The UK and EU are leveraging advanced analytics solutions to address emerging money laundering and terrorism financing risks and strengthen anti-money laundering efforts, but supervisors are concerned about the payment sector’s use of new technologies, crypto assets, and AI.
The payment services market has experienced significant growth and change in recent years. In the UK, 40.4 billion payments were made in 2021, which marks a return to pre-pandemic levels after a significant drop in 2020 due to COVID-19 lockdowns. Almost nine out of 10 payments were made by consumers, and 57% of all payments were done using cards, with 66% of those being contactless transactions. This shows the increasing popularity and ease of modern payment methods.
In the EU, there has been steady and positive growth in electronic payments. In 2021, the total value of electronic payments reached a substantial €240 trillion, compared to €84.2 trillion in 2017. This growth was further boosted by the impact of the COVID-19 pandemic. Electronic payments are becoming increasingly popular and reliable, bringing convenience and ease to financial transactions.
As digital payments continue to grow, so does the concern about the rise in financial crime related to these transactions. Criminals are increasingly exploiting digital payment channels for money laundering and fraud, necessitating stronger security measures to safeguard against these risks.
While most financial platforms have strict know-your-customer (KYC) requirements (including customer identification, verification, and ongoing monitoring), others have less rigorous oversight when opening and operating accounts. Unfortunately, these differences can create opportunities for financial criminals to exploit.
Crucially, an increasing number of customers now prefer digital and contactless payments, as well as remote onboarding capabilities. The rising transaction volumes has put pressure on systems to effectively identify and manage the risks without causing friction in the customer experience. Striking the right balance between risk management and customer satisfaction becomes paramount in this dynamic landscape.
Following the passing of the Economic Crime (Transparency and Enforcement) Act through Parliament in March 2022, the UK government quickly introduced the Economic Crime and Corporate Transparency Bill in September 2022.
The aim of the Economic Crime and Corporate Transparency Bill is to “strengthen the UK’s reputation as a place where legitimate business can thrive, whilst driving dirty money out of the UK”.
The bill introduces various important features that will affect how payment service providers manage their financial crime risk. It will also impact the systems and tools they use to that effect and how these are arranged to form a control framework. Among others, these measures include:
The main goal of this bill is to enhance the accuracy of Companies House data, which will help in making better business decisions and conducting more effective law enforcement investigations. Additionally, the bill grants enforcement agencies more authority to seize and recover suspicious criminal crypto assets. This adds a new layer of enforcement to fight financial crime more effectively.
The bill aligns closely with the UK’s Economic Crime Plan 2, covering the period 2023-2026. The plan focuses on several key areas, such as improving data acquisition and validation from customers to prevent the misuse of corporate structures. It also emphasises enhancing intelligence, feedback, and analysis to strengthen efforts against economic crime.
Furthermore, the plan introduces new ideas, like promoting the use of the latest technology in law enforcement agencies and establishing a new Crypto Cell. The Crypto Cell will bring together the expertise and enforcement tools of law enforcement agencies and regulators to effectively combat the criminal abuse of crypto assets.
In 2022, the European Banking Association (EBA) conducted an assessment of money laundering and terrorism financing risks in the payments sector. With almost 900 authorised payment institutions in the EU, supervisors responsible for anti-money laundering and counter-terrorism financing perceive this sector to pose a significant inherent risk. They also express strong concerns that the existing systems and controls within the payment institutions sector may not be strong enough to mitigate these risks.
The assessment identified various risks, particularly concerning gambling companies and crypto asset service providers. Additionally, traditional cash-intensive businesses with occasional transactions, rather than established business relationship, were highlighted as potential sources of risk.
It is noteworthy that many EU member states’ national risk assessments (NRAs) have identified higher risks of money laundering and terrorism financing when payment institutions use new technologies and offer new services. This finding is supported by responses from supervisors responsible for anti-money laundering and terrorism financing.
The risk of money laundering and terrorist financing increases with the use of new technologies for remote customer onboarding, transactions involving crypto assets, and the application of AI for individual risk scoring and transaction monitoring. These areas are still not fully understood, which contributes to the higher risk level associated with them.
In terms of emerging risks, several Anti-Money Laundering and Counter-Terrorism Financing supervisors have expressed concerns about the rising trend of ‘white labelling’.
White labelling in payments institutions refers to a business arrangement where one payment service provider (PSP) offers its services, products, or technology to another company under their own branding. The white label company, typically a smaller or newer PSP, benefits from offering a comprehensive payment solution without the need to develop its own infrastructure from scratch.
Meanwhile, the original PSP, acting as the white label provider, gains increased market reach and exposure by enabling other institutions to offer their payment services under their brand. This can lead to an increase in money laundering and terrorist financing risk exposure which the payment institution may be ill-equipped to manage.
Based on the above overviews for both the UK and EU, it is evident that there is an ongoing effort to adapt regulations and technology to address the emerging risks in the post-COVID 19 world.
However, within these, there are two fundamental approaches with distinct focuses.
In the UK, there is a significant emphasis on keeping corporate registries open and improving data quality to enhance prevention and detection measures. On the other hand, the EU’s approach centres around overall risk management and controls, with a focus on matching technology with emerging risks, particularly those associated with remote onboarding and virtual currencies.
Despite these differences, both regions are likely to rely on advanced analytics solutions for their strategies. The UK aims to use better data to prevent the abuse of corporate structures commonly used in money laundering. Meanwhile, the EU seeks to mitigate risks in customer onboarding and transactions through technology.
In summary, both the UK and EU are actively addressing the challenges posed by the evolving landscape, using advanced analytics to strengthen their anti-money laundering and risk management efforts.
Francisco Mainez, director of financial crime and regulatory transformation, Lucinity
Log in to access complimentary passes or discounts and access exclusive content as part of your membership. An auto-login link will be sent directly to your email.
We use an auto-login link to ensure optimum security for your members hub. Simply enter your professional work e-mail address into the input area and you’ll receive a link to directly access your account.
Instead of using passwords, we e-mail you a link to log in to the site. This allows us to automatically verify you and apply member benefits based on your e-mail domain name.
Please click the button below which relates to the issue you’re having.
Sometimes our e-mails end up in spam. Make sure to check your spam folder for e-mails from The Payments Association
Most modern e-mail clients now separate e-mails into different tabs. For example, Outlook has an “Other” tab, and Gmail has tabs for different types of e-mails, such as promotional.
For security reasons the link will expire after 60 minutes. Try submitting the login form again and wait a few seconds for the e-mail to arrive.
The link will only work one time – once it’s been clicked, the link won’t log you in again. Instead, you’ll need to go back to the login screen and generate a new link.
Make sure you’re clicking the link on the most recent e-mail that’s been sent to you. We recommend deleting the e-mail once you’ve clicked the link.
Some security systems will automatically click on links in e-mails to check for phishing, malware, viruses and other malicious threats. If these have been clicked, it won’t work when you try to click on the link.
For security reasons, e-mail address changes can only be complete by your Member Engagement Manager. Please contact the team directly for further help.
