Their growth has been explosive, and they’ve shaken up the world of banking – but there are growing concerns about how well challenger banks and fintech firms are handling fraud
Keen to increase competition and improve services for customers, the government and regulators in the UK and around the world have, over recent years, encouraged the growth of challenger banks.
This drive has been successful – the market industry was valued at $20.4bn in 2019 and is projected to reach $471.0bn by 2027, a CAGR of 48.1% from 2020 to 2027, according to Allied Market Research.
But there are now growing concerns about how well some of these dynamic newcomers are managing financial crime fraud and anti-money laundering (AML). The Financial Conduct Authority (FCA) undertook a review last year, which was published in April this year, and identified a noticeable increase in suspicious activity reports. The regulator is particularly concerned about the adequacy of checks carried out by challenger banks when onboarding new customers.
It highlights that in some instances, these banks failed to adequately check their customers’ income and occupation. The FCA also felt that some banks had under-developed or even non-existent customer risk-assessment frameworks and that there was insufficient detail here.
“Challenger banks are an important part of the UK’s retail banking offering,” says Sarah Pritchard, executive director for markets at the FCA. “However, there cannot be a trade-off between quick and easy account opening and robust financial crime controls.”
Fintech firms investigated for financial crime
Fintechs are in a similar position – in July, it was revealed that Monzo is being investigated by the FCA for possible AML breaches. “The prevention of financial crime is an issue that affects the entire banking industry and one which Monzo is taking extremely seriously,” says the firm. “Over the past year, we have made major investments in our controls in this area as a priority and will continue to invest heavily in this part of the business.”
The issue is not solely one that affects UK challengers. Last year the German financial regulator BaFin slapped N26, an online bank with more than 7 million customers in 24 markets, with a €4.25m (£3.59m) fine for delayed reports of suspicious activity in 2019 and 2020. In response, N26 said: “With the growing importance of ecommerce, we have taken numerous detailed measures and have also established structures and processes that meet the highest standards of financial crime prevention to address this pertinent global threat.”
Can challenger banks continue to acquire customers at such a rapid rate and then offer them a frictionless customer experience, while at the same time managing growing threats from fraudsters and cybercriminals?
Part of the problem is that the speed of processes and interactions and the relative lack of bureaucracy that forms a key selling point for the challenger banks is as appealing to fraudsters as it is to legitimate customers. Their lean, agile makeup means that they might lack the large anti-fraud and money laundering teams and extensive experience of the legacy banks.
It remains to be seen whether, in the name of addressing increased concerns about fraud, these banks will be prepared and able to reject more new customer applications and possibly annoy existing customers by delaying and flagging up certain transactions.
“First and foremost, challenger banks must review their onboarding process to verify the identity of the customer and minimise the risk of money laundering,” says Armen Najarian, chief identity officer at Outseer, an AI-driven anti-fraud firm. “While many challengers exercise verification controls like biometric technology, they must also provide adequate checks on their customers’ income, occupation and background.”
Najarian adds: “Machine learning has a big impact on power fraud prevention controls, giving challengers the same level of risk intelligence as a legacy bank. These solutions work in the background to verify customer identities and monitor transactions, credit card companies, and banks so challengers can detect and prevent fraud, as well as comply with anti-money laundering regulations.”
The role of regulators
Given the novel, disruptive and rapidly evolving business models and systems employed by these institutions, does the law and the approach of regulators need to change here? “There is an assumption in the financial services industry that a substantial sum of money will inevitably be lost to fraud every year – but this need not be the case,” says Najarian. “Regulators should do more to crack down on fraud, and this could mean having a minimum threshold for fraud prevention to ensure that banks have adequate protections in place to keep up with skyrocketing cases of fraudulent activity.”
Challenger banks can take some comfort from the fact that the FCA’s report is not entirely damning. It has found that: “Some challenger banks [are] mitigating fraud risk by incorporating additional monitoring for known fraud typologies at onboarding and as part of account monitoring. This included credit industry fraud avoidance system (CIFAS) checking, as well as checks on customers using multiple devices to manage their accounts.”
Their digital-first approach and sophisticated algorithms mean that challenger banks and fintech companies should be in a good position to start accumulating vast quantities of data quickly and effectively. This can be used, in conjunction with technologies such as AI and machine learning to identify more actual and potential instances of fraud and money laundering and to take action more quickly and effectively.
Meanwhile, as many longer-standing banks continue to struggle with their legacy IT systems, there is the potential for the new generation of banks and financial institutions to innovate and lead the way in managing this increasingly important issue.