Coronavirus lockdown restrictions have had a significant impact on the financial sector prompting changes in the habits of service providers and customers alike. One of the most prominent effects of lockdown is the uptake of online financial services offered by so-called challenger banks that have capitalized on an increased need to do business differently during the pandemic.
However, that surge in customers has also presented new threats as criminals seek to exploit challenger banks’ online and fintech services to commit crimes including money laundering and terrorism financing. In order to protect the financial system and avoid compliance penalties, these disruptive service providers must work to understand their vulnerabilities and deploy an AML response that meets the combined coronavirus and money laundering challenge that they face.
In addition to the conventional risks of the financial landscape, the money laundering threat that challenger banks face from their customers reflects the anonymity and speed associated with digital transactions – factors which criminals seek to exploit to conceal their identities and avoid AML/CFT measures. The surge in customers seeking to use challenger bank services complicates that threat by increasing the administrative burden on AML/CFT infrastructure and, in turn, the temptation to compromise on regulatory compliance in order to maintain the customer experience and capitalize on business opportunities.
In this context, challenger banks and other disruptive fintech firms must focus on establishing and verifying customer identities and understanding the nature of the business in which their customers are involved. Practically this means implementing effective customer due diligence (CDD) and know your customer (KYC) processes to accommodate the pressures of the pandemic, however challenger banks must base their AML responses on an understanding of the specific risks they face.
In order to implement a robust CDD/KYC response, challenger banks should understand the criminal drivers behind the money laundering activities that have emerged during the coronavirus pandemic, including:
- Medical fraud: The pandemic has led to an increase in criminal activity involving medical businesses including fraud and embezzlement related to in-demand medical and protective equipment. The criminal typology is sometimes referred to as medicrime.
- Corruption: Government economic relief schemes introduced to address Covid-19 lockdown measures have created opportunities for criminals and other politically exposed persons (PEP) to misuse or illegally divert funds.
- Cybercrime: The increase in remote work and other social distancing measures has driven a surge of new customers to online financial services and a subsequent increase in cybercrimes such as phishing, identity theft, and hacking attacks.
- Financial hardship: The unemployment and financial hardship caused by the pandemic lockdown restrictions has helped criminals leverage vulnerable people, including the elderly and the unemployed, to become involved in money laundering activities such as money muling.
Regulatory disparity: The trend towards online transactions and the need to procure in-demand items from new sources during the pandemic has increased cross border business and created opportunities for money launderers to exploit the regulatory disparity between jurisdictions.
Money launderers may engage in certain characteristic methodologies in order to exploit the CDD and KYC vulnerabilities created by the Covid-19 pandemic. With that in mind, challenger banks should be particularly vigilant for the following red-flag characteristics of money laundering when onboarding new customers or managing their transactions:
- Identity verification: Customers that are involved in money laundering may be evasive during the CDD process or be unwilling to provide important identifying information.
- Customer accounts: Money launderers that create accounts with challenger banks may do so in ways that exploit the anonymity of online services. Banks should be vigilant for discrepancies in account information such as multiple IP addresses accessing the same account.
- Transaction patterns: Unusually high volumes or frequencies of online transactions that do not fit a customer’s risk profile may indicate money laundering activity.
- Unfamiliarity with services: Customers that seem unfamiliar with the services of challenger banks but that continue to use them may be money mules that are carrying out transactions on behalf of money launderers.
- Structuring: Multiple transactions involving amounts of money just under reporting thresholds may be a ‘structured’ attempt to introduce illegal funds into the financial system using a challenger bank product.
- Vulnerable customers: Money launderers often seek to use elderly and otherwise vulnerable customers as money mules. These customers may attempt to open accounts or engage in transactions with challenger banks that do not match their risk profile.
- Geographic location: Accounts opened by customers located in high risk jurisdictions present a much higher risk of money laundering. Funds that are received from or sent to high risk jurisdictions are similarly high risk.
Given the severity of noncompliance penalties, including both financial and reputational consequences, challenger banks must find a way to address their Covid-19 and money laundering vulnerabilities without damaging the convenience and commercial potential of the services they offer. FATF guidance recommends that firms take a risk-based approach to AML/CFT: accordingly, since they focus on online services and products, challenger banks must build effective risk assessment into their CDD and KYC measures to cope with the recent influx of customers. In practice this means implementing the following AML controls:
- Identity verification: CDD relies on being able to accurately establish and verify the identities of customers, including the beneficial ownership of customer-entities. Enhanced due diligence measures should be available for higher risk customers.
- Transaction monitoring: A foundation of KYC, transaction monitoring allows firms to understand their customers’ behavior and the risk they present. During the pandemic, the transactional behavior of their new customers may be unfamiliar and challenger banks must focus on adapting their monitoring tools to accommodate changes in risk.
- Screening: Building on accurate CDD, firms must be able to screen their customers for relevant AML/CFT risk factors. These include running checks against international sanctions and watch lists, screening for politically exposed persons, and monitoring for customers’ involvement in adverse media stories.