In a recent post by Fenergo, the company outlined how a recent report by the EBA is changing payments in the European Union.
The EBA recently released a report suggesting the EU payments sector has been deficient in identifying and mitigating money laundering and terrorist financing (ML/TF) risks.
This alarming revelation comes in light of the significant ML/TF risks inherent to the payments sector and ineffective anti-money laundering and countering the financing of terrorism (AML/CFT) controls.
The EBA’s concerns were made public on the 16th of June 2023, as part of its 2022 risk assessment of EU payment institutions. The results showcase growing apprehensions about the sector’s regulatory compliance and the potential threats posed to the EU’s financial ecosystem. These include payments institutions with feeble AML/CFT controls establishing themselves in member states with lax supervision and operating across the EU.
However, the report not only criticises payments institutions and supervisory authorities but also provides crucial insights into the EU’s payments landscape. This information is relevant to any financial institution (FI) with operations involved with the payments system.
The outcomes of this risk assessment will contribute to the EBA’s bi-annual ML/TF risk assessment exercise. It will also help conduct a more comprehensive evaluation of emerging ML/TF risks such as virtual IBANs and white labelling.
According to the European Commission’s 2022 supranational risk assessment, the payments sector seems to be most vulnerable due to weaknesses in AML/CFT systems and controls. The EBA’s report affirms this observation, noting that payments institutions are frequently associated with higher ML/TF risks.
To effectively tackle financial crime risks, it’s crucial for payments service providers (PSPs) to thoroughly understand their customer and transaction data. However, the EBA reports indicate these firms do not adequately comprehend their risk exposure due to insufficient knowledge of their customers’ KYC data and ineffective application of this data to risk assessments.
Fragmented data is a common issue among financial institutions, resulting in data siloes that impact overall anti-financial crime efforts. It’s critical that PSPs prioritise the digitalisation of key compliance workflows and adopt a risk-based approach, considering the high risk exposure of the sector.
The EBA’s risk assessment suggests that the payment institutions sector’s implementation of AML/CFT measures is less robust than that of the banking sector. Most breaches in the sector relate to ongoing monitoring, internal controls, policies and procedures, customer identification and verification of ID, and risk assessment at both customer and business-wide levels.
To ensure more effective compliance, PSPs need to adopt a community-based, risk-based approach for an appropriate template of pre- and ongoing risk assessment of their policies and procedures. This approach will help mitigate human error and accurately determine the risk of entities being onboarded, remotely or otherwise.
Source: Fintech Global