A Core Banking-led Enterprise Fraud Detection System provides five distinct advantages over siloed Delivery Channel based systems; namely the depth of analysis, ease of configuration and implementation, cross channel fraud detection, insider fraud detection and a real-time highly available fraud detection engine by default rather than as an add-on feature. This paper explores these key differentiating aspects further.
Image courtesy: Pixabay
Though the term deepfake came about in 2017, the ability to modify and manipulate videos dates back to the 1997 Video Rewrite program. It allowed modifying video footage of a person speaking to depict that person mouthing the words from a completely different audio track. The technique of blending images, videos and altering voice has been used in cinema for even longer, but it was expensive and time-consuming.
A deepfake algorithm can convincingly impersonate a real person’s appearance, actions and voice. With the growth of social media and digital technologies, the technique has now become something of an art form with usage growing rapidly. Scams using deepfake technology and AI pose a new challenge for businesses, as conventional security tools designed to keep impostors out of corporate systems are not designed to spot fake voices or manipulated videos.
Anti-fraud technology companies are in the process of developing defenses to detect deepfakes, while organizations have begun to take deepfakes very seriously. Google has built a database of 3,000 deepfakes to help researchers and cybersecurity professionals develop tools to combat the fake videos. Facebook and Microsoft are working with leading US universities to build a database of fake videos for research.
Two years ago, the New York Times, the BBC, CBC Radio Canada and Microsoft launched Project Origin to create technology that proves a message actually came from the source it purports to be from. In turn, Project Origin is now a part of the Coalition for Content Provenance and Authenticity, along with Adobe, Intel, Sony and Twitter. Some of the early versions of this software that trace the provenance of information online already exist, the only question is who will use it? (Forbes).
The risk has now become so real, that the US government has been debating the growing threat posed by deepfakes and other AI-generated false information and what it could mean for the country’s national security. In June 2022, the US government tabled a bill to be enacted by the Senate and House of Representatives to combat the spread of disinformation via deepfake video alteration technology (Congress.gov).
The Lethal New Kid on the Block
Deepfake is being used today to create astonishingly convincing digitally manipulated voices, photos and videos, even fake identities.
Deepfake photos are used to create non-existent persons (aka sock puppets), who are active online and in traditional media. A deepfake photo appears to have been generated, along with manipulated but genuine looking metadata, for a non-existent person.
Deepfake apps that enable users to substitute their faces onto those of characters in films and TV shows are already popular on social media platforms.
New deepfake software allows adding, editing, or deleting words from the transcript of a video, and the changes are reflected seamlessly in the video.
Audio deepfakes have already been used in social engineering scams, tricking people into believing they are speaking with a trusted person. An energy firm’s CEO was scammed over the phone when he was instructed to transfer €220,000 into a Hungarian bank account by a fraudster who used audio deepfake technology to mimic the voice of the firm’s parent company’s chief executive.
The volume of deepfakes grew at an exponential rate – from around 14,000 in 2019 to 145,000 in 2021 (TechCrunch). Recently, in one of the most significant deepfake phishing attacks, a bank manager in the United Arab Emirates fell victim to fraudsters, who used AI voice cloning to trick the bank manager into transferring $35 million. (Forbes). Fraudsters are also breaking into video conversations. A recent survey reveals that more than 30% of companies experienced attacks on their videoconferencing systems in 2021.
Deepfake Frauds in Banks: A Few Scenarios
New Account Fraud
Aka application fraud, this type of fraud occurs when fake or stolen identities are used specifically to open bank accounts. A fraudster can create a deepfake of an applicant and use it to open an account, bypassing most of the usual checks. The criminal could then use that account to launder money or run up large amounts of debt. Once they become proficient in this, they can create fake identities at scale to attack financial services globally.
With ghost fraud, criminals use personal data from a deceased person for access to online services, tap into savings accounts and gain credit scores, as well as apply for cars, loans or benefits. Deepfake technology lends credibility to such applications, as the bank officials checking an application see a convincing moving, speaking figure on screen and believe that this is a live human being.
Synthetic Identity Fraud
Amongst the most sophisticated deepfake tactic, synthetic identity fraud is extremely difficult to detect. Rather than stealing an identity, criminals combine fake, real and stolen information to ‘create’ someone who doesn’t exist.
These synthetic identities are then used to apply for credit/debit cards or complete other transactions to help build a credit score for the new, non-existent ‘customer’.
Costing businesses billions each year (Pymnts.com), synthetic identity fraud is the fastest-growing type of financial crime, and deepfake technology adds another layer of validity to these types of attacks.
