How correspondent banking can manage payment transparency, nesting and fintech risks

For payment transparency, FIs and regulators should have complete clarity of their correspondent banks, nesting banks and even fintech partners.

When it comes to complying with anti-money laundering (AML), sanctions and counter-terrorist finance laws, there is no more important consideration than transparency of payments. Organisations should be familiar with their correspondent banks, but also aware of any financial institutions (FIs) that use downstream correspondent banking, or nesting, in order to secure access to payment networks. The rapid growth of fintech players has added another layer of complexity.

Making basic payment information available is critical to the credibility of correspondent banking

Payment transparency is fundamental to the integrity of financial services, particularly when it comes to cross-border transactions. At first glance, the requirements are simple. The FI is required to collect the first name, last name, account number and address of both the originator of the payment and the beneficiary.1 This information must remain within the related messages transferred throughout the payments chain.

This is basic information, so much so that collecting and sharing it does not raise concerns around data privacy or compliance with privacy regulation such as the EU’s GDPR. The address data, however, is particularly important. It needs to include a country of origin and a country of destination, in order that the FI can assess risks related to that jurisdiction. In fact, without information about the country of origin and the country of destination, checks and controls related to both financial crime compliance and business will not be effective. Complicating matters further, there is no internationally agreed format for what an address must contain on the various payment messaging systems such as SWIFT, CHIPS and Fedwire.

“Without payment transparency, correspondent banks cannot fulfil their obligations around AML and financial crime. Therefore, it is critical that each member in the chain accurately provides all the relevant information. In this way, they increase their own credibility as correspondent banks and also protect their own clients,” said Standard Chartered’s Francesco Miccoli, Regional Head of Correspondent Banking, Europe.

The originating FI is the first link in the payment chain. It therefore has responsibility for ensuring that the orginator information is present and correct, and that the beneficiary’s details in the payment match those provided in the client instruction. Without this information, FIs cannot prevent or detect money laundering, exclude sanctioned individuals, or monitor payments related to Politically Exposed Persons that may signal corruption. Conversely, missing information can cause a potentially low-risk payment to be flagged as high-risk, triggering unnecessary requests for information and delays.

“The different types of controls a FI must have to ensure compliance would depend on the role an FI plays in the correspondent banking payment chain,” said Standard Chartered’s Louis Jacobs, Director Americas for Financial Crime Compliance.

“For instance, an originator bank is the first bank in the chain and must have pre-processing checks in place. The primary obligation of an intermediary bank is to pass the information within the incoming payment message exactly as it is received to the next bank in the chain, maintain proper records and identify repeat offenders. And a beneficiary bank has to ensure that the client information it has on record of the beneficiary matches the beneficiary information in the payment before crediting the beneficiary’s account.”

Therefore, as an originating bank, Standard Chartered checks the data pre-processing in real time to ensure that the necessary information is present before wire payments are authorised. Simply asking the client for the details is not enough; the orginator data in payment messages should be generated by Customer Due Diligence (CDD) and Know Your Customer (KYC) processes.

Institutions that fail to take these steps, or worse which deliberately strip information from the payments to disguise their origin or destination, face sizeable financial penalties.2 If another FI within the payments chain requests further information, this should be supplied promptly, to uphold trust throughout the correspondent network.

Moreover, if the checks fail for any reason, it is important to analyse and improve the CDD and KYC protocols. Institutions should use risk-based monitoring to identify the type of clients, accounts or branches that frequently omit the necessary information, and then additional CDD should be performed on them. They should also be able to ascertain whether an account is offshore.

Nesting instincts

The challenges become more complex when dealing with nested accounts, also known as downstream correspondent banking. US regulators define nesting as when “a foreign financial institution gains access to the US financial system by operating through a US correspondent account belonging to another foreign financial institution”.3 One in five payments through SWIFT is nested, according to the company.4

Nesting can expand financial inclusion, for instance to the customers of small FIs in emerging markets that lack correspondent relationships of their own. It reduces costs, increases economy of scale, and provides a better picture of payments being taken out of the market. However, nesting presents a compliance challenge. The ultimate transaction remitters or beneficiaries are not direct clients of the respondent; often they may be two or more levels away from the correspondent bank that processes the payment.

This means that nesting can expose both the correspondent and respondent FIs to high-risk markets and individuals. Managing the risks around such payments, and ensuring that they are as transparent as possible, is therefore very important.

“Nesting must be allowed only under specific standards, and there must be a nesting procedure in place,” added Miccoli.

“Banks that host nested accounts should ensure they have a strong CDD capability, and that they are able to perform real-time monitoring of payments to detect unusual patterns or missing data.  Such monitoring should be backed by effective KYC that allows an FI, for instance, to notice if a customer has made a payment to a location where they have not previously done business, particularly if that locality is high-risk for corruption, money-laundering, fraud or terrorist financing. Unless nesting banks provide us with these assurances, we are not comfortable processing such payments,” said Standard Chartered’s Germana Cruz, Head of FIs for Latin America.

Fintechs are FIs, too

Many fintechs are in start-up mode, with compliance mechanisms that reflect that early stage of their development. Moreover, some aggregate the payment flows of their customers as part of a business model to tap efficiencies and economies of scale, which can potentially obscure those customers’ identities and reduce transparency.

Reducing the risks surrounding such fintechs requires assessing their business models, and how effectively those models are being supervised by their national regulator. Fintechs are FIs and need to be considered as such, which means they need to provide the same information as traditional banks.

A balance has to be struck between encouraging financial inclusion and the efficiencies that fintech can bring, while retaining transparency. As an industry, FIs must come together to create minimum standards for institutions that wish to benefit from correspondent banking relationships, particularly for nested entities, so that growth can be achieved and risks minimised.

1 p5, Basel Committee on Banking Supervision, 2009, "Due diligence and transparency regarding cover payment messages related to crossborder wire transfers", Bank for International Settlements

2 Brett Wolf, 2014, "BNP’s misuse of ‘satellite banks’ may portend future enforcement over ‘nested’ correspondent accounts", Thompson Reuters, 27 March,

3 FFIEC InfoBase, Federal Financial Institutions Examination Council,

4 Financial Crime Compliance, 2018, "Leverage your SWIFT data for global correspondent banking transparency", SWIFT, 27 June,

Back to news and views