Payments Insights - ComplyAdvantage https://complyadvantage.com/insights/industry/payments/ Better AML Data Wed, 29 Mar 2023 11:51:31 +0000 en-US hourly 1 https://complyadvantage.com/wp-content/uploads/2019/04/cropped-favicon.png Payments Insights - ComplyAdvantage https://complyadvantage.com/insights/industry/payments/ 32 32 PingPong Payments streamlines compliance process through automation https://complyadvantage.com/insights/pingpong-streamlines-compliance-through-automation/ Thu, 27 Oct 2022 08:08:42 +0000 https://complyadvantage.com/?p=67900 PingPong needed a solid solution to streamline its due diligence checks to meet its compliance obligations across many different jurisdictions and build trust with its new and expanding customer base.

The post PingPong Payments streamlines compliance process through automation appeared first on ComplyAdvantage.

]]>
Founded in 2015, Hangzhou-based PingPong Payments is one of the largest payment and digital trade solution providers globally, serving almost 1 million international businesses, individuals, large enterprises, and financial institutions. 

PingPong’s advanced technology platform allows business to be conducted in any market and currency worldwide. The company’s products include e-commerce and B2B trade payments, acquiring services, card issuing, FX management, supply chain finance, VAT tax services, enterprise solutions, business intelligence software, and more. 

PingPong needed to accelerate the pace at which it was able to create new accounts and onboard customers. This had to be done without compromising response times for existing customers.

At the same time, PingPong needed a solid solution to streamline its due diligence checks to meet its compliance obligations across many different jurisdictions and build trust with its new and expanding customer base.

Prioritizing cost-effectiveness, speed, and responsiveness

With PingPong’s previous name-screening solution, the company experienced slow response times and a lack of customer support. These frustrations pushed PingPong to look for an alternative that could match their needs in terms of cost-effectiveness, speed, responsiveness, customer support, and usability.

“ComplyAdvantage stood out against legacy providers in the market and gave us the confidence that it could deliver – more like a partner than a vendor.”
– Cyrus Tong, Regional Chief Compliance Officer, PingPong

Complementing business philosophies 

PingPong chose to partner with ComplyAdvantage because the solutions on offer matched its customer-centric business philosophy.

“We want our partners to have the heart to do things like us – always wanting to do things better and faster for our customers. Just as we provide the best experience for our customers, we believe ComplyAdvantage can provide the same thing for us.”
– Cyrus Tong, Regional Chief Compliance Officer, PingPong

PingPong saw the benefit of its partnership with ComplyAdvantage following Russia’s invasion of Ukraine. “In the Russia and Ukraine war, we saw a swift reaction from ComplyAdvantage,” said Cyrus Tong. “They immediately uploaded all the names and requirements into their network, proving that they too value the importance of speed and accuracy for their customers.”

Streamlining the review process

With the ComplyAdvantage customer screening solution, PingPong was able to implement an automated process to reduce the human resources required for transaction reviews. This also limits the potential for human error in its compliance teams.

At the beginning of the relationship, PingPong used ComplyAdvantage for 20-25% of its compliance operations. Since then, this has increased to 100%. According to Tong, this increase is due to the relationship that was deepened through PingPong’s dedicated local customer success manager. “Having our customer success manager in the same time zone as us helped ComplyAdvantage better understand our business models, needs, and internal systems,” said Tong. 

As PingPong’s business continues to expand across the world, the company plans to roll out its ComplyAdvantage customer screening solution across its global businesses. 

 

Improve your operational efficiency with ComplyAdvantage

At ComplyAdvantage, our autonomous systems refresh entity profiles within minutes of a change. ComplyAdvantage can help you uncover hidden threats to your business at digital speed by removing manual intervention and freeing up your compliance teams.

Request Demo
 

The post PingPong Payments streamlines compliance process through automation appeared first on ComplyAdvantage.

]]>
Lumon tackles money laundering typologies with new rule sets deployed in 48 hours https://complyadvantage.com/insights/lumon-tackles-new-typologies-deploying-rule-sets-within-48-hours/ Tue, 09 Aug 2022 14:46:11 +0000 https://complyadvantag.wpengine.com/?p=65074 Lumon has provided overseas payments and foreign exchange services to private individuals, small-to-medium enterprises (SMEs), and larger corporates for over two decades.

The post Lumon tackles money laundering typologies with new rule sets deployed in 48 hours appeared first on ComplyAdvantage.

]]>
Lumon has provided overseas payments and foreign exchange services to private individuals, small-to-medium enterprises (SMEs), and larger corporates for over two decades. Alessio Giorgi, Head of Compliance and MLRO at Lumon, says the most significant compliance challenge for global payment firms is managing financial crime risk effectively. Regulations, such as the EU’s 5th Anti-Money Laundering Directive (5AMLD), have sought to mitigate the risks inherent to cross-border payments by introducing enhanced due diligence measures for high-risk third countries and increased beneficial ownership transparency.

To remain compliant with these regulations while responding to emerging overseas payments threats, Lumon partnered with ComplyAdvantage for its customer screening and monitoring and transaction monitoring solutions.

