SANDRA

By Sandra Nebritova

Fintechs have been around for a long time now, but in the last three years, they have been the buzz of the financial industry.

Digital wallets, payment gateways, cryptocurrencies – the market has been changing immensely and rapidly.

The key to their success lies in innovation and, of course, convenience – the simpler the processes are for the consumers, the more attractive they are.

Innovation is always appealing, but it should be pointed out that when an industry grows, especially a financial one – it gets noticed by those who are likely to take advantage of it.

Fintechs are vulnerable to money laundering, fraud, and cyber-attacks just as any other traditional financial institution.

The online environment could even raise the risks higher, and some of these risks are unique for this industry.

What are the main challenges that FinTechs are facing?

Fraud

As the business model requires constant online access, it becomes vulnerable to fraudsters and cybercriminals.

Data theft, scams, transfer of confidential information, denial of service, malware – the list goes on.

Since the pandemic started, a huge number of consumers switched to an online life.

Zoom meetings, subscriptions to new apps, online shopping – apart from making it easier to live through the lockdowns-also attracted criminals who keep finding new ways to break into our digital world.

To prevent this, fintech must gear up with sophisticated software, firewalls and security policies and do whatever it takes to protect their consumers from such attacks so that we all feel safe while using their services.

Regulatory Risks

The industry has been developing fast, and at some point, the regulators could not keep abreast.

However, they are picking up the pace. There are new regulations and laws in the pipeline explicitly targeting fintech.

As new products and services emerge, those need to be analysed and risk-scored.

Sometimes, the company itself cannot grasp all the possible risks, so the regulators are trying to step up and set a benchmark.

Fintechs must continuously be up to date with any regulatory changes and ensure that any requirements are implemented into their processes.

The more compliant a business is – the fewer risks there are to run it into the ground, as lawsuits and regulatory fines can ruin any company.

AML Risks

No matter which services fintechs provide, whether it is payment gateways, card issuers, micro-loans – it is still in the financial sector.

These service providers are processing vast amounts of data and money transfers daily.

What made them so successful in the first place? The easy onboarding of clients.

Instead of spending hours filling in applications for banks and similar institutions and then preparing all the necessary documentation for weeks, fintech introduced a seamless process of onboarding the client.

But for this very reason, it might raise more concerns regarding money-laundering. Are the Know Your Customer (KYC) policies sufficient? Are the transactions monitored enough?

While everyone appreciates the fact that we do not need to spend all this time just to get accepted as a client, there still should not be any cutting of the edges.

Fintechs must make sure that their AML policies are effective and capable of spotting things that are not right and keeping any possible crime out of their business.

It is a difficult job, but as these companies are one of the most innovative ones, surely, they can make the most of their resources to tackle the task, understanding the importance of that.

So, is fintech here to stay and make our lives simpler?

It certainly is, if the risks are analysed and managed correctly – there is no reason to go back to the old ways.

This post was originally published on https://www.financialmirror.com/2020/10/23/cysec-embraces-innovation/

Sandra Nebritova is a certified AML specialist

[email protected]

By Sandra Nebritova

This month, the Securities and Exchange Commission (CySEC) published a consultation paper on improving the facilitation of customer due diligence with innovative technologies.

This opens a completely new chapter for the obliged entities.

The regulator is inviting their obliged entities to speak out, assess and introduce instruments that can make them more competitive, save time and make the customer experience by far better than it used to be.

CySEC is willing to allow Companies to use RegTech, to make their internal processes and legal obligations more advanced and rapid.

Moreover, they are giving the chance for the companies to understand and evaluate whether they, actually will be able to use this option and still stay compliant.

What is customer due diligence?

The companies have an obligation to know who their customer is, and they need to be able to prove that.

This normally happens by collecting identification documents such as passport copies, utility bills and so on.

This becomes tricky when you have non-face-to-face clients, as while you might receive the necessary documents, it is very difficult to assert that the person, who is actually using the services is the same as the one for whom the documents have been provided.

Traditionally, such accounts have been classified as high risk due to that reason.

As we work globally, the majority of companies are interested in accepting clients from different jurisdictions.

The fact, that Cyprus is a member of the European Union does automatically mean, that companies based on the island, do not want to limit themselves just to local clientele.

The writer is a certified AML specialist.

