Money laundering is a threat to all financial institutions (FIs), with bad actors around the world processing trillions of dollars each year. This money is used for a range of nefarious acts, including terrorist financing, organized crime and human trafficking, making it a top priority for banks and credit unions (CUs) to identify and to stop these transactions.
The pressure adds to the threat of sanctions from government regulators, who can impose stiff penalties on any FI that allows money laundering to go unchecked. According to Margaret Chamberlain, vice president of risk management at OneAZ Credit Union, everything from devastating fines to jail time is on the table for those who fail to keep anti-money laundering protocols up to date ( AML) of their institutions.
“The bank secrecy law can impose financial sanctions on the credit union, the board of directors and directly on the person responsible for a [AML] program in place,” Chamberlain said in an interview with PYMNTS. “It can also result in prison terms. So there’s a lot of responsibility and a lot of exposure for the credit union, the board, and management.
This means instituting ironclad digital identity protocols is imperative to ensure members are who they say they are and to help CUs stay compliant. PYMNTS spoke with Chamberlain about how OneAZ achieves this as well as the significant issues when it comes to controlling money launderers.
Verification of member identities
OneAZ takes a multi-pronged approach to digital identity, deploying document verification software, multi-factor authentication, and a variety of additional methods to ensure customers are who they say they are. This approach aims to prevent bad actors armed with a single ID document or password from gaining access to members’ privileged data or bank accounts.
“We have a few tools that we use to review the documentation provided by the member, making sure it’s adequate and legitimate,” Chamberlain said. “We’re also using non-wallet type questions that validate the member, and we’re starting to use more advanced multi-factor authentication through things like Google Analytics that send one-time use access codes to our members.”
It is also crucial for FIs to verify and understand all relevant details about their business customers to ensure that these customers are not engaging in illicit activities. OneAZ, for example, makes sure to know all aspects of the companies it interacts with so that it can identify anomalous activity that may indicate money laundering.
“[It is a challenge to] understand business types, what kind of activity would be normal for their business, and then be able to identify abnormal activity, because that’s usually what identifies fraud or something going on with that account “explained Chamberlain. “That could include spikes in activity outside of our area, unusual cross-border activity, unfavorable media attention, things like that.”
However, implementing this multitude of verification techniques is easier said than done, especially as the pandemic changes the nature of fraud and money laundering. Improvements are also possible on the side of the regulators.
Member Verification and Anti-Money Laundering Challenges
The pandemic has dramatically changed the way individuals do their banking, transforming what has long been a primarily in-person activity to one conducted almost entirely through digital channels. This provided money launderers with new opportunities to infiltrate FI systems, putting FIs on high alert for these new schemes.
“The fraud that’s been going on since the pandemic is just crazy,” Chamberlain noted. “There is so much more than what we experienced before the pandemic. It’s because people want the ability to go online and open an account or make a transaction online, and scammers know that, so they take advantage of every opportunity they can.
Another challenge is to evolve regulations that often seem to lag behind current threats of fraud or money laundering. A more proactive approach by watchdog agencies would help reduce money laundering, according to Chamberlain.
“They tend to react to situations [already] it happens, and then it has a much harder and much faster impact on financial institutions,” she explained. “If they were more aware of what is happening with the threats to financial institutions, analyze their requirements and communicate them to financial institutions sooner, it will have much less impact on the financial institution because we have the time to plan the changes we need to make.
In the short term, FIs will need to be aware of current threats and regulations to ensure that their verification techniques do not falter. Digital identity protocols are a key piece of the puzzle in this regard.