How Scotiabank Manages Fraud Protection For A Data-Driven Future
Digital Banking

How Scotiabank Manages Fraud Protection For A Data-Driven Future

With more than 4.1 billion user credentials exposed in the first half of 2019 alone, financial institutions (FIs) are rushing to artificial intelligence (AI) to prevent fraudsters from using them. Yet, for fraud prevention, Scotiabank Executive Vice President Rania Llewellyn says banks must take a more selective approach than applying AI to every use case. In the latest Digital Banking Tracker, she discusses how the bank revamped its fraud strategy by adopting AI innovation at a slower, but more deliberate, pace.

FIs’ fight against fraudsters is growing ever more complex. It is estimated that more than 4.1 billion user records have been exposed in the first half of 2019, and more than 20 breaches are reported every day. This rampant availability of users' data makes it easier for bad actors to wreak havoc and commit fraud.

Many FIs have looked to mitigate this growing threat by deploying advanced learning tools such as artificial intelligence (AI) and ML, but fraudsters are quite familiar with them. Cybercriminals are commonly using the same technologies to design and develop nefarious attacks, such as the botnet Mirai and malware like Deep Locker, which used AI and facial recognition to identify targets through factors like geolocation and online behavior.

It has therefore become imperative for FIs to rethink their use of AI and ML to successfully fend off these attacks. They must completely understand the problems they intend to solve before implementing AI and other automated tools, according to Rania Llewellyn, executive vice president of global business payments at Scotiabank. She recently spoke to PYMNTS about how Scotiabank has revamped its fraud strategy in recent years.

“I think one of the key learnings is that we actually need to take a step back before leveraging these new technologies,” Llewellyn said. "We need to reimagine these processes from an end-to-end perspective before we apply AI and ML to them. Otherwise, you are introducing a technology to a process that is broken to begin with and just automating it, so you are not getting the operational efficiencies and the pickup that you could potentially get out of it.”

Scotiabank’s Three-Pronged Innovation Strategy

The increasing sophistication of fraud attacks has led Scotiabank to reassess how it employs AI, ML and automation. That includes utilizing AI for not just consumer-facing use cases and back-end processes, but also for fraud protection.

“At the end of the day, security and safety are absolutely crucial, so we need to make sure we understand what the fraud patterns are and what’s changing in our industry and make sure we’re protecting our customers and keeping them safe," Llewellyn said. “The fraudsters out there are becoming very sophisticated, so it’s always top of mind as to how we get ahead of them."

The FI is combating global fraudsters’ sophistication with technology like AI, as well as educational seminars for both its business and retail banking customers. Banks keeping pace with fraudsters developing new data access techniques cannot approach AI development in a simple, regular way, so Scotiabank is moving its technology and implementation strategies outside of its own innovation lab.

“Most of the use cases where we are currently using [AI and ML] — and we have been using AI [and] ML for a while at Scotiabank — have been internal use cases to create operational efficiencies, or [to] look at data for customer analytics and insights or for risk decisioning,” Llewellyn said. “But we have a three-pronged approach in terms of how we are looking to identify opportunities for AI and ML, and [the approach] is not just for AI and ML. It is really for any new innovations and trends out there, which would include fraud and cyber.”

This three-pronged approach includes partnering with academic institutions, FinTechs and venture capital firms through developments like the Scotiabank Centre for Customer Analytics at the Smith School of Business. The FI works with graduate students and subject matter experts at the school to solve for future pain points, Llewellyn noted. Scotiabank is also searching for in-house experts who may be able to provide a more in-depth look at the bank’s use of new technologies, but in doing so it competes with all other banks on the global stage.

Scotiabank's approach has led to insights into customers' behaviors and how AI may be best utilized to differentiate legitimate users from illegitimate ones, providing a key way for the bank to bolster its fraud defenses. It also allows the FI to access up-and-coming fraud-fighting technologies, as well as a pool of experts who can help apply the tools and identify any weak points.

That advantage is key because the competition among talented specialists is especially fierce, Llewellyn explained. Having such employees on hand is critical not only to keeping fraud-fighting efforts running smoothly, but also to ensuring that advanced learning tools are deployed for the right use cases.

AI is a term that has been defined increasingly broadly, according to the recent PYMNTS AI Gap Study. Many FI decision-makers use it to describe techniques that can run through databases and collect insights, while others define the technology as rules-based systems that are intelligent enough to identify rule-breaking observations. Still others use the term to describe ML, wherein algorithms can learn from new data patterns.

This gap between perception and reality makes it all the more important for FIs to have access to experts.

“[AI] is definitely a space where everyone is fighting for the same amount of talent, so [we need to] make sure we’re recruiting, [that] the skillsets are up to snuff [and that we’re] making sure we’re continuing to be ahead of the trend,” she said. “I would say talent management is definitely top of mind.”

Llewellyn added that banks are looking for experts in anti-money laundering, cybersecurity, data analytics and payments.

Talent and the Growing Fraud Problem

The competition for more sophisticated AI leaders is key as fraudsters continue to find their ways onto online banking platforms. Some bad actors have even taken advantage of the demand for fraud specialists, posing as the very individuals tasked with catching them. Fraudsters have more opportunities to access privileged data as consumers start to seek access through a wider collection of channels, with cybercriminals posting false banking apps or sending misleading text messages to manipulate legitimate consumers.

An AI talent pool thus needs to be built up quickly, but it remains to be seen how exactly banks can accomplish this. FIs like Scotiabank will need to work quickly to keep pace with the competition, especially as skilled AI and fraud protection experts remain relatively rare. The key to developing a robust fraud team may lie in partnerships, not only with other banks but also with technology firms and research institutions.

The goal of such alliances will remain the same in any case: to make sure fraudsters do not infringe upon legitimate customers’ banking experiences.



The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.