fintech conference presentation
TRANSCRIPT
FinTech
Trends, Opportunities
and Risks in the Age of
Digitization
Alex Rozman
Deloitte Advisory
July 31, 2015
Confidential
2 Copyright © 2015 Deloitte Development LLC. All rights reserved.
Presenter
As used in this document, “Deloitte Advisory” means Deloitte & Touche LLP, which provides audit and enterprise risk services; Deloitte Financial Advisory Services LLP, which provides forensic, dispute, and
other consulting services; and its affiliate, Deloitte Transactions and Business Analytics LLP, which provides a wide range of advisory and analytics services. Deloitte Transactions and Business Analytics LLP
is not a certified public accounting firm. These entities are separate subsidiaries of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its
subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.
Alex Rozman
Deloitte Advisory
Alex Rozman is a Senior Manager at Deloitte Advisory specializing in FinTech and
anti-money laundering compliance in the emerging payments industry. Prior to
joining Deloitte, Mr. Rozman worked as a Managing Partner for a litigation boutique
law firm, served as a Director for a consulting company, and served as a General
Counsel and Chief Compliance Officer for a forex broker-dealer. He is a frequent
speaker on emerging payments and cryptocurrency issues and has served as an
advisor to the senior management and boards of directors of technology and
financial services institutions. He holds a JD degree from Chicago-Kent College of
Law and a double BA from the University of Illinois at Champaign-Urbana.
3 Copyright © 2015 Deloitte Development LLC. All rights reserved.
In this age of digitization, financial services are in
an era of exponential change.
Pioneering FinTech startups are transforming
traditional banking services.
Banks will need to adapt or reinvent their core
business models to stay competitive.
Fintech payments products are posing new
consumer protection issues such as fraud and
personal data security risks as well as money
laundering and terrorist financing risks prompting a
heightened focus on regulation.
Introduction
6
Evolution of the Bookstore: 2003
8 C O N F I D E N T I A L | J U L Y 2 0 1 5
Computing Performance is Improving Exponentially
Source: Graphic: Deloitte University Press
Dropping cost is driving rapid Digitization
9 C O N F I D E N T I A L | J U L Y 2 0 1 5
As Digitization Spreads, Disruption is Happening Faster
0
2
4
6
8
10
12
14
16
18
20
TypicalFortune
500
Google(1998)
Facebook(2004)
Tesla(2003)
Uber(2009)
WhatsApp(2009)
Snapchat(2011)
Oculus Rift(2012)
Source: Ismail, Salim, Exponential Organizations: Why new organizations are ten types better, faster, and cheaper than yours
Characteristics of exponential organizations… 1. ACCESS RESOURCES
THEY DON’T OWN 2. INFORMATION IS THEIR
GREATEST ASSET
Tim
e to
$1
B M
arke
t C
ap (
Year
s)
10 C O N F I D E N T I A L | J U L Y 2 0 1 5
We Don’t Always See Disruption Until It’s Too Late
Time (Years)
Pa
ce
of In
no
va
tio
n
Exponential Technology surges past status quo
Today
Where Exponential
Technology is now
Exponential Business
Innovation
Source: Graphic: Deloitte University Press
11 C O N F I D E N T I A L | J U L Y 2 0 1 5 11
What Happens When Disruption Goes Mainstream?
“What happens when we have an UBER moment in Banking – when tech companies do to banks what UBER has done for taxis: destroying their business before governments get around to regulating them” Mark Carney, Governor of the Bank of England
13 Copyright © 2015 Deloitte Development LLC. All rights reserved.
What is FinTech?
New Definition
Recently the term has started to
be used for broader applications of
technology to include:
Front end consumer products
New paradigms such as
Bitcoin and shared ledgers
FinTech is shorthand for
‘innovation in financial services’
new products from new tech
startups
new approaches by existing
players where technology is the
key component
Traditional Definition
A contraction of the words ‘Financial’
and ‘Technology’
Ubiquitous term for any technology
applied to financial services
Technology that was primarily sold to the
financial services sector working for the
back office functions
The definition of the term “Fintech” has evolved over time.
