Payments providers will likely come under an increased level of scrutiny following the recent fine meted out to payments platform Ripple Labs. Bankers have often warned of the lack of regulation of the sector, and the potential risks to which this exposes the consumer and the businesses themselves.
In May, Ripple Labs took the dubious honour of being the first virtual-currency provider to be issued with a fine from the US Treasury Department for neglect of anti-money laundering (AML) measures. The Financial Crimes Enforcement Network (FinCEN) fined Ripple and its subsidiary, XRP II, $700,000 for violating the Bank Secrecy Act. The company had failed to register with FinCEN despite being a money services business and was found to have no anti-money-laundering programme in place. Further, Ripple did not report some transactions that were deemed to have been suspicious.
Ripple paid the fine and stated that it had not wilfully engaged in any illegal activity, or been prosecuted for doing so. The company has, it seems, received a stern reprimand from the regulator.
Speaking to Euromoney at the EBAday conference in Amsterdam, Chris Larsen, CEO and co-founder of Ripple Labs, says changes have already been made: "We’ve taken a number of steps to beef up our regulatory compliance procedures. These include registering a subsidiary as a money service business to handle the company's sale of XRP, hiring key compliance and legal staff, and building an AML programme."
Before the fine was imposed, Ripple had already moved to build up its compliance team, hiring Karen Gifford as chief compliance officer and boosting its anti-money-laundering stance.
Larsen cautions: "The industry is seeingthe emergence of new technology, but the rules all still apply. There is no grace period and start-ups need to be following the rules from day one of operating. They need to have compliance officers in place before the tech is even launched."
The events have opened up the debate around the levels of compliance that even the smallest of payments start-ups should be expected to meet. Paul Thomalla, senior vice-president, global corporate relations and business development, ACI Worldwide, says: "It will send a rocket around the fintech community, as firms will realize that they need to think much more about what they are doing. It is not just about creating the technology and running the back office, there need to be provisions in place on how to process and manage the payments correctly."
Gene Neyer, senior vice-president of payments product management at Fundtech, believes the events show that the crypto-currency business is still very much in its infancy. "The majority of the industry will find this as a confirmation that crypto-technologies are not ready for their mainstream businesses,” he says. “However, Ripple (and other crypto-tech vendors) are not aiming at the majority of the industry – they are aiming at the early adopters.
"The early adopters are willing to take higher risks, to try new vendors in specific situations, to dig deeper in their due diligence and be willing to make allowances for events that took place when the company was just starting – as long as there is a business case."
There is consensus that the fine was actually a positive move for the payments providers, as they now have a stronger indication of the regulations they are expected to follow. Larsen says the company is pleased that this episode is over, and is now looking to follow a more clearly defined regulatory position: "We take the settlement as a positive for our company and the industry because it provides clarity for a path forward."
Thomalla agrees: "Essentially the regulators are trying to protect us. It is reassuring that someone has been caught for breaking the rules and the issue has been fixed. The fine is symptomatic of the bigger issue. The payments and the banking industry is a very hard space to be in. We’ve already seen much larger, hi-tech firms like Microsoft and Google realize just how difficult it is and change their plans."
Google launched Google Wallet in 2011 but has to date not seen any great traction in use among consumers. Earlier this year it acquired mobile payments company Softcard to integrate into Wallet in response to the release of Apple Pay.
The fine imposed might also suggest the regulator is willing to be relatively lenient with these companies as they bring themselves up to the standards imposed on the banking community. Neyer says: "If we look at the substance – what Ripple did demonstrate is a lack of maturity in the early stages of their corporate life – not a broken corporate culture. Thus the fine is quite modest in comparison to some of the recent ones levied on the established banking players."
The fine, and the resulting change in how the company approaches regulation, might well be a wake-up call to other payments providers on the difficult reality of working within the transactions business. Companies will now have to look more deeply into their ability to provide the level of action to ensure they comply with regulation, or look for new ways of operating with other similar businesses.
Thomalla cautions that there are not enough people around with the experience and knowledge needed to take on the compliance role at every individual start-up. As a result of this, there have already been some changes to how companies are operating. "We have started to see some aggregation of the smaller firms,” he says. “They could each get someone as part of their team to cover compliance but if it goes wrong then the onus falls on that individual. We could also see more smaller companies being absorbed into much larger organizations."
The other option is that some companies might simply decide that they cannot operate in the sector and withdraw altogether.