For AML, Three ‘I’s: Innovation, Interoperability … And Identity

money laundering

If the backbone of digital commerce is trust, here are a few vertebrae: innovation, interoperability and identity. Zac Cohen, general manager at Trulioo, tells Karen Webster that privacy and convenience need not be mutually exclusive when building trust.

Trust is the backbone of digital commerce. Knowing who’s on each side of the transaction, and verifying their identities, is the backbone of trust.

That sentiment was underscored earlier this month when South Korea said it would delist a number of altcoins from an exchange over privacy concerns – namely, the anonymous nature of the transactions are at odds with the goals of the Financial Action Task Force (FATF), which include combating money laundering and fraud.

The bumpy road cryptos face under scrutiny from regulators (we’re looking at you, Libra) was a springboard into a larger discussion between Zac Cohen, general manager at Trulioo, and Karen Webster on the challenges FIs and others face when deploying new technologies.

“With a lot of technology and technical innovation,” said Cohen, “people are always looking at it from a particular point of view, and that lens and those glasses – rose-colored or otherwise – are coming from a very specific individual with priorities and use cases in mind.”

The challenges arise when firms want to bring those technologies to new use cases, new industries and, of course, new countries.

As Cohen told Webster, conflicts arise in meeting the basic requirements of governance and compliance when it comes to payments, bank accounts and, especially, money transferred across borders.

Complications arise when financial activity is so far-flung, he added. New payment methods and use cases may be quick to evolve and innovate, and they also have more challenges when it comes to fraud and money laundering.

With a nod toward the trend he’s observed in money laundering, Cohen said what starts small becomes big. He noted that the bad guys tend to test new frameworks and methodologies, and success ultimately leads to, well, boldness. Holes still exist at larger FIs, and that’s where the large-scale breaches and thieveries come in.

“Every day, we see new and different ways of people taking advantage of a system through various reasons,” Cohen said. “There is a common thread when you are experimenting with new technology and on the cutting edge of innovation. It’s difficult to guard against experts in fraud.”

But it is important to remember, he added, that when speaking about technology in general, issues and challenges are not unsolvable – and in the case of cryptos, banning them outright may not be an optimal long-term solution, as it stifles innovation.

There are still opportunities to have sensitivities and mechanisms in place that can be robust enough to allow for cross-border commerce, yet still ensure privacy and satisfy anti-money laundering (AML) mandates.

“All of these things should not be mutually exclusive,” said Cohen – and the recipe for success is based on commonality.

Interoperability of systems across governments, infrastructure and currencies can help take a bite out of money laundering, he noted. Identity is a vehicle for cementing that commonality. Identities, in turn, must be secured, verified and reusable.

The interoperability may be a ways off, likened by Cohen to a missing link – and it’s an understandable one, given the silos and siloed mentalities that exist between countries, companies and even departments within companies.

One prime mover toward interoperability, Cohen said, could come in the form of a consortium of Big Tech players, demonstrating an approach to technology and design that (as Trulioo strives to offer) has “choice and flexibility built-in from the get-go.”

Without that choice, he said, it becomes difficult to pivot into new areas or use cases, and rebuilding technology to serve new needs is simply too expensive for most firms.

Toward an Interoperable ID System

Cohen pointed to the recent announcement that Trulioo had raised C$70 million to expand its efforts to create a global ID network as an example of flexible buildouts. Ideally, he said – and as demonstrated by Trulioo’s guiding philosophies – new iterations and layers of products and services should be consumable without companies having to change fundamental infrastructure or the user experience.

As for a universal standard? Said Webster: “It may be wishful thinking. It may be unlikely that one protocol will be enforced by a global coordination of governments, service providers and technology providers. But perhaps we can say that someone will come up with the best design, and it will be so convincing that everybody else will design similarly.”

Best practices gain fast followers, Cohen said. GDPR – with its focus on transparency, control and prevention (of misuse) when it comes to data – serves as an example. Regulatory updates all around the world have modeled fundamental aspects of GDPR, he noted.

Other government-led initiatives have been relatively less successful (such as open banking, which has perhaps not caught on as quickly as some observers may have expected). Best practices at the firm level involve doing more than just plugging holes in security – they also involve looking at the whole ship, examining what could break down next and being proactive.

All of this gives rise to the question: Is there a “hook,” a use case or a network setting that can give rise to massive scale?

Cohen noted that networks sprout up all the time, whether local, regional, national or international in scope. And in the case of Trulioo, he said, the roots live in KYC and AML.

“KYC and AML are the most difficult burdens in many jurisdictions,” he said. “We are able to add all of these identity-based tools and interoperability for cross-border exposure much more easily. We have scale on the hardest aspect.”