Knowledgebase

How Digital Banks Can Reduce Financial Crime

aml/cft for digital banks

A new era of banking has arrived, thanks to digital transformation. At the helm are digital banks—also called neobanks—which operate purely online, and promise to revolutionize the banking experience by focusing on customers’ needs through personalized services and omni-channel service. 

Countries in Asia-Pacific are beginning to issue digital banking licenses. Regulators in Singapore, Malaysia, Hong Kong, and Australia went through evaluation processes before granting licenses to digital banks, which are leading this new frontier of financial services.

Being a nascent category in the financial services industry, digital banks face unique risks and opportunities. With the right tools, they can offer a swift onboarding of customers but also ensure that suspicious transactions are reported and intercepted. They’re also in a better position to implement agile solutions that keep cybercriminals at bay—financial services, after all, face the most mobile malware attacks among all industries.

Complying with strict national and international regulations around AML/CFT (Anti-Money Laundering/Combating the Financing of Terrorism) will help digital banks protect their platforms from penalties and reputational damage.  . They must consider AML/CFT compliance not as a one-time activity, but as an essential component of their risk strategy. 

Poor Compliance Practices Enable Financial Crime

Too often, financial institutions end up entangled in scams due to poor compliance practices. Some of the bad actors may come from within the company, as seems to be the case in the recent saga of Wirecard, a payments processing company that couldn’t account for €1.9 billion in its books. Consequently, external auditors and regulators were also criticized for poor monitoring.

On the other hand, customers unwittingly provide sensitive information to cybercriminals when they fall for phishing scams. They might also act as money mules. In the US, a fraudulent website pretended to recruit people for work-from-home jobs. After asking applicants to perform bogus errands, the site tells them to encash checks or cryptocurrency from “donors” in exchange for commissions. 

Criminals tend to get away with such activities by using digital financial platforms with weak customer due diligence, poor transaction monitoring, and delayed reporting of suspicious activity. They also exploit security loopholes in apps. 

Compliance with AML/CFT regulations can help institutions avoid the risk of paying massive fines for violations that are preventable. Beyond its financial standing, a digital bank’s reputation as an insecure platform and an inadvertent accessory to financial crime could cost the institution its customers and the entire business.

AML/CFT Compliance for Digital Banks in APAC

Even without physical premises where tellers can check customer identities, digital banks are still legally bound to verify the documents presented by new customers. They must also report to regulators any irregularities in transactional behavior. These processes are all part of AML compliance programs. 

Designing an AML Compliance Program

Designing and implementing an AML compliance program requires having competent compliance officers with a profound understanding of AML/CFT regulations and awareness of the ever-changing methods of criminals. 

These officers create risk-based approaches based on data intelligence gathered on various fronts: screening of politically exposed persons (PEP) and their relatives and close associates (RCA), transaction monitoring, global sanctions and watchlists screening, and cybercrime trends. 

Here are questions to ask to begin building an AML compliance program

  • What are the AML/CFT-related risks that we must watch out for given the nature of the business, the customers we attract, and the location and industry where we operate? Which risks must we prioritize when monitoring financial crime?
  • What are the existing AML controls we have? How might we improve them? How and when can an independent auditor assist in improving our systems? 
  • How many employees are involved in AML/CFT functions? How can we raise the competency of employees in spotting financial crimes? 

e-KYC Processes

Regulators in APAC are updating their policy guidelines to help fintechs comply with AML/CFT rules on knowing their customers.

In Hong Kong, the Securities and Futures Commission updated its Code of Conduct to introduce new onboarding rules in non-face-to-face contexts. For example, only regulated financial institutions may perform client identity verification for the purpose of opening a bank account in a non-face-to-face setting.

Malaysia’s central bank has issued policy guidelines on electronic Know Your Customer (eKYC) measures. These include multi-factor authentication of identities, specifically with regard to “something the customer possesses (e.g. identity card, registered mobile number), something the customer knows (e.g. PIN, personal information), and something the customer is (e.g. biometric characteristics)”. 

With robust eKYC processes and high-accuracy tools, a digital bank can:

  • Determine which customer has a higher risk of being involved in money laundering, fraud, terrorist financing, and other financial crime; 
  • Conduct continuous KYC or customer due diligence rather than periodic-based reviews given the increasing and evolving threats to financial institutions; and  
  • Use analytics to facilitate regulation-compliant and accurate evaluations. 

Transaction Monitoring

According to the Monetary Authority of Singapore (MAS), an effective transaction monitoring system enables financial institutions “to detect and assess whether customers’ transactions pose suspicion when considered against their respective backgrounds and profiles”. 

The system must be able to flag suspicious activities that do not fit a customer’s transaction pattern on three levels of defense: 

  • The firm’s frontline staff, who can alert their companies of unusual activities in the first instance; 
  • The firm’s compliance and support functions, which conduct systems-based transaction monitoring and can promptly identify, assess, and report suspicious activities; and 
  • Independent audit functions, which ensure the robustness and effectiveness of the firm’s TM systems and performance. 