This post was originally published on https://www.financialmirror.com/2020/10/23/cysec-embraces-innovation/

Last week, the Swedish Financial Regulator issued yet another fine to SEB Bank – worth 1 billion Swedish Krona (€95.2 mln), one of the biggest fines in the regulator’s history.

The fine is based on the results of investigations into the bank’s operations in the Baltic states –  Latvia, Lithuania, and Estonia.

In December 2019, the bank received a fine of €1.79 mln from the Financial and Capital Market Commission of Latvia and the reasons for the fine were quite similar – deficiencies in the anti-money laundering controls and sanctions violation.

So, what was happening behind the scenes?

The Swedish regulator stated several problems.

One of them, that the bank has insufficient resources for monitoring clients and transactions.

This means that either the systems used by the bank created too many alerts or not enough – due to incorrect risk calculations.

This also might mean that the bank did not have sufficient staff to process all the necessary work.

Another reason mentioned was a large number of their clients were non-residents or residents with non-resident beneficiaries.

Those relationships should have gone through a scrutinised due-diligence process and risk assessment.

Failing to apply all the necessary controls left the operations exposed to money-laundering.

While there is no crime in onboarding non-resident clients, there are particular risks associated with it.

Therefore, such relationships, require more analysis, additional documentation and, of course, time.

Opening an account for a resident might take less than a week, but for non-residents, it may take even longer than a month.

Cyprus found itself in a similar situation not so long ago, when all the banks started reviewing their existing relationships with non-residents and applying additional controls and requirements for such accounts.

It became much harder to open corporate accounts, sometimes, even impossible. This especially affected Russian businesses on the island.

Obviously, excluding such clients, who are quite often high-net-worth, is a loss for banks.

But, surely, it is better than receiving huge regulatory fines and tainting the reputation of the financial institution.

Sandra Nebritova is a Certified AML Specialist

This post was originally published on https://www.financialmirror.com/2020/07/04/sweden-issues-hefty-fine-to-seb-bank-for-aml-breach/

By Sandra Nebritova

Cyprus is one of those countries that actively advertises its real estate market and offers additional perks that can come with the purchase – such as residence permit or even a passport.

Unfortunately, sometimes, this attracts the wrong people.

Or how many times have we heard of arrangements with the developers, paying certain amounts under the table.

All these practices may put the whole sector at risk as there is a chance that the funds used might be of a criminal source.

Looking at recently introduced practices in Germany and their anti-money laundering (AML) framework, and particularly how they are dealing with money laundering threats in the real estate sector, gives an excellent example on how things could be done in Cyprus.

One of the reasons why Germany decided to implement strict rules on buying real estate was the result of the investigations into the Frankfurt real estate market that dominated news headlines for many months.

The investigation clearly showed that bribes, tax evasion and fake invoices were “business as usual” in the world of real estate agents and construction companies.

This prompted the lawmakers to review their legislation and implement changes in their AML framework and their tax law in order to make real estate less attractive for money laundering.

So, what kind of procedures have they implemented?

In Germany, no real estate transaction can take place without a notary, therefore Germany has chosen to put quite a lot of responsibilities regards to prevention of money laundering specifically on notaries.

A special guideline has been issued to notaries on money laundering risks and how to mitigate them, as well as how to submit suspicious transaction reports.

The guideline is written in the best of German traditions – extremely precise, dotting all the i’s and crossing all the t’s.

It should be noted that the system used for submission of such reports, is the same as the one being used in Cyprus.

Notaries are now required to assess the risk, understand the control structure, and identify the ultimate beneficial owner (UBO).

This should be done of all the parties that are entering the agreement (e.g. buyer and seller).

The UBO should always be known and in the event that the notary is having difficulties obtaining that information – no further services can be provided.

In the event that the UBO is a politically exposed person or falls under high risk for other reasons, the notary should also obtain the source of funds, which would in turn, show where the funds are coming from and whether there could be any doubts about their legality.

Should Cyprus follow the same path?

While we do not have a practice of using the services of a notary, perhaps this could be substituted by another body, that would play a similar role.

Surely, this would require a lot of work and law amendments that always seem to take a long time, however, the result would be worth waiting for.

The author is a Certified AML specialist

This post was originally published on https://www.financialmirror.com/2020/06/27/german-lesson-for-cyprus-in-property-transactions/