Not knowing who’s on the other side of the transaction is expensive.
As noted here last month, financial institutions (FIs) were fined nearly $5 billion for anti-money laundering (AML) violations, breaches of sanctions and flaws in know-your-customer (KYC) systems last year.
That’s up 50% from 2021.
Incoming payments and accounts receivable processes are a key point of vulnerability for banks and for enterprises in general. The “customer” — the individual or enterprise holding the bank account or contacting B2B customers — might not be who they say they are. Hacks and social engineering wind up making it difficult to effectively guard against fraud and money laundering.
The banks are proving especially vulnerable to payments fraud in general. Recent PYMNTS research has shown that nearly two-thirds of larger FIs have seen increases in financial crime through the past year. Though 95% of AML executives are focused on embracing advanced technologies to combat money laundering and other schemes, 85% of these executives are concerned about the complexity of integrating new technologies.
But the challenge is felt far beyond the confines of financial services firms. In separate research, we noted that many enterprises find themselves in fraudsters’ crosshairs. Among the key points of vulnerability are incoming payments and accounts receivable (AR) systems, and B2B payments in particular. Internal controls may be lacking.
Fraudsters, we noted, are hacking into the email servers of large and well-known companies, then contacting their B2B customers to send invoices to fraudulent bank accounts (here, again, lies the urgency for banks to beef up their KYC efforts).
Invoice fraud, we reported, results in an average annual cost of $280,000 per middle-market business. The problem may become even more acute as faster payments gain ground — those payments are irrevocable.
Only 38% of businesses are using document and identity authentication tools. Roughly a third of those companies that plan to modernize their identity processes intend to outsource those functions. But of course, the technical complexities, in addition to a constantly shifting regulatory and compliance landscape, may make this “do it yourself” ambition costly and time-consuming.
There’s a greenfield opportunity for providers and platforms to help automate the verification of counterparties’ identities, payment details and accounts, and in recent weeks we’ve seen a spate of announcements from providers seeking to streamline the challenges of, among other things, safeguarding AR and payments processes and meeting AML mandates.
In one recent example, ID security firm Trulioo said at the end of last month that it had debuted a global identity platform for personal and business verification. In terms of the platform’s offerings, the company said Trulioo customers could access personally identifiable information matching, Identity Document Verification, ultimate-beneficial-owner verification, watchlist screening and other anti-fraud capabilities.
Separately, and also in a late January announcement, Eventus announced an anti-money laundering (AML) platform for traditional finance and digital asset companies. VAML, as the platform’s been named, is a Software-as-a-Service (SaaS) solution combining transaction monitoring, behavioral analytics and sanctions monitoring, Eventus said at the time of the announcement. Clients, the company has said, “will be able to onboard almost any source of customer transaction and trade data from their own systems and third-party providers,” along with continuously updated government watchlist information.