Amid recent cases involving Starling and Metro Bank, digital-first banks face mounting regulatory pressure as scrutiny around AML controls grows.
Challenger banks have transformed the financial industry in recent years bringing an attractive wave of innovation that reshaped customer expectations, prioritising user-friendly digital experiences, low fees, streamlined services and many other irresistible add-ons. These banks have leveraged technology to fill gaps left by traditional institutions, targeting underserved demographics, offering features like real-time payments, seamless app integrations and customer-centric service models.
European neobanks, such as Revolut with over 45 million users as of November 2024 and N26 serving more than 8 million respectively, have achieved substantial customer bases through highly attractive service models. According to the Times, in the UK, digital banks have increased their market share of current accounts from 1% in 2018 to 8% in 2023, indicating a significant shift in consumer preference towards digital banking solutions.
Rapid growth and innovations have attracted regulatory attention – from the very start regulatory authorities have wanted to ensure that the disruptive models of the neo banks adhere to the same standards of accountability, risk management and compliance as those of the traditional banks. Initially, however, the pace and the scope of their scrutiny were far less intensive and rigorous.
Financial regulators have increased their scrutiny of challenger banks in recent years, particularly concerning financial crime controls and anti-money laundering (AML) compliance. This year, the challenger banking sector has gained most attention. This tendency likely stems from the growing concerns that digital-first banks expose vulnerabilities in critical areas currently at the top of regulators’ agendas, including anti-money laundering, sanctions compliance, counter-terrorist financing. The heightened oversight has led to significant fines and enforcement actions against several institutions.
In May 2024, the U.S. Consumer Financial Protection Bureau (CFPB) assessed a $3.25 million penalty against Chime Financial for illegally delaying consumer refunds. The company failed to return deposits from closed accounts in a timely manner, with thousands of customers waiting 90 days or longer.
In July 2024, DBS Bank (Hong Kong) Limited was fined HK$10 million ($1.73 million) by the Hong Kong Monetary Authority (HKMA) for lapses in adhering to AML and counter-terrorist financing regulations. The bank failed to continuously monitor business relationships and conduct enhanced due diligence in high-risk situations, and also failed to keep records on some of its customers.
In September 2024, the UK’s Financial Conduct Authority (FCA) fined Starling Bank £29 million (about $38.86 million) for deficiencies in its anti-money laundering controls and sanctions screening systems. The FCA noted that Starling opened over 54,000 accounts for high-risk customers between September 2021 and November 2023, highlighting significant lapses in compliance.
Similarly, Metro Bank has just faced a £16.7 million (about $21 million) fine from the FCA for failing to address serious deficiencies in its automated transaction monitoring system implemented in 2016. The system suffered from flaws in its setup and oversight, which went undetected for years. Despite internal concerns and subsequent fixes, vulnerabilities persisted until 2020, leading to over 60 million unchecked transactions worth over £51 billion. The original fine, before a 30% reduction for early settlement, would have been higher equaling to £23,821,700 (about $29,8 million).
These enforcement actions reflect a broader trend of regulators demanding stronger financial crime controls from challenger banks. Back in 2022, the FCA has emphasised that rapid customer growth should not compromise compliance with customer due diligence obligations.
This likely won’t be the last such example as regulators continue the crack-down on digital banks. In response, challenger banks are reportedly investing heavily in enhancing their compliance systems and governance structures to meet regulatory expectations.
“Robust compliance frameworks often lag when rapid expansion and lean business strategies are primary focuses. Many of these challenges were initially tempered by a kind of grace “honeymoon” period from regulators. Now, we are witnessing a dramatic shift in how regulators approach these institutions, and we can see that the early days of leniency are over. Meeting heightened regulatory standards isn’t just a matter of scaling operations. For challenger banks, it is now about fundamentally rethinking processes to be able to withstand the same level of rigorous scrutiny as applied to traditional banks.” – Mike O’Keeffe, General Manager EMEA, Corlytics, commented.
Compared to traditional banks, digital banks often face greater difficulty handling regulatory fines. They typically operate with limited financial and human resources, leaving them less equipped to handle costly penalties or maintain large compliance teams. Their rapid growth often prioritises scaling and user acquisition over regulatory frameworks, which can lead to compliance gaps and increased risk of breaches. Many challenger banks operate on thin profit margins due to their competitive pricing models and low-fee structures. Fines can significantly impact their financial health, especially if they lack sufficient reserves or a diversified revenue stream.
However, what makes it easier for digital banks to approach the new game levels is their natural agility in operations. If compared to traditional financial institutions, there is no news that challenger banks hold a significant advantage: they are not encumbered by legacy processes, outdated technology or rigid structures. This lack of legacy baggage allows them to swiftly adapt and adopt advanced compliance technologies, positioning them to respond to regulatory changes with agility. As a result, the digital-first banks can swiftly integrate cutting-edge solutions, from AI-driven regulatory monitoring to automated compliance and risk management systems, far more effectively and efficiently than their established counterparts. In fact, this agility enables challenger banks not only to meet regulatory demands but also to set new standards in compliance and operational resilience.
While regulatory pressures are increasing, neobanks have a much better opportunity to innovate in compliance. “For digital banks, compliance has become as central as customer experience. This shift happening now marks a transformative moment, moving digital banks from disruptive upstarts to trusted pillars of the financial ecosystem. Those that embrace regulatory standards with the same enthusiasm as innovation will thrive and redefine the future of banking,” Mike O’Keeffe observed.
Anna Antimiichuk, Global Head of Communications, Corlytics