How regtech helps to combat money laundering and other financial crimes in the age of digital banking.
The COVID-19 pandemic is giving criminals plenty of new opportunities to commit financial crime and launder the proceeds. The proliferation of online fraud and financial crimes results from several key factors:
- Government relief efforts around the world. Funds are being siphoned away by organised criminals and sometimes by corrupt government officials. Stimulus packages have reached unprecedented sizes and the haste with which this money is to be distributed means that illicit behaviour is more likely to be overlooked or go undetected. Small business entities are sometimes fictitiously created to receive government grants designed to prop up struggling businesses.
- Early shortages of COVID-19 mitigating materials like face masks and hand sanitizers have allowed organised criminals to jack up selling prices sky high, profiteering and laundering the vast amounts of money made at the same time.
- The ranks of the unemployed has ballooned. With a small fee, criminals entice them to become money mules, making use of their clean financial history with banks to transfer illicit funds.
At the same time, digital banks are beginning to make waves in the APAC region, to meet the banking needs of many underserved populations. The combination of technological innovation and a large number of new consumers in the ‘new normal’ economic climate can be extremely volatile.
In such an environment, safeguards against financial crimes become an even more urgent and essential mandate. CybersecAsia poses some questions to Jaede Tan, Managing Director, ComplyAdvantage Asia Pacific.
What is the role of regtech in combating money laundering in APAC?
Tan: Technology exists to help solve the problem of money laundering.
The underlying challenge – and opportunity – is that APAC as a region on one side comprises highly developed economies that are tech-first, but also many developing economies which hold huge populations that are fundamentally untapped by traditional distribution channels.
In the case of banking, there are huge unbanked populations across developing Asia, and the time is ripe for them to adopt banking services because developments like growing smartphone penetration are allowing consumers to come online for the first time.
The role that technology plays is to better serve and make more efficient use of existing processes in developed economies, but also to rapidly onboard and serve developing economies. Now financial institutions can remove much of the initial capex needed to go and build infrastructure to target consumers, and the playing field is levelling between developed and developing economies.
Regtech is supporting this growth and supporting the development of the services that serve these people.
Consumer expectations have changed. They want to be able to transact instantaneously, but at the same time regulators are wary of the financial crime risks and continue to implement tougher and more onerous regulations.
The role of regtech is to marry these two things together: help financial institutions know they are safe and know the risks of everyone they are doing business with, but also enable companies to make these decisions in real time so that they are not adding friction to their business and slowing down their user experience.
In recent years, the international financial system, with its multiplying diversity of products, markets, providers and technologies for delivery, is offering money launderers an increasingly attractive range of options to create complicated chains of international — and virtual — transactions to evade detection. Covid-19 also gives them plenty of noise to hide in, and financial institutions are aware of this.
For instance, data from ComplyAdvantage revealed that in Q2 2020, when Covid-19 was raging:
- The average financial institution in APAC screened their clients 1.7x more for anti-money laundering (AML) & terrorism financing year-over-year.
- Among the fintechs in APAC, payments companies stand out for 1.3x more screening year-over-year.
What can we learn from ComplyAdvantage’s experience in helping APAC, European and American digital banks battle money laundering?
Tan: Based on our experience in APAC, Europe and the Americas, digital banks face both conventional money laundering risks and risks that emerge from fintech advances. Emergent risks originate from new sources such as phishing emails and malicious software applications. Virtual currencies are also exploited to launder money within the digital financial system.
Money launderers target digital banking services due to their typical higher risk appetite and the grey nature of fintech regulations around the world.
Global financial authorities are reacting to those threats, and the gap in regulation, by introducing legislation with a specific focus on digital banking services. In the US, for example, the Financial Crimes Enforcement Network (FinCEN) has issued guidance for firms dealing with virtual currencies, while the EU’s Fifth Anti-Money Laundering Directive (5AMLD) sets out a range of AML measures for cryptocurrency service providers. Similarly, the FATF has also released its own guidance on digital identification within AML/CFT frameworks, and is encouraging the use of machine learning in AML.
Singapore has also adopted the Monetary Authority of Singapore’s Payment Services Act (PSA) Act, while the Hong Kong Monetary Authority and Bank Negara Malaysia have issued guidance on digital know-your-customer and AML during Covid-19.
Financial institutions must ensure that they provide digital services in compliance with the AML/CFT regulations applicable within their jurisdiction.
Digital banking service providers must take new approaches to regulatory compliance and manage their AML risks. In practice, this means that digital banks should change the ways in which they collect and analyse customer data in a digital landscape, from performing customer due diligence (CDD), transaction monitoring and screening, to submitting suspicious activity reports (SARs) to the authorities.
