more nested relationships… when one fintech uses its accounts to give access to another fintech, which means that the banking partner is several steps removed from the activity.”
Fintechs are more open-minded [about who they hire] as the talent pool doesn’t completely exist yet
Remittances have moved to newer providers for good reasons, as the traditional banks were often slow and expensive. But the aggressive sales push of some neobanks, many of which originated as pre-paid card providers for foreign currency, has also brought a worry that they are going so fast that they are unable to keep a tab on risks as they grow.
Such concerns prompted German financial regulator Bafin to order Berlin-based neobank N26 to step up its anti-money laundering capacity last year. London-based and Lithuania-licensed Revolut, known for its Russian chief executive Nikolay Storonsky’s ‘Get shit done’ mantra, has repeatedly faced similar questions in the press about its prioritization of AML and ability to stay on top of it.
Many in fintech have convinced themselves that the sector is no more at risk of money laundering than the traditional banks, and possibly less so because they’re better able to employ technology against the problem.
“In the traditional finance institutions, you’re working more on post-dated data,” says Evans. “Fintechs are trying to build processes that stop criminal activity in the act.”
Yet some of the biggest fintech firms have high levels of staff turnover, especially at the level below the founder and especially in compliance. It appears that finding and keeping the right talent in financial crime is not easy for them – and not just because of the lower pay compared with established banks.
Alexandra Chirica is a fintech financial crime compliance recruitment consultant at Broadgate Search who has previously worked with bigger banks. She says part of the difficulty is that building a fintech’s anti-money laundering defences might need someone with expertise that straddles the worlds of technology and compliance, which is rare.
“Fintechs are more open-minded [about who they hire] as the talent pool doesn’t completely exist yet,” she says.
Evans has a similar message.
“We see a high turnover as it’s a hot sector,” he says. “There are not many people in the world or in the UK who have built a financial crime system from scratch… It’s a challenge for the organization to ensure it is creating the right environment to keep these people.”
International prestige
As neobanks and fintechs grow, they inevitably move up financial supervisors’ watch lists. They are also increasingly important to their host countries.
They are no longer seen only as a means to boost competition but also as a driver of exports and even of international prestige, particularly for countries such as the UK and France.
It’s not hard to find signs of this. France and other countries now seem just as keen to take UK’s European fintech lead after Brexit as the UK is to keep it: note the endorsement by the UK’s City minister, John Glen, for London-based neobank Revolut’s most recent capital raising.
Glen said it was “a clear indicator of our strength as a place for fintech business as we leave the EU”.
It is also a coup for a small country such as Lithuania to say that Revolut – Europe’s biggest fintech by valuation and customer number – chose it for its European Union banking licence in 2018.
This year’s Paris Fintech Forum – a chance for France to showcase its appreciation of fintech – recognised the role the authorities have with a panel called ‘Regulation as a competitive asset’.
Euromoney noted the Maltese panellist’s particular enthusiasm for the cryptocurrency sector. The other speakers were from Mauritius and Lithuania, which sent finance minister Vilius Sapoka.
According to Nicolas Véron, senior fellow at Brussels think-tank Bruegel, this is more worrying from a money-laundering than a prudential perspective. He has previously blamed a race to the bottom by some EU member states for opening gaps in the single market that dirty money can pass through; up to now anti-money laundering has been a national prerogative even within the eurozone.
Concern about the dangers of growing competition between regulators for fintech business has pushed the European Parliament’s committee on economic and monetary affairs to set up a fintech working group headed by Stasys Jakeliunas, head of the finance committee in Lithuania’s parliament until last year.
“Supervision for anti-money laundering is fragmented in the EU, so there are arbitrage risks,” says Jakeliunas, explaining the reason for setting up the group. “I saw that there was some supervisory competition going on, big time”
While still in the Lithuanian parliament, Jakeliunas repeatedly raised concerns about the risks of giving a licence to Revolut – concerns that were put aside three times by a government’s security commission – due in part to what he saw as potential risks of political exposure in Russia, where the father of Revolut’s chief executive Nikolay Storonsky works for state energy firm Gazprom.
It’s not just Revolut that worries Jakeliunas, however. These days, he says Lithuania is just as focused on issuing as many fintech licences as it can as the neobanks are on growing customers.
“That’s all good provided the risks are understood and managed,” he says. “That’s not necessarily the case, in my experience.”
Jakeliunas says he is worried about Lithuania’s licensing of firms such Revolut from a prudential and a macroeconomic point of view. The volume of deposits they have gathered across Europe is not large enough to cause trouble yet.
However, Revolut is growing at a tearing pace and aspires to be a global bank – “one of the biggest financial services companies in the world”, according to one of its backers.
This could lead to bigger risks than Lithuania is able to handle, according to Jakeliunas, given the small size of the national deposit insurance scheme and the absence of a European equivalent.
Original Source