News

Britain’s financial regulator has warned online lenders and other “challenger banks” to remedy common weaknesses in their customer risk assessments, suspicious-transaction-reporting processes and other aspects of their compliance programs.

After reviewing six of the banks last year, the U.K. Financial Conduct Authority on Friday praised the growing sector—which includes major firms such as Monzo, Revolut and Starling Bank—for its “effective and innovative” use of digital identification tools and other new technologies, as well as the general quality of its anti-fraud controls.

But companies within the industry must ensure that their compliance programs keep pace with their often rapidly expanding business, and that they also gather sufficient data from new clients to gain a “complete picture” of the financial crime risks they present, the FCA warned.

“There cannot be a trade-off between quick and easy account opening and robust financial crime controls,” Sarah Pritchard, the FCA’s executive director for markets, said Friday.

The FCA reviewed the six banks, most of which operate as digital lenders and together serve 8 million U.K. clients, after finding in a national risk assessment in 2020 that the fast-onboarding process some of them advertise as a selling point could attract criminals, particularly those that use money mules to move funds for fraudsters and other crooks.

Several common weaknesses emerged during the review, including a general failure by the banks to obtain details on the occupations and incomes of their customers, the FCA found.

That failure in turn led to “incomplete assessment[s] of the purpose and intended nature” of clients’ relationships with the institutions, some of which wrongly relied on their transaction monitoring software to flag risk they should have noticed during onboarding.

The FCA’s specific reference to missing employment and salary information could lead to an “overly prescriptive intervention” that would do little to mitigate risk, said Robert Evans, chief executive of FINTRAIL, a consultancy that specializes in anti-money laundering compliance for challenger banks and other financial technology-centric firms, or fintechs.

“I’d question how focusing on those data points helps with the main issue that fintechs face, which is low-level money muling,” Evans told ACAMS moneylaundering.com. “I would prefer to see them encouraging a more modern and effective approach to data than inadvertently creating an expectation around two data points.”

SARs and sanctions

Data obtained from the U.K. financial intelligence unit as part of the review showed a “substantial increase” in the volume of suspicious activity reports that challenger banks have filed on clients whose accounts they shuttered for fear of enabling financial crime.

“This raises concerns about the adequacy of these banks’ CDD [customer due-diligence] and EDD [enhanced due-diligence] checks,” regulators found. “We also had concerns about the quality of SARs.”

Some of the banks also frequently failed to subject politically exposed persons and other inherently higher-risk clients to enhanced due diligence, and separately neglected to review transaction monitoring alerts or lacked the resources to do so in a timely manner.

“We also saw examples where banks identified fraudulent activity, but investigations were either incomplete or not adequately documented,” the FCA concluded.

The agency also warned firms Friday to sharpen their customer-risk assessments and enhanced due-diligence measures in light of “the heightened risk of sanctions evasion” by individuals and entities blacklisted in response to Russia’s invasion of Ukraine.

Contact Koos Couvée at kcouvee@acams.org