Fraudulent Claims by Deceased Persons
Using deepfakes, fraudsters can also make insurance or other claims on behalf of deceased individuals. Claims can successfully continue to be made on pensions, life insurance and benefits for many years after a person dies and could be done either by a family member or professional fraudster. Here, deepfakes are used to convince the bank that a customer is still alive.
A Tempting Target for a Deepfake Heist
Where there’s money, there’s crime. Trust fraudsters to leverage new technology in their commitment to gain access to accounts, or to set up accounts or steal money. It is just a matter of time before deepfake becomes another new normal for digital rogues to defraud banks.
Most banks demand a government-issued ID and selfie to determine a person’s digital identity when creating a new account online. An impostor can use deepfake technology to easily create a photo to meet the requirement.
Deepfake technology that mimics human voice is already being used to target call centers. We will soon start seeing signs of deepfake technology being used to bypass face recognition controls, including those using state-of-the-art liveliness tests. Banks will have to develop invisible behind-the-scenes controls that can compensate for the vulnerabilities in current authentication processes and protocols.
Even as banks widen the span of their digitisation efforts to cater to increasing online action, it is vital to put equal (if not more) emphasis on stronger measures to protect assets and reputation from newer, emerging threats.
Critical therefore to recognize this emerging threat and proactively implement smarter and enterprise-wide defense mechanisms.
How Can Banks Combat Deepfake Fraud?
Many banks are already using automated deepfake detection software. While these auto-detection technologies work well today to detect amateur deepfakes, it will not suffice going forward. Very soon, deepfakes will have ultra-realism, and existing technologies will not be able to detect them.
As with any security measure, employee training and vigilance is paramount. Banks must invest time and effort in making staff aware of deepfakes with examples (getting an unexpected call from a senior bank executive asking them to perform an urgent, unexpected, non-standard task. Banks can have internal security questions to help employees confirm a caller’s identity if required.
There are also advanced identity verification solutions with embedded ‘liveness’ detection to detect advanced spoofing attacks, including deepfakes, and check if a remote user is physically present. But deepfakes can bypass these methods and imposters can still game the system unless the ID verification technology has certified liveness detection validated by a competent authority.
As of now, in most cases the attempts have had flaws with enough tell-tale signs about manipulations. There are also tools that help tell fact from fiction. Social and traditional media can use these tools to identify deepfakes, delete or label them, so that users from other industry sectors who rely on the information do not end up becoming unsuspecting victims. Another solution is for imaging technologies is to add ‘digital noise’ to image, voice and video files, making it harder for a fraudster to use them to produce deepfakes.
Biometrics provides financial services institutions with a highly secure and highly usable means of verifying and authenticating online users.
Biometric face verification enables an online user to verify their face against the image in a trusted document (such as a passport or driver’s licence). This is ideal for the first interaction with a new customer, for example at onboarding.
Online face authentication then enables a returning customer to authenticate themselves against the original verification every time they want to log in to their account.
Financial Institutions must also:
Invest in newer technology. Reverse image search technologies have enabled tracing original versions of images. However, research is scarce about reverse video searches, and it does not exist in a way that is freely available to all. Banks must collaborate with niche fintech solution vendors to make it possible to develop this technology and publicly release it.
Enrol social media firms. The massive volume of information that social media companies have, could potentially provide solutions. Regulators, banking industry leaders and policymakers can encourage social media companies to disseminate their data to social scientists (while preserving social media user privacy), to enable discovering new solutions to fight deepfakes.
Push for legal reforms. Banks and fintechs can spearhead the need for a stronger framework that makes deepfake technology application vendors accountable for enabling deepfake crime.
Altering voices, videos and photos have become an effortless affair and it has already become a challenge to determine a person’s identity with 100% accuracy. The latest addition to the list of appearance-modifying technologies – deepfake, is also the most formidable one because of its astonishing capabilities.
From having to replace customer funds to incurring penalties to losing trust and reputation, deepfake-led data breaches or account takeovers, can have a devastating impact for a bank.
And as is historically evident with any form of crime, especially financial crime, it usually stays a step ahead, so yesterday’s solutions will simply not be enough to solve today’s newer challenges.
Image courtesy: Sandeep Singh on Unsplash
The pandemic continues to have a significant socio-economic impact with cases, fatalities and intermittent related / variant outbreaks occurring.
