Juan Zarate, a former Treasury official and now adviser to Coinbase, writes in his book Treasury’s War that “financial warfare…has started to form a central part of international security strategies.” By understanding the financial networks underpinning drug cartels, terrorist organizations and rogue nations, U.S. law enforcement and the Treasury Department have been able to pursue more sophisticated strategies aimed at disrupting them.
As a result of the widespread adoption of this approach, both in the U.S. and abroad, financial institutions around the world are held to higher standards than ever before with regard to detecting, reporting and mitigating financial crime. This is viewed by many businesses as a burdensome and costly task. Complaints about Know Your Customer (KYC) and Anti-Money Laundering (AML) controls in particular are common. Fintech companies, however, ought to recognize an opportunity to seize a competitive advantage.
Banks are generally weak with regard to financial crimes compliance, including AML/KYC controls and related operations such as information security and fraud prevention. The Department of Justice, for example, recently stated that the controls at HSBC were so bad that revealing them could potentially cause “serious criminal activity.” Some went so far as to question whether HSBC is so large and complex that it is inherently impossible to govern.
In an unrelated piece about the ongoing sanctions compliance issues at Standard Chartered, the Financial Times highlighted two major causes of the bank’s headaches: a culture of disdain for American banking regulations and poor technology. Cultural and technological failures are industry-wide characteristics in banking, and they present a ripe target for fintech to gain an advantage.
Financial crime prevention can broadly be said to consist of three parts: reporting, intelligence and enforcement. Enforcement is, and always will fall under, the purview of governmental agencies and thus should only interest businesses tangentially. Intelligence and reporting, however, are naturally interrelated functions and give rise to business concerns due to regulatory requirements. Without a sound idea of what activity merits reporting, many institutions blindly generate tens of thousands of reports annually, several of which are very low-quality and of little use to law enforcement.
Cultural and technological failures are industry-wide characteristics in banking.
A recent discussion of flaws in the United Kingdom’s AML laws pointed out that in that country, more than 350,000 Suspicious Activity Reports (SARs) were filed in a year, resulting in law enforcement agencies being “overwhelmed.” This shotgun approach significantly reduces the value of reports in terms of mitigating risk to the institution, and often requires the mass hiring of expensive and often ineffective workers.
There are several reasons to think that fintech as an industry can and should do better. To begin with, regulators are beginning to pay more attention to their products and practices. John A. Cassara, a former Treasury Special Agent, recently wrote an excellent piece praising measures by the small African nation of Lesotho to regulate mobile payments and calling for the same in Western countries.
Innovative products in the financial space will ultimately run into regulators, and fintech companies need to be prepared for it. As Matt Levine wrote, “Tech is an industry of moving fast and breaking things. Finance is an industry of moving fast, breaking things, being mired in years of litigation, paying 10-digit fines, and ruefully promising to move slower and break fewer things in the future.”
But preparation aside, there are even greater advantages to be had by winning in this area. Fintech firms are technologically equipped to understand the activity occurring through their products in a way that banks simply are not, and thus they are better positioned to provide law enforcement with useful intelligence as opposed to scattershot reporting.
Aside from the usual advantages of pleasing regulators, behaving this way will squeeze traditional financial institutions on two fronts. First, it will drive standards in the industry, forcing them to invest more “dumb money” in areas where they are already grossly inefficient. Second, it will leave fintech businesses less exposed to the record-setting fines that are hamstringing banks. Driving these two costs will further decrease margins in vulnerable aspects of banks’ businesses. This will ultimately provide an opportunity for fintech firms to obtain another competitive advantage over traditional financial firms.