Ensuring PSD2 compliance whilst reducing the opportunities for fraudsters

Ensuring PSD2 compliance whilst reducing the opportunities for fraudsters

By Larry Potter, Head of Compliance and MLRO, Starling Bank. 

Larry, can you please tell the Risk Insights readers a little bit about yourself, your experiences and what your current professional focus is

I’ve been working in financial services regulation for nearly 20 years now having started out at the Financial Services Authority (as was), then part of the Risk and Regulatory team at KPMG, a stint at Direct Line Group, and now, Head of Compliance & MLRO at Starling Bank. I’ve been fortunate in my career to span a number of different sectors but with a particular focus on retail banking and general insurance. My current focus is building out the compliance and financial crime capabilities at Starling Bank as the Bank grows in current account proposition and increasing numbers of customers come onboard. Starling Bank is a fintech Bank providing current accounts through a mobile platform – our mantra is to help customers manage their money in a modern way. Its an exciting time for us, not least because of the opportunities that the changing regulatory environment is presenting, but also as we look for ways to make the most of our technological capabilities to deliver compliance.

We are looking forward to hearing your insight on the regulatory environment at the upcoming Fraud and Financial Crime Summit. Why do you feel this is an important talking point?

Managing regulatory change will be towards the top of most Executive agendas. The extent and scale of change we are going through, and the challenges in delivering compliance, are significant for all financial services providers. In addition to the quantity of change, the impact of new regulations – for instance PSD2/Open Banking and GDPR – have the scope to significantly change the shape of the banking environment during the next couple of years. And then there is Brexit….

How can financial institutions best manage the new authentication requirements?

The implementation timetable for Strong Customer Authentication gives Payment Services Providers time to assess their current use of relevant security tools (eg biometrics, PINs and passwords), and, where necessary, adapt their security systems appropriately. Fintechs should be well placed with systems already making use of new mobile phone and computer technologies to authenticate customers, and having single customer views. For incumbents the new authentication requirements may present a greater challenge dependent on the types of payment instruments being used.

What advice would you give towards performing transaction monitoring and identifying suspicious transactions?

In my opinion, managing data effectively is key. New technologies provide the opportunity to use system-based decision-making to help triage transaction monitoring and complement investigation process. There is a real opportunity within the industry to drive a more efficient and effective approach to transaction monitoring through new software capabilities that enable fraud teams to spend their valuable time investigating the higher risk cases. At Starling we are looking how best to use AI and machine learning – building on our team’s experience across a range of industries – to deliver more intelligent monitoring.

Finally, what challenges do you foresee within the Fraud and Financial Crime landscape over the coming years?

Keeping up with the speed of change will be a key challenge for Compliance and Financial Crime functions. The speed of strategic change within financial services firms is increasing as the incumbents react to a changing competitive environment and changing customer expectations, for instance in relation to the way customers want to engage with their bank or insurer. At Starling we have our APIs built ready for PSD2 and we are already sharing data – with customer consent – with third party partners through our Marketplace.
· As well of keeping on top of internal change, the macro-Financial Crime landscape continues to develop with 4MLD swiftly followed by 5MLD; the advancement of cryptocurrency; and the continually evolving methods of the criminal community. 2017 was a busy year for financial crime teams and it doesn’t look like things will slow down in 2018.