How big is the financial crime risk in FinTech?

How big is the financial crime risk in FinTech?

03-Jun-2016 by Robert Evans

As the global FinTech sector continues to grow – KPMG and CB Insights show the surge of investment continuing to a multi-year high of USD13.8 billion in 2015 – so are the instances of financial crimes at FinTech firms.  The examples of Trustbuddy, Mt. Gox, Ripple Labs and Ezubo (to name but a few) – hit by financial crime scandals ranging from internal misconduct, money laundering, fraud and embezzlement – demonstrate this trend all too neatly, and underscore the need for FinTech firms, and their investors to ensure that the right financial crime risk management controls are in place, to protect their brands and their investments respectively. Moreover, considering the impacts of financial crime exposure early on in the business development process presents Fintech firms with another opportunity to disrupt the traditional players in the market, namely by doing better, more targeted risk management enabling a more efficient deployment of capital in the long term.


Peer to peer (P2P) lending, mobile payments, virtual currency trading and crowdfunding platforms all offer an alternative and potentially more attractive solution to traditional banking. However, as recent examples of poor financial crime risk management demonstrate, the impact these could have if replicated across the FinTech industry is significant and could damage the investment attractiveness of such firms as well as the reputation of the industry.

Ezubo – where did all the money go?

Chinese courts last year handled 1.4 million cases involving P2P lending worth a total of CNY821 billion. As an example, just a few months ago, Chinese authorities pressed charges against Ezubo Ltd for defrauding investors out of CNY50bn through a Ponzi scheme. It is alleged that Ezubo sold fake investment products to nearly 1m investors, with promises of annual returns of up to 15 per cent.

The irony of Trustbuddy

Sweden-based Trustbuddy had a SEK 44 million discrepancy between the amount owed to lenders and the available balance of client bank accounts. This was discovered by the company’s new CEO, and just as he was hired, Trustbuddy filed for bankruptcy, with reports that internal misconduct had taken place since operations began in 2009.

Mt. Gox – on the rocks

In Japan, Mt. Gox, one of the world’s first BitCoin exchanges and at one point handling around 80% of the world’s bitcoin trades, filed for bankruptcy in 2014. The then-CEO Mark Karpeles was accused of manipulating trade volumes and taking JPY321 million from the company to fund personal projects. Mark Karpeles had reportedly been sentenced to a year in custody on fraud accusations prior to founding Mt. Gox.

Ripple Labs – making waves for all the wrong reasons

In the US, Ripple Labs was subject to the first civil enforcement action brought against a digital currency exchange. The company reached a settlement with the US Department of Justice and Department of Treasury in excess of USD1.1 million, and admitted to not having an effective AML programme in placeIn the Financial Crimes Enforcement Network (FinCEN’s) ‘Statement of Facts and Violations’ report, it was noted inadequate KYC checks lead to a USD250,000 transaction taking place with an individual who had a previous federal felony conviction for dealing in, mailing, and storing explosive devices.

Crowdfunding – necesSARy notifications

According to FinCEN, there has been a 171% increase in Suspicious Activity Reports (SARs) filed between January 2015 and May 2015 for rewards-based crowdfunding, compared to those filed in the whole of 2013. Analysis indicates various forms of potential illicit use of platforms, including money laundering, fraud schemes, possible terrorist financing, and other criminal activities. It is important to stress that in the grand scheme of FinCEN SAR data the overall numbers of SARs associated with Crowdfunding are still relatively small.  The increase in SAR activity is likely driven by greater awareness of SAR reporting requirements, as well as the growing popularity of the product for ordinary customers as well as those with illicit intent.

The European Securities and Markets Authority (ESMA) explicitly says:

“Investment-based Crowdfunding carries a risk of misuse for terrorist financing, particularly where platforms carry out limited or no due diligence on project owners and their projects. Project owners could use investment-based Crowdfunding platforms to raise funds for terrorist financing, either overtly or secretly.” 

So What?

There is significant opportunity for strong financial performance within FinTech and its various facets, but these examples demonstrate the risks as well as rewards that apply to founders, investors and customers of these firms. Understanding and mitigating the potential financial crime risks ensures the protection of investments and the regulatory and reputational longevity of a firm. Indeed, and as FINTRAIL, a FinTech financial crime risk management consultancy notes, “Financial crime risk management done in the right way has the potential to empower your business and secure sustainable revenue.” This point is echoed by TechCrunch, which explains that  proper financial crime risk management  will “provide an opportunity for fintech firms to obtain another competitive advantage over traditional financial firms”.


Director of FINTRAIL