FinTech and RegTech – What Next for Financial Crime’s International Standard Setter?

The Financial Action Task Force (FATF), the global standard-setter for anti-money laundering (AML) and counterterrorist finance (CTF), in May brought together more than 150 delegates for its most in-depth discussion to-date on FinTech and RegTech.

Both are fast-moving sectors in the technology industry, championed as tools that facilitate more effective compliance with a complex international regulatory framework. However, some view them with caution and as an unknown entity, posing potential risks to the integrity of the existing financial system.

The San José forum’s purpose was, therefore, to raise awareness of how technological innovations in payments and regulation are reshaping the financial services landscape, in terms of both opportunity and risk. Crucially, it was discussed whether or not the FATF Recommendations as they stand now sufficiently cover these emerging, non-traditional products.

The forum heard from a range of experts with experiences of new technologies, including: national approaches to AML supervision of the products; the impact of FinTech on information sharing (through distributed ledger technology such as Blockchain); the innovative ways this sector is approaching risk management; and the use of RegTech software, such as machine learning and artificial intelligence (AI), to tackle money laundering and terrorist finance more effectively and conduct customer due diligence more efficiently.

FATF has come a long way since its president, Juan Manuel Vega-Serrano, announced last year that FinTech and RegTech would be prioritised in its activities.

The forum assembled regulators, technology firms (both start-up and legacy), as well as traditional financial service companies, underlining that these events work best when a mixture of public and private sector actors come together to reflect on the key issues facing the financial system.

FinTech and RegTech encompass a broad cross-section of actors, whose needs are likely to be wide-ranging. Thus, this dialogue, in particular embracing start-ups in order to understand their priorities, must be maintained beyond this year’s Spanish presidency. 

The forum viewed the new technologies in overwhelmingly positive terms, with a focus on their potential as opposed to adopting a simplistic view of new technology as de facto high-risk.

This was clear throughout presentations from national regulators, some of whom are leading the way in promoting innovation. The Monetary Authority of Singapore, for instance, has developed a ‘regulatory sandbox’, which allows for experimentation, much like the UK Financial Conduct Authority’s Project Innovate.

There are, however, potential vulnerabilities inherent in the sector. RUSI’s FinTech FinCrime Exchange (FFE), run in partnership with FINTRAIL, a financial crime risk management consultancy, presented on both the risks and opportunities observed during six months of industry engagement.

RUSI has identified some immediate financial crime risks FATF should consider, including those posed by those using the products to commit fraud, the use of third-party vendors, who may not be fully verified, to conduct certain aspects of the business, as well as the speed with which customers can sign up to a product.

A ‘frictionless’ customer experience is the unique selling point of most FinTechs, unlike the cumbersome processes employed by traditional banks to gain accounts. Start-ups may also be more vulnerable, particularly if customer due diligence checks are more limited. It is these weaknesses that criminals will look to exploit.

There needs to be dynamic in thinking about future threats, rather than viewing the sector through the behaviours and typologies that are already understood. Myopia means that signs might be missed which has led in the past to law enforcement often playing catch-up to criminals.

The forum also discussed the innovative ways in which FinTechs have approached AML/CTF, many of which have built in-house solutions using AI and machine learning to monitor transactions and vet customers.

The FFE has already benefited from information and typology sharing – demonstrating the utility in making financial crime mitigation non-competitive, particularly for such a new industry.

FATF published its ‘San José Principles’ following the forum, which included: fighting terrorism and money laundering as a common goal; public–private sector engagement; pursuing positive and responsible innovation; setting clear regulatory expectations and smart regulation; and finally, fair and consistent regulation.

While there is nothing to disagree with in these principles, they are somewhat generic. A more precise understanding of where FATF takes this topic next would be welcome. For example, will specific advice be given to key stakeholders regarding regulation? Is FATF considering updating its Recommendations to reflect more accurately the nature of the FinTech and RegTech sector, or will it seek to apply the existing guidance?

FATF should therefore produce a guidance paper on FinTech and RegTech in order to ensure global harmonisation. This would include providing basic definitions on the different technologies on offer, detailing how national regulators should be approaching regulation.

It will also need to look at how tech firms can best comply with international AML/CTF expectations without stifling innovation and the opportunity to improve the current compliance system for all involved. While there are evidently gaps in understanding on both sides that need to be filled, FATF is well placed to provide this clarity.

Ultimately, FATF and those at the forum have the same objective: to tackle financial crime in an effective and efficient manner to maintain the integrity of the financial system without producing unintended, negative consequences.

This message is often lost when the emphasis shifts towards how best to satisfy regulators, and a tick-box approach to compliance becomes the status quo.

It is therefore imperative that a thorough assessment of the transformative possibilities of technology in tackling financial crime is taken, and that organisations such as FATF and national regulators drive forward innovation as a means not only of making the financial system more efficient for its users, but also more effective at disrupting and reducing the harm that illicit financial flows cause to the same system.