AML Customer Screening: Fintechs Vs Banks
In today’s anti-money laundering (AML) environment, it is widely accepted that effective customer screening should include checks for politically exposed persons (PEPs), sanctioned entities and adverse media information. In contrast, the traditional view held by some banks is that screening for ‘only’ PEPs and sanctions fulfils legal and regulatory requirements. But this misconception is set to change, if it hasn’t already, especially with the adoption of the 5th – and eventually 6th – EU Anti-Money Laundering Directives (5AMLD and 6AMLD). Financial technology companies (Fintechs) are currently taking a more wide-ranging approach and this blog explores the differences between traditional approaches and how modern customer screening ought to be done.
Moving on from the traditional approach
Worryingly, some major banks are still of the opinion that simply screening for PEPs and sanctions constitutes an acceptable standard – are you happy just doing the lowest level of due diligence? If so, why? And what are you missing? Do you know what your ‘peers’ are doing and how your efforts compare? Is your decision motivated, or at least influenced, by resourcing or staffing limitations? How would you justify your comfort to a regulator?
The approach taken by these next-generation players involves doing more with less and identifying the most efficient ways of doing business.
There have been several new entrants to the financial services arena and they have introduced innovative ways of doing business, not least of which address customer onboarding. Traditional participants would tend to carry out a significant amount of due diligence and underwriting when taking on a new relationship, whereas fintechs have, perhaps understandably, asked the question “Why?” and examined the effectiveness of such processes. The approach taken by these next-generation players involves doing more with less and identifying the most efficient ways of doing business; it shouldn’t just be about how many people you employ.
The expression ‘Straight Through Processing’ is not a new one, however it has become the accepted ‘norm’ to the current generation of fintech players in this space. The traditional banks are looking to keep pace with the young upstarts who are doing a nice job of shaking up the industry for the benefit of many. From the customer’s perspective, opening a bank account shouldn’t be difficult if they have nothing to hide and the fintechs are proving this point rather well – good luck to them I say!
A key difference between traditional banks and fintechs is the amount of screening they carry out at the start of the customer relationship. Fintechs have demonstrated a ‘light touch’ approach can confidently be employed when applying a suitable Risk Based Approach (RBA) and they also often apply additional methods including ongoing screening and portfolio management as necessary.
The differences in the approach to screening are particularly relevant when considering the target customer bases of banks and fintechs. The latter would appear to be happy – for now at least – to concentrate on the less financially complicated markets of personal bank accounts and those for small and medium-sized enterprises. Retail customers, by their very nature, pose a reduced risk of money laundering and a ‘cost effective’ approach can be employed.
As technical sophistication continues to evolve, so too must financial institutions. If not saddled with the ‘baggage’ and legacy issues associated with traditional banks you can move much more swiftly and effectively whilst maintaining compliance, growing your market share as you do so, and still ‘learning on the job’. Now, I’m not saying that fintechs do the lowest level of due diligence required and stop there – far from it. But arguably the hardest part of the customer lifecycle has been completed upon opening the new account. What comes next is another key difference between traditional and start-up banks, namely that of maintaining the customer relationship at ‘renewal’ or if/when certain ‘trigger events’ occur.
If you know what you are doing, you can determine quite quickly what ‘normal’ looks like for your new customers but also what is considered ‘standard’ for the majority of your customer base. Consequently, fintechs can look their regulator in the eye when expressing concerns around transactions, or patterns, that are considered suspicious. This is nothing new to established banks – they’ve been doing this sort of thing for years – but have they been doing it ‘right’? There have been well publicised cases in the media recently of fintechs raising concerns around the activities of some of their clients and taking appropriate actions to freeze accounts but seemingly being criticised for doing the right thing and then having to justify themselves.
It’s no secret that the volume of Suspicious Activity Reports (SARs) submitted has risen recently, no doubt due in part to the ‘culture of fear’ that exists in the industry, however the amount of charges brought by the authorities as a result has not kept pace. Can the establishment learn something else from fintechs in this regard?
The price of getting it wrong
Could the increase in SARs with little change in authoritative actions be down to the fact that people are getting better at spotting possible instances of financial crime and the authorities are under-resourced? Quite possibly. Maybe it’s down to the fact that people who are raising SARs are simply doing it because they fear the consequences of not doing it?
Either way, can we afford to get it wrong? Most definitely not. The risks of failure are obvious, not only from a financial penalty perspective but also from allowing criminals to gain access to the financial markets, the prevention of which is something that RDC takes very seriously. There is a resulting reputational risk if the external world perceives lack of rigour in banks identifying those who are cheating the system.
If you share our concerns and want to know how we can help you introduce a more effective approach to screening, please get in touch.