FATF reports on money laundering and terrorist financing risks for FinTechs

In a speech at the XXV International Financial Congress in St Petersburg on 1 July 2016, David Lewis, FATF Executive Secretary, highlighted the risks and opportunities of FinTech with a view to anti-money laundering and combatting the financing of terrorism.

Lewis gave a brief overview of FATF and its work and eluded to the importance of financial inclusion for anti-money laundering and terrorist financing before commenting on the risks and opportunities of FinTech.

He said that technological innovations in financial services have the potential to dramatically improve financial integrity and stability. They reduce dependency on the small number of global financial institutions, where risk is currently most concentrated. They provide new and more robust ways to increase the transparency of transactions.

At the same time, they are increasing financial inclusion, which is a prerequisite to being able to detect and disrupt money laundering and terrorist financing.

In terms of the fundamentals of anti money laundering – customer due diligence, knowing the source and destination of money flows and identifying suspicious activity – these technological innovations provide an opportunity to bring AML into the 21st century.

This fall into two categories, RegTech, which can make customer identification more robust and effective, and FinTech, covering the provision of financial services in new innovative ways.

He stated that we have yet to see the bigger banks adopt RegTech, partly as they are chained to legacy systems. The banks are being left behind as innovators in countries such as India and in Africa lead the introduction of such systems. This is especially important in developing countries where customer due diligence based on names and addresses is just not possible.

In a time when teenagers can create false IDs on their computers in their bedrooms in minutes, the value of customer identification using photo ID cards is becoming increasingly limited. At the same time these teenagers are posting everything about ourselves on the Internet and through a myriad of devices, and are leaving a unique digital footprint. This would create the possibility to exploit FinTech and RegTech to update and substantially improve customer due diligence.

But the speed at which these innovations are coming to the market and with little awareness or consideration of the regulatory requirements for financial services, means according to the Executive Secretary that we are in danger of failing to recognize and mitigate the risks, design risk mitigation measures and exploit these opportunities.

The greatest risks of FinTech are often the lack of oversight or governance and the anonymity they can provide, a characteristic they share with cash. While cash is still king for criminals and terrorists, we ought to be careful that FinTech does not become the method of choice for criminals and terrorists to move money, said Lewis.

 

money-1050403_1280

 

He further highlighted that we are seeing increasing use of online payments, including through social media, mobile services, pre-paid cards and virtual currencies by organised crime groups, paedophiles and most recently, ISIL and foreign terrorist fighters. From that regulators learned for example that the terrorists that attacked Paris last year used pre-paid cards to rent cars and accommodation.

Lewis also provided three case studies to illustrate some of the risks we are seeing in this area.

The first is from Saudi Arabia and includes social network fundraising with pre paid cards.

Individuals associated with ISIL called for donations via Twitter and asked the donors to contact them through Skype. Once on Skype, those individuals asked donors to buy an international prepaid card and send them the number of this prepaid card via Skype. Then, the fundraiser sent this card number to one of his followers in a neighbouring country from Syria, who would sell this card number at a lower price and give the cash proceeds to ISIL.

The second is from Russia and includes large-scale crowdfunding scheme, with e-wallets

A group organised a scheme to raise funds via social networks and the internet. They registered numerous e-wallets, credit cards and mobile phone numbers. The details were placed on the internet (including social networks) under the pretext of collecting donations for Syrian refugees, people in need of medical and financial aid, and for the construction of mosques, schools and kindergartens. Investigations showed the funds were sent to support terrorists and their families. The money was sent either to credit card accounts or to e-wallets. Collected funds were moved through a chain of transfers and were withdrawn in cash to be further transported by couriers. The payment instruments were managed via the internet (using mobile devices as well).

And the final one is from the United States and concerns the promotion of virtual currency to fund terrorism.

In August 2015, Ali Shukri Amin was sentenced to 11 years in prison. Amin pleaded guilty
to using Twitter to provide advice and encouragement to ISIL and its supporters. Amin provided instructions on how to use Bitcoin to mask the provision of funds to ISIL, and facilitate the travel of ISIL supporters to Syria to fight with ISIL. Amin used Twitter to publicize an article he had written entitled Bitcoin and the Charity of Jihad. The article suggested using Dark Wallet, a new bitcoin wallet, which keeps the user of bitcoins anonymous. It included advice on how to set up an anonymous donations system to send money, using bitcoin, to the mujahedeen.

Lewis concluded his speech with an outlook on the FATF future strategy for FinTech and the role of regulation. He stated that the FATF recognizes the risks but also the opportunities that FinTech offers. He pointed out that his organisation has already produced guidance on new payment products and services and that it is closely tracking the use of Fintech by terrorists.

He stated that FATF recognizes that AML/CFT can be one of the many regulatory barriers that FinTechs need to jump in order to come to the market and grow and that FATF knows that it is in its interest to help Fintech overcome these hurdles, while at the same time helping them identify and consider the risks in their business models.

To this end in the next year, FATF plans to foster a much closer dialogue between regulators globally and the Fintech – and also RegTech – community. FATF will create a forum to help Fintech talk to regulators and so that AML authorities can work with Fintech providers as they develop new business models. The objective is to increase awareness on all sides, to identify risks and design risk mitigation measures.

He highlighted though that the most important thing is to maintain financial transparency, and that the authorities continue to be able to follow the money of criminals and terrorists, from sender to receiver.

At the same time RegTech offers opportunities to reduce the cost of compliance and improve the efficiency and effectiveness of customer due diligence. These solutions will help big and small players alike to provide financial services safely and transparently, and support growth and innovation.

The FATF speech and related information can be found here.