A long-standing partnership

Lumon’s relationship with ComplyAdvantage stretches back many years. Initially, the company was looking to replace its legacy customer screening solution, having grown tired of the limited connectivity between the company’s compliance function and its systems. Lumon wanted a solution with API-led connectivity and the ability to manually upload transaction data.

Lumon found many of the products provided by incumbent providers were not suitable for FinTechs. But in ComplyAdvantage, Giorgi says the team “saw a business that knew there was a gap in the market to support FinTech businesses.”

Over the years, the two firms have scaled successfully together. According to Giorgi, ComplyAdvantage’s adoption of artificial intelligence (AI) and machine learning was key to solidifying the partnership. Automation at speed, accurate data, and the ability to categorize and organize relevant risk data allowed Lumon to generate better insights and apply them throughout its system more efficiently.

Game-changing solutions

ComplyAdvantage’s payment screening functionality in its Amazon Web Services (AWS)-based transaction monitoring solution was a “game-changer” for Giorgi, allowing Lumon to centralize its payment screening and transaction monitoring activities within one team, connected to one system via a single API.

The solution’s connectivity and ComplyAdvantage’s quick response times provide Lumon with peace of mind when managing its risk exposure. The reliability of ComplyAdvantage’s customer success team was also lauded by Lumon. Giorgi explained he’s able to share his concerns, questions, and problems with his dedicated customer manager, knowing a response with proposed solutions will be in his inbox the following morning.

“ComplyAdvantage is supportive, responsive, and has a solution that is at the forefront of RegTech.”

– Alessio Giorgi, Head of Compliance and MLRO at Lumon

Managing pandemic fraud risks

ComplyAdvantage’s transaction monitoring solution has allowed Lumon to uncover new insights into customer activity, enabling the payments firm to detect new or emerging typologies and then build rules to mitigate them.

“ComplyAdvantage’s solutions help us sleep better at night, knowing that we’ve got the right systems and controls in place and that they are effective.”

– Alessio Giorgi, Head of Compliance and MLRO at Lumon

For example, during the early stages of the pandemic, Lumon saw a sudden increase in COVID-related investment fraud. Within 48 hours of identifying this, Lumon developed and deployed new rule sets to combat the threat and prevent more customers from falling victim to scams.

“Deploying the ComplyAdvantage solutions has given us more control over our overall financial crime risk management framework,” said Giorgi. “I would definitely recommend ComplyAdvantage to other businesses, particularly those with ambitions to grow at pace.”

Improve your operational efficiency with ComplyAdvantage

At ComplyAdvantage, our autonomous systems refresh entity profiles within minutes of a change. ComplyAdvantage can help you uncover hidden threats to your business at digital speed by removing manual intervention and freeing up your compliance teams.

Request Demo

The post Lumon tackles money laundering typologies with new rule sets deployed in 48 hours appeared first on ComplyAdvantage.

]]>
What is Payment Fraud? https://complyadvantage.com/insights/what-is-payment-fraud/ Tue, 26 Jul 2022 09:01:11 +0000 https://complyadvantag.wpengine.com/?p=64273 Payment fraud is when someone steals another person’s payment information – or tricks them into sharing it – to make false or illegal transactions. The 2022 AFP® Payments Fraud and Control Survey reports that 71% of organizations were victims of […]

The post What is Payment Fraud? appeared first on ComplyAdvantage.

]]>
Payment fraud is when someone steals another person’s payment information – or tricks them into sharing it – to make false or illegal transactions.

The 2022 AFP® Payments Fraud and Control Survey reports that 71% of organizations were victims of payment fraud attacks/attempts in 2021, costing businesses billions of dollars globally.

Customers must trust that their money is in safe hands. But one of the most challenging aspects of recognizing and tackling payment fraud is the complexity of the interconnected networks that underpin it.

Payment Fraud: Part of a Broader Ecosystem

To understand payment fraud risks, it’s important to situate the typology in its broader context. Payment fraud is committed within a broader ecosystem of crimes. It depends on previous offenses (such as identity theft or data breaches) to occur. After it’s been committed, it often becomes a predicate offense to money laundering or is used to fund further criminal activity. 

Payment Fraud – A Predicate Offense for Money Laundering

The EU has identified fraud as one of the 22 key predicate offenses leading to money laundering and terrorist financing (ML/TF). Therefore, to understand payment fraud, it’s equally necessary to understand the ML/TF crimes that often follow it. This is crucial to grasping how payment fraud risk feeds into firms’ anti-money laundering and countering of terrorist financing (AML/CFT) risks.

Predicate Offenses to Money Laundering

Laying the Groundwork – Data Theft

In order to commit payment fraud, criminals rely on the theft of personally identifiable information (PII). Although some types of transaction fraud depend on guessing or forging this information, obtaining it directly is a straightforward way to successfully execute a fraud event. The fraudster can use this information to commit identity theft – or even forge a synthetic identity out of a blend of PII – which then facilitates subsequent fraud schemes. Although data theft is a crime that often leads to fraud, it does not constitute fraud on its own. 

