integrity in mobile financial services money... · integrity in mobile financial services afi, sbs...
Post on 08-Sep-2018
214 Views
Preview:
TRANSCRIPT
Integrity in Mobile Financial Services
AFI, SBS Peru and WB Forum, Lima Peru, May 12-13 2011
Pierre Laurent Chatain
Lead Financial Sector Specialist
(Financial Systems)
The World Bank
Wameek Noor
Consultant
(Financial Systems)
The World Bank
Najah Dannaoui
Consultant
(Financial Systems)
The World Bank
New Research
Anatomy of Current Mobile Money Business Models
New Outcomes in terms of Risk
Stocktaking of Regulatory Practices and Related Policy Guidance Currently Observed on these contentious topics
KYC/CDD
Agents Regulation
Reporting Obligations
Supervisory/Enforcement Responsibilities
Other Contentious Issues
2
UK, France, Russia, Kenya, Zambia, Malaysia, Philippines and Mexico
New Outcomes in terms of Risk
Our Risk Matrix is Still Valid (Anonymity, Elusiveness, Rapidity and Lack of Oversight)
Mobile Money less risky than cash
No new ML or TF risks found in Mobile Money (Cases of Consumer Fraud Observed)
Can be used strategically to lower national ML/TF risks by facilitating the move away from “higher risk” cash transactions to “lower risk” mobile money transactions
Smart Risk Mitigation Practices Utilized by M-Money Providers and Regulators
3
Risks Associated to M-FS
From RegulatorsIT security
consumer protection
AML/CFT
From Industry
Too much regulation
kills the business
From Policymaker Financial inclusion
impeded
4
Mobile Money Less Risky Than Cash
5
No ML or TF risks found in Mobile Money
but Cases of Consumer Fraud Observed
Philippines Experience
Case 1: Using Multiple SIM Cards but through one
Phone
Case 2: Many Transactions to One
6
Case 17
Transferred the
corresponding
amount to a
mobile phone
Amount transferred to a mobile phone through G-Cash
Transferred
the
corresponding
amount to a
mobile phone
Transferred
the
corresponding
amount to a
mobile phone Mr. E went to
G-Cash
business center
Mr. E
Mr. E’s mobile
account
Iphone was never received by
Mr. A
Mr E. cashed out
victim’s money using his mobile phone
Mr. D’s mobile
account
Mr. C’s mobile
account
Mr. B
Mr. A
ordered an Iphone from Mr. B through Ebay
Case 28
Money collected through G-Cash
remittances
the promised deployment
abroad never materialized
Mr. A & Mr. B
Advertised fake overseas employment offers as caregivers and nurses
VICTIMS
Sent between $65 and $975 for training and processing fees
Innovative Risk Mitigation Practices
Utilized by M-Money Providers
Smaller payments (size of transactions and volume of payments) – including capping. Smurfing is a risk but can lead to easier detection
Limitations of cross-border operations and operations in foreign currencies
Geographical restrictions
Limitation to one account for one cellular phone.
