Andy Mellor, Portfolio Manager Financial Control Solutions, Risk & Compliance at Fiserv
In January 2008, more than 4,300 banks in 32 countries took a historic step towards making the vision of a Single Euro Payments Area (SEPA) a reality. By signing up for SEPA, they committed to leveling the playing field for organisations across Europe by making it just as easy and economical to make cross-border payments as domestic ones.
With this comes significant challenges for banks and corporations who need to make changes to their financial processes to accommodate SEPA – and when financial processes change, so must the compliance and financial controls that are an integral part of them.
Key to the SEPA project’s aim to turn the fragmented national markets for Euro payments into a single domestic one is the development of standards. Although the adoption of consolidated credit transfers and direct debit schemes across the Eurozone will ultimately help pan-European organisations realise cost savings, they must first ensure that they have the infrastructure in place to cope with the necessary changes; including the introduction of IBAN (International Bank Account Number) coding and SEPA-compliant message formats.
The IBAN account numbers will replace existing domestic account numbering schemes, providing a common numbering format for the SEPA zone. In reality, due to the way these have been created, each country will have a slightly different number length and structure. Not only does this complicate the central aim of SEPA but it also presents challenges for databases, which will need to identify which country the account is from to correctly process the information as well as supporting any attempts to automatically map from the old account number.
Another important factor to consider is that standardisation is not only important for external communications between organisations, but also those within the organisation itself. If the account numbers are to be replaced with IBAN numbers for external communications, the organisation must look to minimise the impact on the rest of their systems and “IBANise” across the board. This is a time-consuming process and one that organisations must turn their attention to ahead of the SEPA compliance deadline,as it will not be acceptable for back office systems to ‘catch up’ after the deadline has passed.
While this centralised system is designed to simplify payment processes, if the old account numbers are not correctly integrated with the new IBAN system there are significant implications for Anti-Money Laundering (AML) and fraud detection operations.The cornerstone of an effective detection system is the ability to build up a unique picture of each customer, across their accounts, using behavioural profiling to identify transactional patterns and activity which is out of the ordinary and potentially suspicious. Account numbers (that money is sent to or received from)are an important component of this. Receiving money from the same account,but one that is using a new number, can break the crucial historic intelligence attached to the customer and will hinder future detection and compliance activities.
There are a number of possible approaches that institutions may take when faced with this issue, such as inclusion of the use of algorithms to translate IBAN data to account number data, or the use of a professional services team for a one-time migration of the legacy account numbers to IBAN. Some may simply accept the break in visibility of the transactional and relational history of the account.
A second key consideration for AML will be the conceptual loss of distinction between domestic and international payments within Europe, another important piece of information when determining account activity which may be of higher risk.For AML and fraud detection purposes, it is likely that banks will still want to be able to differentiate between these two types of payment, yet as soon as domestic payments are tagged as different to cross-border payments the crux of the SEPA initiative – a single European payments area– falls by the wayside.
One of the central benefits of SEPA is the cost savings that will be possible through enabling organisations to consolidate banking relationships, and associated financial processes, across the SEPA zone.Through removal of the concept of domestic and cross-border Euro payments, organisations will no longer need a payments partner in each country. This presents opportunity for process optimisation and centralisation throughout the financial process, including the implementation of enterprise reconciliation controls.
In order to comply with SEPA requirements, payment instructions will need to comply with the ISO2022 XML message standards. Reconciliation technology and infrastructure will also need to handle the ISO 20022 messages. SEPA payment messages carry enriched content compared to legacy messages and this additional remittance information presents new opportunities for straight-through processing that could enable higher levels of automation in the matching process. Again, there is significant potential for cost reduction here, through reducing costs involved in key processes such as data transformation, enrichment, loading and matching -as well as reducing manual workloads and allowing staff to be reallocated to higher value activities.
When consolidating back office processes, an organisation must consider the design of the process. As any Euro payment may actually be a cross-border payment, reconciliation controls for all transactions must reflect the level of stringency currently applied to cross-border payments. This may require implementation of additional approval controls for payment release, or even for the review and attestation of reconciliation controls to support stricter audit requirements.
With the February 2014 deadline for SEPA compliance looming, all organisations should be well underway with their preparations – identifying which processes will be affected and implementing IBAN and message format compliance.