Transaction monitoring: Bridging the gap between innovation and regulation
The benefits of bank-fintech partnerships are clear: Fintechs get access to critical infrastructure for building innovative new financial tools; meanwhile, banks get access to this innovation and gain the opportunity to grow accounts in new markets.
But balancing these advances also comes with tension, especially around the main risk management pillars: Bank Secrecy Act (BSA), anti-money laundering (AML), and transaction monitoring. Regulators haven’t offered clear guidance on how to apply old rules around compliance and risk to new financial technologies that present new use cases for fraud and financial crime. That makes it hard to know what transaction monitoring approaches actually work for fintech use cases. A customized BSA/AML Compliance Program mapped out with an experienced API banking as a service provider (BaaS) will mitigate potential risk to your business.
Treasury Prime Associate General Counsel and VP of Compliance Solutions at Treasury Prime Sheetal Parikh moderated a discussion with Unit21 Head of Partnerships Matt Lifshotz and Treasury Prime Compliance Manager Tanya Corder about the need for transaction monitoring tools to transform in this new era for banking. Here are some highlights from the webinar.
Who is responsible for monitoring transactions?
Under the Bank Secrecy Act, traditional financial institutions are responsible for reporting suspicious activity such as money laundering and sanctions violations to regulators. That means that the roles and responsibilities of transaction monitoring “really live with the financial institution,” said Treasury Prime’s Corder.
Fintechs still face consequences. If their actions get their bank in trouble, that means the fintech’s whole business is on the line. That said, how US regulations apply to fintechs “hasn’t been ironed out.” But mindsets are shifting, according to Corder.
“We see new entrants of banks decreasing, and fintechs are booming all over the globe. And it's because of their cutting-edge innovations like blockchain and artificial intelligence. All of these nuances are ushering in new ways of doing business in the financial industry. And I think regulators are seeing this and they recognize that as well,” she said.
New forms of fraud on the rise
Great customer experience, including “the ability to quickly and seamlessly open accounts online,” is one of the major benefits fintechs bring to banking, said Unit21’s Lifshotz.
But this innovation doesn’t just transform how legitimate customers on board with a product — it also changes the avenues by which bad actors commit fraud.
“We've seen cases where identities were stolen, and then rapidly used to create a large number of accounts across a fintech … up to 100 accounts under each identity,” said Lifshotz.
The accounts would then pull in a large number of small deposits through fraud, and then transfer those amounts to a single account. Fraudsters might repeat this process several times, then ultimately transfer money out to an external bank account.
Traditional models of fraud monitoring may not pick up on these kinds of activities “because in a traditional approach to transaction monitoring, we're often looking at these at a transaction by transaction basis, and so we're not necessarily getting that holistic picture,” said Treasury Prime’s Parikh.
Role of transaction monitoring tools
Banks run into challenges when they are trying to use dated transaction monitoring tools to prevent new forms of money laundering or fraud. The tools banks may have relied on for years don’t necessarily capture the type of activity you need to watch for in a fintech environment.
“The very nature of fintech business is very different from regular banking activity. It requires a different approach to transaction monitoring,” said Corder.
Ultimately, what regulators care about is not whether a bank used a familiar tool, but whether the bank’s overall approach sees results. Banks must work with their fintech partners to monitor for fraud — and that also means working with third-party compliance tools to pull and analyze all relevant data. To be fully effective, these third-party tools must be integrated with the fintech, bank, API banking as a service (BaaS) provider, and other players.
“What regulators really want to see is effective risk management. And with traditional tools that banks are using to monitor banking activity there, there's always like a piece of that puzzle missing,” said Corder.
On the flipside, fintechs need to position themselves for the future. As innovations in the financial industry progress, so will the laws that apply to the industry. Corder recommends fintechs educate themselves about the Bank Secrecy Act/Anti money laundering space and get involved with their partner bank when it comes to dealing with compliance.
Parikh said taking ownership of transaction monitoring is also necessary for fintechs to scale.
“You look at the top performing fintechs globally, and they all are controlling their own compliance program. So it just seems this space is so inherently regulated, there's no way to grow without — at some point — taking some level of ownership of it,” she said.
To learn more about how API banking provider Treasury Prime and compliance partner Unit21 can help your bank or fintech stay compliant in today’s landscape, contact us.