Potentially effective components of a digital AML solution include:
- Artificial intelligence: AI technology offers a variety of opportunities for digital banks to streamline their AML/CFT responses, helping them to prioritise data collection and analysis during CDD and transaction monitoring or to quickly recognise high- and low-risk customers. AI also has the potential to add value to the reporting process by learning the characteristics of false positive suspicious activity alerts and, subsequently, reducing the amount of time and resources spent remediating them.
- Cloud computing: When performing CDD and other screening and monitoring processes related to digital banking services, AML teams need to quickly and securely access disparate data sources and interact with a potentially large number of storage systems. Cloud computing offers a way for firms to centralise that data and move away from the more traditional siloed approach, which can introduce inefficiencies and errors to the AML/CFT process.
- Digital identification: Digital ID systems include biometric technology like fingerprint and face scanners or the secure online storage of similar identifying information. Combined with the connectivity and ubiquity of internet-enabled smart devices, both customers and banks may use those systems to interact with digital banking services and so build digital identity profiles. Digital identities can facilitate more accurate, efficient and reliable CDD and monitoring measures at onboarding and throughout the business relationship.
By looking into their processes, digital banks can seek to implement effective components of a digital AML solution. Embracing smart technology automation as part of an AML solution brings accuracy and efficiency benefits to the table, and helps digital banks continue to deliver regulatory compliance in an evolving financial landscape.
They also have the opportunity to provide service superior to traditional banks. For instance, they can onboard clients faster and process transactions instantly. In some cases, digital bank accounts can take up to 12 days to be fully functional − some digital banks using ComplyAdvantage were able to reduce this to two days.
All in all, it’s important for digital banks to note that:
- Consumers want instant service thanks to their mobile lifestyle so digital banks need effective infrastructure that supports them to do this.
- AML regulations are changing rapidly. A system that’s good enough for today is not necessarily good for tomorrow. When banks implement/build this technology, they have to future proof their offerings, which is where incumbent systems are falling down. They need to have the flexibility, configurability and agility to adapt to changing regulatory environments.
- Digital banks are also increasingly cross border. They need infrastructure that can be tailored and configured swiftly and at low cost.
Who are some of ComplyAdvantage’s key customers in the region, and how is regtech helping them?
Tan: Our key customers in the region include EZ-Link, Agoda and SingLife in Singapore; BigPay in Malaysia; BeemIt (Australian payments company owned by Commonwealth Bank, NAB and Westpac), LINE, TNG, Experian and RapidID in Australia; and Binance, the largest crypto exchange in the world by volume.
When it comes to money laundering prevention, it is still common for financial institutions in APAC to take a “check every case individually” traditional banking approach, using paper applications that take a few days to turn around. As banks digitise and transit to an app-based environment, however, issues like false positives and incorrect hits began slowing onboarding times and impacting the user experience. These false positives led to unsustainable manual efforts from their remediation teams, having to carefully screen and monitor against siloed data, to ensure no high-risk entities would slip through the net.
Typically, ComplyAdvantage’s customers look to us to automate traditionally human-driven processes for screening and monitoring, increase the accuracy of hits and reduce false positive rates, improve efficiency of alert remediation, and speed up onboarding time.
They also harness our technology to deal with spikes in payments during peak times, as well as to scale quickly as they expand to more territories across the world.
We also provide country specific AML lists that financial institutions find useful in meeting regulations across the region.
The appropriate regtech, therefore, allows financial institutions to screen and monitor entities automatically, and in real-time against sanctions, politically exposed persons (PEPs), and information available in the public domain (such as news reports), with information consolidated into single-risk profiles. This reduces time and effort from financial institutions’ compliance teams, so they can focus on quickly identifying risks. Multiple tools and trackers can also be consolidated into a single customised interface built by the financial institution for better overall visibility.
How is technology a key to financial crime fighting?
Tan: Financial crime is more or less an arms race between financial institutions and criminals. For every new technology/platform to transact wealth, this gives rise to new methods of money laundering.
This is where financial institutions have a duty to understand and anticipate how the platforms could be used for nefarious purposes and to have the technology to prevent it.
A customisable intelligent AI approach for financial crime detection can help here. AI helps to reduce human error in public data collection and analysis. By adopting an automated process and by having a machine learning trained algorithm, compliance professionals and financial services organisations can be assured that consistent data and recommendations can be quickly provided.
The rapidly evolving financial landscape has also encouraged financial institutions to shift to cloud-based solutions. The increasing diversity of transaction types and growing transaction volumes has resulted in greater complexity.
Faced with steeper fines from financial regulators, cloud solutions offer financial institutions the flexibility to adapt their AML processes, along with the benefits of leaner IT teams, more strategic use of compliance teams (focus on investigation rather than clearing false positives), secure remote access and scalability.