Catching financial crime in an era of super-fast finance

By Tom Lambert

21 Mar 2023

Share

The past decade has seen a huge shift in how we bank and transact. In the UK, challenger banks like Tide, Starling and Monzo now manage around 40 percent of all SME bank accounts. That’s staggering when you consider most of these companies were founded in the past decade. These fintechs have taken significant market share from incumbents by offering better customer experiences, often founded on the speed and smoothness of onboarding.

Where and how parties transact has also greatly changed — over the same period, e-commerce penetration has more than doubled in most markets, buy now pay later (BNPL) has exploded, and so have other payment forms such as digital wallets (e.g Apple pay or PayPal).

Distribution of e-commerce spending in UK in 2021, by payment method. Source: Statista.com

Meanwhile, we’ve seen significant progress in the quality of payment rails. Real-time payment infrastructure (which facilitates near-instant 24/7 initiation, clearance and settlement of payments) has and is launching on a national level across the globe. The trend is only going in one direction — towards free, and instant payments.

This is all to say — it’s never been easier to open a bank account, set up a company, move money instantly, and transact remotely. Which has created some fantastic customer experiences — but has equally been a boon for criminals.

So what are the implications?

Financial crime is a huge issue. The United Nations Office on Drugs and Crime, estimates that up to $2tn is laundered globally each year. Traditional financial institutions (FIs) have struggled to keep up. Their software isn’t modular and doesn’t accommodate new rules easily. Nor are they cloud-native, so are unable to process the large volume of real-time data needed to accurately prevent bad actors. They’ve tended to rely on hiring huge offshore teams, often accounting for well over 10 percent of total headcount to try to keep up.

There is a high-level tension between speed of a payment and a FIs ability to prevent money laundering — the shorter the time between initiation and settlement — the less time the financial institution has to figure out if there’s an issue with the transaction. Conversion rates are a critical input in payments, and meeting crime obligations naturally erodes this. Financial crime professionals talk about adding “good friction” such as the new “Confirmation of Payee”, name-checking step we have for bank transfers in the UK, but the question is where do FIs draw the line, and how much can they prevent in real-time before the payment settles?

This challenge will only increase with international instant payments, such as the European Commission’s recently proposed EU-wide faster payment scheme — SEPA instant debit. Where FIs need to make these decisions over a much bigger, more complex geographic area.

Regulators are trying to make FIs keep up, and last year handed out fines totalling almost $5bn — up more than 50 percent from 2021. In December 2022, Santander was fined £108m in the UK for failures in its business banking anti-money laundering system, which is a common problem.

Equally, maturing fintechs are starting to get more and more scrutiny from regulators. Once fintechs get to a certain scale, such as after a high-profile funding round, they often see a surge in fraud attempts. Banking-as-a-service (“BaaS”) providers, which often passport their own E-money license and are responsible for transactions and accounts on their infrastructure, will also come under the microscope (such as recent events at Railsr) — especially as embedded finance moves further from core fintech use cases and the end companies are less financially sophisticated.

Taking up the challenge

We’re only going to hear about more and more sophisticated crimes in the coming years but here are a few areas we’re hopeful will minimise the impact — alongside some of our existing portfolio companies such as Riskified, SmileID & Xelix.

1. Better effectiveness testing

Unlike fraud, money laundering is very hard to track because both sides of the transaction are complicit. If you don’t prevent it, it’s hard to measure the effectiveness of your controls. Cable, a LocalGlobe portfolio company, is building an all-in-one effectiveness testing platform making it far easier for fintechs and FIs to comply.

2. Facilitating incumbents’ shift from services to cutting-edge software

Banks have been on a digital transformation creep — slowly embracing cloud, open-source code and third-party software. Yet in the area of financial crime, where there’s a real need for greater automation and real-time decision-making, they’re struggling, and mostly rely on large back-office teams and highly bespoke, consultant-heavy, vendors such as Fenergo. But developer-led tooling is entering banks’ architectures. Barclays already uses Onfido and we’re hopeful for providers such as Ballerine, which is creating open-source software that allows FIs to use best-in-class providers while easily customising it to their own processes & infrastructure. Selling to banks comes with major challenges and any successful provider will most likely get strong adoption within fintechs first, as Onfido has.

3. Better Know Your Business (KYB) tooling

The breadth and complexity of remote onboarding use cases is only growing. New regulations such as the EU’s Digital Services Act will require marketplaces to perform KYB checks on any business selling to consumers on their platform. So many more checks will need to be done, which are often much more complex than for Know Your Customer (KYC). There will be an opportunity to build tooling & infrastructure for this, such as Middesk or Ondorse, that tailers to more complex business use cases & can support fintechs that want to be inherently global from day one.

4. Novel approaches to online identity

Synthetic ID fraud is on the rise, and is only going to be supercharged by artificial intelligence advancements. Deep fake video will no doubt be used effectively to bypass ID verification measures. But equally, there’s vast repetition in instances where we authenticate ourselves and do KYB/Cs. There must be a better and more efficient way! Digital wallets have a huge opportunity to own identity and perhaps governments will launch new ID schemes in the meantime, as William Hague and Tony Blair have recently proposed in the UK.

These problems have been compounding over years as the world has got more connected and transactions became more seamless. Now is the time for novel solutions to marry FI’s often competing goals of improving customer experiences while reducing financial crime.