14 C O N F I D E N T I A L | J U L Y 2 0 1 5 14
FinTech is “Hot” and Emerging as 21st Century Finance
Ideas Changing the Financial Services Landscape
Products & Services
Tools and services for financial institutions ranging from alternative trading systems to BPO, financial modeling and analysis software, data analytics and machine learning
Cyber, compliance, and identity and transaction verification platforms and services
Products & Services (e.g., Data Analytics, Cloud
Computing)
Risk & Security
Peer-to-peer lending , captive lending, crowdfunding, underwriter, and landing platforms Lending
Payment processing, billing, and money transfer/ remittance platforms serving B2B and B2C customers
Payments
Potential monetary medium of exchange that requires less processing time and lower fees for online transactions
Digital Currency
Wealth Management Companies that help manage individuals manage their personal bills, accounts and/or credit as well as manage their personal assets and investments
There are immediate and long term implications on the syntax of financial institutions due to FinTech.
15 C O N F I D E N T I A L | J U L Y 2 0 1 5 15
Early Disruptors are Just the Start
Financial Services
Banking (Personal) Banking
• Checking accounts Debit cards ATMs
Savings accounts ForEX CDs
• Lending/Credit Loans
Mortgages/Home equity loans
Student loans Payday Other
Credit cards Investing and Wealth Management
Financial planning/advice Investment instruments:
annuities, bonds, IRAs, mutual funds, securities, backed lending, etc.
Other Brick and mortar Online/mobile/tablet banking
Banking (Business) Banking
• Checking accounts • Cash management
Payroll Merchant services ForEX
• Lending/Credit Credit cards Line of credit
Letters of credit Loans
Installments Commercial mortgages
Working capital loans
Capital Markets Investment Banking Sales and Trading Alternate Investments
Insurance Life and Annuity Property and Casualty Specialty
Telematics
Big Data and Machine Learning
Sharing Economy
E-aggregators
Advanced Analytics
Cloud Computing
Equity Crowdfunding
Digital Currency
Online Banking
High Net Worth Wealth Management
Managed portfolios Private equity markets Secondary transactions
Point Of Sale (Credit Cards)
P2P Lending
16 Copyright © 2015 Deloitte Development LLC. All rights reserved.
FinTech Key Themes
Democratization: Leveling the playing field
Disintermediation of Traditional Business Models: New
platforms and technologies changing delivery
Customer Experience: Providing customers with intuitive, mobile-first,
personalized financial offerings
• Simplification
• Transparency
• Analytics
17 Copyright © 2015 Deloitte Development LLC. All rights reserved.
FinTech Future: A Technology Revolution
Internet
Revolution
1990’s
Smartphone
Evolution
2000’s
Blockchain and
Non Traditional
Banking
Products
Emergence
Today
Desktop Computing Mobile Computing Cloud Computing / SaaS
E-Commerce App Economy Blockchain & Shared Ledger
Online Banking P2P Payments Real time payments
Trends
“Eventually mainstream products, companies and industries emerge to commercialize it; its effects become profound;
and later, many people wonder why its powerful promise wasn’t more obvious from the start. What technology am I
talking about? Personal computers in 1975, the Internet in 1993, and – I believe – Bitcoin in 2014.”
Marc Andreessen, Andreessen Horowitz
18 C O N F I D E N T I A L | J U L Y 2 0 1 5 18
Global FinTech Investment Grew 170% in 2014 to
$12B, with 80% in the US “Silicon Valley is coming. There are hundreds of startups with a lot of brains and money working on various alternatives to traditional banking.”
- Jamie Dimon, JPMorgan Chase CEO
“We have a chance to rebuild the system. Financial transactions are just numbers; it’s just information. You shouldn’t need 100,000 people and prime Manhattan real estate ”
- Marc Andreesen, Tech Entrepreneur
“Boardroom conversations at the largest banks and financial institutions are no longer focused only on how they can beat each other; they are increasingly concerned about nontraditional competitors—Paypal, Venmo, Square ” - Stanford Social Innovation Review
Advances in innovative technologies and need for alternative lending for the private sector and individuals are allowing emergence of range of services.
Source: Graphic: Deloitte University Press
19 Copyright © 2015 Deloitte Development LLC. All rights reserved.
Case Study: Goldman Sachs Making Bets on FinTech
FinTech companies have long been financed by venture capital firms, but Wall
Street banks are also starting to place their bets on the future of FinTech
Payments
Investments into Square (including in its
latest $150M round at a $6B valuation),
Payments security firm Bluefin Payments
Payments platform Revolution Money,
acquired by American Express in 2010
Co-led a $25M Series C deal to bill
presentment and payment startup Billtrust in
April.