Irrespective of business model, sophisticated internal control/detection systems
9
Observed Control Measures
Type of Risk Possible ML/TF Risks Key Control Measures
Anonymity
Off-the-branch or non-face-to-face
customer origination
Innovative KYC and identity verification procedures
MTN Banking – SA
Wizzit - SA
Unauthorized use of mobile phones for
financial transactions
Advanced identification mechanisms
• Bradesco – Brazil
• Korea
Elusiveness
Use of mobile phone at the layering stage
of the ML process
Use of multiple m-FS accounts
Limits on transactions
• Korea FSS
Customer profiling
• Brazil
Reporting
• Macau SAR China
Monitoring
•Korea
•Malaysia
Cross-border mobile-to-mobile
remittances
In-field service risk assessment
• Hong Kong FIU
Identification of sender
• Maxis – Malaysia
10
Observed Control Measures (cont’d)
Type of
Risk Possible ML/TF Risks Key Control Measures
Rapidity
Lack of capacity to monitor/freeze
real-time messaging and
settlement
Integrated system of internal controls
• Itau – Brazil
• Philippines
Managing risk of 3rd party service providers
• Wizzit – South Africa
External
Legal
issue:
Poor
oversight
Oversight loopholes for providers Guidelines on m-FS and risk management
• Philippines, Korea
Lack of regulation, supervision of
new providers
M-FS Shell companies
Regulator-provider collaboration (Philippines, Malaysia)
New e-finance laws and guidelines to m-FS providers
(Korea)
Clear licensing of non-bank m-FS (Malaysia, Korea)
IT & AML supervision capacity (Philippines)
AML/CFT training (South Africa)
11
KYC/CDD
HOW TO UNDERSTAND AND INTERPRET THE FATF CDD/KYC STANDARDS:
Under Rec. 5, customer should be identified and his identity verified
FATF allows reduced CDD/KYC measures (not full exemption of CDD/KYC) in circumstances when low risk can be PROVEN
A Risk Assessment can be used to prove cases of low risk, which would merit reduced CDD/KYC measures
Full exemption of CDD/KYC for certain financial activities (not specific financial transactions) is only permitted if:
(I) policymakers are able to prove that the risk is low i.e. they can demonstrate that specific and unique circumstances around the activity generate a low level of ML or TF risk and,
(ii) that they are able to provide evidence in that respect
12
KYC/CDD (cont’d)
THE CURRENT CHALLENGE:
Customers do not have the relevant identification and/or verification documents required
Flexibility accorded to KYC/CDD standards not always understood, leading to potentially overly restrictive AML/CFT regulations
Countries have not tailored AML/CFT standards to the appropriate level of risk given low value and/or low risk transactions
Policymakers feel lack of clarity/guidance on KYC/CDDfrom FATF, leading to misinterpretation of the standards
13
Document requirements in developing countries are more stringent than in developed countries
Source: Financial Access Database
Percentage of countries that require certain criteria to open an account
14
KYC/CDD (cont’d)
OUR PROPOSED SOLUTIONS:
1. Expanding list of acceptable IDs or Permit the use of alternative IDs (that not necessarily bear a picture)
2. Exempting the verification phase (verification vs. identification)
3. Implementing progressive KYC approach : countries could envisage a tiered customer identification program, in terms of which a customer that can only provide minimal verification is restricted to basic services and can access higher levels of services after more comprehensive verification
15
KYC/CDD (cont’d)16
Gradual KYC scheme adopted by Moneybookers LTD, an internet payment provider in the UK
Source: Word Bank
Agents
THE CURRENT CHALLENGE:
Different approaches in ways AML/CFT regulations implemented in regard to agent regulation
Uncertainty about agent AML obligations, including their Licensing and Regulation, Scope of their AML duties, Supervision and Internal Procedures
Do agents needs to be regulated? Do they need to comply with AML/CFT and if so to what extent and how?
17
Agents (cont’d)
OUR PROPOSED SOLUTIONS:
Agents (Retailers) should not be regulated
Under FATF standards, they are not required to be license or registered
They are not the account providers
They are not the “outsourcee” of the MNO in the sense of FATF Interpretation
They act on behalf of the Account Provider
Impossible to regulate and supervise thousands of agents (retailers) on a practical level
Principle monitors all regulation and supervision of agents
18
Agents (cont’d)
OUR PROPOSED SOLUTIONS (cont’d):
Agents should be covered by certain AML/CFTobligations
Perform some AML/CFT checks including KYC on the customer
Record keeping
STRs to the Account Provider
Duties should be specified between the agency agreement of the AP and the Agent
19
Agents (cont’d)
OUR PROPOSED SOLUTIONS (cont’d):
Ultimate Legal Liability
Ultimate Legal Liability lies on the AP
KYA (Know Your Agent)
Principal (Account Provider) held accountable for AML/CFTcompliance of agents, including determining extent and scope of CDD/KYC requirements between AP and Agents
Should perform KYC/CDD on agents prior to recruitment, fit and proper tests and ongoing monitoring and scrutiny (including on-site visits)
20
Agents (cont’d)
Example of Countries where Providers Assume Liability for Agents
In the Philippines, the e-money circular explicitly states that it is the responsibility of the institutions to ensure that their agents comply with all AML laws, rules and regulations. Section 4 (e) states the following: “it is the responsibility of the electronic money issuers to ensure that their distributors/e-money agents comply with all applicable requirements of the Anti-Money Laundering laws, rules and regulations.”
