AML Compliance and Digital Banks – Understanding the Evolving Regulatory Landscape

  • Richard Marley
  • December 29, 2021
  • 7 minutes read
  • 6664

The emergence of new technologies in FinTech, increasing use of digital currencies, and alternative forms of online payments have presented the banking sector with exceptional opportunities. At the same time, a new age of financial crime has started, where advanced tech-driven tools assist criminals in manipulating cybersecurity measures. With mass digitization, it’s no surprise global financial regulators are finding it hard to keep up with the peace of fraudsters. According to experts, the anti-money laundering solutions market is expected to touch $2385.8 million by 2036.

This has developed a challenging environment for financial firms that are obliged to stay put with Anti-Money Laundering (AML) regulations as it’s the only way of securing financial operations. Furthermore, international law enforcement bodies like IMF, FATF, World Bank, European Central Bank, and many others have come up with tips and guidelines on how to detect and eliminate the risk of money laundering and terrorist financing through digital banks.

FCA imposes £64m fine on HSBC AML Failings

The Financial Conduct Authority (FCA) recently imposed a EUR 64 million fine on HSBC and highlighted several shortcomings in the automated transaction monitoring system. This system is used to screen billions of financial transactions every month to determine the links to terror financing and terror financing. The financial watchdog identified three crucial areas of the bank’s transaction monitoring systems that need immediate attention. The FCA stated that HSBC also failed to comply with anti-money laundering directives. The bank failed to report suspicious activities as well as risk assessments to the watchdog. Moreover, HSBC also lacked to test and update the AML framework’s parameters to determine the shortcomings. For this reason, the bank could not timely determine and report to FCA regarding money laundering activities.

Mark Steward, executive director at FCA, said: “HSBC’s transaction monitoring systems were not effective for a prolonged period despite the issue being highlighted on numerous occasions. These failings are unacceptable and expose the bank and community to avoidable risks, especially as the remediation took such a long time. HSBC continued their remediation to address these weaknesses after the relevant period.”

$9 Million Fine Imposed on Texas Bank for BSA-AML Failure

According to the consent order from the Office of the Comptroller of the Currency (OCC), a civil financial penalty of $1 million was imposed on Texas Bank for failure to incorporate an internal AML control system to comply with the Bank Secrecy Act (BSA) obligations.  The bank has also failed to determine the suspicious activities related to money laundering and other financial crime and violated the SAR requirements. However, suspicious activity reporting requirements mandate the financial firm to inform FinCen regarding every unusual transaction. Between June 2016 and June 2021, the OCC has flagged the banks upon no reporting of suspicious transactions of more than $100 million. At the same time, FinCen has also imposed another $8 million penalties for the same reason. FinCEN investigation concluded that the Taxes Bank AML department had failed to investigate and report the suspicious transactions. Moreover, the banks failed to update customer due diligence forms when needed.


Global Anti-Money Laundering (AML) Regulations for Digital Banks

The rising concerns of money laundering, terrorist financing, and other crime has opened the eyes of the global regulators and financial watchdogs. Several standards, laws, and compliances are established and with time new additions are emerging to prevent the risk of crimes and to make digital banking secure.

Indonesian Financial Service Authority (OJK) 

The trend of digital banking has gained hype in Asia, Singapore, and Hong Kong. Due to this, Indonesia has come up with new digital bank regulatory compliance. The Indonesian Financial Service Authority (OJK) has recently legislated a whole new set of standards and laws, including OJK Regulation Number 12.-0JK.3/2021 on general banks (Regulation 12) which has replaced various aspects of previous regulation associated with banks. These regulations imply digital banking services like mobile and internet banking. This framework backs the digital banking sector to introduce virtual banking in the most secure way. Under regulation 12, a digital bank can be created by converting the traditional banks in the form of an Indonesian legal entity, while meeting the OJK requirements. Additionally, banks are obliged to establish robust risk management systems to determine the potential risk of financial crimes and suspicious activities.

Financial Crimes Enforcement Network  (FinCEN)

FinCEN has developed a set of currency transaction reporting (CTR) compliance that obliges digital banks and other financial institutions to fulfill identity verification, record maintenance, and suspicious transaction reporting requirements. The proposed rules expand the obligations to cash withdrawals, deposits, exchanges, and other financial payments transferred through CVC or LTDA, through digital or conventional banks. Furthermore, these requirements also fall on virtual asset wallets. These standards are developed to curb money laundering and terrorist financing activities through banks. Therefore, banks must comply with these regulations and must develop an effective monitoring and reporting framework to identify and report the unusual activities to FinCEN.

Financial Transactions and Reports Analysis Center of Canada (FINTRAC)

FINTRAC is a Canadian financial watchdog that is working to come up with enhanced standards and compliance regimes to curb the money laundering and terrorist financing activities from Canada. All the digital banks and other financial firms providing services are regulated by the Office of the Superintendent of Financial Institutions (OSFI). Following are the requirements that banks need to fulfill in order to secure their operation from criminals as well as from regulatory sanctions.

  1. Banks are obliged to identify customers’ real identities before getting them on board. Additionally, the Customer Due Diligence (CDD) procedure must be adopted for better understanding
  2. PEP and customers listed on the financial crime watchlist must be thoroughly screened and must assure Enhanced Due Diligence (EDD) is implemented.
  3. Ongoing monitoring must be carried out to determine the potential risk that customers possess
  4. Banks are needed to create risk assessment and suspicious transaction monitoring systems to determine the unusual patterns of money laundering

Tips for Digital Banks to Comply with Regulatory Obligations 

#1 Customer Identification

The digital banking sector needs to determine the true identities of the clients, for both reasons, first to curb the risk of onboarding fraudsters, and second to overcome the threat of financial crimes. This will also help the banks to comply with Know Your Customer (KYC) compliance.

#2 AML Ongoing Screening

PEPs and other entities enlisted in the sanction list are red flags for the banks. They are ranked as high-risk customers. Therefore, banks need to incorporate EDD and background screening systems to determine the risk of crimes that can have negative effects on operations. Ongoing AML screening allows updating the risk profiles.

#3 Suspicious Transaction Reporting

Under the BSA requirements and FATF 40 recommendations, digital banks are obliged to report any suspicious transaction exceeding a threshold value to watchdogs i.e FINCEN immediately. This is held mandate as by collaborating money laundering and numerous other crimes can be detected and eliminated seamlessly.

How Shufti Pro Helps

Shufti Pro’s anti-money laundering solution allows digital banks to perform customer background screening and ongoing monitoring. Powered with thousands of AI algorithms, it screens individuals against 1700+ global watchlists to develop customer risk profiles. Shufti Pro’s AML service is considered ideal for financial institutions. It helps to stay put with the regulatory obligations, save from fines and eliminate the potential risk of financial crimes.

Get in touch with the experts to know more about AML for digital banks.