Since early 2020, the banking industry worldwide has been bearing the impact. A substantial section of the sector’s workforce has been furloughed, with existing workers forced to telecommute. With branch visits continuing to shrink, usage of digital channels is now at an all-time high. Call volumes at contact centers have spiked with more anxious customers seeking support, and on a wider variety of issues.
The situation has put certain critical aspects of the banking ecosystem in the spotlight, especially that of digital customer experience – a vital factor during challenging times. Imperative therefore to explore how customers’ digital experiences can be made frictionless during an exceptionally difficult phase.
Understanding Digital Friction
Quite a lot of things have changed in response to the ongoing situation. So merely having/managing multiple digital channels is not enough. Banks are already overwhelmed by the number of delivery channels they need to manage. To provide a stellar digital experience, banks require to reduce some of the digital friction points that conventional approaches have created.
From mobile banking to internet banking to ATMs to contact centers to branches – customers use multiple channels to transact. Banks need to have better self-service support options to make transactions faster and more efficient, with heightened security levels and without compromising convenience.
Having a predictable and seamless digital experience across channels is key. Banks must examine the roadblocks in the user’s path to provide a superlative experience for delivering a consistent experience and access to information across all channels.
For instance, a net banking customer shouldn’t have to call the contact center for an answer to a simple ubiquitous question. Be it mobile or online banking, users should get instant answers to queries on that very channel itself. A customer using an ATM shouldn’t have to call the contact center or go to internet banking for queries. A mobile banking customer shouldn’t be made to visit a branch if formalities can be performed via mobile banking itself. In a digital era, and more importantly because of the current situation, a branch can no longer be a primary channel.
Friction escalates when inconvenient instances are compounded over time. Besides impacting customer experience, digital friction also has a domino effect – it adversely affects call volumes, productivity / efficiency levels and conversion rates. Friction is especially high in digital banking sales, with prospective customers encountering friction when trying to open a savings account (Bain & Company).
Can More Be Done To Lessen Friction?
The banking industry has never before faced such intense competition both from within and outside the industry. Even as banking becomes more unbundled, Fintech start-ups are increasing their slice of the banking pie. On the other hand, global technology giants have already moved into payment services replacing legacy organizations that had previously dominated the domain. Not so long ago, large financial institutions were competing on price and physical delivery networks. Today, digital players are competing on the same turf with CX and UX as their trump cards.
In response, banks have been heavily investing in digital transformation. We now have a variety of channels to access services anywhere / anytime. However, despite the positive trend, that vital aspect which these channels were designed to deliver, i.e., customer experience – seems to have taken a back seat.
Banks that meet changing customer expectations with personalized experiences that are fun, engaging and omnichannel can increase acquisition, engagement and loyalty and keep pace with agile Fintech competitors (CapGemini World Retail Banking Report, 2022).
However, a few banking leaders have been able to see digital transformation from a customer experience perspective and quite literally have a finger on the customer’s pulse. Going beyond basic hygiene factors, they have made it easier, faster for customers to engage, are able to anticipate customer needs and even ‘think’ for the customer.
Doing Away with Digital Friction
Digital transformation, but with minimal customer friction as the core tenet, has become a need of the hour. A few ways how banks can deliver frictionless experiences:
A challenge faced by most banks is ownership of various channels. In most cases, IT owns mobile banking, retail ops own online banking and marketing owns the website. As a result, departments work in isolation and are not in 100% sync to provide a consistent and superior digital experience to customers. Seamless interdepartmental collaboration therefore is one of the vital factors to removing digital friction.
The Need for Speed
Make customers effortlessly navigate your digital universe – provide multiple ways for them to easily access information and perform transactions faster across all channels. Use of clear, consistent and intuitive titles – be it website, mobile, or online banking – makes it easier for customers to navigate interfaces. Adding a search functionality to enable users to find answers to their queries on the very channel they are on. Reconfigure AI-powered chatbots to answer queries in real-time instead of near real-time.
Intuitively Foreseeing The Next Move
If a digital interface knows what the customer wants or is about to do, based on behavioural analytics, it can then accelerate tasks and conveniently. The same can be achieved while increasing technology adoption by delivering a contextual ‘segment of 1’ guidance. This also helps lower contact center inquires and increase conversion rates. Financial institutions do a great job of level 1 – i.e., answer a customer’s primary question.
Step 2 involves specific next actions such as scheduling an appointment, applying online, or watching a tutorial. As step 2 anticipates the true intent behind the questions, it is critical to streamline / optimise it to reduce digital friction. For new customers, banks must implement an effective onboarding process that helps effortlessly navigate existing and new features. They must continually provide contextual support to users in research, consideration, and finalizing stage. Contextual and intuitive FAQs that anticipate common questions are effective.