Bitcoin / Blockchain
Lead investor in bitcoin payments startup
Circle Internet Financial (latest $50M
financing)
Goldman deal is the first investment by
a bulge bracket bank in a blockchain or
digital currency startup
Big Data (deals including)
Deals including social media data analysis
firm Dataminr, valued at $700M
Financial data engineering startup Kensho
Technologies
Predictive data analytics firm Context
Relevant
“big data analytics can be the next wave of
global services and… the market has
tremendous growth potential.”
-Ankur Sahu, co-head of
private equity at
Goldman Sachs in Asia
Source: https://www.cbinsights.com/blog/goldman-sachs-fin-tech-startups
20 Copy right © 2014 Deloitte Dev elopment LLC. All rights reserv ed.
Wearable Technologies Augmented reality personalizes product information and
offers
Enables instantaneous, “see-and-buy” impulse purchases
Frictionless, hands-free payments, free of plastic,
smartphones or credentials
Secure, bio-authenticated transactions
Internet of Things
Physical objects become active participants in business
processes and conduct transactions
High-speed, automated machine-to- machine (M2M)
payments and settlement
Payments integrated in telematics (congestion pricing,
parking, in-car entertainment), appliances (energy
pricing, automated grocery shopping) and every day
objects
FinTech Innovation Expanding Payments Ecosystem
21 Copyright © 2015 Deloitte Development LLC. All rights reserved.
Current Marketplace Examples
FX Trading Desks Becoming
Automated
• UBS has been ordered by
regulators to automate 95% of its
FX trading as a result of currency
manipulation
• Barclays has automated 90% of its
FX trading
Automating Manual Processes
• Nasdaq is experimenting with
blockchain technology in the
Nasdaq Private Market by
automating informal recordkeeping
previously done by lawyers to verify
transactions by hand
22 C O N F I D E N T I A L | J U L Y 2 0 1 5
Major players are engaging the Fintech ecosystem
via “Labs” and “Accelerators” with mixed results
TECHNOLOGY CAPABILITIES
UBS developed a physical space in their offices that promotes innovative thinking
JP Morgan Chase Financial Services Lab is an internal space dedicated to finding financial management solutions
Deutsche Bank developed a Joint Innovation lab with IBM and Microsoft, focused on internally innovating
Barclays partnership with TechStars to provide funding and mentoring to select FinTech startups
Citi co-sponsoring a “Mobile Challenge” with IBM for FinTech startups to build, test and deploy their solutions
Santander and HSBC created funds for direct investment into startups in the FinTech space
ING built Customer Experience Center dedicated to testing, collaborating, and innovating
BBVA created Innovation centers to drive digital transformation in the industry and foster innovation
Charles Schwab Intelligent Portfolios is a no-fee virtual investment platform invests consumer money without the middle man by obtaining their preferences and managing their money using a proprietary algorithm
Citi Private Bank In View provides clients a comprehensive snapshot of their wealth on all mobile devices, giving bankers and clients extensive amounts of data at their fingertips.
Goldman Sachs and Societe Generale are reportedly planning to purchase P2P loan invoices and repackage them into high yielding assets to create a new offering for their clients
UBS “Idea exchange” allows all employees to submit and vote on internal innovation ideas
JP Morgan Chase QuickPay lets you send, receive or request money using your smartphone, tablet or computer...all you need is the recipient's email address or mobile number.
Results are mixed!
Source: Graphic: Deloitte University Press
24 Copyright © 2015 Deloitte Development LLC. All rights reserved.
A decentralized cryptocurrency is a digital currency in which encryption
techniques are used to regulate the generation of units of currency and
verify the transfer of funds, operating independently of a central bank.
What are Decentralized Cryptocurrencies?
Bitcoin and other cryptocurrencies
are both a network (based on the
Blockchain) and a unit of value
(digital currency). They can be
converted into fiat currencies,
enabling peer-to-peer (P2P)
payment networks reducing the use
of third-parties / intermediaries.
25 C O N F I D E N T I A L | J U L Y 2 0 1 5
Blockchain Could Disintermediate Traditional
Financial Services
Source: Graphic: Deloitte University Press
26
Why is the Blockchain Protocol Interesting?
