Insight & Analysis

Opposing forces: how banks are aligning compliance needs with real-time payments

Published: Oct 2019

Faster, even instant payments unearth a host of technical and compliance issues. How are banks tackling the problem to maintain momentum?

Multicoloured block aligned perfectly

The demand for faster, even instant, payments is a fact of everyday life. Thanks to the advances made possible by the emergence of SWIFT gpi and instant payment systems, this is not a phenomenon restricted to high value corporate payments, but also includes lower value retail payments. The next logical step - connecting payments systems operating 24/7 in different currencies – is already on the industry’s radar.

But success can bring its own problems, say Eric Le Lay, Chief Compliance Officer, and Frantz Teissedre, Head of Interbank Relationships, Global Transaction Banking, Societe Generale.

Front-line experience and independent statistics demonstrate that instant payments suffer much higher rejection rates compared with their ‘standard’ equivalent. Anecdotal evidence suggests rejection rates can be ten times higher, even more, when considering cross-border transactions even if they are in the same currency.

“This is mostly because if a filtering or anti-fraud tool identifies an atypical payment that requires investigation, it is rejected because it is impossible to process the payment within the maximum time expected by the client – which is usually a few seconds,” explains Le Lay.

As a consequence, he feels banks face the challenge of achieving the right balance between the instant ‘new normal’ expected by the customers and the authorities, and the need to abide by compliance regulations.

What banks need to do

“There are short-term, medium-term and long-term answers to these questions,” says Teissedre. In the short term, he suggests that new technologies can help solve the problems created by other new technologies. This includes intelligent scoring and improved detection tools based on artificial intelligence (AI) and machine learning to help make the right checks and the right choices as to what to do next.

“Despite our conviction of the value of combining the best of human intelligence with the best of machine intelligence, human beings are not able to identify ‘false alerts’ within seconds. By learning after the event, machines can interpret data instantaneously and help focus analysis on the core elements of payment messages.”

As an example, users can help machines learn not to generate an alarm about a transaction message that includes the phrase ‘scuba diving’ because it contains the letters that spell ‘Cuba’”.

Pre-payment scoring

Scoring before payment execution can be developed further by existing market infrastructures (a score is a statistical number that evaluates a counterpart’s trustworthiness based on its payment history). This can be matched with each single bank’s own scoring system, letting the latter make the decision on whether a payment should be processed, declined or receive further attention.

Other potential short-term measures include the development of new payment formats allowing for fuller and richer data exchanges: the global move towards the ISO 20022 standard will clearly help financial institutions to guarantee secure payments processing while abiding by compliance regulations.

Switching attention to medium- to long-term potential developments, everyone needs the help of the authorities and regulators, says Le Lay.

“A huge advance would be the creation of a single, unique, harmonised sanctions list to replace the current melange of national and regional lists,” he comments. Differences would of course remain at each individual bank level, but the risk of cross-border misunderstandings and the consequent raising of false alarms would be greatly reduced. This presupposes, however, a strong and concerted harmonisation effort amongst regulators in different countries.

Other possible medium-term developments could include the concurrent adoption of detailed common norms and guidelines on the use of sanction screening applications by regulators in different jurisdictions. “One aspect of this could be a requirement for the remitting bank to take full responsibility for the identity and actions of the remitting client, while the beneficiary bank does likewise for the beneficiary client,” says Le Lay. “This could enhance efficiency without incurring additional undue cost.”

When rules are the problem

As all experienced bankers and regulators know, rules themselves can be a part of the problem. This is especially so in areas where they are clearly contradictory, as in the case of mandating the sharing of data between banks and with regulators while demanding the upholding of data protection.

“We must find a way to balance the demands of observing data privacy rules and fighting fraud, perhaps by allowing a greater degree of information sharing,” argues Le Lay. Indeed, if payment service providers could exchange information between themselves about the attempted fraudulent use of an IBAN, this would help in preventing someone identified as a would-be fraudster from trying to deceive other payment service providers. “The more the speed of payments accelerates, the greater the necessity to exchange key information and act swiftly.”

Final warning

One final warning centres on the granting of access to payment markets and payment systems to new players (often referred to as disruptors by the global media industry). “We believe that such access in a hyper-connected world should be contemplated only after a thorough analysis of the disruptors’ activities based on established facts and demonstrable results,” says Teissedre.

As these new players are regulated, we should expect the same quality of know your customer (KYC) diligence and fraud detection at every stage in the chain, he adds. “New players in the payment chain should ensure they enhance their compliance, resilience, data privacy and fraud management processes to meet the very highest standards demanded by the market.”

Levelling the playing field means new players will not only have the same rights but will also have the same obligations as incumbent stakeholders. “This should be particularly true in times of financial stress, when uncontrolled failure of even relatively small institutions could trigger a much wider loss of confidence in the market,” says Teissedre. “Trust is at the heart of our markets, and remains of the utmost importance for financial users. It must not be sacrificed upon the altar of technical innovation.”

All our content is free,
just register below

Already have an account? Sign in

Please only use letters.
Please only use letters.
Please only use letters.
Please complete this field.
Please select an answer.