23 Jan A better risk infrastructure to boost fintech in Gulf Countries
The Middle East is increasingly attracting more fintech companies, but with that comes the challenge of navigating issues such as risk and compliance. Gergo Varga, Content Evangelist at SEON, explores some possible solutions.
The Middle East is increasingly regarded as a key hub for cutting edge fintech businesses.
Back in 2017, there were only 30 fintech companies operating in the region. But zoom forward to 2022, and that number is anticipated to rise to over 800 by the end of the year. As stated by MEI, between them, the businesses are expected to raise over $2 billion in venture capital funding.
It’s little surprise that Gulf countries attract such businesses. Favorable tax rates and an enviable infrastructure create a compelling proposition. However, it’s worth remembering that fintech companies must navigate a complicated landscape when it comes to compliance and risk.
As the Middle East’s financial institutions are increasingly facing regulatory scrutiny and complexity, we take a closer look at the industry’s key challenges and how they could be navigated.
Fraud and Scams
Anywhere that banks, fintechs and crypto businesses thrive becomes a clear target for hackers and fraudsters.
It’s estimated that criminals laundered $8.6 billion worth of cryptocurrency in 2021. While a recent Aljazeera podcast posited that cryptocurrency trading in the Middle East is ‘not as popular’ as elsewhere, that seems set to change. The UAE, in particular, seems keen to become a crypto trading hub, with local crypto exchanges spinning up, and wide-ranging licenses recently granted to Binance.
Of course, fraud isn’t just about cryptocurrency. A recent rise in social engineering fraud in the Middle East caused the Saudi Banks Media and Awareness Committee to issue a wide-ranging warning about the latest fraud techniques. Banks and fintechs are often the eventual target of such fraud schemes.
Any effective approach to fraud prevention must encompass protection for both businesses and customers. Clear communication and a focus on cyber awareness is a must.
Arguably, the most crucial line of defense for financial institutions is the sign up / onboarding stage. Catching fraudsters at this first hurdle means minimising the number who manage to set up seemingly legitimate accounts to use for fraud, money laundering and other financial crimes.
With the use of well-chosen fraud protection solutions, fintechs seeking to bolster their defenses have various ways to filter out riskier customers. Particularly useful features include:
- Data Enrichment Capabilities: These make use of readily available data points, such as telephone numbers and email addresses, to perform detailed digital footprint analysis for each potential customer.
These data points (which are usually mandatory as part of a sign-up process) unlock a wealth of data. For example, fintechs can see whether email addresses are linked to a typical range of social networks and online services. Email addresses that are not raise suspicion, and could point to the use of ‘throwaway’ accounts used for fraud.
Similarly, a simple IP address can reveal various red flags. It could be located in a completely different area to the user’s claimed location, or belong to a VPN or proxy service, indicating a possible attempt to “spoof” the true location.
- Risk Scoring: Often tied to the output produced by data enrichment, fraud prevention software can create a risk score. This can be used to filter out high risk customers. For example, customers with risk scores over a certain threshold can be rejected outright during the sign-up process, saving money on mandatory hard KYC checks.
- Automated Decision Making: This can both save on manpower and reduce user friction.
As stated above, it’s desirable to catch fraudsters at the perimeter of the business. But elements of the processes above can also be used throughout the customer lifecycle. For example, IP address checks can alert a business if a user is accessing an account from an unusual location.
The risks associated with fraud go beyond the immediate financial losses for businesses and their customers. Middle East fintechs must also navigate a minefield of regulatory compliance, especially when it comes to Anti Money Laundering (ALM) legislation.
The Middle East authorities have displayed a willingness to penalize organizations that fail to live up to their compliance obligations. In 2021, Global Trade Review reported that the UAE central bank had fined
11 banks for AML breaches, with fines totalling over US$12 Million. Fines continue to be doled out, and at a level that could destroy a fledgling fintech business.
As described in this SEON guide to AML fraud, fintechs have wide-ranging responsibilities when it comes to preventing money laundering. They’re not only at financial risk from fraud itself, but also from failing to meet their compliance duties.
Those duties include holding deposited funds, notifying the relevant authorities of suspicious activity, completing customer due diligence (such as KYC checks), and keeping detailed records.
The same techniques (detailed above) that can assist in preventing fraud also have a significant part to play in complying with AML legislation.
A recently issued fine was for “Customer Due Diligence, risk assessment and account approval breaches.” All of those things can be significantly mitigated by introducing tripwires for suspicious customers before they are even able to open an account.
This means calculating risk first, before fraudsters can start opening ‘drop accounts’ where they can deposit money.
Fintechs often use the ease of opening accounts as a way to differentiate themselves from slower and more formal financial institutions. Their advertising sometimes highlights the fact that customers can gain instant access to their account details. But there’s a balance to strike. Automated and API-integrated fraud prevention software can help create this balance, whilst still allowing fintechs to live up to their promises for genuine customers.
The Middle East has an increasingly well-developed internet infrastructure, perfect for supporting a growing fintech community. Gulf states are leading the world in 5G adoption. Kuwait, for example, achieved nationwide 5G coverage in 2019. Many global financial hubs are far from catching up.
To further bolster the quality of 5G coverage, the UAE and Saudi Arabia are also rolling out Open RAN tech in their national infrastructures as part of the Gulf Open RAN initiative. Another big infrastructure tick for the Gulf is the presence of two Microsoft Azure data centers, in Dubai and Abu Dhabi.
Staying abreast of infrastructure developments in the region can help new fintechs gain a competitive edge. Availability of specific tech may be a reason to choose one specific location over another.
Any sector where there are fortunes to be made will inevitably require related businesses to navigate complicated waters around fraud, compliance and infrastructure. Those businesses always do well when they understand that it’s the small changes that can make the big differences.