AML Risks - Fintech Money Laundering

Fintech Money Laundering: What You Need To Know

Financial technology has transformed the modern financial landscape, harnessing global internet connectivity to deliver innovative new products and services and improve customer experiences. However, the benefits of fintech have been accompanied by considerable compliance risks as criminals use advances in technology to develop Fintech money laundering techniques and finance terrorist activities.  

Fintech money laundering risks broadly reflect the disruptive innovation of the sector and the relative unfamiliarity of regulators with a range of new technologies. From untested business models, to the speed and anonymity of online transactions, money launderers have been able to exploit emergent blindspots and vulnerabilities in traditional AML/CFT frameworks to commit financial crimes. Given the significant regulatory penalties associated with compliance violations, it is vital that service providers understand the fintech AML risks that they face, and how to protect themselves with effective measures.

Fintech Money Laundering Risk and Compliance

Fintech AML Risks

Money launderers have kept pace with advances in financial technology, developing new methodologies to exploit and avoid AML compliance measures. Accordingly, firms should be aware of the following types of fintech AML risks: 

Customer identities: Since fintech products and services are accessed over the internet, money launderers may take advantage of the anonymity benefits of online transactions, submitting incomplete, misleading, or false information in order to conceal their identities and avoid AML controls. 

Transaction speeds: The increasing speed of internet connections means that customers can complete transactions in seconds. Money launderers may exploit that speed by transferring large volumes of funds into and out of accounts or between different institutions quickly, outpacing the scrutiny of authorities. 

Money-muling: Money launderers may use third-parties to engage with fintech services on their behalf as a way to introduce illegal funds to the financial system. These so-called ‘money mules’ may be vulnerable members of society, such as the elderly or the disabled, or may have been coerced or incentivized to take part in the illegal activity. 

Cross-border transactions: Fintech services can be accessed anywhere and used to transfer funds between accounts located in different countries. Money launderers may exploit the cross-border connectivity of fintech services to transfer illegal funds to higher risk jurisdictions with fewer or less stringent AML controls than their accounts of origin. 

Regulatory lag: The novelty and innovation of fintech services often outpaces the ability of financial regulators to address illegal activity. Money launderers may be able to identify weaknesses and blindspots in regulation that authorities have not addressed, and use those opportunities to disguise illegal funds. 

Fintech Compliance Measures

Under Financial Action Task Force (FATF) guidance, firms must take a risk-based approach to regulatory compliance, deploying AML measures in proportion to the level of risk that they face. In a fintech money laundering context, this means implementing an AML program capable of managing the unique challenges outlined above. Accordingly, fintech AML risk compliance programs should include the following measures:

Customer due diligence: Fintech firms must establish and verify the identities of their customers (and the beneficial ownership of customer entities) in order to build accurate risk profiles. Customer due diligence (CDD) traditionally involves the collection of names, addresses, and birth-dates but, given the anonymity challenges of online services, fintech firms should consider enhanced CDD measures, including the collection of digital biometric data such as face, voice, and fingerprint scans. 

Transaction monitoring: Unusual transactional behavior is often a useful indicator that fintech money laundering is taking place. With that in mind, fintech firms should collect and monitor customer transaction data and be vigilant for transactions that do not match customer risk profiles. Firms should be particularly alert to unusual patterns and volumes of transaction, and transactions that involve high risk jurisdictions. 

Politically exposed persons: Government and high-ranking officials qualify as politically exposed persons (PEP) and present higher fintech AML risks. Fintech firms must screen their customers to establish their PEP status on an ongoing basis. 

Sanctions screening: Customers that are subject to international sanctions may attempt to use fintech services to evade the economic restrictions against them. Fintech firms should screen their customers against relevant international sanctions lists, such as the OFAC SDN list, the UN consolidated list, and the EU consolidated list. 

Adverse media: News stories often indicate that customers are involved in financial crimes. Firms should screen for adverse media that involves their customers on an ongoing basis, taking in stories from traditional screen and print sources and from online outlets.

Analyzing Fintech AML Risk Data

Given the vast amount of data required by the fintech AML process, firms should integrate suitable compliance software as part of their AML program. Smart compliance technology brings automated speed and efficiency benefits to data analysis, and reduces the potential for costly human errors. Smart compliance technology also allows firms to adapt quickly to changes in criminal methodologies, and to regulatory changes that financial authorities introduce to manage the evolving fintech money laundering risk landscape.