In case you missed it, Robinhood’s crypto division was fined $30 million for “significant failures” in areas of BSA/AML and cybersecurity regulations.
What Happened: On August 1st of 2022, the New York State Department of Financial Services (NYDFS) announced a Consent Order and $30 million fine against Robinhood’s cryptocurrency trading unit. In the Order, NYDFS alleges Robinhood failed to comply with NYDFS rules pertaining to the federal Bank Secrecy Act and state and federal anti–money laundering rules (BSA/AML).
According to a press release issued by the NYDFS, the investigation revealed “significant deficiencies” in Robinhood’s BSA/AML compliance program. Specifically, NYDFS found that Robinhood lacked a strong compliance culture and failed to allocate sufficient resources to compliance. NYDFS also concluded that Robinhood failed to transition from a manual transaction monitoring system to an automated system that would have been more suitable to Robinhood’s size, transaction volumes, and customer profiles.
The first of many crackdowns on Neobank and FinTech compliance failures
As CNBC pointed out, the $30 million penalty is NYDFS’s first crypto-sector enforcement. Yet, it is part of a fast-growing trend among regulators of Neobanks and FinTechs. For example, in April of this year, the UK’s Financial Conduct Authority (FCA) issued a multi-firm review of Neobanks, calling on them to bolster their financial crime systems in light of changing business models and rising customer numbers. The FCA opened its publication of the review by stating the following: “Ensuring the firms we regulate are effective in preventing financial crime, such as money laundering and sanctions evasion, remains a key priority. This includes testing the financial crime controls of new business models as they enter the UK financial industry.”
As for Robinhood, Money Laundering Watch underscored the case as a reminder to Neobanks and FinTechs that BSA/AML compliance must be a priority and is not the place to cut corners, noting that “adequate transaction monitoring — and related follow-up — is critical to avoiding regulatory ire.”
What’s at stake with compliance failures
The $30 million fine which Robinhood must pay would represent a significant cost for any company, more so for most Neobanks and FinTechs that have yet to reach the size and scale of Robinhood. For many, fines like this could put the business in danger of failing to be a viable, going concern. If customers were to question a company’s ability to pay one or more fines, the business could suddenly face an onslaught of customer account withdrawals and closures — the likes of which shuttered several banks during the global financial crisis. After all, customers find it fast and easy to switch between Neobanks and FinTechs because of their low-friction onboarding processes.
The need to incorporate compliance into new product offerings
In our white paper, For Neo-banks, Digitizing Compliance is Key to Driving Profitability, our compliance experts noted that the growth model of Neobanks has predictable consequences in terms of financial crime compliance obligations. Like FinTechs, these businesses will need to grow compliance headcount and systems and ask customers to provide more documentation in line with regulatory demands.
For Neobanks and FinTechs that fail to take these steps, the three most salient consequences will be:
- Getting into trouble with regulators for processing funds on behalf of fraudsters, money launderers, or sanctioned parties
- Facing penalties for not adhering to their own internal requirements
- Exiting lucrative markets or closing down the business entirely
Baking compliance into new product offerings is a ‘no-brainer’
Many Neobank and FinTech Chief Compliance Officers (CCOs) seem to be facing an uphill battle as they attempt to improve their compliance programs to keep pace with the slew of new, innovative products which their business offers. They have been granted limited budgets, both in terms of technology and people. At the same time, the overall C-suite typically focuses on driving as many new products to market, as fast as possible, in order to win the race for market share. It’s a virtual land grab — seemingly at the expense of all else. High levels of compliance are willingly sacrificed in the race for more customers.
Nevertheless, CCOs should find it easier to make the case for additional compliance budget by using a simple cost-comparison argument — leveraging the Robinhood case for a cost baseline. Here’s how that cost argument should go for the CCO:
Establish the fact that the comparison is essentially the ‘Cost to create the right-sized compliance program’ versus the ‘Cost of doing nothing.’ We know that the cost of doing nothing for Robinhood was a $30 million fine (plus the cost to hire an outside consultant for remediation). For simplicity’s sake, let’s consider only the $30 million fine. The CCO simply compares that fine against the cost of adding the right people and systems to gain a robust and automation-based compliance program.
With a company the size of Robinhood and their high number of customers (approximately 16 million as of August 2022), the CCO could conservatively estimate a compliance personnel cost of around $2 million. The CCO would then add in the costs for compliance-related technology systems and infrastructure. We estimate that to be approximately $2–3 million more, because it includes a screening system, a transaction monitoring system, a master data system, and all the add-ons/integrations that surround a master data system.
At this point, the estimated cost would be just $5 million for creating the compliance program. But in reality, it could be much lower than that, thanks to Digital Workers like those created by WorkFusion.
Alleviating staffing challenges with Digital Workers
By incorporating artificial intelligence (AI) with automation, Digital Workers can augment compliance knowledge workers by completing compliance tasks that involve reviewing false positives (screening, fraud, monitoring, etc.) and other due diligence work, including reporting, collating information, and identifying red flags. For example, the WorkFusion Digital Worker named Tara is a digital Transaction Screening Analyst. She conducts payment activity monitoring to ensure compliance, review, and analysis of alerted payment messages (e.g. SWIFT) and cases, creating a detailed audit trail along the way. At one Neobank, Tara has effectively doubled the team’s operational capacity, reducing alerts by 55% and hits by 80%.
The bottom line: it would cost just a fraction of the $30 million fine and the potential for going out of business to build a robust, automated compliance program (with Digital Workers). Armed with such data, the argument becomes much easier for a CCO to gain incremental budget approval for a full compliance program.
3 best practices for incorporating compliance into new product offering plans
Assuming your Neobank or FinTech has decided to improve your compliance program by making it a part of new product offerings, following are three best practices for making it happen successfully:
- Design a compliance program that is volume agnostic and that easily scales to any business volume. Programs that divert variable business volumes to resources, digital or otherwise, and that can scale elastically are more robust, timely, and cost-efficient than hiring additional talent from the market.
- Have a central platform that manages the compliance program and connects all of the related systems. Too often, financial services firms have large and disparate tech-stacks whose components don’t communicate and share information. This is inefficient. As Neobanks and FinTechs are digital-first, they can leverage platforms that merge the different applications and use native AI and ML to ensure efficient information-sharing across the newly-connected systems.
- Leverage a cost-effective global operating model. The problems facing Neobanks, FinTechs, and other financial services firms have changed little since 20 years ago. However, the tools available to solve those problems have greatly improved in terms of cost efficiency and capability. AI-enabled solutions are cost-effective, location-agnostic, and highly scalable across the enterprise.
Click here to meet Tara, our Transaction Screening Analyst Digital Worker.