Technology
Factors Definition
Protocol
An open set of standards that affords global interoperability; A peer to peer network
that uses cryptographic protocol, where messages are digitally signed and time
stamped and broadcast on the network
Interoperability allows anyone to pay anyone globally
Network
A distributed network that is self - regulating; the network timestamps transactions by
including them in blocks of transactions. Any one block cannot be modified without
changing all the blocks since the modification
Self – Regulating prevents double spending
Blockchain/
Shared Ledger
Globally distributed public ledger allows public record keeping of all transactions; all
confirmed transactions are included in the block chain and time stamped
Public Record Keeping does not require trust / dependence in a central authority
Universal Value
Transfer System
Ability to make payments across borders independent of fiat currencies.
Independent of fiat currencies - avoid exchange rate volatilities
27
The combined market capitalization of the top ten most popular
virtual currencies is currently eclipsed by the total value of
physical US currency in circulation2
What is the VC Market Size?
Physical US
Currency
$1.29 Trillion
Top Five Virtual Currencies
$4.45 Billion
Cryptocurrency Market cap (as of 7/21/15)1
Bitcoin $4,004,791,068
Ripple $246,291,261
Litecoin $156,490,278
Dash $20,325,704
Dogecoin $17,000,462
1 http://coinmarketcap.com 2 http://www.federalreserve.gov/paymentsystems/coin_currcircvalue.htm
28
State of Decentralized Cryptocurrency: 2015 Outlook Virtual currencies continue to grow in prominence, with increasing consumer, merchant, and venture capital interest while
traditional financial institutions continue to evaluate the pros and cons.
Increased
Bitcoin
Adoption
Continued
Venture Capital
Investment
Integration with
Traditional
Capital Markets
Regulatory
Landscape
Maturity
Emergence of
the Blockchain
and Shared
Ledgers
Usage of Bitcoin by both consumers
and merchants is increasing at a
steady rate, with an estimated 12mm
Bitcoin wallets by the end of 2015.
Venture capital firms are being joined
by mainstream institutional investors
as investment in the virtual currency
space grows at a rapid pace
Bitcoin and other virtual currencies may
continue to be integrated into traditional
capital markets, with SEC-regulated
exchanges, CFTC-approved derivatives
and OTC financial products
Initial impressions from a majority of
the regulatory authorities in
international financial centers are
expected to be issued by 2016
New use cases for distributed open
ledgers are being explored in a wide
swath of industries
+140k merchants worldwide
projected to accept Bitcoin by 4Q
2015
+$275MM in venture capital
investment raised by virtual currency
businesses in 1Q 2015
NYSE and NASDAQ have
invested in virtual currency
exchanges and new technologies
NYDFS issued finalized
“BitLicense” regulations, setting an
example for other states and foreign
jurisdictions
Possibilities for future uses
of the blockchain include smart
contracts, electronic voting, and anti-
counterfeiting measures
29
Potential Other Use Cases For Blockchain Technology As distributed ledger technology evolves, use cases may impact a wide swath of industries.
Smart Contracts
Electronic contracts with transfer of
ownership provisions coded into the
contract itself. Both tamper-proof and
self-executing, the need for trusted third-
parties to resolve disputes or enforce
settlements is eliminated.
Intellectual Property
Encrypted and time stamped
documents stored on the blockchain
can be used to document ownership
of IP without revealing the
information it contains, and provide
proof that the document was
authored at a particular time.
Medical Records
Patients can hold the
private key used to encrypt
their medical data, using
public keys to share
selected information with
doctors only when desired
Foreign Exchange
The ability to securely clear and settle
transactions bilaterally using the blockchain opens
the FX market to non-bank market makers,
tightening spreads and lowering transaction costs
Transfer of Property
Fractional bitcoins marked with certain properties,
also known as colored coins, are use to represent
digital or physical assets such as a house or a car.
Identity Management
A cryptographic distributed
network could be used to
verify people’s identities,
such as passports, social
security numbers, tax id
numbers and driver’s
licenses
Lower transaction costs
Increased information
sharing
Elimination of requirement
for trusted third-party
intermediaries
IMPACTS
30 C O N F I D E N T I A L | J U L Y 2 0 1 5
Bitcoin Could Take Over Where Monetary Markets
are Less Efficient
Source: Graphic: Deloitte University Press
32 Copyright © 2015 Deloitte Development LLC. All rights reserved.
“..even if the vast majority of practitioners
may be doing things right, there are –
CFO’s, Controllers, Chief Accounting
Officers, Independent Auditors and
Accountants in other roles – who appear to
be failing in their role as gatekeepers.”
