Month: August 2020

Image courtesy: Freepik

 

In Chinese philosophy, yin and yang (also yin-yang or yin yang, ‘dark-bright’) explains how seemingly opposite forces may actually be complementary, interconnected, and interdependent in the natural world.

This intriguing idea actually applies perfectly in the context of banking, if we were to see the yin as saving money (from losses), and the yang as making money (from sales).

Banks can monetize their anti-fraud solution for generating revenues

The fundamental idea is that the very same investment in real-time decisioning for monitoring, detecting and preventing fraud can also be monetized for earning additional revenues.

Imagine an intelligent system that studies customers’ behavioral patterns to detect fraud, is also creating precise personas for the bank’s marketing teams to target campaigns to. The same real-time, context-aware logic/approach used to combat cross-channel fraud can also help enable intelligent, hyper-precise targeted and contextual customer engagements.

At the heart of the idea lies the fact that banks have the ‘soul’ of the customer.

Banking is the only industry where the entire life of the customer flows through it. A bank knows how much its customers earn, where they live, where they travel to, how much they spend, who’s part of the family, whether they own their home, even how much fuel they put in their vehicle every month.

Banks have the customers’ ‘soul’, yet they don’t fully monetize the resident wisdom

No other industry (not even telco or retail or OTT platforms) has this extraordinary privilege of having a 360-degree view of a customer’s life. Therefore, only banks have the advantage and ability to actually convert this ‘resident wisdom’ to their benefit.

A true real-time, enterprise-wide, cross-channel fraud management solution ensures that every banking transaction is available in-memory and in real-time.

But since only a relatively small percentage of transactions are fraudulent and since the data is available in the system memory, the bank can run positive scenarios in real-time, after having assigned fraud risk to certain transactions, during the negative-scenario test-run.

The solution can therefore use the same data captured per transaction and analyze the spending and behavior patterns to throw up potential cross-sell and up-sell scenarios in absolute real-time. Precise data analytics on behavior patterns helps create intelligent and efficiently targeted customer interactions and campaigns to grow topline.

So, while the anti-fraud solution helps the bank’s larger enterprise fraud management initiative with:

• a unified case management system for fraud/AML investigation with a 360-degree view of behavior across products and channels
• extreme real-time, context-aware, fraud detection and prevention
• monitoring financial and non-financial transactions of customers, accounts, users, and employees across branch and channel transactions in real-time to detect suspect transactions and respond with the right decision in real-time and generate alerts for investigation.

. . . it can also be used for:

• motivating customers to use POS/E-com channels for digital transactions for generating extreme real-time, ‘in the moment of truth’ cross-sell and up-sell alerts.
• identifying customers who usually travel internationally and offering them custom products in real-time.
• monitoring salary accounts to identify increase in salary credits or a drop in usage of the accounts

So altogether the bank benefits from:

• a smart, intelligent, extreme real-time solution that manages fraud detection/prevention as well as enables customer revenue maximization.
• a non-invasive, bolt-on solution that integrates seamlessly with source systems and reduces TCO.
• lowered cost of compliance of fraud and AML regulatory requirements.
• a single, unified platform that helps protects the bottom-line as well as grows topline.

How does it work?

When the transaction hits the system, it forks, the fraud and AML engine is running the negative scenarios, while the same computing space is also being used to run positive scenarios for cross-sell and upsell.

Such behavior patterns are automatically picked up for a campaign targeted towards these customers.

Additionally, the system can be used to deliver merchant offers in real-time. For example, if based on a card transaction, the system learns that a customer is shopping at a specific location, it can send him/her an offer, (e.g. 20% off) from another merchant a nearby location.

Insights from the system are picked up by a specialist campaign management system that further enriches the information with its own data to come up with the right offer.

It works near real time by running batches every few minutes. If a customer is entitled to an offer (the bank’s alliances / partnerships sources the offers), then he / she receives a text message, a mobile banking in-app notification, or an email.

A leading innovative bank that tried this approach, not only prevented more than $ 9 million in potential fraud, but also delivered over 1 million notifications across various channels such as Internet Banking, email, SMS, and mobile app push notifications. The bank observed much higher click rates (4 – 5%) and conversion rates (3.5%) for these targeted notifications, than regular messages.

