L04 Standard Quiz — Financial Technology (FinTech)

1

Understand

What are the three stages of money laundering, and in what order do they occur?

A.Integration, layering, placement B.Placement, layering, integration -- illicit funds are first introduced into the financial system, then moved through complex transactions to obscure their origin, and finally reintroduced into the legitimate economy C.Layering, placement, integration D.Detection, investigation, prosecution

2

Understand

What is the primary purpose of Know Your Customer (KYC) requirements in financial services?

A.To maximize the number of customers a bank can onboard per day B.To verify the identity of customers, assess their risk profile, and ensure the financial institution is not facilitating money laundering, terrorist financing, or other financial crimes C.To collect marketing data about customers for targeted advertising D.To determine which customers qualify for premium banking products

3

Understand

What is the EU Markets in Crypto-Assets (MiCA) regulation designed to achieve?

A.To ban all cryptocurrency trading within the European Union B.To establish a comprehensive, harmonized regulatory framework across all EU member states for crypto-asset issuers and service providers, covering consumer protection, market integrity, and financial stability C.To create a single EU-backed cryptocurrency to replace the euro D.To regulate only Bitcoin and Ethereum, leaving other tokens unregulated

4

Understand

What is a regulatory sandbox in the fintech context?

A.A physical testing laboratory where fintech hardware is evaluated B.A framework established by a regulator that allows fintech firms to test innovative products, services, or business models in a controlled environment with real customers, under relaxed regulatory requirements and with regulatory oversight, for a limited time period C.A region where all financial regulations are permanently suspended D.A software tool used to simulate financial transactions in isolation

5

Apply

A US-based fintech startup wants to offer a mobile lending app to consumers across multiple states. Applying the US regulatory framework, which of the following best describes the regulatory challenge it faces?

A.It only needs approval from a single federal regulator B.It must navigate a patchwork of federal regulators (OCC, CFPB, SEC, CFTC, FinCEN) and state-level licensing requirements, because the US lacks a single unified fintech regulator, and consumer lending is regulated at both the federal and state level C.US fintech startups are exempt from all regulation until they reach a certain revenue threshold D.Only the SEC regulates all fintech lending products in the US

6

Apply

A bank's transaction monitoring system flags a series of deposits: a customer makes five cash deposits of EUR 9,500 each over consecutive days, just below the EUR 10,000 reporting threshold. Apply the AML framework: what type of suspicious activity does this pattern indicate?

A.Normal savings behavior from a high-income individual B.Structuring (also called 'smurfing') -- deliberately breaking large amounts into smaller deposits below the reporting threshold to avoid triggering a Currency Transaction Report, which is itself a federal offense regardless of whether the underlying funds are legitimate C.An accounting error in the bank's system D.A legitimate payroll deposit pattern

7

Apply

A digital neobank is onboarding a new customer remotely. Apply the KYC process framework: which sequence of steps constitutes a compliant customer onboarding process?

A.Collect the customer's email address, open the account, and verify identity later B.Collect identity documents, verify them against authoritative databases, perform a liveness check (biometric selfie), screen the customer against sanctions and PEP lists, assess risk level, and then open the account with appropriate monitoring C.Accept the customer's self-declaration of identity without any verification D.Require the customer to visit a physical branch for all identity verification

8

Apply

A compliance officer needs to automate the screening of customer names against global sanctions lists and politically exposed persons (PEP) databases. Apply the RegTech framework: which technology solution best fits this compliance need?

A.A basic spreadsheet with manual name lookups B.An automated identity verification and screening platform using fuzzy name matching, real-time sanctions list updates, and risk-scoring algorithms to flag potential matches for human review C.A blockchain-based payment system D.Hiring additional compliance staff to manually review every customer application

9

Apply

A fintech firm in Singapore wants to operate a digital payment token service. Apply the MAS (Monetary Authority of Singapore) licensing framework: under which regulatory regime must it operate?

A.No license is required because Singapore does not regulate digital payment tokens B.The firm must obtain a license under the Payment Services Act (PSA), which categorizes digital payment token services as a regulated activity requiring either a Standard Payment Institution or Major Payment Institution license depending on transaction volume C.It only needs to register as a generic business entity D.The firm must obtain a traditional banking license from MAS

10

Apply

A UK fintech has been accepted into the FCA regulatory sandbox. Apply the sandbox framework: which of the following conditions typically applies during the sandbox testing period?

A.The firm is exempt from all regulations permanently B.The firm operates under tailored regulatory requirements with safeguards such as customer limits, disclosure requirements, and reporting obligations to the regulator, for a defined testing period, after which it must either obtain full authorization or cease the regulated activity C.The firm can operate without any regulatory oversight whatsoever D.The sandbox only allows testing with simulated data, never real customers

11

Apply

A compliance team discovers that a customer is a senior government official in a foreign country. Apply the PEP (Politically Exposed Person) screening framework: what enhanced due diligence measures should the institution apply?

A.Immediately close the account because PEPs are prohibited from holding bank accounts B.Apply enhanced due diligence including: determining the source of wealth and funds, obtaining senior management approval for the relationship, conducting ongoing enhanced monitoring of transactions, and documenting the rationale for maintaining the relationship C.Treat the customer identically to any other customer with no additional checks D.Report the customer to law enforcement solely because they are a PEP

12

Apply

A European fintech issues a stablecoin pegged to the euro and wants to operate across the EU. Apply the MiCA classification framework: how would this token be classified, and what does this require?