Howard Scheck, former Chief Account
Division of Enforcement U.S. Securities
and Exchange Commission
33 Copyright © 2015 Deloitte Development LLC. All rights reserved.
Potential Risks Associated with FinTech Payments
“If you’re storing your virtual currencies on your own computer, you’re basically on your own if your virtual currency is
stolen… [and] you can lose your funds without being hacked. If you lose your private keys, you have lost all access to your
funds. No one can help you with password reminders and no one will refund your loss.”
- Consumer Financial Protection Bureau
Risk Factor Description
Anonymity / Non Face
to Face Channels
Emerging payments products may allow for greater anonymity when depositing, using, and exchanging funds than
traditional non-cash payment methods making emerging payments virtual currencies an attractive medium for the
criminal element. This risk is further heightened by the non face to face (e.g., no bank teller involved) nature of many of
these transactions.
Borderless & Wide
Cross-Border
Geographic Reach
Emerging payments products may have the capability to be transmitted to or from any location in the world to anyone
with an internet connection. The risk of such transmission to users in sanctioned nations is ever present. For example,
the pseudo-anonymous infrastructure of Bitcoin makes application of the Travel Rule and identification of payments
recipients problematic. This ambiguity creates the risk of indeterminate responsibility for AML/CTF/OFAC compliance
and supervision / enforcement.
Irreversible
Transactions
Similar to transactions conducted with cash, virtual currency transactions are irreversible. Purchases may be refunded,
but only with the consent of both parties to the transaction. While addressing the double spending issue, fraud, theft and
risk of errors is increased.
Fraud / Theft / Loss Virtual currency is analogous to cash, as once it is stolen, recovery options are limited. E-wallets and other storage
solutions are susceptible to criminals.
Regulatory
Uncertainty
Within the United States, and internationally, the regulatory landscape continues to change rapidly. Without the
establishment of clear regulatory framework, virtual currency businesses are subject to increased regulatory risk and
the potential burden of licensing with state, federal and potentially foreign country regulators.
Fintech emerging payments innovations such as virtual currencies, reloadable
prepaid cards and P2P, allow users to transfer value almost anywhere in the world to
anyone with an internet connection.
34 Copyright © 2015 Deloitte Development LLC. All rights reserved.
FinTech / Emerging Payments Product Risk Factors (1 of 2)
Red Flag Recommended Risk Mitigation Factors
A customer with an excessive number of accounts (based on program
parameters)
• Enhanced Due Diligence to confirm the customer’s
identity and anticipated activity
A customer who is unwilling to provide information required by the CIP • Enhanced Due Diligence to confirm the customer’s
identity
• Consideration for account closure or termination
A customer who presents unusual or suspicious identification
documents that cannot readily be verified
• Enhanced Due Diligence to confirm the customer’s
identity and anticipated activity
• Consideration for account closure or termination
A customer who requests a shipment/transfer of payment products
outside of the United States
• Collect and confirm the identity and location of all third
parties involved in the prepaid card program, including
any subagents
A customer uses different tax identification numbers with variations of
his or her name
• Enhanced Due Diligence to confirm the customer’s
identity
• Consideration for account closure or termination
A customer who is reluctant to provide the information needed for a
mandatory report, to have the report filed, or to proceed with a
transaction after being informed that the report must be filed
• Enhanced Due Diligence to confirm the customer’s
identity
• Consideration for account closure or termination
A customer that coerces or attempts to coerce a bank employee to not
file any required recordkeeping or reporting forms
• Enhanced reporting processes and staff training
High dollar deposits followed by numerous small withdrawals • Enhanced Transaction Monitoring