Ensuring Consistent Experiences Enterprise-wide
A bank may have intuitive digital interfaces with a wealth of information available to customers. But, if the experiences are inconsistent across channels, then it contributes to increasing friction. By leveraging additional content, links, and chatbots from other digital banking platforms, banks can deliver the same access to information across all channels. Insights on customer behaviour from a particular channel can be re/cross-purposed for other channels.
A portmanteau of physical and digital, phygital banking combines a variety of banking types including branch banking, mobile banking, internet banking and personalised banking. Leveraging human workforce as well as digital technology to serve customers, phygital banking blends trust with experience – both critical parameters for customers. At a time, when open banking regulations are being debated to make banks become more compliant, transparent, and data secure, phygital banking can work as a trust multiplier cum friction mitigator.
Taking The Bank To The Customer
Banking as a Service (BaaS) need not be only for rural or unbanked populace. The same concept can be applied in an urban context as well. From answering simple queries like ‘what is my savings account balance?’ or ‘transfer funds to my relative’ to helping customers in remote locations locate the nearest ATM to withdraw money during emergencies, AI-powered voice-assisted applications can help customers consume banking services with a higher experience quotient. Smart wallets monitor customer behaviour and spending trends, and then alerts / guides them on how to save more, while making smarter spending decisions.
Harnessing Machine Learning
Robust ML models can predict what customers want, before they know they want it. ML tools capable of analyzing large data sets across categories such as buying patterns, demographics, transaction volumes and service requests can help banks create targeted credit, loan or savings offers that are low-risk for banks but high-value for customers. Also, credit and loan applications historically took weeks to process.
With ML, many banks have been able to reduce timelines to days. But expectations too have increased simultaneously, with more customers demanding faster responses to sales or service queries. ML-driven application assessment and approval helps here. With access to financial data sets, ML tools can evaluate multiple credit factors and reach an unbiased decision, and do it much faster than with human involvement. Implementing ML enterprise-wide helps banks analyze / solve problems at scale. Improved ML algorithms can help banks significantly improve customer experience.
Leveraging Existing Anti-fraud Systems
Advances in real-time, cross-channel anti-fraud technology can also help provide better customer experiences even while preventing potential losses to fraud. A real-time, cross-channel anti-fraud system is already designed to synthesize contextual intelligence from across all of the bank’s delivery channels and deliver the essence of the insight in real-time within the very short transaction window for necessary intervention (i.e., allow, hold or block). However, instances of fraud are few and far in between.
The bulk of the transaction data therefore becomes a veritable goldmine of monetizable insights that can be used for instant real-time cross sell or upsell – at the precise moment when the customer is in her / his most receptive frame of mind. While the bank benefits from the advantage for generating additional revenues, customers are pleasantly surprised with the highly contextual ‘segment of 1’ interaction.
Reducing digital friction invariably tops the objectives in most banking executives research today and for a good reason. From layers of data input screens to avoidable delays in service issue resolutions, customers are bound to experience some friction or the other at some point when engaging via mobile or online. Customers simply do not have patience for sub-optimal digital experiences – many abandon transactions on at least one occasion due to friction.
Besides trust, security and data privacy, customers rightfully expect fast and frictionless digital experiences. With smooth, highly secure and intuitive experiences right from the very first interaction, banks must make frictionless experience the primary growth driver, especially during tough times. To convert satisfaction to loyalty, banks that deliver great digital experiences will be the ones that will emerge winners.
Image courtesy: Freepik
In Chinese philosophy, yin and yang (also yin-yang or yin yang, ‘dark-bright’) explains how seemingly opposite forces may actually be complementary, interconnected, and interdependent in the natural world.
This intriguing idea actually applies perfectly in the context of banking, if we were to see the yin as saving money (from losses), and the yang as making money (from sales).
Banks can monetize their anti-fraud solution for generating revenues
The fundamental idea is that the very same investment in real-time decisioning for monitoring, detecting and preventing fraud can also be monetized for earning additional revenues.
Imagine an intelligent system that studies customers’ behavioral patterns to detect fraud, is also creating precise personas for the bank’s marketing teams to target campaigns to. The same real-time, context-aware logic/approach used to combat cross-channel fraud can also help enable intelligent, hyper-precise targeted and contextual customer engagements.
At the heart of the idea lies the fact that banks have the ‘soul’ of the customer.