Some of the most popular methods for obtaining this information rely on social engineering – using deceptive tactics to trick people into divulging information they normally would protect. By means of fraudulent emails, texts, calls, or web and social media pages, phishing convinces its victims to divulge sensitive data, download malware (such as ransomware), or even send funds. Its variations have earned a range of nicknames, including smishing (SMS scams), vishing (phone scams), whaling and spear phishing (targeting specific groups of people), and pharming (website impersonation). 

At times, this information may be obtained by other means – sometimes aided by phishing – such as point-of-sale (POS) hacks and other data breaches. One of the more pernicious types of data breach is an Advanced Persistent Threat (APT) attack, which involves infiltrating a network to engage in illegal data mining. Distributed Denial of Service (DDoS) attacks, while not themselves data breaches, can provide cover for them.

Types of Payment

The two main categories of payment types are card-present (CP) transactions and card-not-present (CNP) transactions. Despite the self-explanatory terms, these payment types are identified by more than the physical presence of a debit or credit card.

Card-present (CP)

CP transactions occur when electronic payment data is captured in-person, at the time of sale. This includes cards that are physically swiped via a card reader or digital wallets that are tapped on a contactless-enabled terminal. Examples include point-of-sale (POS) systems, card readers connected to tablets or smartphones, and contactless payments such as Apple Pay.

Card-not-present (CNP)

CNP transactions occur when the data on a card’s magnetic strip or chip is not provided with the transaction. CNP transaction methods include online shopping carts, subscription billing, phone orders, and payments on apps or smartphones that don’t require a card reader.

Types of Payment Fraud

After obtaining sensitive data, a fraudster can exploit it with various transaction fraud schemes. Though in-person fraud can and does occur, more schemes are remote – part of the global digital fraud trend.

CP fraud occurs through the use of stolen credit and debit cards, cloned cards, or cards that were applied for fraudulently. Given the accessibility of fake IDs, this type of fraud can be difficult to spot in the moment, relying on legitimate cardholders making a report. 

CNP fraud occurs when a customer does not physically present a bank card during the fraudulent transaction. With the rise of digital payments, this type of fraud represented 80% of all card fraud as of 2019, according to the European Central Bank’s Seventh Report on Card Fraud. It can take multiple forms, including:

  • Fraudulent payment at point-of-sale (POS) – The fraudster convinces the clerk to manually key payment information in for a card they do not have with them. Manual entry creates a force-posted transaction, which bypasses the normal authentication checks required in a standard card transaction. The transaction will go through even if there are not sufficient funds and may even bypass security measures for a card that’s been reported stolen – leaving the merchant vulnerable to chargebacks for breach of terms.
  • Fraudulent payment online or over the phone – The fraudster submits payment information as though they were the true card owner. This is sometimes known as a carding attack when it’s done via a rapid-fire, automated process. If the transaction is executed without flagging transaction monitoring, the act can go undetected unless the actual account holder reports it.
  • Prepaid card fraud – Stolen payment information is used to activate prepaid cards, which are often anonymous or low-security. This is a popular carding fraud target and can involve multiple automated orders at once. Alternatively, a scammer may activate the cards without paying by tricking a store clerk over the phone (vishing) or in person.
  • Bank Identification Number (BIN) attacks – This is an example of a type of payment fraud that doesn’t require the theft of PII. In this case, fraudsters use a Luhn algorithm and other tactics to automatically generate and test a series of possible card numbers by attempting transactions until valid cards go through. This is partly based on publicly accessible BIN lists.

Outside of CP and CNP fraud, several other schemes are worth noting. Some of these methods are on the rise. They include:

  • Authorized push payment (APP) fraud – In this scheme, a fraudster uses phishing tactics to trick a customer into authorizing a real-time payment to an account controlled by the fraudster.  In 2021, APP fraud rose by 40% in the UK, accounting for 44% of all fraud as compared to card fraud, which sat at 40%.
  • Account takeovers – In short, this involves an account being hacked such that the fraudster has direct access to funds that are not theirs. In the case of bank and credit card accounts, this allows them to request replacement cards to use physically. But other accounts can be hacked, including peer-to-peer payment and crypto accounts. 
  • POS cloning – This involves duplication of a merchant’s real payments terminal to allow the fraudster to commit illicit transactions. These may include fraudulent returns, as detailed in a report by Visa.
  • Refund and chargeback fraud – Consumers fraudulently attempt to secure a refund through the chargeback process by contacting the merchant directly. This is sometimes known as “friendly fraud.”
  • Advanced fee and wire transfer scams – In this scheme, fraudsters target victims to make upfront or advanced payments for goods or services that do not materialize. This can include career opportunity scams and psychic scams

Additional kinds of payment fraud involve digital wallets, double-dipping, and triangulation fraud. These and other schemes expose customers and firms to risks that are important to evaluate and mitigate.

How to detect and prevent payment fraud? 

Having established the interconnected nature of payment fraud – including how it can contribute to money laundering and terrorist financing – firms can better consider how to incorporate this understanding into an effective risk program.

What is payment fraud’s place in a firm’s wider risk management system? Here’s how to think about payment fraud as part of a holistic risk and compliance framework.