• Potential SAR filing
A Cardholder who makes multiple value loads on the same day at
different load locations
• Enhanced Transaction Monitoring
• Potential SAR filing
Large number of failed authorizations • Enhanced Transaction Monitoring
• Potential SAR filing
35 Copyright © 2015 Deloitte Development LLC. All rights reserved.
Red Flag Recommended Risk Mitigation Effort
Transactions posted to the account without corresponding
authorizations
• Enhanced Due Diligence to confirm the customer’s
identity and anticipated activity
• Consideration for account closure or termination
Transactions occurring in more than one state or country on the
same day
• Enhanced Due Diligence to confirm the customer’s
identity
• Collect and confirm the identity and location of all third
parties involved in the prepaid
• Consideration for account closure or termination
Repetitive transactions occurring at the same time for the same
amount each day or each week
• Enhanced Transaction Monitoring
• Potential SAR filing
Transactions consistently occurring outside of the customer’s
residential area
• Enhanced Due Diligence to confirm the customer’s
identity
• Consideration for account closure or termination
Unexplainable transactions with no logical purpose • Enhanced Transaction Monitoring
• Potential SAR filing
Repeated transactions outside of the customer’s normal activity
• Enhanced Transaction Monitoring
• Potential SAR filing
Multiple transactions slightly below reportable thresholds • Enhanced Transaction Monitoring
• Potential CTR filing
FinTech / Emerging Payments Product Risk Factors (2 of 2)
Two Case Studies Based on Real Examples ML/TF risks for UR Bank – Pass the antacid
Shut down in August 2015, Gold Reserve was a Costa Rican-based centralized digital currency service noted to have laundered more than $6 billion in criminal proceeds during its history. The site is known for allowing its users to transfer funds from wire transfers to other users with only a name, e-mail address, and birth date. The lack of required KYC information made Gold Reserve an attractive payments processor for criminals. Payments for the sale of child pornography where linked to the service. The money was traced to the criminal’s account with UR Bank. UR Bank is embroiled in negative publicity…
Cotton Road is an online black market, best known as a platform for buying and selling drugs, weapons, stolen identification information, etc. The site worked as an online market place in the Deep Web, operating as a Tor hidden service and accepting Bitcoins as a form of payment. In early August 2015, the site was shutdown and the owner arrested. Law Enforcement has traced the transactions to Bitcoin exchanges where money was sent via ACH & wires from UR Bank. Regulators are knocking on UR Bank’s door…
Cotton Road Gold Reserve
Gold Reserve Scheme The Gold Reserve case demonstrates how a typical series of transactions
in a centralized virtual currency market occur
Bad Guy A
Bad Gal B
Bad Guy A
Exchanger
Exchanger
Personal UR Bank Account
Cash / Check
Bank Wire
Gold Reserve Funds
Gold Reserve Funds
Liberty Reserve Funds
Bank Wire or Debit
Card
Bad Gal B
Cotton Road Website on the Deep Web Cotton Road, a global black-market cyber bazaar, brokered anonymous
criminal transactions with Bitcoins as the main form of currency
Cotton
Cotton Road Scheme The Cotton Road case demonstrates how a typical series of transactions
in a decentralized virtual currency market occur
Illicit Drugs Buyer
Illicit Drugs Seller
Bitcoin Exchanger
Cash / Check/Credit
Card/Bank Wire
Cotton Road
Bitcoin Buyer Wallet
Cotton Road Escrow Account
Cotton Road
Bitcoin Seller Wallet
UR Bank
Every Cotton Road user was required to establish a bitcoin account with Cotton Road to conduct transactions due to anonymity of Bitcoin.
Bitcoins used for transactions were stored on “wallets” maintained by Cotton Road servers (deposited on account with Cotton Road)
To achieve an extra layer of anonymity Cotton Road sent Bitcoin payments through a “complex, semi-random series of dummy transactions” known as a tumblers which made it difficult to trace individual transactions to Bitcoins leaving the site
40 Copyright © 2015 Deloitte Development LLC. All rights reserved.
Commonly Found AML Program Weaknesses Regulatory enforcement actions give us a glimpse into what regulators
are interested in and where common weaknesses may lie
Insufficient resources dedicated to compliance and internal audit that understand
complex FinTech products
Risk Assessments lack quantitative analysis and support
Inadequate KYC procedures, including limited view of entire customer relationship
especially for global banks (inadequate “feedback loop”)