Banking is the only industry where the entire life of the customer flows through it. A bank knows how much its customers earn, where they live, where they travel to, how much they spend, who’s part of the family, whether they own their home, even how much fuel they put in their vehicle every month.
Banks have the customers’ ‘soul’, yet they don’t fully monetize the resident wisdom
No other industry (not even telco or retail or OTT platforms) has this extraordinary privilege of having a 360-degree view of a customer’s life. Therefore, only banks have the advantage and ability to actually convert this ‘resident wisdom’ to their benefit.
A true real-time, enterprise-wide, cross-channel fraud management solution ensures that every banking transaction is available in-memory and in real-time.
But since only a relatively small percentage of transactions are fraudulent and since the data is available in the system memory, the bank can run positive scenarios in real-time, after having assigned fraud risk to certain transactions, during the negative-scenario test-run.
The solution can therefore use the same data captured per transaction and analyze the spending and behavior patterns to throw up potential cross-sell and up-sell scenarios in absolute real-time. Precise data analytics on behavior patterns helps create intelligent and efficiently targeted customer interactions and campaigns to grow topline.
So, while the anti-fraud solution helps the bank’s larger enterprise fraud management initiative with:
- a unified case management system for fraud/AML investigation with a 360-degree view of behavior across products and channels
- extreme real-time, context-aware, fraud detection and prevention
- monitoring financial and non-financial transactions of customers, accounts, users, and employees across branch and channel transactions in real-time to detect suspect transactions and respond with the right decision in real-time and generate alerts for investigation.
. . . it can also be used for:
- motivating customers to use POS/E-com channels for digital transactions for generating extreme real-time, ‘in the moment of truth’ cross-sell and up-sell alerts.
- identifying customers who usually travel internationally and offering them custom products in real-time.
- monitoring salary accounts to identify increase in salary credits or a drop in usage of the accounts
So altogether the bank benefits from:
- a smart, intelligent, extreme real-time solution that manages fraud detection/prevention as well as enables customer revenue maximization.
- a non-invasive, bolt-on solution that integrates seamlessly with source systems and reduces TCO.
- lowered cost of compliance of fraud and AML regulatory requirements.
- a single, unified platform that helps protects the bottom-line as well as grows topline.
How does it work?
When the transaction hits the system, it forks, the fraud and AML engine is running the negative scenarios, while the same computing space is also being used to run positive scenarios for cross-sell and upsell.
Such behavior patterns are automatically picked up for a campaign targeted towards these customers.
Additionally, the system can be used to deliver merchant offers in real-time. For example, if based on a card transaction, the system learns that a customer is shopping at a specific location, it can send him/her an offer, (e.g. 20% off) from another merchant a nearby location.
Insights from the system are picked up by a specialist campaign management system that further enriches the information with its own data to come up with the right offer.
It works near real time by running batches every few minutes. If a customer is entitled to an offer (the bank’s alliances / partnerships sources the offers), then he / she receives a text message, a mobile banking in-app notification, or an email.
A leading innovative bank that tried this approach, not only prevented more than $ 9 million in potential fraud, but also delivered over 1 million notifications across various channels such as Internet Banking, email, SMS, and mobile app push notifications. The bank observed much higher click rates (4 – 5%) and conversion rates (3.5%) for these targeted notifications, than regular messages.
Leading innovator bank used same fraud risk management system to perform real-time cross-sell / upsell
Encouraged by the success, the bank is now contemplating using the same system to aid frontline digital customer engagement, such as performing KYC and enabling customers to open accounts in real-time.
Siloed, channel centric anti-fraud solutions cannot see fraud prevention and revenue generation as 2 sides of the same coin, because they do just what they are built for – monitor/detect/prevent fraud for that particular channel.
Innovative fraud management platforms on the other hand have the ability to leverage the same context-aware, real-time decisioning to enable real-time customer cross-sell and upsell.
They can handle exceptionally large data volumes across multiple channels and source systems in real-time, and process transactional as well as non-transactional events in real-time and generate alerts in real-time that can be leveraged for both fraud management as well as revenue enhancement.
This helps banks because that what is meant to protect/save money (curb fraud losses) is also being used to make money (upsell / cross-sell).
Having the same common platform for both critical systems also helps a bank streamline its IT operations in terms of common system interfaces for consistent data quality, maintenance and reduced TCO.
If banks can view their topline and bottom-line as the yin and yang of their business risk management strategy, then a single solution that helps achieve both, becomes the proverbial one stone to target two birds.
