Compliance Spotlight: George McNaughton, Head of Compliance at ShareIn
George has over 30 years’ experience in the banking and finance sector, originally starting in branch banking and now through to his current role as Head of Compliance for Edinburgh fintech ShareIn. Having held his current role since January 2019 he has a business-focused approach to compliance, balancing business needs with risk management and regulatory compliance. We interviewed George to learn more about his career and views on compliance and what lies ahead for the industry in 2021.
Tell us more about your compliance journey?
My journey started in retail banking and has continued within the wider banking and finance sector, in both operational and customer facing roles. I’ve always had an interest in quality assurance and compliance and as I continued my career, policy and procedures became a larger part of my day-to-day activities.
During the last financial crisis, I spent my time as part of a consultancy team engaged by the third largest bank in Ireland to help restructure their mortgage department. The bank needed to find a way to buy itself time whilst helping customers that had been adversely affected from the crash. My role involved working with operational units and legal teams, to restructure the processes for creating new business models to help customers in arrears with their mortgage, including vulnerable customers.
After working with traditional financial firms, and using my experience, I switched to the FinTech space in 2019 to become Head of Compliance at ShareIn, and as the saying goes, ‘have never looked back since’.
What has been most challenging about your journey?
The toughest challenge is getting companies to see compliance as an asset rather than a business blocker. If you have a blocker perspective on compliance, then you are going about it the wrong way.
Compliance should be viewed as a business enabler. Businesses need to take a risk-based approach. It’s about understanding the risk-appetite of the business and managing the level of risk a business is prepared to take, whilst at the same time satisfying the regulator and keeping the customers happy. This balance is both the most challenging aspect of the role, but also the most rewarding.
The compliance function has previously been seen as highly technical and bureaucratic. However, with digital transformation, compliance is now transitioning and being viewed as business-critical with business savvy C-Suites realising the importance of the role within the overall business strategy. This is in turn, creating an abundance of lucrative opportunities.
Compliance professionals can not only assist in shaping the culture and ethics of an organisation, but can also drive the technical elements of business compliance and regulatory change.
In your view, what is the largest challenge facing compliance officers in 2021?
Pace of change, undoubtedly. There’s always so much going on within the compliance space, including ever-changing regulatory requirements and FCA updates. Added to this the UK’s separation from Europe.
As a result, it’s a challenge to stay on top of the changes within the industry. MLRO’s and compliance officers must constantly review the impact of these changes on internal processes, clients and business. Again, it comes back to the balance of delivering regulatory compliance whilst achieving efficiency and improved customer experience.
Money launderers and fraudsters are increasingly more sophisticated. Do you think the gap between AML legislation and the bad actors is widening or reducing?
In the past the money laundering war was essentially a reactive one. Subsequently, money launderers have become increasingly more organised with a constant flow of opportunists waiting to take advantage of those more vulnerable. Government, regulators and law-abiding businesses have had to constantly react to key events in history by strengthening regulatory frameworks and preventative measures.
To win the money laundering war, businesses, Governments and regulators will have to be proactive otherwise the gap will widen. RegTech technology is essential in the fight against financial crime as it provides real time verification, increased efficiencies, volume processing and more accurate results together with a product roadmap to reduce fraudulent activities. New technologies include the on-going development in biometric facial recognition, AI and machine learning and are crucial in winning the fight against organised criminals.
Do you have any real-life examples with bad actors trying to manipulate the system?
Using NorthRow to flag suspicious records in real time has allowed us to be ahead of the game. With the ability to look holistically at the entire customer journey, from onboarding through to ongoing monitoring and remediation, ShareIn has been able to prevent any major bad actors having a negative impact. However, we will not rest on our laurels and appreciate the collaboration working with NorthRow to continually review the product roadmap to meet any new fraudulent methodologies head on.
When working in London, as an online lender, the risk of application fraud was common-place. There was an instance where an individual was responsible for 20 applications using real people’s names and personal information. The fraudster had acquired the exact information necessary to make legitimate loan applications. We identified the trend and ensured the fraudulent applications were blocked. This may seem like a small insignificant case but these instances are not isolated – we must remain vigilant to stop these criminals in their tracks.
How has KYC compliance technology improved over the years and what does the future hold?
It is crucial for firms to respond to new regulations while ensuring that the customer experience does not suffer.
The digital transformation of compliance processes allows technology to automate repetitive tasks and identify only those instances where manual intervention is required. By verifying an identity against multiple qualified data sources and registrars from companies such as NorthRow means the onboarding verification can deliver the friction free user experience that customers now demand.
Being able to prioritise only those files flagged as suspicious either at onboarding or when monitoring/remediating data allows the compliance officer and wider business to make effective data driven decisions and allocate resources where most needed.
Technology easily accommodates the constant changes to regulation with the availability of API driven data sets and rules based engines. It is also easier to incorporate global data into one source which is obviously a requirement in today’s global economic climate where business is transacted across various countries.
Thankfully at ShareIn, as a tech start up, we don’t have masses of data across various legacy platforms. If that were the case I would be heavily reliant on using technology to its fullest advantage to help with productivity of pulling all the data together in order to achieve good practice KYC.
I know there is a fear amongst many businesses of having to ascertain who the customers are, and then going back to them to request those all important questions when it comes to remediating their data. By working with NorthRow and deploying a digital solution we can deliver an excellent track record in KYC and KYB reporting as we view the whole customer lifecycle holistically rather than in individual silos.
What do you think the future of compliance will look like from 2021?
It now appears inevitable that the global spread of COVID-19 will cause a significant, but hopefully short-lived, recession. All economic downturns prompt greater levels of fraud and money laundering activity. Compliance Officers will need to be on the lookout for warning signs of criminal activity and ensure that the undoubted pressures of the current crisis does not weaken their focus on compliance and proper risk management.
We have yet to see the effects of the easy deployment of the Government support packages of Business Bounce Back Loans as well as the CBIL’s loans offered to counteract the impact of the various lockdowns.
I predict a very busy few years ahead for smaller lenders in supporting the economic recovery as well as the larger institutions who will require digital solutions to support their remediation projects.
KYC Remediation is usually a compliance headache. Have you much experience with running a large project? If you have, what were / are the biggest challenges for running an effective KYC remediation project?
I was part of a project team tasked with centralisation of mortgage arrears management for a UK Bank which was very challenging in terms of scope and time. The team had to centralise the mortgage arrears previously managed by branches and this took two years to complete, despite the additional headcount that was recruited.
Gathering all the data and reviewing each case took resources away from other tasks and the cost to the business was incredibly high, but as with all compliance, it had to be delivered. It comes back to my point about only reviewing the cases that were placing the Bank at risk.
Risk management and an effective KYC strategy is key for any regulated business. I enjoy my role as Head of Compliance at ShareIn as it allows me to go beyond the detail of the various regulations and the implications of non-compliance. It allows me to develop my understanding of people and their behaviours and then deliver an interpretation of the spirit of regulation to enable the business to deliver its legal responsibilities.
Based in the heart of Edinburgh we have a unique offering providing both a technology and a regulatory solution for online investment. Sharein employees combination of finance professionals, software engineers, project managers, compliance experts all here to help your business succeed.
Sharein’s investment platforms enable clients to connect with their network and raise capital. Their platform handles every step of the investment process and ensures compliance at every stage, so clients can get on with growing their business.