Addressing regulations and compliance without increasing consumer friction

While they may have wider purposes, most businesses exist to make a profit, because this is what they typically need to survive and thrive. In the financial services sector, one view is that the pursuit of profit has been hindered by the evolution of regulatory compliance. There are not many sectors that have to navigate through as much compliance as the financial services sector, however, the laws banks, retailers, and other payment service providers must comply with are not here to constrain, but to protect. 

Despite this broad understanding of the reasons for financial crime legislation, regulatory compliance is often regarded as a constraint on profitability, creating too much red tape and slowing down business activity. 

Moreover, there is friction between compliance teams and the core business, as well as between the organisation and its customers who may see the additional red tape as an unnecessary barrier to a speedy and efficient service. 

Internal culture of compliance

I would first advise financial crime teams and merchants to change their perspectives, as we have come to look at compliance through the wrong end of the lens. It is not a barrier to entry, but a gateway to safety. 

Many have heard of the three lines of defence model when it comes to compliance in the financial services sector. Firstly, operational staff are tasked to try and spot red flags of fraud. Secondly, the compliance team monitors relationships and transactions. Thirdly, the internal audit team acts as the safety net.

This compliance model has been in play for many years, yet we still see huge compliance failings, typically around money laundering. An example is NatWest Bank that has recently pleaded guilty to money laundering offences. 

My view is that leadership and education are key. Many businesses lead from the front, however, if the pressures of performance cascade down an organisation, without a leader acknowledging the various challenges that need to be managed to remain compliant, corners are cut, or employees become disenchanted. 

Intentionally or not, leaders who increase workplace pressures create a culture that can prompt dishonest or negligent behaviour, and they invite increased risk into the business, making employees to do the right thing for them, but not the right thing for the business. 

As a result, two issues arise. Firstly, insider fraud risk is increased in organisations where leadership leads to a broken culture resulting in the disenchanted employee as per the Alternative Fraud Triangle diagram below. This means that compliance is not a priority for the employee Secondly, if the employees are disenchanted and compliance is not a priority, then customers have little chance of understanding why regulatory compliance helps rather than hinders them. 

It is, therefore, vital that employees are educated about why regulatory laws exist and evolve. This is not only to protect the organisation and its employees, but also its customers. When employees see that leaders do not bend rules to circumnavigate these laws in the pursuit of profits, a greater unity exists in an organisation in terms of remaining compliant. Only then will the employees be able to ease the friction regulations cause in the customer relationship. 

Once we understand the need for compliance, customers will follow

At the moment when employees embrace the need for regulatory compliance, then the ability to articulate those issues to a customer comes more naturally. 

I have seen banking clients face difficult challenges with customers when a suspicious transaction is identified. A good example is a bank that moved to a low tolerance for risk with respect to suspicious transactions. The knock-on effect was a large volume of suspended transactions and customer accounts. The lack of a clearly defined approach to customer communication in these circumstances led to multiple complaints and compensation. 

Another example is ‘Buy Now, Pay Later’ products such as Klarna, which have been targeted by fraudsters who have been able to take advantage of insufficient regulation for customer onboarding. As a result of the Woolard Review on unsecured credit, customer due diligence will now be required at the onboarding stage. This will inevitably slow down the application process and may lead to customer friction. 

Therefore, as organisations seek to improve their approach to financial crime compliance, having a communication strategy both internally and with customers is vital. This will help reduce the friction of the inevitable frustration that comes with slowing down or suspending transactions. 

My experience is that if a customer understands why an action has been taken (in the broad sense, not in relation to a specific transaction so to not ‘tip-off’ in breach of AML laws), then friction is reduced between the customer and the organisation. 

Fintechs changing the narrative of customer communication 

What does good communication look like? Whilst fintech banks have faced criticism for not having adequate teams to manage their financial crime analysis, they are leading the way in customer communication. I have seen a recent example of a fintech bank that has explained exactly why they may need to suspend an account, how long it can take for a suspension to remain, and why they cannot allow activity on an account during this period. This was written in plain language and all customers were directed to it. The effort made to explain the issues showed that their main focus was the customer journey even when that journey was blown off course. 

The same issue around customer understanding of compliance and regulation is becoming more prominent in ecommerce. Online retailers and payment service providers must follow the fintech example and develop a clear communication strategy to educate consumers about the reasons for regulation. 

Key takeaways 

Addressing regulations and compliance in financial services was never intended to be the domain of one department, is everyone’s responsibility in the organisation to understand and communicate. Understanding why laws exist to help protect is as important as knowing what those laws require. This understanding and education is key to employees helping customers understand why increased regulation is there to protect rather than hinder the services they receive, and reduce the friction of the customer journey, despite the bumps in the road.

This editorial is part of The Fraud Prevention in Ecommerce Report 2021/2022, the ultimate source of knowledge that delves into the evolutionary trail of the payments fraud ecosystem, revealing the most effective security methods for businesses to win the battle against bad actors.

About Arun Chauhan

Arun Chauhan is the founder and director of Tenet Compliance & Litigation, a disputes and compliance law firm specialising in fraud and financial crime. Arun is a regular contributor as an expert for the BBC, a regular conference speaker, and trustee of the highly respected counter fraud charity the Fraud Advisory Panel. 

About Tenet

Tenet Compliance & Litigation is an award-winning boutique compliance and litigation law firm, helping organisations manage their financial crime regulatory obligations, investigate fraud, and provide advice on business disputes arising from business crime. Our expertise covers the spectrum of preventative action in the form of training and policy advice, through investigation and litigation advice. Our clients include banks, fintech financial services businesses, listed companies, not-for-profit organisations, and SMEs.