1. Update Risk Assessments

A regularly-updated, company-wide risk assessment is crucial for a solid AML/CFT program – as well as for fraud prevention and mitigation. ACAMS includes fraud risk in its comprehensive AML-based risk assessment for firms, and the Australian government considers it so important that it’s published a comprehensive fraud risk assessment guide for firms. Given fraud’s status as a predicate crime, it’s critical to ensure all risk assessments are updated to include fraud risks, anti-money laundering, and terrorist financing risks.

2. Recognize Red Flags

Once a reliable risk assessment has been performed, fraud and risk teams will be better equipped to evaluate relevant red flags in line with their firm’s risk appetite. Although risk indicators are highly contextual, and often rely on a combination of other factors to establish high risk, there are some general areas of concern to be on the lookout for. Warning signs to bear in mind include behavior deviations atypical for a customer profile, such as: 

  • Shipping addresses too far from an IP address
  • Atypical transaction amounts, volumes, or velocities
  • Atypical transaction types or merchant categories
  • ID document or other PII discrepancies
  • Transactions exceeding the account balance or credit limits
  • Unusual cross-border transactions
  • Repetitive refunds or chargebacks

3. Implement Effective Measures

A risk-based approach built around customer profiles, security, and payment flows is key to a robust payment fraud risk-mitigation program – alongside employee and customer awareness of red flags. 

Proactive KYC and customer due diligence can help firms better understand their customers, but managing payment fraud risks needs to take place at every stage of the customer journey and throughout firms’ functions, from back-end to customer-facing.

Online payment fraud, in particular, is dynamic and will keep changing as criminals access new technology and techniques to circumvent controls – and firms need to be able to detect changing tactics.

Alongside encryption of transactions, regular changing of login credentials, and the use of up-to-date software, there are other measures that firms should consider: 

  1. Integrate biometrics and advanced identity verification (IDV) solutions during onboarding. Face, voice, fingerprints, or even veins in the hand or eyes, can enable strong authentication. However, consider if the technology is user-friendly, cost-efficient, and can be integrated into the broader KYC process.
  2. Dynamic transaction monitoring solutions can monitor risks in real-time, with practical case management that helps analysts prioritize the most high-risk alerts. 
  3. Optimize with artificial intelligence (AI). While firms have adopted machine learning to automate processes, many are not optimizing their ability to help detect and tackle payment fraud. AI overlays can enable alert prioritization by risk – reducing operational costs and false positives and processing large datasets more efficiently to help analysts detect fraud more quickly and effectively. 
  4. Identify and complete regular training programs. Europol, for example, has organized courses on the forensics of payment card fraud. Topics include examining skimming devices, ATM logical attacks, and malware attacks.
  5. Share fraud intelligence and information on incidents amongst firms and regulators – and with AML/CFT compliance departments. 

In our 2022 State of Financial Crime survey, we identified fraud among the top 3 predicate offenses of concern for firms around the world. Fraud’s connection to money laundering and terrorist financing is becoming so clear that some firms have begun to refer to fraud and anti-money laundering as FRAML.

This highlights the vital importance of close communication and cooperation between fraud and AML/CFT departments within an establishment – yet all too often, these departments’ data and communications remain siloed. To ensure seamless collaboration and mitigation of FRAML risks, firms should consider an approach that opens the lines of communication and embraces active collaboration between both departments.

Payment Fraud Success Story: RealPage

Property management firm RealPage processes up to 100 million transactions annually across a portfolio of more than 19 million properties worldwide. As a payments provider, it has a regulatory obligation to monitor transactions through its payment product, to ensure property management companies and their residents are effectively protected from illicit activity such as payment fraud. 

RealPage needed a transaction monitoring solution that could screen for evolving fraud typologies in near real-time. The ability to do this using custom scenarios not used by traditional financial institutions was key. Effective case management was also critical to enable analysts to manage and triage alerts effectively. 

To find out more, read the full RealPage story.

Request a Demo

See how 1000+ leading companies are screening against the world's only real-time risk database of people and businesses.

Demo request

The post What is Payment Fraud? appeared first on ComplyAdvantage.

]]>
A Guide to AML for Cross-Border Payments & Remittance https://complyadvantage.com/insights/aml-payments-guide-remittance/ Mon, 18 Jul 2022 07:01:32 +0000 https://complyadvantag.wpengine.com/?post_type=resource&p=64097 As financial crime typologies, payments use cases, and regulatory technologies evolve, how should compliance teams in remittance and cross-border payment firms build and scale their anti-money laundering (AML) programs?

The post A Guide to AML for Cross-Border Payments & Remittance appeared first on ComplyAdvantage.

]]>
 

 

The post A Guide to AML for Cross-Border Payments & Remittance appeared first on ComplyAdvantage.

]]>
ComplyLaunch Customer Spotlight: ekko https://complyadvantage.com/insights/complylaunch-customer-spotlight-ekko/ Mon, 20 Jun 2022 10:59:19 +0000 https://complyadvantag.wpengine.com/?p=61841 Meet ekko, a new challenger fintech with built-in eco-initiatives that allow users to track their carbon footprints. We caught up with co-founder and Head of Operations Manish Vara to learn more.

The post ComplyLaunch Customer Spotlight: ekko appeared first on ComplyAdvantage.

