Digital disruption is defining the financial services industry today. Financial technology (FinTech) companies are truly pushing the envelope and driving innovation, challenging traditional financial services firms to rethink their business models and growth markets. However, FinTech companies will do well to learn a thing or two about managing risk from their traditional counterparts.

Banking, insurance and investment management firms are risk-based businesses where good decision-making can rapidly drive returns. The security of FinTech companies can be compromised if they do not have strong measures in place.

These companies are generally start-ups founded for disrupting incumbent financial systems. In a highly interconnected digital world, business will get conducted at hyper speed, for instance, instant loans, instant fund transfer… the list goes on. However, fraudsters, too, stand to benefit from being able to move money fast. This would mean that the front-office, mid-office and back-office would need the capability to quickly assess and mitigate frauds or money laundering risks.

Gateway for fraud

Most firms predominantly focus on cyber-security, financial strength and business continuity. However, of all the risks FinTechs face, fraud and money laundering are of primary concern, as they impact brand value and thus future valuations. Further, investors would be wary of investing in such firms.

FinTech firms typically have inadequate measures to detect and prevent fraud. When faster payments were launched in the UK in 2008, fraudsters made casino-style attempts to exploit the new capabilities and fraud levels spiked. Similar challenges exist in India, as well.

Fraud risks can be classified based on their origin — which boils down to the identity of counterparty involved in a transaction. There are mainly three types of such frauds — First party fraud; falsely applying for credit with the intent of defaulting; Second party fraud; creating false identity for financial gains. Both these frauds have received good attention from regulators and organisations. Finally, third-party risk; a large part of fraud and money laundering risk is associated with the kind of third-party relationships an organisation establishes. A third-party relationship is any business arrangement between two organisations, by contract or otherwise. An organisation is mandated to mitigate all third-party relationship risk, by regulators across the globe, and is held accountable for doing business with counterparties who have criminal background.

Regulators are increasingly holding individuals and associated entities responsible not just for their own actions but for those of their customers and suppliers.

Safety strategy

FinTech organisations need to adopt a comprehensive approach to mitigate fraud risk. A high-level strategy in building a robust fraud-management program will involve two functions: first, developing a strong risk culture in an organisation that shapes the risk decisions of management and employees.

Essentially, it relates to the integrity of a firm and its employees and how their willingness to do the right thing is transposed into ensuring that their actions influence good customer outcomes. Also, a need to convert data insights and risk intelligence into business action is critical. Regulators worldwide have provided insight into counterparty due diligence that needs to be conducted to prevent fraudsters from gaining access to the FinTech network. An ongoing due diligence at pre-determined frequency will need to be carried out to avoid such risks.

FinTech companies must take the right set of precautions to build the confidence of their stakeholders.

Often, in their quest for market dominance and profit growth, FinTechs tend to rely on short-term fixes, which can cause significant reputational damage, thereby impacting their long-term valuations.

The writer is Market Development Leader, Risk, Thomson Reuters

comment COMMENT NOW