Earlier this week, UK neobank Monzo was slapped with a £21m fine for inadequate financial crime systems and controls.
Among other issues, FCA (Financial Conduct Authority) officials said the neobank had allowed new users to sign up using addresses like Buckingham Palace, 10 Downing Street and Monzo’s own office HQ.
The fine is just the latest in a string of penalties issued against British fintechs over their lax attitude to potential lawbreaking, following previous fines levied against fellow neobanks Starling and Revolut over the past two years.
But financial crime isn’t an isolated issue to fintechs. Industry experts say the financial services industry as a whole struggles to clamp down on crime. The latest round of fines suggest controls haven’t kept pace with their rapidly growing customer bases.
Some industry watchers say the issue is tarnishing the entire sector’s reputation, undermining efforts to be taken seriously, rolling out ever more high-end products like mortgages, loans and business lending.
“If fintech wants to be taken seriously, it’s time to stop tolerating mediocrity and start treating compliance as a core business function, not a back-office obligation,” says Monika Liikamaa, cofounder of Finnish payment service provider Enfuce.
What’s going on?
Monzo isn’t the only neobank punished for issues relating to financial crime as of late. In April, fellow UK fintech Revolut was fined €3.5m by European regulators after failing to root out money laundering on its app. And last October, the FCA demanded Starling Bank pay £29m for failings in their financial crime systems and controls.
And while it’s not just fintechs that have been fined in recent years — incumbent banks Santander and Credit Suisse have been slapped with AML fines in recent years — neobanks are in regulators’ crosshairs, says David Hamilton, partner at law firm Howard Kennedy.
And that’s largely because their business models are based on rapid growth and innovation. “Growth in commercial activities can outpace compliance frameworks,” he says.
Neobanks have grown rapidly in the past few years, especially in the post-pandemic era. Monzo, for instance, had around 600k customers in 2018 but now has over 12m. Similarly, Starling had a mere 43k customers in 2017 but has since grown to over 4m users.
Failure to match its financial crime controls with this pace of growth was flagged by the FCA in its rulings against Monzo and Starling. In Monzo’s case, the FCA called out the neobank’s lack of address verification, enabling customers to open accounts with “implausible UK addresses” including Buckingham Palace, 10 Downing Street and even Monzo’s HQ.
Identity verification is going to be key to avoid issues highlighted by the FCA in the case of Starling and Monzo. That’s also an aspect where legacy banks have a leg up, says Hamilton, as they can rely on extensive branch networks and legacy customer onboarding systems.
“Neobanks operate primarily online, leveraging technology to offer seamless digital customer experiences,” he says. “They often lack physical branches, which reduces overheads but also presents unique challenges in identity verification (face-to-face meetings with bank staff are impossible).”
Both neobanks were also criticised by the UK watchdog for failure to comply with a restriction placed upon them regarding the opening of accounts for high-risk customers.
How to solve the problem
As was the case with Starling, Monzo’s fine will likely eat into its top line for next financial year (the UK neobank reported a pre-tax profit of £60.5m for the 12 months to the end of March this year).
And to avoid further fines, fintechs will need to up their financial crime controls.
Harriet Rees, Starling’s chief information officer, tells Sifted it’s set to roll out a customer-facing AI tool to help them understand when they’re potentially being scammed in the coming months.
“We hope it will help customers to make the right decision when they’re in the heat of the moment with a potential fraudster,” she says.
Revolut last year launched an AI tool to detect where customers are being scammed and Monzo also launched added security controls in July last year to tackle fraud.
Further investments into fraud controls, identity verification and compliance teams are also going to be key to avoid the monetary and reputational damage of further regulatory enforcement.
“The problem isn’t fintech – the problem is low standards and blind process-following,” Enfuce’s Liikamaa says. “If you’re letting customers open accounts with addresses like ’10 Downing Street’, that’s not a tech failure, that’s poor judgment and a culture issue.”
Read the orginal article: https://sifted.eu/articles/uk-fintech-crime/