Leading innovator bank used same fraud risk management system to perform real-time cross-sell / upsell

Encouraged by the success, the bank is now contemplating using the same system to aid frontline digital customer engagement, such as performing KYC and enabling customers to open accounts in real-time.

Siloed, channel centric anti-fraud solutions cannot see fraud prevention and revenue generation as 2 sides of the same coin, because they do just what they are built for – monitor/detect/prevent fraud for that particular channel.

Innovative fraud management platforms on the other hand have the ability to leverage the same context-aware, real-time decisioning to enable real-time customer cross-sell and upsell.

They can handle exceptionally large data volumes across multiple channels and source systems in real-time, and process transactional as well as non-transactional events in real-time and generate alerts in real-time that can be leveraged for both fraud management as well as revenue enhancement.

This helps banks because that what is meant to protect/save money (curb fraud losses) is also being used to make money (upsell / cross-sell).

Having the same common platform for both critical systems also helps a bank streamline its IT operations in terms of common system interfaces for consistent data quality, maintenance and reduced TCO.

If banks can view their topline and bottom-line as the yin and yang of their business risk management strategy, then a single solution that helps achieve both, becomes the proverbial one stone to target two birds.

 

Image courtesy: Freepik

There’s a rise in fraudsters taking advantage of the socio-economic conditions created by the COVID-19 pandemic, to pull off money mule scams. Besides stealing economic stimulus payments and unemployment benefits, money mule fraudsters are flourishing on opportunities during the crisis.

With over $46 million stolen from consumers in the first half of 2020 (FTC), fraudsters have been exploiting the situation using a variety of tactics to mask their activity, including using money mules to launder funds (FBI).

The Financial Crimes Enforcement Network (FinCen) meanwhile has issued an advisory alerting financial institutions to money mule schemes exploiting the coronavirus pandemic. The advisory highlights several red flag indicators and asks banks to report suspicious activities.

Mules (people recruited to deposit illicit money into their bank accounts but masked as regular financial activity) are usually unaware that they are handling illegal funds. The term is a derivation of ‘drug mule’- a person who transports illegal substances over a border.

Recruiters convince mules that the activity is legitimate work for legitimate business and there’s also a reward for their ‘services’.

A person receives a communication apparently from a trusted source (i.e., their bank, a new acquaintance, the government, a health organization or their child’s educational institution) requesting personally identifiable information (PII); the communication has a link in which the customer is asked to provide their PII.

When customers click the link, they’re taken to fraudulent online resources where they end up divulging their PII.

Mule recruiters enlist their mules online via dating sites, email, popular social media platforms, get-rich-quick advertisements, etc. grooming and convincing their victims to open bank accounts under the pretext of ‘helping’ send or receive funds.

Fraudsters (often who have gained illegal access to business or consumer bank accounts) tend to recruit money mules via phishing emails, text messages, chat messages or social media messages.

Besides good-Samaritan and romance baits money mule scammers also use work-from-home schemes to entice victims to open new bank accounts that can then be used to move laundered funds. Fraudsters have been exploiting these dynamics and also leveraging faster payment options to launder money.

Banking on COVID-19 To Exploit Unsuspecting Customers

Besides the known types of money mules (unwitting, willing, complicit), the pandemic has created a new type of mule – the ‘unwitting-willing’. The new mule variant is eager to help others overcome their difficult financial circumstances during the crisis unaware of the risks involved.

Source

Victims of money mule scams can be individuals or businesses or financial institutions. A few fictitious scenarios that fraudsters create to gain trust during the pandemic:

• Claiming that they are citizens quarantined overseas, requesting money to help them out.
• Claiming that they are citizens or service staff members working abroad, wanting to send or receive money on their behalf to help a family member battling COVID-19.
• Claiming to be a member of a medical organization and wanting to send or receive money on their behalf to help those in need.
• Claiming to be affiliated to a charitable organization and wanting to send or receive money on their behalf to help those in need.