In Australia, AML policies also require firms to perform routine screening of the transactions of politically exposed persons (PEPs) as well as adverse media checks—monitoring news media for reports that might suggest a customer is involved in money laundering. The Australian Transaction Reports and Analysis Centre (AUSTRAC) provides industry-specific guidance on creating AML/CFT programs. 

Using Smart Technologies to Assess Data

Automation can help digital banks save on costs and speed up processes. Digital banks can deploy AI, machine learning, and predictive algorithms to automate data assessment, detect stolen identities and deep fakes, continuously monitor transactions, and identify suspicious activities. For large-scale institutions, automation of activities like transaction monitoring is a must.

It’s important to check each country’s standards for such automation tools. Malaysia, for example, requires financial institutions to ensure that automated eKYC tools have a False Acceptance Rate (FAR) of no more than 5%. (A lower FAR generally means the tool has “identified non-genuine or fraudulent identification and verification attempts on a regular basis”.) Financial institutions must audit these tools at least once every quarter.

Automated tools must also be customizable and configurable to meet the specific contexts, risks, and needs of the digital bank. 

For instance, Singapore’s MAS warns against taking a one-size-fits-all approach to transaction monitoring systems, as these need to be “developed and calibrated in view of the risks [financial institutions] face, such as from their customer types, range of products, types of business, activities, geographical exposures, cross-border nature and so forth”.

Taking a Non-Siloed Approach

Often, AML/CFT functions work in silos and have their own processes for dealing with suspicious activity reports. There is a more efficient way to do this: AML solutions that use AI and machine learning can go through high volumes of data for real-time monitoring and PEP screening. 

When a trigger event happens, an automated system can check high-risk profiles against the latest national and international cybercrime databases and sanctions lists and generate a comprehensive SAR/STR in a matter of minutes. This allows the bank to report to regulators promptly and protect its customers.

Safe and Seamless Digital Banking

Money laundering and financing terrorist activities have economic and social impact. With the right mindset and tools, financial institutions can protect their companies and their customers without disrupting business and suffering from reputational damage. 

Amid evolving risks and threats of financial crimes, digital banks are in the best position not only to provide innovative products but also channel that enterprising nature towards embracing more agile AML solutions.

AML/CFT Compliance in APAC

Find out how your digital bank can comply with AML/CFT regulations in APAC.

4+

Comments

Share your thoughts and start a conversation.

Leave a Reply

Related articles:

ultimate beneficial owner
April 4, 2015

Ultimate Beneficial Ownership

What is Ultimate Beneficial Ownership? AML compliance requirements are constantly changing. Firms must keep up with…
Read More
AML Compliance Officer
May 14, 2018

AML Compliance Officer

What Is An AML Compliance Officer? What is an AML Compliance Officer? In order to…
Read More
AML Compliance Program
May 14, 2018

AML Compliance Program

What is AML Compliance Program? In order to combat financial crime, banks, credit unions, and…
Read More
Bank Secrecy Act Officer
May 14, 2018

Bank Secrecy Act Officer

What is a Bank Secrecy Act Officer? What Is A Bank Secrecy Act Officer? A…
Read More
money laundering reporting officer MLRO
May 15, 2018

Money Laundering Reporting Officer

What Is A Money Laundering Reporting Officer (MLRO)? What Is A Money Laundering Reporting Officer (MLRO)?…
Read More
December 4, 2018

AML Compliance Trends for 2019

Anti-Money Laundering Trends for 2019 Two issues shaped AML news in 2018 – huge money…
Read More
AML Checklist Best Practises
June 6, 2019

AML Compliance Best Practices

The Smart AML Compliance Checklist Traditional AML systems are falling behind against evolving threats: a…
Read More
Risk Based Approach AML KYC
August 16, 2019

Risk-Based Approach To AML

Risk-Based Approach To AML A risk-based approach to AML is key to effective compliance programs…
Read More
vendor due diligence aml
January 17, 2020

Vendor Due Diligence

Vendor Due Diligence: What You Need To Know Vendor due diligence (VDD) takes place when…
Read More
Malaysian flag on flagpole
January 28, 2020

Anti-Money Laundering in Malaysia

How to Comply With Anti-Money Laundering in Malaysia? Malaysia is a regional and global political…
Read More
aml ctf malaysia framework
February 4, 2020

Malaysia’s 2020 AML/CTF Framework

Malaysia Revises 2020 AML/CFT Framework What is Malaysia's new AML/CFT Framework? In 2019, Malaysia’s central…
Read More
compliance risk management
March 9, 2020

Compliance and Risk Management

Compliance and Risk Management  As financial authorities adapt to evolving criminal threats, risk assessment has become…
Read More
Share:

To make sure you get a great experience on our website, we use cookies. To confirm you consent to this, please click below. Read more about our Cookie Policy

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close