Employees, Board and management have not received relevant and targeted AML
compliance training, specifically for FinTech products and inherent risks
Inexperienced internal audit and compliance staff
Inadequate program status reporting to the Board and management
Failure to identify and periodically monitor high risk accounts or activity
Suspicious activity investigations not properly documented
AML systems and supporting technology not stress tested
Failure to file timely and accurate required regulatory reports
41 Copyright © 2015 Deloitte Development LLC. All rights reserved.
Commonly Found Overall Program Weaknesses A culture of compliance and sufficient training for all employees are critical
steps to elevating AML compliance programs
Fundamentals and Mechanics of Sound Management
In March 2013, at a testimony before the Committee on Banking, Housing, and Urban Affairs of the
U.S. Senate. Thomas Curry, Comptroller of the Currency identified the following as a part of the
causes of a breakdowns in the fundamentals and mechanics of sound management of operational
risk for AML compliance programs:
Lack of strong corporate governance principles necessary to create a “culture of compliance”
within the organization
Lack of sufficient staffing, high turnover rates, and cutbacks in the compliance area as
common factors that have impeded the effectiveness of banks’ AML programs
Key Takeaways From Recent Enforcement Actions
On Aug. 11, 2014, FinCEN’s Advisory highlighted the importance of maintaining a strong culture of
BSA / AML compliance for senior management, leadership and owners of all financial institutions –
regardless of size or industry sector. Recent AML enforcement actions appear to suggest:
Leadership should actively support and understand compliance efforts
Efforts to manage and mitigate AML deficiencies and risks should not be compromised by
revenue interests
Compliance programs may be more effective by, among other things, ensuring that it is tested by
an independent and competent party
43 Copyright © 2015 Deloitte Development LLC. All rights reserved.
Regulators Addressing FinTech Payments Innovations
FinCEN
“Working closely with our delegated BSA examiners at the Internal
Revenue Service (IRS), FinCEN recently launched a series of
supervisory examinations of businesses in the virtual currency
industry. […] Where we identify problems, we will use our supervisory
and enforcement authorities to appropriately penalize non-compliance
and drive compliance improvements.”
CFPB & Federal Reserve
On July 9, 2015, the Consumer Financial Protection Bureau ("CFPB")
continued its focus on payment processing and joined the Federal
Reserve's efforts to develop faster and more secure payment systems
by releasing its "Vision of Consumer Protection in New Faster
Payment Systems" ("Principles").
OCC
Acknowledging that the current legal framework for addressing money
laundering and counter-terrorist financing should be updated to remain
effective, the OCC stated: “The current regulatory regime, which is
rooted in 20th century concepts and approaches, will need to
change and adopt in order to remain relevant into the 21st
century."
SEC
OCC
44 Copyright © 2015 Deloitte Development LLC. All rights reserved.
Examples of State Virtual Currencies Regulatory Landscape
44
Without finalized regulatory guidance from populous technology and financial services hubs such as California and New York,
the majority of US States have hesitated to establish independent viewpoints on how to define and regulate virtual currency
creating industry uncertainty.
Regulatory Guidance Issued
No Guidance or Regulation
Regulation Pending
Washington Department
of Financial Institutions
Guidance issued December
8, 2014 states that virtual
currency is included in the
definition of “money
transmission” under state
law
California State Assembly
Passed AB129 on June 28,
2014 repealing a section of
state code that may have
been interpreted to prohibit
virtual currency
Proposed AB1326 on
February 27, 2015 that
provides a legal definition of
“virtual currency” and
mandates licensing of most
virtual currency businesses
by the California
Department. of Business
Oversight
Texas Department of
Banking
Guidance issued April 3,
2014 states that third-
party exchange of virtual
currency for sovereign
currency is considered
“money transmission”
under state law
New York Department of
Financial Services
Final ruling of “BitLicense”
issued on June 5, 2015 that
provides a regulatory
definition of “virtual
currency” and requires that
all persons engaged in
“virtual currency business
activity” obtain a license
from the NYDFS.
Kansas Office of the State
Banking Commissioner
Guidance issued June 6,
2014 states that third-party
exchange of virtual currency
for sovereign currency is
considered “money
transmission” under state
law
Connecticut State
Assembly
Passed House Bill 6800 on
June 19, 2015 provides a
legal definition of “virtual
currency” and requires bond
for applicants and licensees
transmitting virtual currency,
45 Copyright © 2015 Deloitte Development LLC. All rights reserved.
NYDFS “Bitlicense” May Serve as a Model
Cost of applying for licensure: $5,000
Who is covered under the BitLicense
program?
