Payments Service Providers (PSPs) face the same financial crime risks as banks and other financial institutions. These risks, which arise from the facilitation of financial crime, include financial losses, reputational damage and regulatory action and fines.
Here we look at 6 ways PSPs can mitigate the risk of financial crime by reducing their risk exposure:
1. Establish a risk-based approach
First and foremast, adopting a risk-based approach to AML/CFT controls is central to the implementation of the Financial Action Task Force (FATF) Recommendations. Within the framework of the FATF requirements, a risk-based approach allows the adoption of a more flexible set of measures that targets resources and controls more proportionately and effectively. Rather than a “one-size-fits-all” solution, AML/CFT controls can be tailored to the risk context.
When identifying the financial crime risk, PSPs should consider a range of risk factors such as customer, product and activity profiles; distribution channels; type, volume and complexity of permitted transactions; processes and systems; and the operating environment.
2. Gain a thorough understanding of financial crime risks
Effective systems and controls can only be applied with a thorough, holistic understanding of financial crime risks. Risk assessments should be business wide, comprehensive, and draw on a wide range of data sources. They should also be proportionate to the firm’s operations.
While financial institutions and even regulators may view financial crime risks arising from the likes of money laundering, corruption, bribery, trafficking and so forth in silos, this should be avoided; a risk assessment encompassing all types of financial crime is important.
Business-wide risk assessments should determine the level of risk associated with individual relationships. Both risk assessments should be regularly reviewed, or better still, be a continuous process.
3. Use advanced AML systems enhanced with AI
In its 2021 report, Opportunities and Challenges of New Technologies for AML/CFT, the FATF endorses the use of new technologies to enhance overall AML/CFT capabilities. Technology improves the ability to monitor criminal activity and collect and visualise data while using resources more efficiently.
The FATF recommends the use of AI-enhanced transaction monitoring as it can allow regulated entities to comply with greater speed, accuracy and efficiency. Artificial intelligence (AI) and machine learning are especially useful when applied to big data to strengthen ongoing monitoring, distinguish normal from suspicious activity in real-time, and filter cases that require additional investigation.
Machine learning, which is the currently the best-known form of AI, also provides the ability to automate the process of risk analysis partially or fully by analysing a greater volume of data and identifying emerging risks. This can increase the degree of confidence when applying risk-based measures.
Predictive analytics can also be very useful for the early identification of potential issues and emerging risks at onboarding or when making a new account application.
You can catch up with a Regulation Asia webinar to learn more about the applications of AI, machine learning and data analytics in AML here.
4. Build a culture of compliance with clear responsibility
Risk mitigation in technology-driven PSPs ultimately begins with strong senior management leadership and a risk appetite that’s in line with the level of risk faced. Proactive risk mitigation, detection and prevention must be standard practice and be led from the top by senior executives.
It is down to senior leaders to firstly ensure awareness of financial crime risks across the entire organisational ecosystem, and secondly to support understanding, education and culture reinforcement with regular training and appropriate AML policies, procedures and controls.
Importantly, there should be clear lines of organisational responsibility to prevent financial crime.
5. Develop proportionate policies, controls and procedures
Done well, policies, controls and procedures will equip PSPs to identify, assess, monitor and effectively manage financial crime risks.
Regularly reviewed and audited policies and procedures are essential. There should be clear documentation of a firm’s approach to mitigating the financial crime risks it identifies, and the steps it will take to respond to new risks.
Policies and procedures should be proportionate to the nature, scale and complexity of activity. For example, placing restrictions on cross-border payments, avoiding high risk jurisdictions or limiting use to a single location will reduce the risk of facilitating money laundering. Similarly, placing restrictions on the volume and value of transactions in high risk markets will reduce risk too.
6. Engage with regulators
Last but not least, proactively engaging with relevant regulators creates a dialogue to mutually improve understanding of the payments system, evolving financial crime landscape and key trends in products, services, technologies and regulatory priorities.
This is important as regulators increasingly recognise the significance and scale of PSPs within the global financial system. Many regulators are keen to actively engage with PSPs to learn and improve their approach to tackling the risks and regulatory challenges.
Discover next-generation financial crime compliance technology