Digital technology has revolutionized the way customers engage with their banks, and technological advancements are granting individuals and businesses new ways to manage their finances and access more personalized services. The increasingly digital nature of banking has also opened new avenues for fraudsters. Customers are now performing high volumes of transactions that are processed automatically, giving criminals seemingly limitless chances to commit fraud.
This is particularly true in the European market, which recently experienced new developments that could leave it vulnerable. Open banking in the U.K. and the updated Payment Services Directive (PSD2) encourage greater competition in the financial services sector by requiring banks to share consenting customers’ information with third parties. Companies seeking to comply with these new standards risk making themselves vulnerable to bad actors.
This potential for wrongdoing presents a twofold challenge for banks. First, FIs must work aggressively to detect fraudulent activities by investigating and anticipating suspicious behavior. Second, they must take steps that do not negatively affect their customers’ experiences. AI, ML and risk management tools will play significant roles in keeping customers satisfied and safe from fraud.
As banks, FinTechs and TPPs work together to deliver new services for their customers, they must also stay vigilant against fraudsters. In addition, their joint anti-fraud efforts will require a renewed and deeper understanding of how fraud works in the digital era. Changing the way FIs perceive fraud will be key to responding to incidents when they are detected and preventing future attacks.
The following Deep Dive examines how cybercriminals are getting more creative in the digital era, why FIs should use genetic mapping as a fraud-fighting strategy and how new players can establish themselves as legitimate partners in the fight against fraud.
A Wide Array of Options for Fraudsters
Digital banking’s growth is presenting bad actors with new ways to obtain consumers’ data, fraudulently perform financial transactions and steal money. There have recently been several notable events that highlight just how creative these fraudsters have become. A gang of cybercriminals in 2016 used malware and the international SWIFT system to make roughly 35 withdrawal requests from Bangladesh Bank in an attempt to steal roughly $1 billion. Thirty of those transactions, valued at approximately $850 million, were blocked by the Federal Reserve Bank of New York. The thieves were still able to transfer about $101 million to banks in Sri Lanka and the Philippines before they were flagged because of a spelling error. Only $20 million was recovered.
Tesco Bank, which is owned by a supermarket group in the U.K., was also hit by cybercriminals that year. Fraudsters were able to withdraw £2.5 million ($3.22 million) from approximately 20,000 accounts. Analysts believe the hackers exploited a vulnerability in Tesco Bank’s website that appeared when customers made online purchases.
Cybercriminals are becoming more brazen, and banks are struggling to stay on top of their anti-fraud efforts. Just 37 percent of banks had completed fraud detection management systems or were transforming them as of late 2018, and only 16 percent were able to detect fraud as it happened.
AI and ML solutions are promising to boost that portion by stopping fraudulent incidents as they unfold. These tools can also be used to prevent potentially illegal acts. Before this can happen, financial ecosystem players must understand how fraud is committed and how it will change in the future.
Decoding the Genetics of Fraud
Embedded in the financial ecosystem are FIs and consumers who are using financial tools like credit cards, debit cards and bank accounts to perform transactions. Nestled among these trustworthy players are the fraudsters who stay active in the broader payments ecosystem.
The complexity of the payments ecosystem can be compared to DNA and genomes when it comes to detecting bad actors and highlighting how their activity differs from acceptable behaviors. By using AI, ML and risk analysis, fraud can be pinpointed and, ideally, prevented.
This DNA-like approach to fighting fraud creates a visual analysis of illegal activity and highlights different connections — such as the machines used to commit fraudulent acts or the locations the crimes were committed — ultimately uncovering the layers of fraud, from individuals to bots to broader networks. This approach can help to quickly detect it when aided by tools like AI and ML.
The effects of financial fraud can be far-reaching, including lost funds for consumers and damaged reputations for FIs. A biology-based approach to detecting and isolating illicit financial activities could keep cybercriminals’ harmful impacts from spreading as they get more creative.
Other Tools to Fight Fraud
AI and ML are valuable fraud-fighting assets, but human beings also play a central role. That’s why a poor culture of control within banks could be an advantage for fraudsters.
A lack of “control culture,” in which employees fail to follow the correct processes to address fraud, is highly enticing for fraudsters targeting FIs. A recent report stated that 72 percent of European fraudsters found a company’s weak control practices to be a significant opportunity. Because fraudsters want to exploit internal vulnerabilities, the best way for an FI to improve its anti-fraud measures is to think human and implement a strong anti-fraud culture that works alongside AI and ML technologies.
Fraud is continuing to evolve in the age of digital banking. Examining suspicious activity and attempting to understand fraud at its root level, combined with support from human analysts, could be key to staying one step ahead of criminals.