Revolut's compliance predicament is a speeding warning to other fintechs
Revolut has caught the attention of U.K. regulators over money laundering compliance, a predicament that sheds light on issues faced by the entire digital financial services industry.
At issue is whether the speed and invisibility of a digital payment creates too much opportunity for risk in consumer and corporate transactions.
Companies such as Revolut often position themselves as faster, more savvy alternatives to incumbent brick-and-mortar financial institutions, but there’s also a counterargument that building bank services on top of mobile transfer apps poses a distinct danger that threatens the model.
The U.K.’s Financial Conduct Authority is looking into Revolut’s compliance controls, following a story in the U.K.’s Telegraph that reported Revolut turned off its AML monitoring system because it generated false positives. The Telegraph story said the system was off between July and September 2018, during which illegal transactions could have passed through its platform. Revolut also did not contact the FCA to inform it of the lapse, according to the Telegraph.
Revolut did not return a request for comment. The company posted a statement from CEO Nik Storonsky denying the AML problem, saying it reverted to an older sanctions screening system because a newer system were not calibrated to its standards—and resulted in too many false positives. This did not create a failure to meet legal or regulatory requirements, Storonsky said in his statement. Storonsky also said the resignation of CFO Peter O’Higgins was not related to the AML issue, which has been reported in the media.
“The problem at Revolut is indicative of tension in many putatively disruptive fintechs’ business models,” said Eric Grover, a principal at Intrepid Ventures. “[It’s] seeking to be some combination of less costly, faster and more convenient than the incumbents they’re challenging, and they’re pursuing high growth. There can be trade-offs. Some of the cost reduction and speed may come at the expense of robust anti-money-laundering.”
“The digitalization of financial services presents new, unique and different challenges,” said Tony Kaus, a senior analyst on the retail banking and payments team at Aite. “With digitalization comes new types of data to be monitored.”
U.K. banks are also concerned that the push to enable faster payments is robbing them of the time necessary to vet high-risk transactions under the latest version of the Payments Systems Regulations.
The growth of blockchain and the cloud have birthed an entire market of fintechs that promise to move a higher volume of smaller transactions between countries, becoming an alternative to the traditional bank-powered system in which mostly larger corporates moved large, less frequent transactions through intermediaries such as correspondent banks.
P2P apps can’t afford to operate at a slow pace, or at a high expense, so the risk and currency issues have to be managed faster. And the mix of payment types, including P2P, crypto and real-time disbursements for online marketplaces, micromerchants and the sharing economy heightens the risk.
“This business by most standards is considered high risk,” Kaus said, adding that the U.S. and Asian markets that Revolut plans to expand in all have tough AML rules for financial services.
And as these companies increasingly seek to add banking services beyond simple transfers, extra compliance risk is added, according to Kaus, because of the need to engage with banks for parts of the transactions.
“At the end of the day, it’s about moving money so there has to be a bank involved,” Kaus said. “And whatever bank [the fintech] is using will have to be satisfied with the fintech’s AML.”
There’s also a business issue. The increased fraud risk has led banks to establish fraud detection criteria that create more false positives for manual review, said Tim Sloane, vice president of payments innovation and director of the emerging technologies advisory service at Mercator.
“Recently many suppliers have started to use two competing machine learning models to evaluate each transaction," Sloane said. "One model is used to detect fraud while the other is dedicated to recognizing customer transactions that are safe. The safe model can significantly reduce the number of transactions that need to go to manual review.”