]]>
Creating a global framework for Sustainable Development Goals-compatible finance has been a growing concern for climate-conscious banks since The Paris Agreement and COP26. But with fossil fuel financing routinely making headlines and a goal of net-zero by mid-century on the horizons of most major global economies, the concern among policymakers is becoming increasingly acute. 

ekko is a new challenger fintech that responds to this concern by “turning the tide on climate change” through built-in eco-initiatives that allow users to track their carbon footprints. We caught up with co-founder and Head of Operations Manish Vara to learn more.

Introducing ekko 

“The idea behind ekko came about in early 2020 when my three co-founders and I were talking about climate change in the pub,” says Vara. “We were all from a financial services background and knew a lot about retail banking etc., […] and we asked ourselves how we could combine something that everyone does on a day-to-day basis (banking), with the climate crisis and create a solution – not the solution, but a solution. 

“As we discussed this we realized that we all faced the same problems – we all wanted to do our bit for the environment but felt constrained by time, money, and/or knowledge to do it well. […] And when we expanded our conversation to others, we found that a lot of people revert to thinking it’s a problem for the government or big businesses to fix – which is definitely true but we wanted to provide a solution for the individual.”

With an ekko account, every five transactions pays for one ocean-bound plastic bottle to be collected, and every fifty transactions pays for a tree to be planted in partnership with the Mastercard priceless planet coalition

“To make the user’s impact as tangible as possible,” continues Vara, “with ekko they’ll be able to see how their personal transactional behavior affects the environment and what their carbon footprint looks like in light of the tree planting and bottle collecting done in their name.” 

Mitigating mindless consumption

In addition to its banking services, ekko also has its own marketplace. “We’re trying to bring together a curated list of sustainable retailers to help our customers make more informed, conscious decisions about how and where they spend their money.”

“Our goal is to make it as easy as possible for people to be more carbon conscious. Hopefully, they’ll be educated along the way which will help them make better choices and continually progress towards making a long-term positive impact.”

Increased investor control

“One of the things I love most about building ekko is the fact that it’s a greenfield project,” shares Vara. “When we started, the whole concept was totally new and we didn’t have any legacy things to hold us back or bring us down. […] All the decisions we make are totally environmentally conscious and we have the freedom and flexibility to make sure this is maintained for maximum positive impact.

“But what’s also great about ekko is the amount I have learned about my own transactional behavior. Because I have increased visibility of the impact my spending has, I have a much clearer idea of what makes up my carbon footprint and how to make much smarter decisions when it comes to where I spend my money.”

From idea to reality

“My proudest achievement has to be my first transaction on my ekko card. I mean, don’t get wrong, my first transaction wasn’t a big one – I bought a bar of chocolate from Tesco! […] But the whole journey built up to that moment and it was incredible.” 

Positive engagement

“When you educate people the wrong way about climate change, everything becomes very negative. Everything is doom and gloom and, from a branding perspective, you have an overload of dark colors and negative imagery. We want to be a positive voice to encourage others to be positive about their impact and the potential they have to individually make a difference. 

“This is why our brand colors are so vibrant! The card’s design is different and it catches people’s attention. […] We don’t want to be like everyone else. We don’t want to be all doom and gloom. We don’t want to be another bank. We want to be a positive change.”

What’s next for ekko?

“Right now we are onboarding customers across the UK. We’re actively listening to our customers as we want to make sure we are delivering what they want first, in terms of prioritizing some of the things we want to work on, and getting it completely right for them.”

Are you an early stage fintech and need a KYC and AML solution?

Ready your start-up for scale with free access to our transaction monitoring and customer screening tools through ComplyLaunch.

Register for ComplyLaunch today

Follow ekko:

Website
Facebook
Twitter

LinkedIn
Instagram
Connect with Manish Vara

The post ComplyLaunch Customer Spotlight: ekko appeared first on ComplyAdvantage.

]]>
Payment Service Regulations https://complyadvantage.com/insights/payment-service-regulations/ Thu, 17 Mar 2022 09:58:09 +0000 https://complyadvantag.wpengine.com/?p=60931 For payment service providers (PSPs) to connect merchants to the wider financial system, they must comply with relevant jurisdictional payment service regulations. Regulated payment services generally include provisions relating to payment accounts, executing payment transactions, issuing payment instruments, acquiring services, […]

The post Payment Service Regulations appeared first on ComplyAdvantage.

]]>
For payment service providers (PSPs) to connect merchants to the wider financial system, they must comply with relevant jurisdictional payment service regulations. Regulated payment services generally include provisions relating to payment accounts, executing payment transactions, issuing payment instruments, acquiring services, and typical open banking services. PSPs that do not comply with relevant regulations can face financial or criminal penalties.

What are payment service regulations?

Payment service regulations are the rules set out to ensure PSPs complete comprehensive due diligence to mitigate the risk of financial fraud. 

Payment service regulations differ across jurisdictions. Some countries and international bodies – including the European Union, Singapore, and Canada – have modernized their frameworks in recent years, using a risk-based approach to address new business models based on offering multi-faceted services subject to both overlapping regulations and, in places, gaps in regulatory oversight. 

