The pandemic has pushed us to do all things digitally while opening up new vectors of attack. Those new avenues of fraud have leveraged hallmarks of the current pandemic — fears over public health and concerns about stimulus checks issued by the government — to snare unwitting victims.
According to some estimates, as many as 22 percent of Americans have been impacted by COVID-related fraud.
In a podcast interview with PYMNTS, Andy Renshaw, vice president of product at Feedzai, said that an integrated approach to anti-money laundering efforts, fraud prevention and cybersecurity can stymie the bad guys’ best efforts — and even improve financial institutions’ (FIs’) reputations in the process.
“From a pandemic perspective, we've seen in many ways a two-pronged attack from fraudsters,” said Renshaw. On the one hand, fraudsters have been exploiting something that’s long been extant: the shift to digital commerce and payments, where consumers buy more goods and services than ever online (now including protective gear, of course).
Then there’s the focus fraudsters are training on government assistance to individuals, families and businesses, a pandemic-specific trend.
“A number of countries globally have offered new borrowing schemes or have created the opportunity for those who are struggling to access money in some way, shape or form,” said Renshaw. And so, fraudsters seek to gain access to those funds — or at least target who they know to be “cash-rich” individuals.
There’s a flip side to the equation, too, where criminals look to find vulnerabilities within FIs themselves. The sudden move to remote work has meant call centers are staffed by individuals working from home, and financial teams are far-flung. People may not have access to the data they need to optimize their fraud strategy due to, say, VPN or bandwidth issues.
“The other thing that is lost is the slightly softer skill set of collaboration,” said Renshaw. “You would have picked up the phone or maybe even just wandered over a few desks and had a conversation with somebody about whether they were seeing the same [fraud-related activity].”
Cyberattacks have the ability to seriously hobble the firms that have had to rely on their digital backbones for day-to-day operations.
“This does create an appetite for cyberattacks,” maintained Renshaw. “That might include things like phishing or business email compromise, or it may be a more sustained attack on an organization to actually disrupt their ability to function by targeting their digital network.”
Against that backdrop, FIs are fearful about large-scale attacks, which are designed to divert attention and resources away from one area of operations in order to render them vulnerable and provide an “in” to attackers.
Collaboration is the best approach FIs can take to be proactive against fraud. It’s important to break down the silos that exist within an FI, and to leverage artificial intelligence (AI) and machine learning to detect fraud efforts.
As it turns out, simply having access to data is not enough. “It’s one thing to generate millions of rows of data per day, but it's not really data you want — it’s insight,” maintained Renshaw.
Within FIs, he said, silos mean that cyber-data doesn’t sit with customer data, and anti-money laundering (AML) information may not lie alongside regulatory data. In some FIs, one team might be examining the victims of fraud, while someone else might be looking for the fraudsters — and yet still another branch may be looking at various activity through a regulatory or policy lens.
“The convergence of areas like fraud, AML and cyber operations create the opportunity to answer different questions and derive different policies, which can have a direct impact on the protection of customers, but can also decrease criminals’ appetite to even attack an organization in the first place,” explained Renshaw. It’s a framework known as fraud and anti-money laundering (FRAML).
To illustrate how collaboration can work within the FI, he noted that a fraudster might try to move money they had gained access to seven or more times in an effort to cover their tracks. But concerted efforts to track the fund flows can “watch over” all the points the money has touched, and who it’s touched.
“Suddenly, you get a ‘spider web,’ and this network effect comes together rather quickly,” as each department feeds complementary data to other observers, said Renshaw.
Stopping fraud early has the net benefit of reducing costs for the organization both in terms of financial loss and in managing fraud. Customers are more fully protected, and the criminals look toward the paths of lesser resistance.
“If you get this right, you can create this kind of halo effect, where the overall fraud attempts are reduced over time,” explained Renshaw.
Lower rates of fraud incidents can improve an FI’s reputation and free up capital to put back into innovating financial services and products.
“You may be able to offer better rates. You certainly may be able to have a better journey, where you can show that protection is taking place for the end user,” said Renshaw. “There is the reality of protection — and there is the perception as well.”