EXCLUSIVE: “Joined-up Thinking” – Edward Vaughan, TruNarrative in ‘Discover Money20/20’
The acquisition of TruNarrative by global risk intelligence firm LexisNexis Risk Solutions has created a new force to help ensure tackling financial crime doesn’t come at the expense of payments innovation, says Edward Vaughan
Challenger banks have changed the face of financial services over the past decade – renowned for their unencumbered ability to run with innovation while their incumbent counterparts have been weighed down by legacy systems and assiduous observance of risk and compliance requirements.
It was, perhaps, inevitable, though, that the former would trip up. And several have done exactly that. The Financial Crime Controls At Challenger Banks report, issued by the UK’s Financial Conduct Authority (FCA) in April, gave neobanks a stern resume of what they must now do to bring themselves in line, although it refused to single out challengers by name.
The findings largely centre on the inefficiency of transaction monitoring and due diligence – increasingly hot topics in the burgeoning digital transaction space where the challengers have helped drive the dramatic shift to ‘frictionless’ online payments.
It’s not all bad news, according to Edward Vaughan, head of banking for specialist data analysis regtech TruNarrative. And that’s principally because, by their nature, challenger banks are nimble enough to embed the changes they’ve been told to make, and still maintain their impressive stride.
The report’s specific findings included the fact some challengers were not consistently applying enhanced due diligence (EDD) for assessing the risks posed by customers at onboarding and throughout the transaction life cycle or documenting it as a formal procedure to apply in higher risk circumstances, such as managing politically exposed persons (PEPs).
The FCA also discovered instances of ineffective transaction monitoring alert management – for example, using inconsistent or inadequate rationales for discounting alerts – as well as a substantial increase in the volume of suspicious activity reports (SARs) logged by challenger banks as they exited customer relationships for financial crime reasons. This again called into question the adequacy of their customer and enhanced due diligence checks when onboarding and managing the ongoing risk of their customers, the FCA said.
Crucially, some of the challengers’ financial crime change programmes were not overseen adequately, nor were they able to keep pace with their fast-moving business models.
The report’s authors concluded that ‘more needs to be done by the challenger banks sector as a whole in light of the areas of improvement we identified. The weaknesses… create an environment for more significant risks of financial crime to occur both when customers are onboarded and throughout the customer lifecycle’.
The current sanctions regime against Russia is only increasing the focus on transaction security, including know your customer (KYC), know your business (KYB) and anti-money laundering (AML) checks.
“The findings were not particularly surprising,” says Vaughan. “The issue of applying EDD, in particular, serves as a good reminder to banks that swift onboarding and ongoing monitoring shouldn’t come at the expense of robust risk assessment, and it doesn’t have to. Like the FCA, we encourage challenger banks to review and enhance their firm’s financial crime frameworks with a focus on ensuring customer risk assessments and EDD measures adapt to the heightened risk of sanctions evasion, in particular. Applying a risk-based approach to AML controls and continuously making sure financial crime controls remain fit for purpose should be a top priority for all banks.”
Sophisticated tools developed by the newly-merged companies, like their new LexisNexis® RiskNarrative™ platform, can help firms get their systems up-to-speed in a relatively painless way, with its plug-and-play ability to quickly update data sources, as well as changing rules as a result of a development in risk appetite or regulation changes.
On the plus side, the FCA report did find evidence of good practice, in terms of innovative use of tech, indicating that ‘firms don’t need to sacrifice speed for assurance’ and can actually harness the things they already do best to overcome the regulatory hurdles.
“The challengers have been incredibly important, over the past 10 years, in changing the ecosystem of financial services and how products and services are now delivered through digital channels and in real time to customers,” says Vaughan. “They have fundamentally altered the landscape and challenged the status quo of the traditional banks.
“The advantage the challenger banks have is that, following these findings, they are probably better positioned to pivot and start using platform technology like ours, which will help overcome them, because they’re more agile in adapting to change. So, it could it be easier for them to close these gaps and weaknesses than it is for traditional banks that move at a far slower pace due to having far more governance and control processes.
“For example, we can help them dynamically risk assess their customers, from a transactional monitoring perspective, and instigate things like behavioural profiling and standard deviations across peer groups, to reduce inefficient processes and improve the management of false positives around transactional monitoring alerts.”
He continues: “And this is where we see the opportunity for challenger banks, in particular, when they’re looking at remediation plans for these weaknesses. In some cases, they’ve built their own controls around preventing and detecting financial crime, which are very resource intensive and, because they don’t always get it right, that’s leading to some of these findings.
“They need to concentrate on disrupting and delivering fantastic services, while back-end compliance and financial crime management is best served by complementary technology platforms like ours.”
STRENGTH IN NUMBERS
It was recognising this need and opportunity that led UK-based fraud prevention solutions provider LexisNexis Risk Solutions to acquire TruNarrative last August, and add the fintech’s Cloud-based data orchestration for detecting and preventing financial crime to its suite of services.
Now integrated into LexisNexis Risk Solutions’ Business Services offering, at the time of the acquisition the bigger player said this would enable it to help a variety of businesses select ready-made financial crime prevention components.
TruNarrative enables organisations to manage the entire financial crime life cycle within a unified platform that allows for automated onboarding, dynamic riskscoring, real-time financial crime decisioning and transaction monitoring; all with no-code configuration and rapid integration through a single API for holistic oversight of customer risk. This complements LexisNexis Risk Solutions’ existing financial crime management offering, which helps companies keep pace with regulation, achieve compliance and mitigate their risk of fines and reputational damage with its fraud and identity authentication solutions.
