Imagine you are a branchless banking provider that is leveraging agents to target the unbanked. As a financial service provider, you are regulated and supervised by the central bank and must comply with national Anti-Money Laundering/Combating the Financing of Terrorism (AML/CFT) regulations.
These AML/CFT compliance requirements, at a country level, determine the “Know your Customer/Customer Due Diligence (KYC/CDD)” procedures, hiring compliance staff, monitoring software, agent training, and ongoing agent supervision. This adds costs to your business that you might then transfer to your end customers.
You have complained to your regulators and sought adjustments but they have stated that their hands are tied because they need to comply with international AML/CFT standards set by the global body called Financial Action Task Force (FATF). At the same time, the country you operate in is facing a pending mutual evaluation of their AML/CFT system and regulators are cautious, as they would not like the country to be judged negatively on its AML/CFT framework.
This is an issue that many financial service providers across the world face.
But there is some good news. Over the last few months, FATF has continued to make significant strides in providing more granular guidance to country regulators on balancing AML/CFT requirements with financial inclusion goals. In February 2012, FATF issued a revised set of 40 recommendations that made the risk based approach to AML/CFT central in the implementation of the standards. In February 2013, FATF released an updated version of its Guidance Paper on AML/CFT and Financial Inclusion to assist countries in implementing FATF requirements in a manner that is consistent with financial inclusion objectives. It also released a new assessment methodology for mutual evaluations.
In June of this year, FATF plans to release an updated guidance on New Payment Methods (covering the kinds of delivery approaches most interesting to you as a branchless banking provider). The new standards, as well as accompanying guidance papers, embody official recognition that financial exclusion is a money laundering/terrorist financing (ML/TF) risk and mitigating financial exclusion risk is vital to achieving an effective AML/CFT system.
So as a provider here are some things the new guidance offers you:
1. Flexibility in how you keep your records: Although financial transaction records must be kept by providers for at least five years, FATF clarifies that providers have the flexibility to maintain records in any format. This could be electronic database, photocopies or even hand-written notes, which could greatly reduce the compliance burden on agents in financially underserved areas (where access to photocopiers, scanners and other technologies for record keeping are often costly or unavailable to the agents).
2. Flexibility in how you oversee your agents: Agents of a money value or transfer service (MVTS) provider are no longer required to be licensed or registered by national authorities, but rather the provider can simply maintain an updated list of agents which must be made available to national authorities if and when requested. It should however be noted that this flexibility only exists in the context of money and value transfer services -- cash in, cash out, limited stored value P2P transactions -- and not for other types of financial services (example, a full bank account)
3. Flexibility in what type of internal monitoring system you find appropriate: FATF provides explicit flexibility for ongoing due diligence and business relationship monitoring by the financial service provider. For example, both manual and electronic monitoring (example, using software based transaction monitoring and pattern systems) are now explicitly permitted. So if you are a very small financial service provider with conceivably far less transaction volumes through your system, you are not required to invest in electronic monitoring software which can be expensive - manual monitoring by an employee is fine as long as you are comfortable (as a provider) that risks are adequately mitigated and you can justify this to your national supervisor.
4. You may not need to immediately verify your customers: For KYC, FATF permits verifying the identity of the customer and the beneficial owner after the establishment of the business relationship rather than doing so “real time.” This is until the account reaches the next “tier” level. Account “tier” levels directly link the level of KYC to the extent and range of financial services offered to a customer. For example, a level 1 tier could mean that customers are provided with limited and basic services after undergoing a “simplified” verification. A level 2 tier could mean the customer accesses an expanded range of financial services with higher transactions ceilings assuming there has been more customer verification than level 1.
At the same time, during the next round of AML/CFT mutual evaluations, FATF will now also focus on evaluating the overall effectiveness of a country’s AML/CFT system to understand the extent to which a country’s laws and institutions are actually achieving their AML/CFT objectives and producing expected results. Financial exclusion is now incorporated as one of the contextual factors for evaluators to consider in assessing the effectiveness of a country’s AML/CFT regime. Conversely, financial inclusion models that fail to mitigate money laundering or terrorist financing risk appropriately may also be assessed as undermining the effectiveness of the country’s AML/CFT framework.
Although significant success has been achieved at the standard-setting body level, the next step will be for countries to truly understand the updated FATF standards and guidance and build them into their regulatory and supervisory frameworks. In this regard, proactive knowledge sharing between the public and private sector on practices and experiences, as well as between countries will be beneficial.
Feedback and input on what is working and what is not could be fed back to the FATF, through each country’s respective channel, so there is progress at all levels to understand both the opportunities and challenges that emerge from the new standards and guidance. We should continue to ensure that customers are protected from illicit and harmful financial sector flows without unduly preventing the poor from accessing basic financial services.
Very good and interesting article. And timely too. But for Remittance Service Providers (RSPs) there are not good news on that front. Remittances and international payments are a tool for financial inclusion although few banks in the world have been successful with their remittance-fin. inclusion programs (better said, "as successful as they thought they were going to be"). The case of the Mexico-US Corridor is striking with fewer and fewer Mexican institutions having access to US Banks and large banks like Banamex exiting the remittance industry because of the pressure by US regulators. HSBC did it also (and remittances were not part of the problem). Large banks are re-looking at remittances and thinking: a) it is not really a good source of income to the bank b) it is too risky c) compliance is too costly. I know Mexico is a special case but it is not the only one.
I also agree 100% with "proactive knowledge sharing between the public and private sector on practices and experiences, as well as between countries will be beneficial". But my experience every day trying to do just that, shows me that it is very hard to achieve.
Thank you for your very insightful message! I can completely understand your concerns. On the risk and compliance front, we have heard something similar happening between banks and RSPs in a number of other countries, such as Canada and the UK. Typically, many smaller niche RSP's that target very specific migrant populations have been impacted. The banks view the MTO's as higher risk on AML/CFT as they may not be complying adequately with AML/CFT compliance procedures. It is purely a business decision and the regulators are not involved.
I could clearly imagine how this may adversely impact financial inclusion goals, but I am not sure what the right solution to overcome it could be? But one thing is clear - making stakeholders understand what are indeed "perceived risks" vs. the "real risks"....
Good insight. The country like indonesia is very strict and persistent to implement the regulatIon.
Thank you. Do you know if Indonesia is planning to issue more flexible AML/CFT regulations or changing the way they do ongoing supervision?
This is definitely a good article and I agree with Hugo's comments. In addition, we are pushing for a task force to be set up in each country. The members would be banks, public sector and operators of NBFIs. The objectives would be to develop standards of approach and guidance that will work for all participants. All assistance to form such bodies will be gratefully received.
Thanks for your message. I think it is a great idea to develop such standards of approach and guidance through task forces. I think some consensus within relevant stakeholders and forging productive dialogues is a key step to ensure more national consensus in the country. This is an area where CGAP could gain far greater insight, so please let us know of any and all learnings you might come across!
Valuable rundown of an oft-overlooked issue in mobile money. Thanks, Wameek.