Payment service regulations in the UK

The main piece of legislation governing payment services in the UK is the Payment Services Regulations 2017 (PSRs 2017). PSRs 2017 broadened the extent of payment services regulations in the UK and brought third-party payment service providers (TPPs) within the scope of regulation for the first time. 

To improve consumer protection and competition, PSRs 2017 also introduced changes to the way businesses manage client relationships, including client documentation and communicating with clients if a security incident occurs that might impact their financial interests. These changes not only brought regulations into line with developments in the market for payment services, but also introduced better assistance from PSPs to victims of fraud.  

In 2021, the UK’s regulator, the Financial Conduct Authority (FCA), set out a further set of rules to help protect customers from e-commerce fraud. As a result, strong Customer Authentication (SCA) will be expected of all banks and other payment service providers by the extended deadline of March 14th, 2022

Request a Demo

See how 1000+ leading companies are screening against the world's only real-time risk database of people and businesses.

Demo Request

Payment service regulations in the EU

Becoming law in 2018, the Second Payment Services Directive (PSD2) is an integral European regulation for electronic payment services that builds on the legislative framework set out by the previous Payment Services Directive established in 2009.

Promoting open banking and intending to improve consumer choice and reduce fraud, two of the directive’s main objectives relate to Strong Customer Authentication (SCA) and the emergence of new regulated PSPs. However, under the PSD2 TPPs are also able to access account information held by banks, mitigating their need to go through an intermediary service provider when they need to process a payment.

Although the UK left the European Union on December 31st 2020, PSD2 remains applicable in the UK as it was transposed into national law in 2017. As a result, the UK broadly aligns with the guidelines and recommendations in PSD2, in order to maintain steady relations with European financial institutions. 

Payment service regulations in the US

Payment service regulations in the US are distributed across multiple state and federal regulators, creating a patchwork of charters firms need to understand and adhere to. 

At the federal level, there are numerous agencies charged with regulating and overseeing financial institutions in the United States. These include the Federal Reserve Board (FRB), the Securities and Exchange Commission (SEC), and the Federal Deposit Insurance Corp. (FDIC).

Unlike the UK and the EU, the US has not yet developed or formalized a legal regime for “open banking”. However, the Biden administration is urging the Consumer Financial Protection Bureau (CFPB) to establish regulations that “allow customers to download their banking data and take it with them”. As a result, further payment service regulations are expected to come into effect, especially related to digital assets and FinTechs. 

Due to rapid technological advancement, updated payment service regulations can be expected to continue for the foreseeable as jurisdictions seek to enhance payment structures, improve payment efficiency and safety, and future-proof regulatory frameworks in a way that promotes innovation. 

Payment service regulations in Singapore

Regulated by the Monetary Authority of Singapore (MAS), the Payment Services Act (PSA) took effect in 2020 to create a safe, innovative environment for FinTechs in Singapore. 

The PSA combines the previous Payment Systems (Oversight) Act 2006 and the Money-Changing and Remittance Businesses Act 1979 to create an “omnibus framework”, which covers both new and traditional licensable payment activities. 

Before the PSA, virtual currencies, cryptocurrencies, and utility tokens had not been defined in legislation in Singapore. However, with the commencement of the PSA, “digital payment token exchanges” now require a payment institution license from MAS and must comply with a range of AML/CFT requirements.

Explore our anti-money laundering solutions

Screen payments and onboard customers faster with confidence with our AML solutions.

Learn about our AML solution

The post Payment Service Regulations appeared first on ComplyAdvantage.

]]>
Old Dogs, New Tricks: How existing money laundering typologies are impacting the emerging FinTech landscape https://complyadvantage.com/insights/old-dogs-new-tricks-how-existing-money-laundering-typologies-are-impacting-the-emerging-fintech-landscape/ Tue, 30 Nov 2021 18:43:52 +0000 https://complyadvantag.wpengine.com/?p=55960 The way in which we interact with our banks has changed significantly over the past decade. Financial Technology firms (FinTechs) have enabled greater flexibility, not only in our choice of banking provider, but also in terms of how we access […]

The post Old Dogs, New Tricks: How existing money laundering typologies are impacting the emerging FinTech landscape appeared first on ComplyAdvantage.

]]>
The way in which we interact with our banks has changed significantly over the past decade. Financial Technology firms (FinTechs) have enabled greater flexibility, not only in our choice of banking provider, but also in terms of how we access and control our money. Where once it was necessary to visit a bank branch during office hours to deposit a cheque, we can now upload a picture directly from our smartphones at any time of day; or, we can instruct international payments from our couch; make a virtual asset trade whilst taking a walk; or even apply for a loan on the bus.

Whilst banking has changed to better suit the needs of the law-abiding general public, so too have the opportunities for those that wish to abuse and exploit the financial system. Advancements that have been designed to increase ease of use and expediency have in turn been targeted by criminals for exactly these design characteristics.

Money laundering is not a risk unique to FinTechs. However, some characteristics of the FinTech sector may carry higher financial crime risks without proper controls in place.

This paper will explore how existing money laundering typologies might impact the developing FinTech landscape. In support of this paper, an anonymised survey was conducted amongst a number of FinTech financial crime experts from around the world to understand how they perceive the current and future threats facing the financial industry.

