The flow of money is fundamental to modern-day commerce – businesses of all sizes, from local to global, rely on both cash and non-cash transactions. However, when the payment is made, we rarely stop to consider how funds are moved from one person or business to another.

The way money flows and is cleared is changing, driven by customer needs and enabled by advancing technology. This brings opportunities as it gives customers more choice and encourages competition, but it also creates challenges: how can transactions be monitored in the face of borderless, anonymous internet and the fact that financial crime, money laundering and tax evasion are all global activities? There is a need to properly oversee the transactions taking place without smothering technical and business innovation or compromising privacy.

Central to effective monitoring of movement of funds is the need for financial institutions to clearly understand ownership and control of accounts, and of the assets passing through those accounts. Therefore, enabling the anonymous movement of funds and complication of ownership creates a material challenge to combating misuse and criminal activity. Similarly, the movement of funds across international borders and value transfer between asset classes further complicate asset-tracing and financial investigation.

Changing business models and technology innovation are enabling new entrants to join the payments market, and giving rise to alternative means of transferring value, such as new internet-based mobile and card methods of payment. Some of these are not subject to traditional monitoring and some may bypass clearing altogether. This can be further complicated when providers do not have a physical location in the jurisdiction of payment, and the value transfer is not in a recognised currency, managed by a lawful authority.

The technical and business innovations that are driving innovative payment methods and providing options for customers are exciting and should be encouraged. However, new ways of making payments can provide options for anonymous movement of funds, in some cases across geographic boundaries which are open to abuse. When looking at the challenges being faced, areas of particular concern include:

• Aggregated transactions and the consequential concerns related to correspondent banking partners, where a single correspondent transaction can include several transactions. In this case, it is only the single ‘main’ transaction that would be screened; any smaller transactions ‘bundled’ within that main transaction would not be exposed to traditional monitoring. In this case, the facilitating bank or service provider relies on the screening and controls of the initiator of the main transaction. As such there is an increased risk of anonymity for the source of the individual bundled transactions.

• Transactions for which some part of the path uses a non-bank or non-traditional transfer mechanism. In some cases, these currencies are intended to be one-way, that is, once the value is transferred into the virtual environment, it is not intended to be transferred back into the real world, and the creators of these currencies forbid use outside the virtual world for which they are intended. A similar challenge exists with phone payments in which a payment is converted into a deferred benefit (phone credit) and subsequently refunded with the refund diverted to a third party.

New internet-based mobile and card methods of payment ... are not subject to traditional monitoring and some may bypass clearing altogether

• Transactions which do not touch ‘traditional’ financial services infrastructure at all, such as transfers effected using virtual eCurrencies where the virtual currency can be exchanged for goods and services without being converted into a ‘real’ currency for clearing purposes, and so do not pass through any bank or other regulated financial services infrastructure. Related to this, the growth of social media and other online activity creates increased opportunity for fraud through criminal acquisition of personal details, including financial information such as credit card data.

Banks

The increasing profile of alternative means of making payment is likely to increase the scrutiny on Anti-Money Laundering/Combating the Financing of Terrorism (AML/CFT) and sanctions screening measures that banks have already in place.

Questions may be raised as to whether existing measures are sufficient in the face of emerging methods of making payments and transferring value. The banks should review the levels of diligence they apply to other parties in the chain, and where appropriate may need to broaden or deepen these activities, and adjust their risk models and the supporting systems to allow for these changes.

Similarly, when new products are launched, is there an appropriate assessment to understand AML/CFT and Sanctions risk and are these risks appropriately mitigated in the bank’s Know Your Customer (KYC), Transaction Monitoring, Customer Screening and Payment Filtering controls? To what extent do current assessments recognise the potential risks associated with alternative forms of money movement? Having ready access to the applicable information is core to robust diligence. To what extent do accessible data and management information provide the necessary transparency along the path followed by the value transfer? What additional data would it be prudent to gather from participants – both existing and new?

With these questions in mind, banks and other service providers should look critically at the systems and controls that they have in place. They should run potential scenarios across IT, operations and business in the context of new modes of money transfer that are enabled one way or another by banking infrastructure and ‘test’ the robustness of those current measures with a view to identifying and closing loopholes.

Other participants

Non-financial institutions (Non-FIs), such as mobile phone providers, all providers of gaming services and app producers, are increasingly becoming involved in alternative means of making payment. Therefore, they must shoulder some of the responsibility for minimising opportunities for abusing the services they provide as is the case with more traditional non-financial services businesses, such as law firms, accountancy firms, auction houses, precious stone dealers and casinos.

The parties involved must rely on each other’s systems and controls, and as such must demand a minimal level of transparency with respect to systems and controls to gain confidence in their adequacy. Non-FI participants should now be looking at how they play in the end-to-end chain of money movement and identifying, and putting in place the necessary measures of screening and control, perhaps in collaboration with their banking partners.

The questions that they would need to ask at this stage include: What information/data should be gathered and examined? What information should be supplied to others? How should reporting be managed, and to what degree can this be automated? How can this be done while maintaining the necessary levels of privacy for those involved?

Collaboration and coordination

Given the speed at which technology is moving, action must be taken quickly and must be characterised by collaboration and coordination across industries and geographic boundaries. This should not be seen as a narrow regulatory issue; all parties will need to consider the material impact on their business models, IT and operations as they seek to overcome these challenges. However, neither should it be viewed in isolation of the broader regulatory agenda: businesses that view regulatory change as a portfolio to be managed coherently will be best placed to benefit from any synergies.

Businesses and regulators across geographies must work together to plot a way forward that encourages legitimate use of alternative payment methods and ongoing innovation, while reducing the risk of abuse for criminal purposes.

This article summarises complex issues and is not intended to be a substitute for detailed research or the exercise of professional judgement. Neither the authors nor the global Ernst & Young organisation or any of its member firms can accept any responsibility for loss related to any person acting on the information in this article.

Joette Mallia is a manager and Colin Pickard is a director in EY’s EMEIA Financial Services Advisory team.

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.