Detecting Money Mule Scams During COVID-19

Traditional anti-mule fraud practices such as monitoring, reactive remediation and preventive controls are not enough during this time.

Monitoring helps identify suspected mule accounts – a key factor in any anti-money laundering system – but it doesn’t deter mule activity.

Reactive remediation is when a bank shuts down accounts identified as mule accounts. While this is essential, it is only a basic deterrent.

Preventive controls block known fraudsters from opening or operating accounts, but its effect on money mules is moderate, and it doesn’t impact COVID-motivated unwitting mules or regular unwitting mules.

There are a few steps banks can take during this time.

Being In-The-Know About Customer Activity – a stringent due diligence process involves identifying account owners and legal beneficiaries before the start of a business relationship. This vastly helps reduce the risk of exposure to money mules. If identification processes are lenient, then subsequent monitoring of transactions may not be able to identify individual suspicious activity effectively.

Vital therefore to utilize every chance to update customer information to consistently retain high monitoring standards. Documentation must be reviewed regularly and updated automatically when there are changes in address or jobs or personal status. Identification of suspect transactions based on customer information, helps trigger prompt enquiry. So, a strong KYC / KYCB record maintenance foundation and practice helps.

While the primary responsibility for identifying suspicious transactions lies with the bank staff processing or checking items, banks should as an additional safeguard deploy the right real-time, cross-channel technology that will generate reports for suspicious transactions that can be inspected by the fraud risk team.

Closer Monitoring of Suspect Transactions – account monitoring on an ongoing basis is critical to ensure that bank accounts are reviewed for unusual and suspicious activity. The bank should be aware of high-risk transactions in these accounts, e.g. activity that has no business or apparently lawful purpose, funds transfers to and from higher-risk jurisdictions, currency-intensive transactions and frequent changes in ownership or control of a nonpublic business entity.

If a customer who claims to be working with an online firm or a money transfer agent receives multiple cash deposits into his / her account, and those funds get wired out shortly thereafter, the bank must verify the purpose of the transactions as well as the actual business of the majority of the beneficiaries.

The bank’s fraud risk team must also ensure that the automated monitoring systems record not just the amount and date of a transaction, but also the identity or geographical location of the persons sending / receiving the wire transfers. Not doing this could lead to a situation where the bank is unable to identify and investigate potentially suspicious transactions based on critical risk factors, such as jurisdiction and the potential involvement of PEPs (politically exposed persons).

Observing the Country of Origin – banks may be able to detect informal value transfers involving unwitting participants by paying close attention to the country of origin of the money in question.

These funds are likely to originate from the domicile country of individuals who have been indicted by the US DoJ for romance scams and / or from countries with low Corruption Perceptions Index (Transparency International) scores.

The DoJ recently indicted 80 individuals for executing a massive business email scam and money laundering scheme valued at approximately $3 billion. In this case, the nationalities of the indicted persons should have raised red flags and prompted the bank’s fraud risk officers to question the customers involved about the purpose of the transactions and the sources of the funds.

Since the customer is unlikely to be aware that he or she is laundering money, they should be able to provide valuable information to their bank. E.g., the customer may inform the bank that the funds are coming from a high-risk country and that he or she was asked to provide the account number so that individuals in that country can transfer funds to the account domiciled in the US.

The money mule might also tell the bank that the funds are for investing in a profitable business. The bank must further inquire into the nature of the business, including any relevant addresses. After investigation, if a bank suspects that the funds are proceeds of criminal activity, the bank must file an STR (Suspicious Transaction Report).

Checking Where the Money Is Headed For – Fraud risk / compliance officers can identify money mules by scrutinizing where the money is being sent. Illicit funds are quite likely to be transferred to countries with low scores in the Financial Action Task Force’s (FATF’s) fourth round of Mutual Evaluation Reports. When a bank discovers that funds are moving to geographies having weak anti-money laundering systems and controls, red flags should be instantly raised and the customer must be asked about the source of the funds and the purpose of the transactions.