Image courtesy: Estudio Polaroid on Pexels
The digital transformation wave in financial services gave birth to a whole new segment of startup digital banks. Challenger Banks (aka Neo Banks in certain countries) now have an enviable number of customers worldwide, thanks to exceptionally superior customer experiences.
Many Challenger Banks didn’t actually begin as banks. They had alternate delivery channels that made it very convenient for customers to transact money. Eventually, they either partnered with existing banks or obtained their own banking licenses. Challenger Banks score high on transparent, low fees and many offer basic accounts for free. They have also launched premium accounts with different services for business customers. With an impressive spectrum of innovative services and product offerings, Challenger Banks are today serious competitors to legacy banks.
While their innovative customer-centric strategies make them agile and responsive, it also makes them more vulnerable to the growing threat of financial crime.
While Challenger Banks strive to keep customer delight at supreme levels, they are at a greater risk than conventional banks when it comes to financial crime risk. Fraudsters can create new crime channels by exploiting the fast and convenient digital services of Challenger Banks. Not assigning the priority that financial crime risk management deserves, lowers the barrier for criminals seeking to perpetrate fraud.
Challenger Banks must do more to insulate their amazing customer experience from potential financial crime threats. With sub-optimal fraud risk management, Challenger Banks face the risk of either increasing customer friction by increasing false positives, or lessening customer trust – should there be a fraud incident.
Challenger Banks can be seen as easy targets by technology savvy fraudsters, who can cleverly exploit vulnerabilities. Also, with the growth of better controls and new regulations to prevent fraud successes, fraudsters constantly seek newer soft spots.
With the assurance of frictionless customer onboarding and customer experience, Challenger Banks face issues of proper scrutiny of customers during onboarding and periodic screening of customers after onboarding. Onboarding processes often involve tiering customers or limiting their spending ability based on the amount of due diligence conducted. Given the high reliance on technology rather than staff, onboarding processes in most Challenger Banks are rather hands-off. Challenger Banks can thus unwittingly onboard undesirable customers at lower tiers.
Challenger Banks have also been targeted by money mules looking to exploit process vulnerabilities. Fraudsters have been exploiting the pandemic situation using a variety of tactics to mask their activity, including using money mules to launder funds.
The global advance of open banking initiatives means customers’ online platforms are now getting connected to Challenger Banks and fintechs that lack the ability to provide robust fraud protection measures. Such weak points can provide fraudsters opportunities to access open banking participants’ data.
There’s also the massive worldwide money laundering problem that has pressurized banks of all sizes, globally. With complex, region-specific regulations, sanction screenings and multiple watch lists, even legacy banks with well-established processes and expert compliance teams, struggle to ensure compliance. A prominent Nordic bank was recently levied a hefty fine for failing to correctly monitor fraudulent transactions. It would be only a matter of time before Challenger Banks face the same intensity of regulatory scrutiny.
New banks have a limit on the transfer of funds in a single transaction, but it doesn’t prove much effective in preventing money laundering. If KYC / CDD processes are lenient, fraudsters can create multiple fake accounts easily and launder large amounts in small parts.
Challenger Banks have undoubtedly been a great idea, as they have redefined banking with a brand-new model. But they cannot side-step the foundational principle, i.e. banking is a business of trust -something that can be impacted with just one unexpected incident.
Striking an optimal balance between delight (from great customer experiences) and trust (from stronger financial crime risk management measures) therefore becomes vital.
For starters, anti-fraud efforts must be built on a unified, cross enterprise foundation, by breaking down silos between channels, products, and fraud types.
Challenger Banks already have a good thing going for them from day 1 – advanced IT systems. This is an advantageous start, because the business can easily adopt best-in-class real-time transactional fraud and anti-money laundering (AML) prevention / detection solutions.
Conventional siloed, channel-centric fraud monitoring and prevention solution options are not ideal for growing Challenger Banks, as they don’t provide an enterprise-wide contextual view of customer / account transactions, besides impacting customer experience by increasing friction and costs.
A robust enterprise-wide real-time financial crime prevention system that monitors all activity from across all channels therefore becomes the keystone in the overall fraud risk management framework.
Monitoring individual customer profiles in real-time along with Machine Learning and Adaptive Behavioral Analytics to assess complex data sets helps Challenger Banks do more to detect fraud and financial crime. Monitoring customers in real-time and across all channels helps accurately detect fraud ‘in-the-moment’ and reduces customer friction, by recognizing genuine activity.
