As per ACFE’s last Report to the Nations, fraud is a staggering $ 4 trillion global problem – a size and scale astronomical enough for every bank to seriously rethink their entire fraud risk management approach. Let’s take a look at the top 5 implementable best practices that make for the foundation of a robust banking enterprise anti-fraud framework.
5. Realtime fraud prevention across channels
We are four fifths the distance away from the 22nd century as of writing this, even closer when you are reading this. While we have come to realize that multi-channel banking has come to stay, we need to realize that the future will not just be multi-channel but also an unknown number of and unknown combinations of multiple channels.
Today we think in terms of a finite number of channels – ATMs, POS terminals, mobile banking, internet banking and of course the good old branch banking.
However with open protocols becoming the norm, some actively implemented and growing exponentially, like India’s UPI, where vendors can create their own apps to interact with multiple banks, to the Open Banking API platform, in the very near future, you would have a channel for banking that was never even in existence, let alone imagined, with its own balance (or lack of it) between convenience and security.
Guarding fraud in real-time across channels in such a scenario requires guarding the sanctum sanctorum rather than all the practically infinite pathways that lead to it. Guarding those channels individually will just not be scalable nor worth the expense.
4. Sure, start with heuristics, but refine them via automated classification
Your bank has the domain knowledge – heuristics – of over a cumulative years of fraud detection and prevention expertise lying with your seasoned employees. This is a good place to start, when configuring your fraud prevention system to get easy wins in the beginning – a low hanging fruit.
However, automated tools, that have the advantage of being able to process terabytes, petabytes and exabytes of data to arrive at new insights to classify all the actors in any transaction, into possible fraud victims and possible fraudulent actors – must be taken advantage of. These tools are getting commoditized by the day and most fraud prevention systems offer you to start with heuristics and then move on to automated classification.
This is necessary for managing the sheer volumes of transactions. Automated classification acts as a powerful magnet that helps discover the ‘needle in the haystack’ faster.
3. Catch them, then remember them
So you prevented a fraud, then showed management the dollar savings and earned praise. Great. But did you know that you can also showcase further prevention by remembering the entities (humans, machines, locations, time of event, frequency and velocity of events) and applying those patterns to prevent further potential frauds?
Any fraud prevention system that doesn’t take existing fraud parameters into account to improve the prevention algorithm is just doing 10% of the job.
2. Profile victims to prevent similar preying patterns
What goes for fraudsters, goes for victims too. Do you find a particular fraud prevalent with, say, a family of 1 or 2 with ages over 65, residing in smaller cities and/or living on monthly pensions? Or with young people in their late teens / early 20s with heavy social media usage, receiving monthly allowances from parents?
If they could scam one of them, you can be pretty sure that the trap has been laid in other similar places. A group fraud detection system can uncover patterns that can help identify potential victims with a similar background. Profile your victims so that you safeguard your customers while reducing your risk exposure.
1. Maintain the balance between policing and good service
In the age of instant likes and viral everything, no one wants to wait for more than a minute for any digital banking service. All your efforts to provide a secure transaction environment for your customers is not of much use to business if customers end up becoming ex-customers.
So, real-time fraud prevention that doesn’t increase your service latency by more than 100 milliseconds (yes, consumers can sense that half second delay and it can lead to a 20% drop in usage) – is ideal.
Ask for benchmark results from your fraud detection vendors and get the right references before you arrive at a purchase or subscription decision. You want to prevent fraud, but you don’t want to lose customers either.
A holistic approach to targeting fraud in real-time with a blend of heuristic and automated learning is necessary to achieve optimum ROI from your fraud prevention investments.
Also, the banking sector is scaling at a rapid pace to service existing and new customers (including those who may be digital banking newbies or may not be very tech-savvy). This, when combined with accelerated operational automation, diminishing human contact and instances of newer ‘innovative’ fraud schemes, we see there is a clear and present need to re-imagine how financial crime risk can be managed, without impacting customer experience, across the banking enterprise.
To begin with, applying these best practices will be a sure step forward towards laying the foundation of an intelligent banking enterprise anti-fraud framework.