The new alliance marks the latest step in its strategy of expanding data sets for global financial crime compliance, coupled with technology to ‘transform the ways in which financial crime compliance is achieved’. It follows its merger, in 2021, with transaction compliance software specialist Accuity, and the three combined now represent one of the largest worldwide providers of risk and compliance solutions.
Among them, LexisNexis Risk Solutions’ new Financial Crime Digital Intelligence solution, enabling compliance teams to keep pace with, and mitigate, escalating sanctions risks associated with, accelerated digital transaction adoption.
The combined portfolio has applications across insurance, financial services, healthcare and government, and, according to Vaughan, it now means compliance needn’t hamper the innovations challengers seek to bring to user experience, nor impede a quick and easy application process, followed by fast and convenient access to products and services without compromising on security and protection.
The RiskNarrative™ solution, for example, offers a dynamic risk rating as part of an underlying, integrated, risk management workflow, allowing firms to assess risk at every stage of the customer journey. Changes to the risk rating are triggered by customer actions, with authentication stepped up only where required. So, with fewer false positives, genuine customers get the user journey they deserve and are protected every step of the way. From the provider’s point of view, it brings all areas of risk together in one workflow – including onboarding, ongoing screening and transaction monitoring – instead of myriad technology siloes, and without the need to individually interrogate different tools and amalgamate results across identity, fraud and compliance.
It is adaptable too. “The market isn’t static and neither is an organisation,” says Vaughan. “They need a dynamic risk framework that can grow with them and adapt quickly to changes in business model, risk policy and regulation, as well as adapting to shifting criminal methodologies. They also need to be able to rapidly integrate the very latest tools and capabilities, to manage risk most effectively and meet their evolving business needs – a risk framework that is fit for purpose today and scalable and adaptable for the future.”
The RiskNarrative platform is also solution-agnostic, he explains, combining TruNarrative/LexisNexis Risk Solutions’ own data sources with those of third parties.
FAST-PACED FINANCIAL CRIME
Russian sanctions and recent exposés, such as the Pandora and Panama Papers, have highlighted the urgency of KYB and KYC checks on ultimate beneficial owners of assets to prevent criminal activity and tax avoidance. But Merchant Savvy, in 2020, estimated the global size of financial crime losses at $32.39billion, triple that of 2011. So, what other trends are TruNarrative and LexisNexis Risk Solutions witnessing?
“Fraud for financial gain and impersonation fraud were always the predominant types we saw within the industry,” says Vaughan. “What we’ve seen emerge more recently, is more advanced ways of committing financial crime, things involving authorised push payments (APPs), which in many ways is an unintended consequence of trying to make the payments process as seamless as possible for customers.
These often involve phishing, where someone might impersonate someone else, like a family member or their bank, and persuade them to authorise a payment using their own credentials, and it is very difficult to detect.”
STAYING IN CONTROL
These crimes are often vanguards for ones with more sinister intent, says Vaughan.
“When we talk about financial crime prevention at LexisNexis Risk Solutions, we see fraud as a predicate offence to money laundering and the most serious types of financial crime.
So, the ability of organisations, be they challenger banks or established banks, but more so those digital players, to detect that fraud, doesn’t just rely upon one thing.
“We talk about the control environment, the strategy for detecting fraud that enables an organisation to look at multiple different vectors around how its customers are interacting in that digital channel. As well as looking at the type, time of day and value of a payment, and where it’s going, a range of different vectors, applied together, can identify something that’s out of the ordinary or abnormal.”
And having the sophisticated data and systems to sift out the normal from the abnormal, is paramount, to avoid wasted time for banks and unnecessary interruptions for customers.
“It’s important to understand what’s normal, because there’s a far larger population of normal things occurring. Then abnormal alerts target the outliers. But customer behaviour changes and, therefore, all the capability that sits within the technology, such as transactional monitoring, needs to be able to learn too.
“What we’ve also seen is a huge rise in money mules – individuals who could themselves be vulnerable and are being exploited to launder funds through their account for a third party, using a range of financial instruments, from cash and traditional fiat currencies to financial instruments like Bitcoin.”
The challenge for banks in identifying mules is that they don’t always pop up on the radar, applying for a new account. Often, they are existing customers.
“The FCA findings could suggest challenger banks are more susceptible to mules, because of the way they deliver their services,” says Vaughan. “This means their control environments need to be far more digitally focussed and consider a range of factors in risk assessing their customers. This is where transactional and behaviour monitoring becomes really important – the ability to look at the patterns of behaviour of a customer who sits in a certain segment or peer group, against others in that same group.
“It’s also about asking customers the right questions and validating what they’re saying by monitoring their behaviour against what they have disclosed. For example, thinking about mules, if someone says they work in a factory earning £15,000 per year, but their transactional volume far exceeds that, risk profiling against the segment in which they sit will show that they represent a complete exception.
“Those types of more sophisticated transactional monitoring capabilities are necessary to deliver the best chance of the right outcomes, because traditional transaction monitoring just exists on binary rules, and leads to huge amounts of false positives.
“It’s got to get more and more sophisticated to keep up with this challenge and enable straight-through processing by eradicating those false positives.”
“There is no one silver bullet to solve this problem,” adds Vaughan, “but technology and systems like ours, which create the right control environment, can greatly assist organisations in preventing financial crime.”