Making the Right Investment
Utility Game-Changers: Solar, Wind, Hydro and Fintech
Transformations in Financial Technologies
Innovation During a Global Crisis: Digital Banking Proves its Power
Increasing Competitive Advantage with Fintech
Selim Tastan, Head of Digital Transformation and Innovation, Kuveyt Turk Participation Bank
Fintech Solutions for the Exploding Savings Market - How banks can...
Paul Knodel, CEO and Managing Director, Raisin US Inc.
Go Big Data or Go Home-Data Analytics-Enabled Compliance Programs
Kevin Gleason, Senior Vice President at Voya Investment Management and Chief Compliance Officer of The Voya Funds & Matthew Gleason, Undergraduate Computer Science Major at The University of Arizona
Is it Time to Rethink Your Wellness Strategy?
Scott Mcduffie, Senior Director with Willis Towers Watson
Thank you for Subscribing to CIO Applications Weekly Brief
Major Risks Open Banking Poses to Financial Crime Compliance
Customers may use additional services ranging from personal budgeting and expenditure alerts to private cash transfers and cryptocurrency wallets.
Fremont, CA: Compliance executives and teams at financial institutions should be worried that Open Banking would render their present AML/CTF and KYC compliance processes ineffective. An ecosystem of third-party suppliers is forming around open banking (TPPs). These organizations interact with FI systems to obtain data or transactional functions, using any manner from regulated Open Banking APIs to unmonitored screen scraping. Customers may use additional services ranging from personal budgeting and expenditure alerts to personal cash transfers and cryptocurrency wallets.
Here are key issues that compliance officers should consider when reviewing AML/CTF compliance processes for Open Banking:
• Widespread screen scraping of customer data
Many TPPs have screen-scraped data from banks' consumer online portals and applications using customers' login credentials, often without the bank's knowledge. Screen-scraping is deemed insecure, may fall beyond the established scope of existing AML standards, and its usage gets heavily regulated in the EU. As a result, banks must evaluate how to oversee this popular activity in areas where it is less regulated.
• When API technology fails, AML strategies are required.
A huge ecosystem of API vendors has evolved to assist fintech with various business operations, including KYC and AML checks. API providers might specialize in certain services. For example, while many companies offer KYC APIs, not all also provide AML/CTF checks. Fintechs may thus utilize a combination of API providers. FIs will need to examine norms and processes to manage technology failures such as API insufficiency and unavailability.
• Increased vulnerability to crypto attacks
Open Banking involves new, and well-known AML/CTF risks such as money laundering via bitcoin exchanges. Some cryptocurrency exchanges get geared to lure financial criminals by providing anonymity and concealing the source of cash. Whether regulated or not, KYP mechanisms must improve monitoring of the crypto sector for AML/CTF and sanctions adherence.
• The ecosystem demands continual scrutiny.
Concerns got raised that a TPP may get approved as an AISP – those that just read and acquire account information – but subsequently become a PISP – those that provide payment transactions without being permitted or becoming AML/CTF compliant. However, because the ecosystem will develop and evolve, vetting it for compliance will be a continual exercise for FIs.