Monitoring HNWI Customers – Criminal networks convince high value bank customers with accounts in US or UK banks to create shell companies and trusts as ‘legitimate’ activity. The illicit funds may have already been deposited into the account of the high value mule by another victim who is part of the larger operation. This modus operandi masks the beneficial owner of the account with a shell firm or another legal entity. Shell companies or PICs (Private Investment Corporations) typically operate from countries known to be secrecy havens. When such dynamics are at play, it becomes important for the bank to (a) establish the legitimacy of transactions and (b) be able to follow the trail to determine the identity of the UBO (Ultimate Beneficial Owner).

Just like any other pre-meditated financial crime, money mule fraudsters plan and coordinate their moves very carefully. For detecting suspicious patterns, banks need to be able to have the bigger enterprise-wide contextual picture, instead of siloed, ‘single channel only’ views.

Creating detailed and holistic data viewpoints and strategies help create an effective money mule strategy during COVID-19. Also, AI and ML-based analytics enables monitoring transactions on an exponentially greater scale with far lower false positives.

Subscribing to research insights that profile potential mule fraud victims by demographics and psychographics also helps. This enables ‘intelligently’ discovering insights and elusive trends that would have been otherwise difficult to spot.

Money mules used to be seen as small-time felons, transferring small amounts. Organized, sophisticated money mule schemes of the day have become a professional money laundering mechanism. “Money mules are an essential part of organized crime and international fraud schemes, be it a romance con, business email scam, or a work-from-home ploy.” (FATF)

Whether as complicit players or as victims, money mules are now also laundering funds for organized COVID-19-related crime.

Every year, banks shut down tens of thousands of accounts for suspected fraudulent practices. A substantial chunk of these accounts is suspected to be mule accounts. Conventional anti-mule fraud systems have little impact to stop the problem. With the pandemic enhancing opportunities for fraud and money laundering, banks must boost their monitoring and investigation capabilities to prevent losses.

References

FinCen : Money Mule Schemes Related to COVID-19
FATF: COVID-19-related Money Laundering & Terrorist Financing Risks and Policy Responses
Europol : Money Muling Prevention
Fraud Magazine : Money Mule Profiling Can Help Solve, Prevent Crimes

Though the term deepfake came about in 2017, the ability to modify and manipulate videos dates back to the 1997 Video Rewrite program. It allowed modifying video footage of a person speaking to depict that person mouthing the words from a completely different audio track. The technique of blending images, videos and altering voice has been used in cinema for even longer, but it was expensive and time-consuming.

A deepfake algorithm can convincingly impersonate a real person’s appearance, actions and voice. With the growth of social media and digital technologies, the technique has now become something of an art form with usage growing rapidly.

The volume of deepfakes is growing at an exponential rate – the number of deepfake videos online in late 2019 was over 14,000 – almost double of what it was in the previous year (Tech Times).

Scams using deepfake technology and AI pose a new challenge for businesses, as conventional security tools designed to keep impostors out of corporate systems are not designed to spot fake voices or manipulated videos. Analysts say costs associated with deepfake scams are expected to cross $250 million in 2020 (Forrester).

Source

Cybersecurity companies are in the process of developing products to detect deepfake recordings, while big organizations have begun to take deepfakes very seriously. Google has built a database of 3,000 deepfakes to help researchers and cybersecurity professionals develop tools to combat the fake videos. Facebook and Microsoft are working with leading US universities to build a database of fake videos for research.

The risk has become so real that the US House Intelligence Committee in June 2019 heard expert testimony on the growing threat posed by deepfakes and other AI-generated false information and what it could mean for the 2020 general elections, as well as the country’s overall national security.

The Dangerous New Kid on the Block

Deepfake is being used today to create astonishingly convincing digitally manipulated voices, photos and videos, even fake identities.

Audio deepfakes have already been used in social engineering scams, tricking people into believing they are speaking with a trusted person. In 2019, an energy firm’s CEO was scammed over the phone when he was instructed to transfer €220,000 into a Hungarian bank account by an individual who used audio deepfake technology to mimic the voice of the firm’s parent company’s chief executive.

Deepfake photos are used to create non-existent persons aka sock puppets, who are active online and in traditional media. A deepfake photo appears to have been generated, along with manipulated but genuine looking metadata, for a non-existent person.

