Payments challenges in financial services regulatory compliance

The disruptions that affected all industries in 2020 will forever reshape the financial services industry. With such changes come regulatory and public policy challenges and concerns, which in 2021 will begin to inform the future, altering our view of the course to take. 

Here, from the KPMG report Ten key regulatory challenges of 2021, we share insights related to payments.

Regulatory pressures

Regulatory jurisdiction and supervision. The current regulatory regime has not yet adapted to the increase in both the number and type of firms providing payments services, resulting in inconsistent regulatory frameworks for some entities, and a dearth of regulation for others (refer to Expanded Regulatory Authority section within the document below). Federal and State regulators are both seeking chartering authority on a number of fronts, and standardization of requirements across jurisdictions where feasible. However, each continues to expect firms to apply traditional expectations around anti-money laundering, consumer protection (refer to Consumer Protection section within the document), dispute resolution, privacy, and safety and soundness when offering innovative payments services.

Resiliency during COVID-19. The technological advances made in the payments industry prior to COVID-19 have kept payments services accessible during this time of unprecedented lockdown and financial upheaval. Digital banking, contactless card use, and mobile payments have all experienced significant growth; this shift in consumer behavior is expected to be prolonged and likely permanent. As firms continue to develop innovative payments offerings, regulators will have a renewed focus on the risks associated with the development and offering of new products, services, delivery and payment channels, and impact on related processes such as funds availability, fee disclosures, error resolution, and technology controls. Regulators will expect risk and regulatory compliance integration throughout the product development lifecycle, including through the transition to “business-as-usual” processes.

Inclusion and access. The shift to digital payments has in many ways made payments more accessible to populations that may have been excluded in the past due to lack of proximity to physical locations, mobility issues, or the high cost associated with traditional payments methods. However, many populations are still at risk of being left out, including those with no or inconsistent internet access, who are unfamiliar with how to use newer technology, and who have disabilities and need accommodations. Further, regulators continue to focus on the need to mitigate bias and disparate treatment when developing new products and services and the associated roll-out strategies. 

Advancement of cryptoassets and digital assets. While the role of regulators, governments, and central banks in virtual currency remains uncertain and evolving, collectively they have expressed concern about the array of risks cryptoassets may pose to both consumers and financial institutions. It will be imperative for firms to have a robust regulatory change management process in place to stay in tune with upcoming industry changes that are likely to yield new monetary policies and regulatory requirements aimed at protecting consumer information, advancing financial inclusion, and promoting financial stability both in the U.S. and globally.

Speed of compliance. The payments industry continues to drive towards providing faster, cheaper, and more transparent payment services. Compliance processes, particularly related to custody, know your customer, anti-money laundering, and fraud are often operating at a much slower pace, and are challenged by the volume and speed of the money movement (refer to Compliance Risk and Fraud and Financial Crimes sections within the document below). Faster payments processes will also need to be balanced with careful management of the collection, use, and safeguarding of customer data to mitigate against improper disclosure and misappropriation. Firms will need to invest in the modernization of their compliance departments, including third party risk management, to meet these growing challenges, which may prove difficult for firms already investing heavily in service delivery.