Money Laundering the World OverRising Global Payments and Emerging Tech Pose New Fraud Concerns
At the top of the list of growing fraud is money laundering; it's the fraud that most-often gets through cross-border security gaps, says Stacy Rosenthal, who heads up banking and corporate strategy in the Americas for SWIFT, The Society for Worldwide Interbank Financial Telecommunication. Rosenthal says security is a top concern for any payments processor. But unique risks have to be addressed in unique markets, and that's making standardization and sweeping regulatory guidance aimed at fraud prevention next-to impossible.
"Globalization will continue to bring new issues to bear, and compliance is something all institutions try to balance," Rosenthal says. "We always want to think about security and maintaining integrity across the payments chain; sometimes it's a difficult balance bringing innovation to market and security."
The Innovation Demand2011, she says, will mark a tipping point for innovation, and some cultural challenges will have to be overcome as well. While the use of payment cards continues to grow or remain steady in the U.S., usage in other parts of the world, even Europe, is not quite so accelerated. So, developing innovative solutions that enhance security to meet the demands of all markets is not easy.
From a money-laundering perspective and overall fraud perspective, those cultural differences create opportunity for fraudsters. Fake payments cards, created with account details from European accountholders, can easily be used in the U.S., where cards are widely accepted and card technology is not so secure. In Europe, cards are used less frequently, ""even though they have done much more from a technology perspective," Rosenthal says. "They are leaps and bounds ahead in the technology."
But it cuts both ways, says Erik Stein, vice president of solutions architecture for risk and compliance at Fiserv. While European banks might be worried about card fraud perpetrated in the U.S., American banks are worried about International ACH, check fraud and fraud perpetrated via emerging channels such as mobile.
Consider the example of mobile remittance provider M-Pesa. Provided in developing markets, such as Kenya and Afghanistan, M-Pesa is offered via mobile carriers, which raises all kinds of concerns, especially when funds are transferred to and from U.S. accountholders with users in developing markets, Stein says.
"When you think about M-Pesa, it works in those markets like Kenya, because you don't have a bank on every corner," he says. "At the same time, you have the potential, as you're moving money around that quickly and easily, for money laundering. So, there are some real concerns about AML there. M-Pesa has moved to countries like the U.K., because there are a lot of Kenyans who work in the U.K. and want to send the money back home. ... There are caps on these payments, but then when you look at how often payments are moving from one party to the next, you see that AML monitoring can be challenging."
Complying with the RulesMobile services, like mobile remote deposit capture, are so new that banks are still trying to figure out how to deploy them correctly, much less figure out how to prevent money laundering, says Andy Schmidt, an analyst at TowerGroup. "We're hearing very different reports from the vendors and the banks about the amount of fraud and money laundering in the mobile RDC channel," he says.
But no bank wants to get slapped with a fine for AML violations, so bankers are mindful of the security risks.
Tracking anomalous behavior requires comparative historical data - something most banking institutions don't have for emerging channels in emerging markets. "When it comes to complying with BSA (Bank Secrecy Act), including AML, certainly our clients are looking at us to provide solutions that can help them," Stein says. "So, when it comes to these emerging technologies, they are looking to us to build in what they need. If they have different product mixes, we have to be flexible."
The lack of uniformity among global regulatory requirements only compounds the issue. "The regulatory regimes are probably as close as they're going to be. I don't see that the countries are going to come up with ways to have a similar form or standard for security and mandates," Stein says. "In fact, I think they would argue that there are reasons why they are unique in their approaches. ... That poses a challenge for vendors like us, which provide services in 78 countries. We have to be flexible. Each country has a unique flavor of the reports they require, and so any solution we offer has to be able to comply with unique standards."