FIs with insufficient digital identity protocols risk being hit with a one-two punch from debilitating money laundering schemes as well as stiff government agency penalties that go with them. In the Digital Identity Tracker, OneAZ Credit Union’s Margaret Chamberlain explains how analytics-based authentication and document verification software keeps FIs on the right side of the law and one step ahead of the fraudsters.
Money laundering is a menace to all financial institutions (FIs), with bad actors around the world processing trillions of dollars each year. This money goes toward a whole host of nefarious deeds, including terrorist financing, organized crime and human trafficking, making it a top priority for banks and credit unions (CUs) to identify and stop these transactions.
Adding to the pressure is the threat of punishment from government regulators, which can impose strict penalties on any FIs that allow money laundering to go unchecked. Everything from devastating fines to jail time is on the table for those who fail to keep their institutions’ anti-money laundering (AML) protocols up to date, according to Margaret Chamberlain, vice president of risk management at OneAZ Credit Union.
“The Bank Secrecy Act can enforce financial penalties on the credit union, on the board of directors and directly on the person responsible for an [AML] program in place,” Chamberlain said in an interview with PYMNTS. “It can also result in jail time. So, there’s a lot of responsibility and a lot of exposure for the credit union and the board and management.”
This means that instituting ironclad digital identity protocols is imperative to ensuring that members are who they say they are and to helping CUs stay compliant. PYMNTS spoke with Chamberlain about how OneAZ accomplishes this as well as the high stakes when it comes to keeping money launderers in check.
Verifying Member Identities
OneAZ leverages a multipronged approach to digital identity, deploying document verification software, multifactor authentication and a variety of additional methods to ensure that customers are who they say they are. This approach is intended to prevent bad actors armed with a single identity document or password from accessing members’ privileged data or bank accounts.
“We have a couple of tools that we use that go in and look at documentation that’s provided by the member, making sure it’s adequate and legitimate,” Chamberlain said. “We also use some out-of-wallet type questions that validate the member, and we’re starting to use some more advanced multifactor authentication through things like Google Analytics that send one-time passcodes to our members.”
It is also crucial for FIs to ascertain and comprehend all relevant details about their business customers to ensure that these customers are not engaged in illicit activities. OneAZ, for example, makes sure it knows every aspect of the businesses with which it interacts so that it can identify abnormal activity that could indicate money laundering.
“[It is a challenge to] understand the types of business, the type of activity that would be normal for their business, and then being able to identify the abnormal activity because that’s usually what identifies fraud or something going on with that account,” Chamberlain explained. “This could include spikes in the activity out of our area, unusual cross-border activities, adverse media attention, things like that.”
Implementing this multitude of verification techniques is easier said than done, however, especially as the pandemic changes the nature of fraud and money laundering. There is room for improvement on the regulators’ side as well.
Challenges in Member Verification and AML
The pandemic has markedly altered how individuals bank, turning what has long been a predominately in-person activity into one conducted almost entirely across digital channels. This has presented money launderers with new opportunities to infiltrate FIs’ systems, putting FIs on high alert for these new schemes.
“The fraud that’s been going on since the pandemic is just crazy,” Chamberlain noted. “There’s so much more than we ever experienced prior to the pandemic. It’s because people want that ability to go online and open an account or do a transaction online, and the fraudsters know that, so they’re just taking advantage of any opportunity they can.”
Another challenge is shifting regulations that often seem to lag current fraud or money laundering threats. A more proactive approach for oversight agencies would help reduce money laundering, according to Chamberlain.
“They tend to react to situations that are [already] happening, and then it impacts the financial institutions a lot harder and a lot quicker,” she explained. “If they were more aware of what’s going on with the threats to financial institutions, analyze what their requirements are and communicate that out to financial institutions earlier, then it’s a lot less of an impact on the financial institution because we have time to plan for the changes that we need to make.”
In the short term, FIs will need to be cognizant of current threats and regulations to ensure that their verification techniques do not falter. Digital identity protocols are a key piece of the puzzle in this regard.