Technology

Mobile Payment Providers & Regulators

Best practices to prevent AML/CTF risks.

July 19, 2011
KEYWORDS payment , risks
/ PRINT / ShareShare / Text Size +

Regulatory framework and legislations

Unfortunately, many of the world’s countries have no regulatory framework to fight money laundering or terrorist financing through mobile money/payment services.

Not considering a mobile payment provider as reporting entity is another big concern. Based on the Methodology of Assessing Compliance with FATF 40 and 9 Special Recommendations, FATF defined the financial institution as “any person or entity who conducts as a business one or more of the activities…”

These activities include acceptance of deposits and other payable funds from public, the transfer of money or value, and issuing and managing means of payment. The definition also applies to mobile payment providers, which acts as a nontraditional financial institution.

Accordingly, it should be considered as a reporting entity and subject to any AML law, act, or decree. This is what most governmental officials are not aware of.

For example, in some Middle Eastern countries, mobile payment providers aren’t permitted or encouraged to send suspicious activity reports to local authorities. They route them to a local bank with a business relationship so the bank can conduct extra due diligence then report it to the government.

Compliance program

Like any other reporting entity, mobile payment providers should be more confident in building up a healthy compliance program that underscores its compliance with local regulations and international standards. This requires:

• Designation of a compliance officer. Compliance is a brand-new term in mobile payment providers’ organizational culture. Designating a compliance officer within the company is a first step.

Qualified compliance specialists will be the cornerstone in implementing the required compliance program and following pertinent regulations.

• Policies and procedures. What would mobile operators do when regulators ask for documentation? Predefined internal policies and procedures should cover all daily operations among all related departments in mobile payment providers.

Such policies should include account-opening and closing policies, customer due-diligence procedures, and recordkeeping requirements. These may include clear preventive measures such as transaction rejections and limits in certain conditions.

• Training. A major challenge for the compliance officers is to provide proper training to all employees and related parties.

Design training materials according to the particular audience. For example, train front-line staff on the basics of money laundering red-flags in mobile payment services. Compliance officers and AML investigators are more interested in advanced and complex international money laundering typologies and regulations.

• Independent auditing. This is an effective tool to measure the success or failure of the compliance program. it will make sure previously detected deficiencies were corrected.

Due to the new threat of money laundering in the mobile payment industry and the increased number of mobile payment subscribers, mobile payment providers should implement an automated transactions monitoring solution that will detect unusual customer activity based on specified red-flags.

Mobile payment providers typically have excellent information technologies implemented already. This will pave the path for an easy deployment of a transaction monitoring and reporting system.

An effective system would be able to analyze transactions according to predefined scenarios that will enable the operators to block or close accounts when abnormal transaction patterns are detected.

Transaction monitoring systems should include:

  • Customer names screening and checking against local and international lists;
  • Behavioral analysis for accounts and subscribers to detect unusual transactions based on precise scenario management;
  • Detection management and related analysis tools that present any hidden relationships between subscribers and accounts;
  • False-positive and fine-tuning management;
  • Self-steering workflows that best fit the organization’s hierarchy module;
  • Extensive case management;
  • A risk-based approach, where all applicable risk factors will be calculated for a proper risk weighting; and
  • Regulatory and managerial reporting.

Like any other industry, mobile payments present specific risks, and regulators are unfamiliar with AML/CTF risks arising from these new services and products.

It would be a great starting point for mobile payment providers to assess the risks associated with each kind of services/products offered to the subscriber in comparison with the major four risk factors (anonymity, rapidity, elusiveness, and poor oversight).

The Mutual Evaluation Report by FATF is considering the assessment of mobile payment regulations. This makes it imperative for countries to move forward with their legislations to be harmonized with international standards and, consequently, be accountable for supervising the implementation of these regulations.

Building up a proper regulatory regime compliant with the international standards remains a big challenge for regulators and mobile payment providers due to lack of knowledge of compliance, anti-money laundering, risk management, and mitigation factors.

This is especially the case for people who are oriented towards mobile network operations only, and are new to this area of expertise.

Mohammad Noor Zraiqat is product manager, compliance solutions, for EastNets.

Post a comment to this story

heroes

What's Popular

Popular Stories

Recent Discussion

Great article! Unfortunately, most employees don’t feel valued or appreciated by their supervisors or employers. In fact, research has shown that the predominant reason team members quit their jobs is because they don’t feel valued. This is in spite of the fact that employee recognition programs have proliferated in the workplace – over 90% of all organizations in the U.S. has some form of employee recognition activities in place. But most employee recognition programs are viewed with skepticism and cynicism – because they aren’t viewed as being genuine in their communication of appreciation. Getting the “employee of the month” award, receiving a certificate of recognition, or a “Way to go, team!” email just don’t get the job done. How do you communicate authentic appreciation? We have found people have different ways that they want to be shown appreciation, and if you don’t communicate in the language of appreciation important to them, you essentially “miss the mark”. Additionally, employees need to receive recognition more than once a year at their performance review. Otherwise, they view the praise as “going through the motions”. A third component of authentic appreciation is that the communication has to be about them personally – not the department, not their group, but something they did. Finally, they have to believe that you mean what you say. How you treat them has to match the words you use. If you are not sure how your team members want to be shown appreciation, the Motivating By Appreciation Inventory (www.appreciationatwork.com/assess) will identify the language of appreciation and specific actions preferred by each employee. You then can create a group profile for your team, so everyone knows how to encourage one another. Remember, employees want to know that they are valued for what they contribute to the success of the organization. And communicating authentic appreciation in the ways they desire it can make the difference between keeping your quality team members or having a negative work environment that everyone wants to leave. Paul White, Ph.D., is the co-author of The 5 Languages of Appreciation in the Workplace with Dr. Gary Chapman.

Your Say: Who should be Credit Union Magazine's 2014 CU Hero of the Year?

View Results Poll Archive