We examine how Covid-19 is impacting regulators and regulated entities, especially acquirers and payment service providers (PSPs), in managing and mitigating the risks of financial crime.
In the long history of humankind, those who learned to collaborate and improvise most effectively have prevailed, said Charles Darwin, the father of evolution. Criminals have certain advantages in this regard. They are frequently well funded, highly skilled, creative, entrepreneurial and lack scruples.
In contrast to firms in the legitimate economy, criminals do not have to justify activities through endless committees. Or quality assure new scams in depth before releasing them into the wild. This makes them well-placed to collaborate and improvise to capitalise on Covid-19. It also makes them a wily adversary not to be underestimated.
However, it’s not just criminals that can adapt and evolve. Compliance professionals can, too. It’s actually something they’re quite good at, because compliance is dynamic by nature. Anything can change in a business, a merchant’s business or the external environment. Therefore compliance professionals are used to operating in business-as-unusual times.
So how is the Covid-19 pandemic affecting regulators and firms in managing and mitigating the risks of financial crime?
New money laundering opportunities
Money laundering requires an underlying, profit-making crime, often known as a ‘predicate offence’, along with the intent to conceal the proceeds of the crime to further the criminal enterprise. Acquirers and PSPs should be alert to criminals putting a new, Covid-related spin on old offences.
Counterfeiting and pirating of pharmaceuticals, consumables and intellectual property is already the biggest single trans-national criminal activity. It likely exceeds US$1 trillion in retail value, according to Global Financial Integrity, a US think tank. This makes it the #1 predicate offence for money laundering — bigger than illegal narcotics, human trafficking and cybercrime.
The European Anti-Fraud Office (OLAF) reports that face masks are selling for €5-10, three times the normal price. UK and US regulators have moved against sellers of fake Covid-19 home-testing kits and companies allegedly selling unapproved products.
Compliance professionals could consider adapting policies and procedures for branded or rights-protected goods to the pharmaceutical sector. For example, how they verify that their merchants hold the necessary licenses or permits from rightsholders to sell branded or patented goods and copyright material. And how they verify that the goods sold are genuine.
Rise in fraud and cybercrime
Fraud and cybercrime generally are also key predicate offences for money laundering. Both are seeing an uptick as criminals exploit the anxiety and ignorance around the Coronavirus, and more people work remotely. Financial regulators in the US and UK have issued advice around an increase in fraudulent activities and scams.
The US Financial Crimes Enforcement Network (FinCEN) has warned about imposter, investment, product and insider trading scams. The UK Financial Conduct Authority (FCA) has warned against criminals exploiting short-term financial concerns with loan or advance fee fraud, charitable or bogus claims management scams. This is when scammers claim to be an insurance company or credit card provider, offering to recover losses by submitting a claim for a cancelled holiday or wedding in exchange for a fee or bank details.
Using the uncertainty around stock markets, scammers may advise victims to invest or transfer existing investments into non-standard or unregulated investments. These include carbon credit, cryptocurrency, gold, precious metals and sustainable energy schemes. Some scammers operate clone firms, using the name, registration number and address of authorised firms and individuals to appear genuine.
Acquirers and PSPs should be alert to unscrupulous merchants conducting investment scams advertised on search engines and social media, romance scams committed via online dating platforms and online shopping scams promoted through auction sites and marketplaces.
Revised reporting requirements
Regulators understand that firms may have to reassign and reprioritise resources in response to the Covid-19 crisis. This may impact their ability to meet reporting and other obligations.
The Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), stated in a communication in late March that submitting suspicious transaction reports (STR) for money laundering and terrorist financing activities was the top priority. Where firms cannot meet a given obligation, they are asked to keep a record of why and include measures being taken to mitigate the risk of non-compliance.
With regard to customer due diligence, various identity documents, such as driving licences, may have their validity extended so as to avoid in-person visits for renewals. FINTRAC has confirmed that firms may consider these documents to be valid and current. Or they may use other methods to verify identity.
FINTRAC advice is summarised as an example of how some regulators are taking a pragmatic approach during the Covid pandemic. Regulators may also be temporarily suspending new examinations, and postponing or staggering regulatory consultations. Acquirers are advised to review the public statements from regulators in the countries where they and their merchants are active.
Changes to on-boarding and monitoring systems
Acquirers can expect to see surges in new applications from merchants, who want to establish transactional websites. These may be brand-new merchants, or those who usually trade in physical stores but are adapting their business models following lockdown restrictions.
Conducting know-your-customer (KYC) checks remotely and digitally should be the norm for underwriters, especially for online merchants with purely digital footprints. Web Shield services are designed to operate remotely and digitally to evaluate risk exposure at boarding stage and during the merchant relationship.
InvestiGate allows underwriters to take quick, effective on-boarding decisions via a single automated platform and integration. It returns a risk score for the overall on-boarding risk, and suggests a clear underwriting path. Web Shield’s Monitor platform delivers persistent monitoring in modular design for effective surveillance of a merchant portfolio.
Acquirers are also advised to review transaction monitoring parameters to avoid spikes in false positives. This is particularly around increased online traffic and sales, often at unusual times of the day or month.
Compliance during Covid-19 is a case of keep calm, remain vigilant, build resilience and carry on. However, post-Covid there is likely to be increased interest from both regulators and firms in risk management solutions that operate digitally and remotely. Plus those that draw on transactional and non-transactional data and get smarter over time. After all, it is those who collaborate, improvise — and use technology — most effectively that will prevail.