Smarter real-time solutions provide a significant reduction in false positives (genuine transactions declined incorrectly), reduce operational costs, and help meet compliance requirements without compromising customer experience.
Advanced analytics in innovative anti-fraud solutions help integrate data across silos, automates / enhances expert knowledge, and prevent, predict, detect, and remediate fraud. It won’t be an overnight miracle, but it can payback faster benefits while creating the foundation for an anti-fraud framework of the future.
Fraud interventions driven by advanced analytics help in predictive detection, covering user authentication (e.g., determining whether the transacting party is actually a customer), customer due diligence (e.g., low/high-risk fraud profiling as a factor in exception decisioning), and transaction risk (e.g., if indicators of fraud are present in the context of other transactions for the account or customer).
This helps enhance internal process efficiencies, including capacity forecasting and enabling analysts with more context detailing the reasons a transaction failed an initial screen.
Given that it is fundamentally a financial institution, it becomes obligatory for a Challenger Bank to protect its customers from financial crime and fulfil AML / KYC compliance obligations just like any other bank. The rush to make customer onboarding as effortless and as quick as possible leaves digital challengers vulnerable to fraud. Challenger Banks should determine the risk level of their customers by implementing AML / KYC controls during onboarding processes and perform a customer monitoring process appropriate to the customer’s risk level.
Also, the slow progress of AML controls causes delays in customer transactions and consequently reduces customer satisfaction. Checks should be performed quickly and without impacting customer delight that Challenger Banks are known for. Another good measure is to ensure that KYC / customer due diligence processes are frictionless but watertight to help weed out potential fraud at the account origination stage itself.
Fraudsters are experts at exploiting advances in technology, collaboration, and specialization. On the other hand, legacy approaches to fraud prevention have not entirely kept pace, with many banks still obstinately dependent on siloed defense mechanisms and manual processes. Challenger Banks looking to maintain their competitive edge and avoid unnecessary losses to fraud, must be aware of these factors.
Ensuring customer trust is critical for Challenger Banks, and it hinges on going beyond merely implementing an affordable fraud system or upgrading the existing fraud detection system. If customers have to stay thrilled about exceptionally superior services, then it is imperative to achieve the right balance between delight and trust. To be as fraud risk secure as any other bank and by having innovative new-age financial crime risk management approaches, Challenger Banks can successfully scale and conquer the ultimate peak (of trust).
IBS Intelligence Case Study features how Clari5 is helping Mashreq Bank combat fraud and protect customers’ financial interests using a cross-channel fraud management system. Read about the unique features of the solution, the implementation and the benefits achieved. Read More
Image courtesy: Anna Nekrashevich on Pexels
A recent survey by the National Center for Public Opinion Surveys under the King Abdulaziz Center for National Dialogue revealed that 62% of Saudis are exposed to attempts of financial fraud. About 28% of those who were exposed to financial fraud attempts said that there was a relationship between the financial fraud attempt they had been exposed to and a previous activity they had done. Source – Saudi Gazette
This is a loud wake-up call and the problem of financial crime is not restricted to Saudi Arabian banks alone. Any bank that is exposed to the global $4 trillion problem of fraud (ACFE Report to the Nations) is vulnerable to transactional fraud threats and money laundering attempts.
Real-time payments need to be backed up with real-time fraud and anti-money laundering measures. Rivi Varghese, CEO, Clari5 (CustomerXPs) explains why financial institutions may adopt a FRAML approach to minimize financial crime and improve risk management and operating efficiencies. Read the complete interview in IBSi FinTech Journal. Read More
Thought Machine’s solution with Clari5 provides enterprise-wide real-time, cross-channel financial crime detection capability to banks. The solution is also extensible to customer experience management to enable real-time cross sell. Read More
What is Financial Crime?
For the last 30 years, financial crime has been a significant challenge for governments, banks and other financial institutions. A huge threat to the development of economies and their stability, financial crime includes two types of conduct. Firstly, activities conducted to dishonestly generate wealth. Secondly, activities which protect the wealth already obtained or facilitate acquiring it. Even as financial institutions and regulators develop new strategies to detect and prevent financial crime, fraudsters employ more advanced techniques to commit fraud and evade legal scrutiny. Financial compliance is a major instrument in the fight against fraud. Cost of compliance in the financial sector alone is around $180.9 bn per year globally.
The main types of financial crime are as follows, although the two most crucial are money laundering and the financing of terrorism.