A.It would be classified as a utility token requiring no specific authorization B.It would be classified as an e-money token (EMT) under MiCA, requiring the issuer to be authorized as a credit institution or electronic money institution, maintain reserves equal to the value of tokens in circulation, and comply with redemption rights and capital requirements C.Stablecoins are banned under MiCA D.It would be classified as a security and regulated by national securities regulators only

13

Analyze

Compare an innovation-friendly regulatory approach (e.g., the UK FCA) with a precautionary approach (e.g., China's 2021 crypto ban). What trade-offs does each approach create for fintech development?

A.Innovation-friendly approaches have no risks; precautionary approaches have no benefits B.Innovation-friendly approaches attract fintech investment and foster ecosystem growth but risk consumer harm from under-regulated products and potential financial instability. Precautionary approaches protect consumers and financial stability but may drive innovation offshore, reduce domestic competitiveness, and push activity into unregulated shadow channels. C.Both approaches produce identical outcomes for fintech innovation D.Precautionary approaches always produce superior fintech outcomes

14

Analyze

Analyze the concept of regulatory arbitrage in fintech. Why do some fintech firms choose to incorporate in jurisdictions with lighter regulatory regimes, and what risks does this create?

A.Regulatory arbitrage does not exist because all jurisdictions have identical regulations B.Fintechs exploit differences in regulatory stringency across jurisdictions to minimize compliance costs and operational constraints. This creates risks including: a 'race to the bottom' where jurisdictions compete by lowering standards, reduced consumer protection for users in stricter jurisdictions who access services from lightly-regulated ones, and systemic risk from regulatory gaps in oversight of cross-border digital services. C.Firms choose lighter jurisdictions only for tax reasons, not regulatory reasons D.Regulatory arbitrage benefits all stakeholders equally

15

Analyze

Analyze how compliance costs disproportionately affect small fintech firms compared to large incumbents. What structural factors drive this disparity?

A.Compliance costs are identical for all firms regardless of size B.Compliance has significant fixed costs (legal counsel, compliance systems, reporting infrastructure, licensing fees) that do not scale proportionally with firm size. A small fintech may spend 5-15% of revenue on compliance versus 1-3% for a large bank, creating barriers to entry, favoring incumbents, and potentially reducing competition in the financial services market. C.Large banks have higher compliance costs per unit of revenue than small fintechs D.Small fintech firms are exempt from compliance requirements

16

Analyze

Analyze the components of a modern RegTech compliance stack. What are the key technology layers, and how do they work together to automate regulatory compliance?

A.RegTech consists only of a single database of customer records B.A modern RegTech stack includes: identity verification (biometric, document analysis, database checks), transaction monitoring (real-time pattern detection using ML), sanctions and PEP screening (fuzzy matching against updated lists), regulatory reporting (automated generation of SARs and CTRs), and risk scoring (continuous customer risk assessment). These layers feed into a central compliance dashboard for human oversight. C.RegTech only applies to cryptocurrency companies, not traditional financial institutions D.RegTech eliminates the need for human compliance officers entirely

17

Analyze

Compare the EU's MiCA framework with the US approach to crypto-asset regulation. What is the fundamental structural difference, and what implications does it have for market participants?

A.Both the EU and US have identical regulatory frameworks for crypto-assets B.MiCA provides a single, bespoke regulatory framework purpose-built for crypto-assets across all EU member states, creating legal certainty and a passport for cross-border operation. The US relies on applying existing securities (SEC) and commodities (CFTC) laws through enforcement actions, creating regulatory uncertainty, jurisdictional conflicts, and higher compliance costs for firms that must navigate multiple overlapping regimes. C.The US has a more comprehensive crypto regulation than the EU D.Neither the EU nor the US has any crypto-asset regulation

18

Analyze

Analyze how digital identity verification technologies (e.g., biometrics, e-IDs, video verification) have changed the KYC process. What new risks do they introduce compared to traditional in-person verification?

A.Digital identity verification eliminates all fraud risk B.Digital verification enables remote onboarding at scale and reduces friction, but introduces new risks: deepfake attacks that can defeat facial recognition, synthetic identity fraud using fabricated documents, data breach exposure of biometric data (which unlike passwords cannot be changed), and algorithmic bias in identity verification systems that may disproportionately reject certain demographic groups. C.Digital identity verification is identical to in-person verification with no new risks D.Traditional in-person verification is superior in every way and should never be replaced

19

Evaluate

Evaluate the effectiveness of regulatory sandboxes. Do they achieve their stated goals of promoting innovation while protecting consumers?

A.Sandboxes are universally effective and every country should adopt them B.Evidence is mixed. Sandboxes can lower entry barriers, provide valuable regulatory learning, and help firms test innovations safely. However, they have limitations: many firms struggle to transition from sandbox to full authorization, the number of participants is typically small, consumer exposure during testing creates real risk, and sandboxes may give an unfair competitive advantage to selected firms over non-participants. C.Sandboxes have completely failed and should be abolished everywhere D.Sandboxes only benefit large incumbent banks, not startups

20

Evaluate

Evaluate the feasibility of achieving global harmonization of fintech regulation. Is a single worldwide regulatory standard achievable or desirable?

A.Full global harmonization is easily achievable and should be implemented immediately B.Full harmonization is neither achievable nor entirely desirable. Countries have different financial systems, risk tolerances, legal traditions, and policy priorities. However, coordination on baseline standards (AML/KYC via FATF, data protection principles, cross-border cooperation) is both feasible and valuable. The optimal outcome is interoperability between regulatory frameworks rather than a single global standard. C.Each country should regulate fintech in complete isolation with no international coordination D.Global regulation would eliminate all financial crime overnight

Lecture 4: Fintech Security and Regulation

Quiz Complete