The Digital Payments Revolution – Payment Transparency and AML Best Practices

Updated: 4 days ago

On Monday, April 25, 2022, the ACAMS New York Chapter hosted a virtual event which was moderated by Susan White, Managing Director at Kompany and ACAMS New York Chapter Board Member and included the following panelists: Dr. William Scott Grob, Director of Research & Analysis at ACAMS; Keith Harding, Director, AML Compliance Risk Management at Citi; Joanne Li, Director, Global AML Policy and Program Management at PayPal.

The panel opened with a discussion of the scope of the dramatic rise in electronic payments and whether or not we should expect further growth. The panel noted that based on a global electronic payments volume estimate from 2018, the volume of electronic payments is expected to double by 2024. In addition, the panel discussed the reasons for the significant growth in electronic payments in recent years, including the advancement in communication devices and communication technology as well as consumers craving the convenience and global 24/7 nature of electronic payments facilitated by modern mobile payment systems.


From there the panel noted compliance functions at electronic payment companies have the benefit of technology, the benefit of being able to think through what data points need to be collected, and as a result, can better assess and obtain data points that are needed to improve risk management. However, payment companies may also have to apply for and retain some of the same licensing as legacy banks and financial institutions such as registering as a money services business with FinCEN, obtaining money transmitter licenses in states where they do business, and any relevant international licenses.


The panel next discussed that the rise in digital payments signals, to traditional banks and financial institutions, a statement on the direction of the global market. Specifically, this global marketplace is always on and modern electronic payments providers are nimble and utilize data to adapt to the changes in the marketplace and consumer demands very quickly. Banks and other legacy financial institutions are not able to compete at the same scale and with the same kind of convenience. However, banks have a place and role in this environment, but they will have to find the funds flows they can support and then move away from the funds flows they cannot support.


To continue to be relevant banks need to keep the following concepts in mind when trying to adapt to the changing payments landscape. Traditional corporate banking is not structured to handle the volume and types of electronic payments that have proliferated in the marketplace. As a result, banks and financial institutions need to be thoughtful in determining how to transition from a 5 day, 9-5 business/service model to a 24/7 business/service model and establish a compliance program to support the output of controls on a 24/7 process. In addition, existing compliance programs and processes have to incorporate new types and sources of data to improve compliance review and increase efficiency.


For example, the panel noted that at PayPal today, the improved data and improved availability of data simplifies their compliance program. Because of PayPal’s business model, the compliance team has access to data for both the sender and the receiver. As a result, PayPal’s compliance team can see data for both sides of each transaction.


The panel then discussed ISO20022 and the upcoming transition to this new global data standard. At its heart, ISO20022 is a financial standard and data repository. The goal of this effort is to begin to define a global standard across different platforms (SWIFT, Fedwire, etc.). A global data standard will also begin to improve transparency, by using data metatags to reduce unstructured data to structured data. Improved levels of structured data accompanying the transaction will enhance transaction monitoring using common data dictionaries across major financial services products. Since important deadlines are coming up in November of 2022, compliance programs should begin engaging this effort internally if they are not already.


The panel then provided an overview of the Travel Rule and noted that the Travel Rule is very closely intertwined with global payments transparency standards and is applicable in the US as part of the Bank Secrecy Act regulatory regime. Furthermore, at the heart of ISO20022 and Travel Rule is ensuring that banks and financial institutions know their customers and collect the required associated customer and transaction information. Since many respondent banks are sending freeform text where key data points can be truncated when passed between institutions because there is no enforced global standard, the improved global data standards implemented as part of ISO20022 will improve transaction monitoring and sanctions screening processes and programs.


The panel concluded its discussion by outlining the key diligence areas that bank and financial institutions should consider when considering partnering with overseas counterparties, including overseas counterparties who engage in significant volumes of cross border activity. As part of this discussion, the panel noted that is very important for banks and financial institutions to understand how counterparties are reviewing and risk rating their customers, as well as the breadth and sophistication of the counterparties compliance policies, programs, and controls.


After a brief questions and answer session, the panel then provided the following key takeaways:

  1. Digital payments are here to stay.

  2. Banks and financial institutions have to ensure they are maximizing and leveraging the availability and use of data to stay competitive and relevant in the electronic payments marketplace.

  3. ISO20022 is a significant global data improvement effort:

  4. November is a key date and SWIFT expects that banks will be compliant.

  5. If compliance teams are not already involving in preparing for ISO20022, they should engage as soon as possible with the appropriate internal teams.

  6. Compliance team should work with their internal technical team and data partners to understand their institutional data mapping and how the migration to ISO20022 will impact your systems.

  7. Compliance team should learn about ISO20022 if they have not done so already.




34 views