4. How do interbank payments take place?
4.6 Compliance
For intrabank payments, many compliance issues arise. These issues are mediated by several regulations, which are described below.
Know Your Customer (KYC)
Financial Institutions need to comply with the latest KYC legislation. KYC means that a bank knows its customer, which can be an individual, an intermediary, a business or an authority. KYC requirements generally address the customer’s identity, affiliations, and transaction behavior. This means that a bank should know at each moment in time who its customers are and what transactions took place from or to specific customers.
Anti-Money Laundering (AML)
Regulatory banks need also to comply with AML regulations, in order to ensure that the payment network is not used for money laundering purposes. This monitoring is mostly done after payments have been processed by algorithms running on the bank’s ledger, but some banks also check this upfront. Certain algorithms are used to distill abnormal behavior in order to determine the AML risks.
Financial Action Task Force (FATF)
The FATF recommendations are developed with the objective of preventing terrorists and other criminals from having unfettered access to wire transfers for moving their funds and for detecting such misuse when it occurs. Specifically, it aims to ensure that basic information on the originator and beneficiary of wire transfers is immediately available. In 2006 the European Union (EU) has translated and adopted Special Recommendation (SR) VII of FATF in the Regulation of the European Parliament (the EU Regulation 1781/2006), dated July 7th 2006 to a new version: the FATF 16. Besides the EU, most countries adopted and translated FATF SR-VII in a local regulation. These countries are currently working on local legislation to make sure they comply with the new FATF 16 requirements. The main FATF 16 revisions deal with full beneficiary information (“Qualifying cross-border Electronic Funds Transfer should be accompanied by full and accurate originator information and full beneficiary information”) and with the role of an intermediary financial institution (“An intermediary FI should take reasonable measures to identify cross-border wire transfers which lack full originator information or full beneficiary information”). Although, at this moment only account number and beneficiary name are required for a money transfer.
Sanction lists
Sanction lists hold information on persons, countries of currencies for which a bank is not allowed to process payments for. A recent example of persons being added to these lists, originated from what happened in Ukraine this year and all consequences involved. An elaborate list of Russian and Ukrainian individuals has been published for which no transactions are allowed (Wikipedia, 2015).
An official list kept is the OFAC list (OFAC, 2015), powered by the US Government. There are also other US and EU lists which are very detailed and include companies, individuals, and even boats or airplanes. Each individual bank can add entries to these lists, and outgoing payments are screened against these lists before they are send. An example of an international restriction is that dollars are blocked from Cuba, and if a Dutch bank initiates a dollar payment to Cuba, the send funds will be blocked at one of the correspondent banks and it can take years before this money might be send back.
PSD
The ECB has issued some directives regarding payment legislation, intended for the entire SEPA area in 2009, namely the Payment Service Directive (PSD). This directive was adopted into local legislation and implemented
27
throughout 2013 and 2014. Among other rules, the legislation provides compliancy rules regarding the information stated for each payment for reconciliation. For instance, the way a transaction is shown on a bank statement is determined, as well as the information stated in the message. It is still unclear whether the provision on allowing third-party payment providers (TPPs) to directly access customer bank accounts will be included in the final proposal of the PSD2.MOT
The MOT (“Melding Ongebruikelijke Transacties”; Reporting Unusual Transactions) describes whether or not a transaction is deemed unusual, which is determined by a list of indicators set by the ministry of Finance and Justice. Included in this list is:
unusually high cash withdrawals and payments in cash;
higher than normal Forex transactions;
transactions that surpass a usual limit, that cannot be explained by the normal conduct of the business.
The reported case must contain the following data, if possible:
the identity of the client;
the reason, timestamp and place of the transaction;
the amount;
origin of the money;
why the payment is unusual.
Summary of compliance
It is clear that many different compliance regulations are involved in payments. Banks are obligated to regulatory instances to comply to this regulation, in order to keep their banking license. Multiple different systems are nowadays in place which automatically scan incoming and outgoing transactions on the completeness and correctness of available payment information. If the corresponding payment information is incorrect or incomplete, a transaction can be put in a queue to be manually verified, or it can be cancelled. Regarding this chapter, most important is that currently all necessary compliance systems and regulatory frameworks are already in place. With the potential adoption of a decentralized ledger platform, only the channel through which a payment flows will change. As sending information or receiving information through a channel as SWIFT or TARGET2 is just one step in the process, the assumed change to current compliance procedures is regarded to be manageable. Besides, due to the open source nature of these DLPs the threshold is significantly lowered to develop (collaboratively) compliance applications which can be built on top of the DLP infrastructure.