A key Fintech event - the Innovate Global Finance Summit, has recently taken place with record crowds attending, putting London firmly centre stage as a Fintech hub. The UK, with its reputation for start-ups with global potential, has much to be proud of.
The Fintech sector is buzzing, and it’s increasingly being seen as one of the mainstays for the UK’s post-Brexit economy. There are also increasing numbers of talented professionals switching from large financial corporations to work for nimble Fintech firms, and these include risk managers.
But, with so much activity, one of the biggest issues for risk managers to be aware of is that cybercrime and other types of fraud already have a foothold in Fintech. And one message already being disseminated is clear – speed and efficiency may be the goal, but there can be no short-cuts when it comes to security.
Criminals target crowdfunding
An example is crowdfunding, where there have been a number of scams, with the European Securities and Markets Authority, stating: “Investment-based crowdfunding carries a risk of misuse for terrorist financing, particularly where platforms carry out limited or no due diligence on project owners and their projects.”
In the last year, a number of suspicious fundraising papers have had to be removed from crowdfunding sites, such as GoFundMe.
On a broader scale, and with the UK set to become increasingly global in its outlook, there are both opportunities and dangers.
A global sandbox?
The FCA is certainly mindful of this and in February, announced it would be consulting on whether to develop a global ‘sandbox’ to support its existing one for UK innovation. This would allow Fintech firms to test their ideas and work with other jurisdictions, potentially collaborating with other regulators on cross-border issues.
Although getting projects off the ground is the aim, the FCA has also emphasised it wants counter-fraud activity to be a main focus to include anti-money laundering compliance, Know Your Customer (KYC) on-boarding and safer payments systems.
The latter is increasingly challenging with the growing trend towards real-time payments and instant fund transfer service, where funds appear in the recipient's account immediately.
One of the biggest global challenges is that banks, for example, use different payment systems which are often not wholly compatible with each other. This can result in more scope for error – and create loopholes for fraudsters to exploit.
There are growing calls for better harmonisation of payment systems and work is progressing on cloud-based sharing initiatives. These offer the potential to conduct KYC checks by sharing data and verify customers more effectively, although there is still much to be done in this area.
Increasing the armoury
Risk managers within Fintech will also benefit since the fight against financial time is being boosted through Fintech. For example, biometrics is being used in fingerprint and iris recognition to keep mobile phone transactions safer.
Tokenisation is another development. This is where a unique ‘token’ is created for each transaction. It means the sensitive data – such as a customer’s name and card number – are substituted for a non-sensitive equivalent, which has no exploitable value for a data thief.
Clearly there is also a massive role for data analytics within Fintech, both in terms of preventing crimes such as identity fraud and in spotting suspicious behavioural patterns, such as a break from the norm in spending and monitoring large transactions.
Interestingly, one piece of software is even being used to help rebuff criminals attempting to take over accounts since it compares their behaviours to the legitimate account holder, using factors such as typing speed and cursor movements to act as red flags.
A risk manager moving from a large corporation to a lean one will also need to ensure the potential for internal fraud remains under scrutiny.
These are exciting times for Fintech, but a major financial crime incident could do this burgeoning market tremendous damage. Indeed, the role of these pioneer risk managers is a critical one, as they set the parameters for their businesses to show both resilience and stability.