Deepfake apps that enable users to substitute their faces onto those of characters in films and TV shows are popular on social media platforms. In January 2020, Facebook said that it was introducing new measures to counter the problem on its platform.

New deepfake software allows adding, editing or deleting words from the transcript of a video, and the changes are reflected seamlessly in the video.

A Tempting Target for a Deepfake Heist

Where there’s money, there’s crime. Trust fraudsters to leverage new technology in their commitment to gain access to accounts, or to set up accounts or steal money. It is just a matter of time before deepfake becomes another method for digital rogues to defraud banks.

Most banks demand a government-issued ID and selfie to determine a person’s digital identity when creating a new account online. An impostor can use deepfake technology to easily create a photo to meet the requirement.

Deepfake technology that mimics human voice is already being used to target call centers. We will soon start seeing signs of deepfake technology being used to bypass face recognition controls, including those using state-of-the-art liveliness tests. Banks will have to develop invisible behind-the-scenes controls that can compensate for the vulnerabilities in current authentication processes and protocols.

Even as banks widen the scope of their digitisation to cater to increasing online action, it is vital to put equal (if not more) emphasis on stronger measures to protect assets and reputation from newer, emerging threats.

Critical therefore to recognize this emerging threat and proactively implement smarter and enterprise-wide defense mechanisms.

How Can Banks Combat Deepfake Fraud?

Certain banks are already using automated deepfake detection software. While these auto-detection technologies work well today to detect amateur deepfakes, it will not suffice in the future. Soon, deepfakes will have ultra-realism, and existing technologies will not be able to detect them.

As with any security measure, employee training and vigilance is paramount. Make staff aware of deepfakes with examples (getting an unexpected call from a senior bank executive asking them to perform an urgent, unexpected, non-standard task. Banks can have internal security questions to help employees confirm a caller’s identity if required.

There are also advanced identity verification solutions with embedded ‘liveness’ detection to detect advanced spoofing attacks, including deepfakes, and check if a remote user is physically present. But deepfakes can bypass these methods and imposters can still game the system unless the ID verification technology has certified liveness detection validated by a competent authority.

As of now, in most cases the attempts have had flaws with enough tell-tale signs about manipulations. There are also tools that help tell fact from fiction. Social and traditional media can use these tools to identify deepfakes, delete or label them, so that users from other industry sectors who rely on the information do not end up becoming unsuspecting victims. Another solution is for imaging technologies is to add ‘digital noise’ to image, voice and video files, making it harder for a fraudster to use them to produce deepfakes.

Financial institutions must also:

• • Invest in newer technology – Reverse image search technologies have enabled tracing original versions of images. However, research is scarce about reverse video searches, and it does not exist in a way that is freely available to all. Banks must collaborate with niche fintech solution vendors to make it possible to develop this technology and publicly release it.

 

• • Enrol social media firms – The massive volume of information that social media companies have, could potentially provide solutions. Regulators, banking industry leaders and policymakers can encourage social media companies to disseminate their data to social scientists (while preserving social media user privacy), to enable discovering new solutions to fight deepfakes.

 

• • Push for legal reforms – Banks and fintechs can spearhead the need for a stronger framework that makes deepfake technology application vendors accountable for enabling deepfake crime.

 

Altering voices, videos and photos have become an effortless affair and it has already become a challenge to determine a person’s identity with 100% accuracy. The latest addition to the list of appearance modifying technologies – deepfake – is also the most formidable one because of its capabilities.

From having to replace customer funds to incurring penalties to losing trust, a deepfake-led data breaches or account takeover, can have a devastating impact for a bank.

As is expected of crime (including fraud and financial crime), it usually stays a step ahead, so yesterday’s solutions will not be enough to solve today’s challenges.

References

CNBC : : Why is deepfake dangerous
Fintech Futures : Taking a deeper look at deepfake technology
Carnegie Endowment for International Peace : Deepfakes and synthetic media in the financial system: Assessing threat scenarios
Forbes : How deepfakes could become a threat to your identity
Forrester : Predictions 2020: This time, cyberattacks get personal