Similar Situation found in Brazil, Colombia, Brazi and Peru.
Exception currently only is Kenya, where the provider does not assume liability for its agents legally
21
Reporting Obligations
FATF Standards
Financial Institutions are required to report suspicious activity to the FIU
The Current Challenge
Since Mobile Money involves multiple entities such as agents/retailers, there is uncertainty in terms of who should bear the final reporting responsibilities to the FIU
Uncertainty in terms of scope and nature of information to be reported in the particular context of mobile money, including consumer communications data and need to respect consumer data privacy issues
Our Proposed Solutions
Agents should report suspicions to the AP
AP should be responsible for reporting STRs to national authorities as they are the principal manager (and should be legally held responsible) for account records and transactions
22
Supervisory/Enforcement Responsibilities
FATF Standards
R. 29: supervisors should have adequate powers to monitor and ensure compliance by financial institutions with requirements to combat ML/TF including the authority to conduct inspection
The Current Challenge
Mobile Banking is a new category of financial activity involving new types of players not familiar to supervisory agencies
Confusion about who is the primary supervisor for MNOs
Possible conflict between Agencies that hold supervisory responsibilities (Central Bank, Communications Commission and FIU)
Complexity of supervision for cross-border transactions and cross-border mobile remittances
23
Supervisory/Enforcement Responsibilities
(cont’d)
Country Practices
Many countries have chosen the Central Bank to be primary supervisory authority for mobile money
Our Proposed Solutions
There is more pros in favor of entrusting the Central Bank with responsibilities to regulate and supervise mobile money services
Cons include: scarce human resources, limited budget, prudential arbitrage and
24
Supervisory/Enforcement Responsibilities
(cont’d)
Whoever is the primary supervisor:
Supervisors need to be entrusted with the same
responsibilities and allowed to carry the same tasks
as for any type of financial institution
Supervisors should be allowed to conduct onsite
visits including telecom companies
Supervisors should also have access to personally
identifiable information that includes name, copy of
IDs, and other related documents, M-Money account
balance and correspondence
25
World Bank Policy Recommendations
for National Authorities:
Balance compliance burden with actual risks Low risk low value products (accounts, payment and remittance
services)
Adopt risk-based and tiered approaches to regulation / supervision
Foster public / private dialogue to ensure practicality, proportionality of regulation / supervision
Clarify some thorny issues in relation to Agents, Supervision, STRsobligations, consumer protection
Promote formal financial services by reducing the “comparative advantage” of informal / unregulated providers Simplified identification requirements – including on verification
Creativity in and tailoring of CDD requirements (types of identifiers for instance)
26
World Bank Policy Recommendations
for The Industries
Industry to engage in dialogue with national authorities to
shape policy and regulations
Establish clear contractual arrangements between mobile
providers and their retailers that clearly delineate breakdown
of AML duties
Provide ongoing training to their staff as well as their retailers
Establish effective internal control mechanisms to trace
suspicious activities through mobile money channels
27
Thank you
Pierre-Laurent Chatain
pchatain@worldbank.org
Wameek Noor
snoor@worldbank.org
Najah Dannaoui
ndannaoui@worldbank.org
28
top related