Businesses covered include those
“controlling, administering or issuing a
virtual currency” with the following
exemptions:
Blockchain technology for non-currency
purposes
Software developers that aren’t engaged
directly in money transmission or
exchange
Miners
Individual investors
Merchants who accept bitcoin
Licensed banks
TITLE 23. DEPARTMENT OF FINANCIAL SERVICES
CHAPTER I. REGULATIONS OF THE SUPERINTENDENT OF FINANCIAL SERVICES
PART 200. VIRTUAL CURRENCIES
On June 3, 2015 the New York State Department of Financial Services (NYDFS) released the
final version of the BitLicense regulations
AML program requirements (highlights)
Licensee is required to comply with all applicable
federal and state laws, rules, and regulations.
Licensee must have an overall compliance
officer(s)
Licensee must maintain and enforce written
compliance policies, including policies with
respect to anti-fraud, anti-money laundering, cyber
security, privacy and information security
Reviewed and approved the Board of
Directors
Preserve all of its books and records in their
original form or native file format for a period of at
least 7 years from the date of their creation
Report within 24 hours to NYDFS ≥ $10,000 one-
day transactions by one person
Report suspicious activity
Maintain Customer Identification Program
Verify the customer’s identity and check against
the OFAC SDN list
46 Footer Copyright © 2015 Deloitte Development LLC. All rights reserved.
Illustrative FinTech Enforcement Actions Summary The majority of enforcement actions related to FinTech products such as Bitcoin to this point have been related to criminal
activities, rather than regulatory requirement issues, but that trend may be changing as money transmitters are being held to
an increasingly higher compliance standard.
Company Reason For Enforcement Action Penalty Enforcement
Agency
Silk Road
INTENTIONAL SALE OF CONTRABAND: Silk Road was an
online black market, best known as a platform for buying and
selling drugs, weapons, stolen identification information, etc.
The site worked as an online market place in the Deep Web,
operating as a Tor hidden service and accepting Bitcoins as a
form of payment.
Fine / CND /
Arrest
Joint Law
Enforcement
Erik T.
Voorhees
FAILURE TO REGISTER: Voorhees published prospectuses
on the Internet and actively solicited investors to buy shares in
his two ventures, SatoshiDICE and FeedZeBirds. However,
Voorhees failed to register the offerings with the SEC as
required under the federal securities laws.
Fine / CND SEC
Trendon
Shavers
PONZI SCHEME: Trendon T. Shavers and his company
Bitcoin Savings and Trust (BTCST) charged with offering and
selling investments in violation of the anti-fraud and
registration provisions of the securities laws.
Fine / CND SEC
Ripple Labs FAILURE TO REGISTER / LACK OF AML PROGRAM: Ripple
Labs sold its virtual currency “XRP” without timely registration
as an MSB, or maintaining an adequate AML program. Ripple
Labs and its subsidiary XRP II, LLP were fined $700,000 by
FinCEN, and entered into a settlement agreement with the
U.S. Attorney’s Office.
Fine US DOJ
FinCEN
47 Copyright © 2015 Deloitte Development LLC. All rights reserved.
Aggressive race to acquire FinTech startups between Wall Street and Silicon
Valley VC
Cybersecurity professionals will be in even greater demand
FX and rates automation will eliminate human trading jobs
Aggressive use of risk and compliance technology: Banks becoming more
opportunistic (tied with driving the business) rather than defensive (responding to
regulatory demands).
Rise of the Chief Digital Officer in banks: Engage with new FinTech ecosystems
as technology has deconstructed the walls that once surrounded capital markets
and access to information, price and liquidity
Painful banking transition to cloud computing: Despite the oft cited security
concerns, the biggest obstacle of moving bank’s large infrastructure to cloud
computing model is internal politics
2015-2016 Trends to Watch
49 Copyright © 2015 Deloitte Development LLC. All rights reserved.
Disclaimer
This presentation contains general information only and Deloitte Advisory is not, by
means of this presentation, rendering accounting, business, financial, investment,
legal, tax, or other professional advice or services. This presentation is not a
substitute for such professional advice or services, nor should it be used as a basis
for any decision or action that may affect your business. Before making any decision
or taking any action that may affect your business, you should consult a qualified
professional advisor.
Deloitte Advisory shall not be responsible for any loss sustained by any person who
relies on this presentation.
Contact Information
Deloitte Advisory 30 Rockefeller Plaza, 40th FL New York, NY USA Tel +1 646 640 6557 [email protected]
Alex Rozman Senior Manager Global Anti-Money Laundering and Sanctions Practice