Enveil CEO: Fragmented AML regulation creates “Russian doll effect”
EU regulation around AML is still fragmented. Enveil’s founder and CEO, Ellison Anne Williams, tells FinTech Futures that cohesive regulation will “only open the door wider to specific technology solutions”.
She also points out that standardising regulation is a whole different ball game to standardising data.
“It’s much harder. Some deployments are hybrid. And then you’ve got different jurisdictions – some are decentralised, other are more centralised. It’s fragmented in terms of data, it’s dirty.” Williams likens it to the “Russian doll effect”.
But despite its room for change, Williams also acknowledges that the EU – specifically the UK – is a region far ahead of its peers in terms of AML regulation.
Enveil, a Maryland-founded start-up backed by Mastercard, Capital One Ventures and Bloomberg, recently set up a subsidiary in the UK.
It works closely with the Financial Conduct Authority (FCA), as well as a host of European banks including HSBC, Barclays, and ING.
The start-up allows banks to search and analyse data between jurisdictions in line with regulation
“The UK – and more broadly the EU – are absolutely the leader in this space,” says Williams. “The FCA is leading the charge and is way out in front on this.”
Fines make a difference
In recent years, the financial industry has seen anti-money laundering (AML) fines reach unchartered new heights.
Through July 2020, financial institutions experienced fines totaling $5.6 billion for AML, know you customer (KYC) and general compliance failings, according to Fenergo data.
But looking beyond the hefty fines, what is it that’s causing some of these banks to repeatedly fall into AML pitfalls? Williams thinks a big issue is data, and that it’s only now, with fines getting bigger, that banks are starting to take notice.
Enveil is currently engaging with a number of multinational banks. “Previously, they accepted the risk,” says Williams. “But these [heavier] regulatory fines – they’re an enormous driver for banks.”
Between 1 January and 31 December 2019, a record-breaking 58 AML fines were issued to banks. Encompass data shows US regulators issued the highest number of penalties at 25, totaling $2.29 billion.
Other AML industry experts agree. Rachel Woolley, global director of Financial Crime at Fenergo, told FinTech Futures last month: “The reputational damage that can come from a fine is significant.
“In some cases, it can wipe out shareholder value. We’ve seen this in action with the Nordic banking scandal of the last couple of years.”
But despite US regulators being the most active in terms of fines last year, Williams also asserts that the US is very much a “follower” when it comes to AML technology innovation.
After the UK, she names Singapore as the second jurisdiction where AML technology is making waves.
“The Monetary Authority of Singapore (MAS) is very keen on adopting new tech to combat AML. A lot of our deployment of cross-jurisdictional solutions is in Singapore.”
Challenges around data
Each jurisdiction has different regulatory requirements, which means data can’t be exposed outside of a particular jurisdiction.
“So today, UK banks look within jurisdictional walls to understand the customer,” says Williams.
Jurisdictional requirements mean banks can’t freely transfer data between borders to make inquiries in other jurisdictions. This makes it easier for money launderers to go uncaught, particularly those with extensive networks across the globe.
To reduce the inevitable risk that this causes, Enveil claims to use “homomorphic encryption”.
It performs calculations on encrypted data without decrypting it. It then decrypts once these changes are in place, in the correct jurisdiction. By encrypting a search, it means the data is never exposed in other jurisdictions. In other words, the technology secures data in use.
“It completely changes the paradigm and where firms can use data,” says Williams.
“You’re buying the risk down, which in turn results in greater operational efficiency. AML is often very manual and labour-intensive. To be able to reach out automatically and securely – this is something banks have never had before.”