Download the full report

 

The post Old Dogs, New Tricks: How existing money laundering typologies are impacting the emerging FinTech landscape appeared first on ComplyAdvantage.

]]>
AUSTRAC guidance tackles misuse of payment text fields https://complyadvantage.com/insights/austrac-guidance-tackles-misuse-of-payment-text-fields/ Fri, 26 Nov 2021 09:55:10 +0000 https://complyadvantag.wpengine.com/?p=55829 The Australian Transaction Reports and Analysis Centre (AUSTRAC) has released a new guide aimed at tackling the increasing misuse of transaction payment text fields by criminals. The guide, Preventing misuse and criminal communication through payment text fields, aims to raise […]

The post AUSTRAC guidance tackles misuse of payment text fields appeared first on ComplyAdvantage.

]]>
The Australian Transaction Reports and Analysis Centre (AUSTRAC) has released a new guide aimed at tackling the increasing misuse of transaction payment text fields by criminals.

The guide, Preventing misuse and criminal communication through payment text fields, aims to raise awareness of how criminals are using payment text to communicate with each other – or to harass, stalk or threaten victims – rather than for the purpose of transferring funds.

The growth of digital-first fintechs, alongside an increasing amount of data and number of payment platforms, has enabled larger character limits to be applied to payment text fields, and criminals are making use of this facility to carry out illegal activities. 

Common themes within payment text fields identified by AUSTRAC include:

  • Technology-facilitated abuse
  • Threats or extortion attempts
  • Criminal communication
  • Threats of suicide and self-harm

Additionally, communications involving child abuse, illicit drugs, firearms, ideologically-motivated extremism and outlaw motorcycle gang activity have been spotted. 

Westpac bank research shows that more than half (51%) of Australians have received some form of online abuse, including via email, mobile and social media channels. One in four (26%) admit to having used some form of inappropriate language in payment transactions.

The guide, created in collaboration with public-private partnership the Fintel Alliance, provides financial service providers with insight and examples to help them target, detect and disrupt this practice.

“Financial service providers should use indicators in this report and their own business knowledge to conduct further monitoring and identify if a suspicious matter report (SMR) needs to be submitted to AUSTRAC,” the guide states.

Guidance on identifying the misuse of payment text fields includes how to determine if text is a threat or a joke, the use of abbreviations and slang to hide meanings, references to self-harm and suicide, how emojis can be used to convey threatening or abusive messages, and how criminals can refer to a shipment of illicit goods or planned event in their messaging. 

Potential red flags to look out for include payments below $10, high frequency payments and relationship patterns, along with incorrect spellings and the use of slang. 

A real-world example describes how a 23-year-old man was identified by a financial services provider after sending 10 payments of less than $5 to a female victim. Messages within the payment text field asked the victim to contact him and threats to take his own life. After a report to AUSTRAC, police arrested and charged the man for breaching a Protection Order.

Key Takeaways

This guide highlights the importance of agility in transaction monitoring, which can be challenging for firms – what counts as suspicious activity for one customer may be normal business for another. 

With constantly changing typologies and global regulatory expectations, false positives can be common and the risk of missing illegal behavior increases. For example, slang words and emojis are not fields a firm would traditionally expect to have to screen for, and context can be a challenge. Managing high volumes of false positives and unfamiliar alerts can also impact a firm’s wider operational efficiency.

It also underlines some of the changing demands on transaction monitoring systems. Firms need to  weigh up whether building a transaction monitoring solution in-house is right for them, or whether buying a solution that will push through updates automatically to cover emerging anti-money laundering (AML) risks would be more cost effective and efficient in the long-run.

At 13-pages, the guide provides a quick and easily digestible format for compliance teams and is well worth a read. It should be assessed in the context of the firm’s own business/industry, as part of a wider risk-based approach.

The post AUSTRAC guidance tackles misuse of payment text fields appeared first on ComplyAdvantage.

]]>
IPT Africa’s false positives have been reduced by 60% https://complyadvantage.com/insights/ipt-africas-false-positives-have-been-reduced-by-60/ Tue, 02 Mar 2021 11:00:59 +0000 https://complyadvantag.wpengine.com/?post_type=resource&p=47842 IPT Africa’s compliance team can now make informed decisions about client risk, escalate potential high-risk cases, and take actions in real-time, which ultimately shortens the time it takes to onboard new customers.

The post IPT Africa’s false positives have been reduced by 60% appeared first on ComplyAdvantage.

]]>
The Company

IPT Africa is a regulated payment provider providing clients with the ability to manage and deliver payments from a single interface throughout the African continent. Covering all African currencies,in real time with full transparency on pricing and multiple delivery channels IPT offer a unique proposition for Corporate entities with African payment requirements.

Industry: Payments
Product: Customer Screening & Monitoring (CSOM)

The Challenge

IPT Africa, a Mauritius-based firm, partners with and provides services to companies located around the globe. They must comply with the regulations of several jurisdictions — and their compliance processes must be flexible and robust enough to adapt to regulatory changes as they happen. IPT Africa’s compliance team also handles a significant amount of data and found themselves hindered by a high number of false positives, which meant their team needed to expend a lot of manual effort when checking for risk.

