How can ISO 20022 help banks to better manage financial crime risks?

31 October 2022

The deployment and usage of global payment message standards enabled by ISO 20022 provides many benefits for processing banks and regulators. Efficiency, enhanced treasury operations and liquidity, and improved targeted services for business clients and consumers are just a few to name.

As the industry now approaches key deadlines for ISO 20022 implementation, attention is increasingly turning to how Financial Institutions can better maximise the benefits of richer payments data to combat the risk of financial crimes. According to the International Compliance Association, financial crime accounts for 3.6% of global GDP, with individuals, major corporations, small businesses, and the public sector all impacted – costing the UK billions of pounds each year.

In this blog, we will discuss three key areas where ISO 20022 can help improve financial crime risk management for payments processors: party information, payment purpose and use of the Legal Entity Identifier (LEI).

 1. Party information

ISO 20022 provides higher quality information about the parties involved in a transaction, both the sender and beneficiary. This will have a significant impact on the efficiency and efficacy of financial crime compliance checks. Cross-border payments, for example, have long been constrained by unstructured, incomplete and inconsistent data, which can require manual intervention prior to processing.

According to SWIFT, prior to ISO 20022 adoption in 2017-2018, between 72% and 94% of party data fields used free-format options with unstructured data to identify parties. This significantly impacted banks’ ability to identify and screen customers for Anti Money Laundering (AML) checks or sanctions screening. Banks estimated that up to 10% of transactions required manual intervention as a result.

For instance, if one party is an entity called Bar Cuba, located in Edinburgh, using unstructured data would mean that the world ‘Cuba’ would likely attract attention during the sanctions check process, since in a free-format field it could be interpreted as the country location. Using structured data under the ISO 20022 standard, however, would allow the word ‘Cuba’ to be clearly designated as the business name. The country location would be ‘United Kingdom’ and the payment would pass without trouble through the sanction checks.

 2. Payment purpose

Information describing the purpose of a payment has been used for many years, mainly when sending a payment to a foreign country. For example, the central bank of the destination country may require a purpose to be included with the transaction in order for the payment to be accepted and processed. Purpose Codes are one ‘building block’ in the ISO 20022 dataset and will be used for both retail and wholesale payments to help banks and their customers identify the reason a payment is being made. ISO 20022 practice guidance currently provides 40 payments codes to support all transaction scenarios.

Improving the quality of information related to a payment’s purpose brings benefits across the board. The purpose of a payment is directly relevant for addressing money laundering or bribery activity, and some forms of sanctions related to the type of goods. If bad actors give incorrect information, it also provides banks with a lever to target these customers. Payment purpose could also be a useful indicator for identifying instances of scam payment, such as large scale Authorised Push Payment (APP) fraud.

It is worth noting that payment purpose also supports valid payments activity, for example aiding payment prioritisation (such as welfare payments or salaries) and supporting customer analytics to provide more targeted and relevant products.

 3. The Legal Entity Identifier

A further development under ISO 20022 is the inclusion of the Legal Entity Identifier (LEI) in the payment message format. The LEI is a unique global identifier comprised of a 20-character alpha-numeric code required for all legal entities (companies and organisations, not individuals) participating in financial transactions.

Countries are actively focusing on further optimising the quality, reliability and usability of LEI data, empowering market participants to benefit from the wealth of information available within the LEI index. Therefore, the introduction of LEI into payment messages as part of the implementation of ISO2022 standards will add another ‘tool’ to the anti-financial crime ‘toolbox’.

The fact that LEI is a unique key to standardised information on legal entities globally means it can be used in the verification of payment destination ‘customers/account’. It can be added into AML verification processes and payment sanction screening by using the LEI code or LEI number which is readily available to banks via a globally accessible database.

The LEI is not a magic bullet for all KYC (Know Your Customer) checks and wire transmission regulation, but it can be used as an additional validation ‘door’ until all countries agree to participate and legislate the process.

 In conclusion…

With the huge industry focus on delivering ISO 20022 technical implementation projects ahead of major market infrastructure deadlines, it is important to restate the many benefits available from fully embracing the richer and more structured data that ISO 20022 provides. These benefits impact the full range of a bank’s activities, offering revenue growth through higher quality products and services and enabling cost reduction through more efficient payments processes.

Improved payments data is a powerful tool to support the ongoing and essential fight against financial crime. Icon Solutions advises clients across the end-to-end payments lifecycle, offering more tools and process to mitigate financial crimes risk through better architecture, technology deployments and use of data and analytics. Book a call with us today.

Categories: Blog

Angus Maitland and Andrew Ducker