Monzo Card

Monzo, a UK-based digital bank, has been fined by the UK authorities amid concerns from the Financial Conduct Authority (FCA) that it approved customers who claimed to reside at addresses such as 10 Downing Street, Buckingham Palace, and even its own offices.

For FCA, due to inadequate address verification, the bank did not detect these 'implausible' uses of prominent London landmarks on account applications.

Lapses in Address Verification

While the report didn't explicitly say the exact addresses that Monzo customers allegedly used, FCA mentioned that Monzo's address verification controls were inadequate, failing to verify all beneficial owners and politically exposed persons (PEPs), which could potentially include the use of fraudulent addresses.

'From late 2018 until the end of the Pre-VREQ Period, Monzo had no process in place to verify personal banking customer addresses (both initially and on an ongoing basis) to ensure that Monzo's customer base was aligned with its risk appetite,' the report stated.

For FCA, this deficiency meant that Monzo could not ensure that its customer base aligned with its risk appetite, which is a significant weakness in addressing financial crime risk.

Lacking Scope and Robustness

The report also noted that during the pre-voluntary requirement (VREQ) period in 2018, Monzo's Customer Risk Assessment (CRA) and onboarding processes revealed significant shortcomings. The CRA lacked scope and robustness, preventing the firm from accurately identifying high-risk customers and applying appropriate due diligence.

In addition, Monzo's reliance on limited customer information, such as tax residency and IP address, hindered practical risk assessment, especially for non-UK customers and those operating in high-risk industries. Its onboarding controls were often inadequate, with failures to verify addresses or properly assess beneficial ownership and PEP status.

'In view of the results of Monzo's back-book customer remediation during the Relevant VREQ Period, the Authority considers that the risk of Monzo having insufficient knowledge about its customer base to conduct effective risk assessments became apparent,' FCA added.

Other Failings by Monzo

Between August 2020 and June 2022, Monzo repeatedly failed to comply with an FCA order that barred it from opening new accounts for high-risk customers, instead signing up more than 34,000 such accounts during that period, according to an investigation.

Therese Chambers, the FCA's joint executive director of enforcement and market oversight, said banks play a crucial role in preventing financial crime and criticised Monzo for falling 'far short' of expectations.

'Monzo onboarded customers based on limited, and in some cases, obviously implausible information – such as customers using well-known London landmarks as an address,' Chambers said.

'This illustrates how lacking Monzo's financial crime controls were. This was compounded by its inability to comply with the requirement not to onboard high-risk customers properly.'

The bank has since completed a financial crime change programme to strengthen its controls, following recommendations made in an independent review.

Worrying Rise in Digital Banking Fraud

In 2023, criminals stole approximately £1.17 billion through a combination of unauthorised and authorised fraud, while banks blocked a further £1.25 billion in attempted thefts.

It is also worth noting that Monzo also faces challenges: in 2023, they reported 141 authorised push payment (APP) scams per million transactions—among the highest rates—and £280 lost per million, surpassing the broader sector average.

Monzo's recent breach—onboarding over 34,000 high-risk accounts between 2020 and 2022, including those using addresses like Buckingham Palace—highlights systemic vulnerabilities in fraud prevention across the sector.

While digital banks have spearheaded convenience, these incidents underline the pressing need for robust onboarding, monitoring, and real-time fraud controls to safeguard consumers nationwide.

Writer's pick
United Kingdom