IPT Africa benchmarked different AML vendors and took on board recommendations from clients and liquidity providers to ensure that their chosen provider would perfectly match their requirements. They selected ComplyAdvantage as their AML provider because their solutions offered real-time, automated insights and had a clear advantage over the market incumbents, whose solutions had become static and could not deal with ever-changing global regulations.

The Solution

IPT Africa’s use of the ComplyAdvantage platform enables them to efficiently screen and monitor prospective customers and current ones for risk against sanctions and watchlists, PEPs, and adverse media data. In partnering with ComplyAdvantage, IPT Africa has been able to move away from delayed flat file uploads and instead has configured automated monitoring. Their team can screen and monitor against real-time data so that they can be the first to know about critical changes in risk status. ComplyAdvantage’s solution also allows IPT Africa to ensure full regulatory compliance across all jurisdictions.

The Outcome

IPT Africa’s compliance team can now make informed decisions about client risk, escalate potential high-risk cases and take actions in real time, which ultimately shortens the time it takes to onboard new customers. False positives have also been reduced by 60%, dramatically reducing manual efforts and, therefore, freeing up time for their team to focus on other aspects of the business to scale the company.

Choosing ComplyAdvantage as our AML provider was the best decision we could have made for our business. A high number of false positives used to be a daily occurrence for our compliance team, who had to spend hours carefully reviewing each alert. Thanks to ComplyAdvantage, false positives have been reduced by 60%, which allows our team to focus their time and efforts on other aspects of the business that will help us grow.

— Mark O’Sullivan, Founder, IPT Africa

The post IPT Africa’s false positives have been reduced by 60% appeared first on ComplyAdvantage.

]]>
Earthport achieved high STP rate while effectively mitigating risk https://complyadvantage.com/insights/earthport-transaction-monitoring-case-study/ Thu, 11 Feb 2021 13:37:37 +0000 https://complyadvantag.wpengine.com/?post_type=resource&p=46948 The flexible, user-friendly transaction monitoring platform allows Earthport to easily incorporate the varied risk profiles of the many parties involved in an end-to-end international payments chain.

The post Earthport achieved high STP rate while effectively mitigating risk appeared first on ComplyAdvantage.

]]>
The Company

Earthport is a major payments company that provides its clients with access to a global payment network. The company processes $11 billion worth of transactions in over 65 countries each year.

Industry: Payments
Product: Transaction Monitoring

The Challenge

Earthport operates within a complex payments ecosystem that is exposed to varying degrees of risk. They work with a wide range of businesses — from small remittance companies to large global banks — all around the globe, many of which operate in high-risk areas. They needed a way to effectively monitor a high volume of transactions for financial crime risk without compromising on the efficiency of their internal processes or the customer experience.

The different business models operated by Earthport (FX, international settlement, etc.) each bring unique risks and associated compliance challenges. Against this complex backdrop, Earthport has committed to meeting aggressive growth targets and achieving the highest straight-through processing (STP) rate of the industry, while still identifying and reporting suspicious behavior. Furthermore, tight operating margins mean that operational efficiency is a must: manual resolutions must be kept to a minimum (with few false positives), and any alerts must be quick and easy to handle.

Earthport found that existing solutions in the market were not sufficiently flexible to fit their requirements and business model. Running out of options, they considered building a solution inhouse but knew it would be difficult to meet the high standards set internally and by the regulator while also continuing to devote sufficient technical resources to other core business priorities.

In ComplyAdvantage, Earthport has a unique partner with whom we work hand in hand, ensuring access to industry-leading transaction monitoring capabilities.

Earthport can specify which types of scenarios they’d like to screen for and, once configured properly, automatically monitor different segments of clients against those scenarios. This means Earthport can monitor risk more effectively while reducing the unnecessary false positive alerts that less tailored solutions would produce. It also empowers the business to meet differing compliance regime requirements and apply a proper risk-based approach to their business.

The ComplyAdvantage platform, which is designed to adapt to constantly changing rules, can be tested and tuned to meet current needs and improve efficiency over time. This ability to continually evolve the solution has ultimately freed up the compliance team’s time to focus on making decisions rather than executing manual tasks. Earthport has also improved reporting by utilizing the customizable case management and audit trail capabilities within the ComplyAdvantage platform.

Since going live with the ComplyAdvantage platform, Earthport has achieved its goals of maintaining a high STP rate while effectively mitigating risk. The management team, clients, banking partners and regulators are satisfied by the highly automated yet thorough anti-money laundering processes of the business enabled by ComplyAdvantage’s technology.

The system is simple to set up and use and flexible to fine-tune. Additionally, using a shared compliance infrastructure allows us to focus our technical resources on other core business activities.

Challenges

  • Multi-jurisdictional regulatory environment
  • High volumes of transactions
  • Multiple business models with unique risk profiles

Solution

  • Flexible Transaction Monitoring solution
  • Easy-to-configure risk scenarios
  • Partnership approach to implementation and support

Benefits

  • Tailored solution to meet complex regulatory requirements
  • Ability to implement a proper risk-based approach
  • Reduced false positives
  • Improved reporting and audit trail

The post Earthport achieved high STP rate while effectively mitigating risk appeared first on ComplyAdvantage.

]]>