Tech not delivering better fincrime controls consistently — regulators     

Financial services and payment firms do not always implement anti-fraud technology correctly, which can sometimes make their exposure to fraud and financial crime worse, European Union and UK regulators told a Pay360 audience on March 25.

Regulators are concerned that technology is not consistently delivering better financial crime controls. While they are keen for firms to use technology, they say they also see many examples of it being used ineffectively.

Carolin Gardner, head of the anti-money laundering and countering the financing of terrorism (AML/CFT) unit at the European Banking Authority, said: “Here in the EU we are consulting on new rules in the AML/CFT space, and we have been explicit that technology is something that we absolutely favour. But — and this is a really big but — having technology or using new technologies is not the same as having effective systems and controls in place.”

Through monitoring its EuReCa EU-wide AML/CFT database, the EBA has spotted a sharp increase in the number of adverse inspection findings and enforcement cases at financial institutions that use technology unthinkingly. This can sometimes increase their exposure to financial crime, Gardner said.

“Itʼs important that using technology is not equated with having automatically better control. What we have seen, for example, is technology being used without being tested properly, technology that is not fit for purpose, and technology that is not properly understood,” she added.

“Financial institutions should use technology, but make sure they use it responsibly.”

Off the shelf

Effective technology is available to reduce fraud and other financial crimes, said David Geale, interim managing director at the UK’s Payment Systems Regulator. Fraudsters use technology — so firms should also be using it to stay ahead.

“Weʼve seen firms taking steps to partner with other organisations to try and get ahead of fraudsters,” he said. “But often what we see is firms taking the solution off the shelf, and thatʼs it.” Testing systems and adapting them to the firm’s business model so that the technology can function effectively is also critical, he added.

“People sometimes forget [that] it’s all very well to spot fraud, but what do you do when you’ve found it? I would say that the systems and controls are actually encouraging you to understand your business model, and pick the right solutions for your business, adapt them as necessary and have the proper processes in place to deal with the ensuing results,” Geale said.