Why most finance pros don’t know how much fraud is costing their businesses
By Joe Biddle, UK Director, Trapets
Whether it is an account takeover, gift card fraud or stolen credit cards, all financial institutions have to deal with some level of payment fraud. But “how much” fraud can they deal with is apparently a harder question to answer.
A new report found that 48% of finance professionals don’t know how many attempted payment fraud cases their business has experienced in the past year, and 51% have no clue how much money has been lost.
The first step to prevention is detection. While it is surprising to see that so many professionals are clueless about quantifying fraud, it is also understandably hard to put a number on the losses that go under the radar.
What financial institutions (FIs) need to do is strengthen that radar and put more resources behind getting information that will make fraud less of a mystery and more of a clear target. Here’s some advice for all FIs.
Remove data silos
Today’s FIs don’t just operate on a single platform. Each account can be active across online banking, financial products like loans, savings accounts, credit cards and in-person services.
Often, the anti-fraud systems used by each of these channels are separate, meaning the data must be pulled together manually and isn’t easy to cross-reference, so FIs struggle to get a full picture of fraudulent behaviour. If a scammer is perpetrating coordinated attacks across different systems, for example, the FI might not realise until it’s too late.
Different products and services need to report to a unified internal fraud detection system that connects information on the same platform. That way, other teams can piece together parts of the jigsaw that may reveal fraudulent activity and get more precise data that helps understand the fraudsters’ MO and the monetary losses incurred. Ideally, different channels would have real-time communication on potential fraud, freezing suspicious transactions according to internal parameters and reviewing them before they are executed.
Your anti-money laundering teams need to be sharing intelligence with your anti-fraud teams. While these teams are typically kept separate, they are often tightly interlinked, with each team able to shed light on any behavioural anomalies in an account.
Mitigate human error
It turns out that the biggest culprit in allowing fraud to occur is us humans. Human error is behind 50% of scams. Often, this has to do with the sheer volume of transactions professionals have to sift through manually, leading to people getting overworked and making mistakes. Typically, this is because you are using legacy systems that drown professionals in minor processes, making it hard to spot hints of criminal behaviour. In other words, it’s hard to see the wood for the trees (more on this soon).
But sometimes, the issue is that people make simple mistakes (according to the same report, 42% of fraud cases involve compromised business emails). Or, they don’t have specialised training to detect fraud when it’s occurring (20% involve social engineering). Sometimes, employees intentionally help the criminal defraud the institution (16% involve employee collusion).
Key steps FIs need to take here include implementing advanced technologies to relieve the anti-fraud team of much of the legwork so they can do more precise work. They also need to ensure staff undergo regular anti-fraud and security awareness training to stay up to date with constantly evolving criminal MOs. When it comes to insider fraud, providers like LexisNexis offer tools for employee monitoring, but in these cases, FIs must toe the line between privacy and security.
Reliance on manual systems
The report found that 26% of companies still use manual payment processes. This places too much responsibility on human gatekeepers to pinpoint each case of fraud.
For example, many UK FIs are still using Excel spreadsheets to spot transactions that they need to investigate further after the fact. This level of dependence on human intervention is almost certainly leaving your operations open to more sophisticated fraud that can’t be detected without rapid cross-referencing of real-time transaction data, KYC data and behavioural data.
Implement automated systems for transaction monitoring and fraud detection to reduce the burden on humans. Make sure your anti-fraud models and risk alerts are up to date with regular training on new data—if they’re solely trained on historical data, they won’t pick up emerging threats.
That way, even if you have a human review element in your process, they won’t have to deal with as many false positives and useless data.
Unless organisations level up their anti-fraud commitments, they will have significant blind spots where fraud remains unencumbered. That makes it impossible to pinpoint just how much the FI is losing to fraud and create a responsive framework—not just reactive—to this increasingly sophisticated threat.
IBSi News
December 06, 2024
Anti-Money Laundering (AML)
The Weekly Wrap: all you need to know by Friday COB | December 6th
Read MoreGet the IBSi FinTech Journal India Edition
- Insightful Financial Technology News Analysis
- Leadership Interviews from the Indian FinTech Ecosystem
- Expert Perspectives from the Executive Team
- Snapshots of Industry Deals, Events & Insights
- An India FinTech Case Study
- Monthly issues of the iconic global IBSi FinTech Journal
- Attend a webinar hosted by the magazine once during your subscription period
₹200 ₹99*/month
* Discounted Offer for a Limited Period on a 12-month Subscription
IBSi FinTech Journal
- Most trusted FinTech journal since 1991
- Digital monthly issue
- 60+ pages of research, analysis, interviews, opinions, and rankings
- Global coverage
Other Related Blogs
September 18, 2024
Digital Resilience is key to retaining customer trust in Financial Services
Read MoreSeptember 12, 2024