- Electronic crime
- Money laundering
- Terrorist financing
- Bribery and corruption
- Market abuse and insider dealing
- Information security
Notable organizations dedicated to prevent money laundering and terrorist financing are:
- Financial Crimes Enforcement Network (FINCEN) – US
- Financial Conduct Authority (FCA) – UK
- Federal Financial Supervisory Authority (BaFin) – Germany
- Financial Markets Regulator (AMF) – France
Impact of Financial Crime on Banks
UNODC estimates the annual cost of money laundering and associated crimes between US$ 1.4 trillion and US$ 3.5 trillion, not including the broader financial and reputational implications.
Three major threats associated with financial crime are:
Individual fines, forced resignation, bans on operating in the industry and even criminal charges, could also be imposed on senior managers who gloss over AFC compliance.
Who Commits Financial Crime?
People who commit financial crime can be divided into seven groups:
- Organized criminals including terrorist groups
- Corrupt heads of state who loot the coffers of their countries
- Business leaders or senior executives who misrepresent financial data
- Employees of any level who steal company funds
- A customer, supplier, contractor, or any outsider with no connection to the company may commit fraud
- External fraudster colluding with an employee
- Serial or opportunist fraudsters who succeeded in taking their spoils
Trends driving financial crime management in banks are:
- Greater and more coordinated regulation
- Operational structures of a company are not in agreement with the fast-moving financial crime landscape
- Pressure to adopt enterprise-wide frameworks
- Absence of a change management process to move to a centralized approach
- Cybercrime and AML are the biggest concerns
- Analytics is crucial for effectiveness
What is Insider Fraud?
In financial services, fraud threats are both domestic and international. Increasingly, internal and external fraudsters are colluding to commit significant fraudulent acts. Insider fraud occurs when employees misuse their position for personal gain by exploiting personal information or confidential data. Fraudulent activities are usually committed by the employees of the bank leading to revenue leakages and financial loss. These include activities done by the employee alone or in collusion with third-party fraudsters. Frauds committed by bank employees are a major global problem. In its 2020 Report to the Nations, ACFE assessed 2,504 cases of internal fraud from 125 countries, which led to an estimated loss of $3.6bn. Banking and financial services had the largest share of internal fraud cases with 15.4% of the total.
The key types of insider fraud are:
- GL Fraud
- Identity Theft
- Account Takeover (ATO)
- Transaction Reversal by Tellers
- Account Manipulation
- Hiding Losses
- Four Eyes Violation in Private Banking
- Abuse of Administrator Privileges
Profile of an Internal Fraudster
Research done by several organizations reveal the typical profile of an internal fraudster. It has been found that internal fraudsters had privileged access to information systems and customers’ personally identifiable information (PII) based on their role or level of experience. They exploited vulnerabilities in processes they were familiar with to access money or customer data. Most of them committed these frauds purely for financial gain, as some were under financial stress from a gambling problem or family distress.
Tenure Internal fraudsters who are at least 6 years old in their organizations caused twice the loss of less-tenured employees.
Gender Males committed more frauds and caused higher losses. According to the report 72% of frauds were committed by men.
Education 64% of internal fraudsters had a university degree or higher.
Age Losses sustained due to older fraudsters is much higher.
Level of Authority Though most internal frauds are committed by employee level/ manager level personnel, frauds committed by owners/ executives are much more harmful.
Motivation One research study found that the main reasons for committing fraud in descending order of frequency are:
- For personal financial gain and greed
- Because I can
- Organizational culture driven
- Wanting to meet targets/ hide losses to receive bonus
- Wanting to meet budgets/ hide losses to retain job
Impact of Insider Fraud on Banks and Financial Institutions
Insider fraud can occur in many industries, though it afflicts the financial services industry the most. The typical organization loses 5% of its revenue in any given year as a result of internal fraud. Impact of insider fraud can be felt on financial institutions in the following ways:
- Financial loss and loss in staffing and other assets
- Damage of reputation and brand
- Negative organizational culture
- Damage to the relationship between the financial institution and its partners and stakeholders
- Disruption to service delivery
- Investigation costs and issues arising due to recruitment, retention and morale
- Encompass & Themis: Whitepaper – Financial Crime Compliance: The Cost of Getting it Wrong
- Deloitte: Insight on financial crime: Challenges facing financial institutions
- Clari5: Clari5 eBook Top 10 Fraud Threats Impacting Banks
- NetGuardians: A – Z of Internal Banking Fraud
- ACFE: Report To The Nations 2020
- International Journal of Management & technology: Combating insider fraud in Financial Institutions/impact