Innovation in financial technology has done wonders in propelling the industry forward in efficiency and digitalisation, but on the other hand, it has also made the opportunity for the likes of money laundering and terrorist financing that much more rife.
With great new developments often comes an array of brand new and unforeseen loopholes – and it’s all about patching those holes up as quickly and thoroughly as possible so that organisations and their customers remain complaint and protected. There is no doubt that emerging technologies and regulations can potentially put us all at greater risk without proper knowledge and management.
Previously in a podcast episode of The RegTech Report, Karl and Stefan discussed Innovation vs Compliance - two terms that seem like opposing forces, but when it comes to emerging technologies such as the RegTech, FinTech and SupTech industries, the two are often performed in unison.
When looking at developments especially within the FinTech sector, there is a great push to innovate, but there is incredible pressure from regulators to comply with the increasing number of regulations and ensure the security of their data, assets, and that of their customers. The RegTech industry, with its various niche and specialised markets aims to assist financial institutions to become more resilient in exactly that, as it is an industry that engages in both rapid innovation and stringent compliance. The risks facing these institutions can span anywhere from preventing systemic risk across the industry, fighting terrorist financing to consumer protection.
PSD2'S newly enforced SCA
The most recent update in the banking sector revolves around the second Payment Services Directive (PSD2) which was passed by The Council of the European Union and enforced in August 2019. The updated regulations require the payment service provider (PSP) to apply Strong Customer Authentication (SCA) for electronic transactions initiated by the consumer, ensuring institutions comply with know-your-customer (KYC) and anti-money-laundering (AML) regulations and protect itself from false identities. Thus, making way for niche KYC RegTech firms, specialising in customer verification and transaction monitoring to step in and assist. The main purpose of introducing SCA as part of PSD2 is to protect consumers and to reduce fraudulent activities as online transactions are designed to be more secure than ever.
Consequences for E-money
The latest update in PSD2 is a prime example of why innovation and compliance may not always come together hand in hand. While PSD2 explicitly foresees use cases for anonymous low-value prepaid products and provides for a specific regime to cover their specific setup, the RTS (Regulatory Technical Standards) on SCA have listed these products as an exemption. The conflicting regulations and non-compliance with SCA may create an area of concern in industries where e-money electronic payment transactions are prominent. A great example would be the prepaid industry, especially with its anonymous nature and no-pin-usage, SCA cannot be enforced and supported. In this case, it unintentionally creates security loopholes which goes against Anti Money Laundering (AML).
Looking ahead, it will be interesting to watch as innovation and compliance rise (and battle it out) together. For another personal view, listen to The RegTech Report for a more in-depth discussion with Karl and Stefan.
Contact our sales team at firstname.lastname@example.org to learn how Alyne can help your PSD2 initiative.