Payment aggregators must be regulated to prevent money laundering: Marcos Tinedo

May 29, 2022 by thecanadian

The money laundering It gives no respite, it searches and explores the vulnerabilities that exist in different sectors in order to be able to commit its purpose: pass off illicit money as legitimate. In this context, it is necessary that actors such as payment aggregators have minimum standards to prevent operations with dirty money.

in interview, Marcos Tinedo, compliance specialist of the Latam Financial system and currently head of the Compliance area of ​​one of the nearly 100 existing payment aggregators in the country, commented that currently these actors do not need to comply with any anti-money laundering regulations, which generates the risk not only for them but for the acquiring bank with those who are in a relationship.

“Within the 40 recommendations of the International Financial Action Task Force against money laundering, it is established that it is important that there is a minimum regulation (anti-money laundering) in payment intermediaries,” explained Tinedo.

Aggregators are participants in the ecosystem of the card payment network in the country. Its function, according to National Banking and Stock Commissionis based on a contract entered into with an acquiring (bank) to offer receivers (merchants) the card payment acceptance service and, where appropriate, provide the infrastructure of point-of-sale terminals.

In Mexico, there are aggregators that offer mobile point of sale terminals that are widely used in small and medium businesses in the country to accept card payments. Within the ecosystem are brands such as SR. payment, connect, PayPal,clipsKiwi, Payment MarketBillpocket, Ebanx, OpenPay, PayU, Zettle, among others.

Tinedo pointed out that currently payment aggregators do not have direct regulation on anti-money laundering matters; however, those that do have robust regulations are the acquiring banks, which process the operations, with which they have an agreement, so the risk falls on the latter, as they are responsible for providing the payment service to both aggregators as receivers.

“Aggregators are directly unregulated, neither here nor in other parts of the world, except for the India. Instead, the acquiring banks are quite regulated, for example, with obligations to know and identify clients, monitoring, among other things,” Tinedo said.

Also, the specialist noted that although the Bank of Mexico(Banxico) has issued certain rules, these are not so clear or direct that they impact aggregators. “It is important that the aggregators are not on the air; there are players who want to put themselves at the next level to support the part of risk, compliance, risk operations, legally and in terms of procedures.”

Amounts that generate suspicion

According to data from Banxicothe number of card operations, whether debit or credit, carried out with payment aggregators has had a significant increase in the last year, compared to the period between 2020 and 2021.

According to the figures, the average number of daily operations carried out between May 2020 and the same month in 2021 was 782,873; however, in the last year said figure increased to 1 million 142,236, that is, an increase of 45.9 percent.

The compliance specialist noted that significant amounts have been detected that are paid, for example, in restaurants, which could be a warning sign in the face of a possible event of money laundering.

“We have identified points that invoice, with aggregators, up to about 50 million pesos a year, which is an achievable figure; however, it is an important amount that must be paid attention to,” Tinedo said.

The specialist stated that there is a risk of laundering operations through the operation of aggregators, since there is a methodology known in the world as Transaction Launderingwhich seeks to pass illicit resources through an acquiring bank to process payments, in order to launder the proceeds of criminal activity.

“It is important because if it is detected that an aggregator allows operations of people sanctioned, for example, by the Office of Foreign Assets Control (OFAC) of the Department of the Treasury of the United States, that is going to generate a reputational and legal risk to the aggregator that is going to knock down the business, in addition to the fact that the acquiring bank is going to take away the operation,” said the specialist.

The path of regulation 

Tinedo indicated that it is recommended that aggregators be required to have a regulation based on the risk to which they are exposed, but also in line with the standards required of acquiring banks in article 115 of the Credit Institutions Law (LIC).

“I think that the regulation must have a minimum standard, with things similar to the LIC, the idea is that it be comparable, but with a risk-based approach,” said Tinedo. 

Specifically, Tinedo mentioned some points that could be required from aggregators, such as a know-your-customer procedure, automated systems, reports to authorities of suspicious, relevant and 24-hour operations, audits, access to the list of blocked persons, among other.

“It’s like closing all the locks and having everything shielded and more coordinated with the acquiring banks. We all have to protect the business”, said Tinedo, who will participate in the ACAMS LATAM Conference to be held in the coming days in Cancun, Mexico.