By Saeed Patel, product and tech expert at Eastnets
A report from TransUnion found that digital fraud attempts on financial service companies rose by 150% in 2021. Just as fraudsters follow the money, regulations adapt to trends and changes in the fraud landscape. Fraud in the financial sector is off the scale. Analyst Juniper Research predicts that online payment fraud, for example, will reach a cumulative $206 billion in the four years to 2025, which is ten times the net income of Amazon.
The fightback is via regulations and cybersecurity measures that include smart technologies, designed to take on this mammoth task.
Market drivers such as digitization, fraud opportunities, and customer expectations, all push the regulators into updating or creating new regulations to prevent fraud. As the technological dots are connected across an increasingly diverse and expanded audience and channels, regulators must adapt their frameworks.
Entrants to this landscape such as DeFi, embedded finance, and the ubiquitous and agile FinTech’s, have created a web of opportunity for fraudsters. All of this is wrapped in a need to make the customer experience frictionless. This round is hard to square, but technologies that are smart and adaptive can help ameliorate the complexity inherent in the current financial state of play. This is not lost on the regulators. To understand where the landscape and regulations are moving, here are the latest financial trends that are coming down the line and the technologies that prevent the fraud that comes with these trends.
Digital identity and deep fakes
Digital identity and financial transactions are intrinsically linked. Identity checks can be long-winded for customers to go through and expensive for the host organization. The use of identity documents is now being augmented or even replaced by facial and/or voice recognition. In the financial sector, deep fakes present an existential threat. Synthetic identity is already a concern in financial account creation. In 2020, U.S. banks lost $20 billion to these fake identities. Deep fake technologies add an extra dimension to synthetic identity fraud. Any financial system that incorporates facial or voice recognition will be at risk of deep fake fraud. This type of fraud can occur at several junctures in the financial transaction lifecycle: this includes when new accounts are created.
Regulations are beginning to incorporate deep fake threats. In 2019, the U.S. signed into law the National Defense Authorization Act (NDAA), which includes legislation on controlling deep fakes. The Deepfake Report Act of 2019 was passed by the U.S. Senate in 2019. The report requires a detailed exploration, every five years into how deep fakes are used to perpetuate, amongst other things, financial fraud. Further acts such as the Deep Fakes Accountability Act of 2021, establish the limits of the technology within a criminal framework. Expect a global response in the regulations to deep fake fraud.
Embedded finance and Banking-as-a-Service
The new kid on the financial block is embedded finance where a traditional financial service is merged with a digital service. An embedded finance app is a 360-degree approach to financing transactions, bundling in services such as insurance and pay-as-you-go. Much of this is innovation through FinTech engagement with technologies such as open banking and CIAM (Customer Identity and Access Management) tools alongside partnerships with tier one and two banks. This streamlining of money and technology is likely to kickstart new regulations and expand existing ones, such as anti-money laundering regulations, including the BSA
Account opening and fraud
In 2019-2020, 85% of financial institutions experienced fraud during account opening events. But deep fakes are not the only issue associated with account opening fraud. The establishment of an account is a financial fraud touchpoint, but the planets are aligning to make this a fraud touchpoint too: customers are demanding a frictionless digital experience across multiple channels and FinTechs are driving competition in the area. Account takeover, application fraud, and synthetic identities all play a role in making this a fraud trend in the financial sector.
The perfect digital storm that has led to account opening being targeted by fraudsters has also led to regulations shifting to reflect these emerging threats. Compliance in the areas of Customer Due Diligence (CDD), Know Your Customer (KYC), and Anti-money Laundering (AML) will be updated over the coming years. An example is the EU’s Sixth Anti-Money Laundering Directive (6AMLD). The 6AMLD is already making compliance waves by redefining fraud into an all-encompassing package, adding in business liability for fraud as well as at the individual level. 6AMLD, as well as other AML regulations across the world, will put pressure on FIs to digitize and streamline account opening.
Regulators have turned their sights on crypto fraud as it becomes an increasing problem. Cryptocurrency has normalized as more public investors take part in crypto exchanges. However, the scammers have followed this trend, and in Q4 of 2020, the FTC reported over $80 million in losses due to crypto-investment scams, which is a 1000% increase over 2019 figures. The recent money-laundering case where Lichtenstein and Heather Morgan are accused of laundering $4.5 billion worth of stolen cryptocurrency, has shown the massive potential for opportunities to use crypto-currency as a laundering device.
Cryptocurrency is also associated with ransomware. In September 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) published a notice on the SUEX OTC, S.R.O. (SUEX), a virtual currency exchange. The notice pointed out that 40% of transactions on the SUEX platform were on behalf of ransomware fraudsters.
According to research from CoinDesk, only 26 % of exchanges have effective anti-money laundering (AML) in place. Regulations such as 6AMLD have added new requirements around crypto fraud to harden these exchanges against money laundering. FINCEN classifies cryptocurrency as Convertible Virtual Currency (CVC). FINCEN is exploring additional statutory authority for a proposed rule under the Anti-Money Laundering Act of 2020. In December 2021, FINCEN put out a request for comments on how to improve and streamline anti-money laundering and counter the financing of terrorism (AML/CFT) in the United States as related to the Bank Secrecy Act (BSA). The request closed on 14th February 2022. The request is wide in scope and will likely include comments and advisories on the part played by CVCs in money laundering.
Faster fraud and real-time payments
Consumers and retailers alike, want fast, seamless, transactions. The Faster Payments schemes, including the EU’s SEPA and the U.S. FedNow, provide the framework for such payments, allowing them to take off globally. But fast payments can also open the window of opportunity for fast fraud. Regulators recognize this and are putting requirements in place to harden these frameworks.
The Faster Payments Task Force (FPTF) sets out to “identify and evaluate alternative approaches for implementing safe, ubiquitous, faster payments capabilities in the United States.” The FPTF has placed pressure on the regulators to tighten up measures to protect faster payments, including the Office of Foreign Assets Control (OFAC), Anti Money Laundering (AML), and the Bank Secrecy Act (BSA).
How can an FI prevent fraud?
The FCA issued almost $568 million in fines to FI’s in 2021. This figure reflects the disruption across the financial sector, with new technologies coming into the landscape, customers expecting seamless and frictionless experiences, and fraudsters looking for opportunities as this happens.
The Juniper Research report mentioned above, states that fraud detection and prevention vendors should place their attention on developing platforms that cover all the emerging channels of payment traffic. The report goes on to state that fraud prevention solutions
should be based on large-scale machine learning.
Similar statistics concur with the shift towards an AI-enabled fraud prevention solution landscape with The Economist Intelligence Unit stating that banks and insurance companies will see an 86% increase in AI-related technology by 2025.
The regulations are following these advisories, with many industry bodies calling for a smarter approach to fraud prevention. A refresh in terms of how to mitigate fraud as the fabric of payments and financial transactions become ever-more complicated and cover many channels is a must. The levels of risk and exposure to fraud are massive and increasing. The compliance programs within FI’s are already at capacity. However, the regulatory pressures are alleviated by using the right technological structures.
In a letter to The Financial Times, Livia Benisty, Head of AML at Banking Circle sums up the situation perfectly by saying:
“Technology is the key to enabling banks to clamp down on fraud. Once embraced on a global scale, these innovative approaches can change the AML landscape forever.”
Importantly, Livia specifically pulled out artificial intelligence-enabled technologies as “making the difference” in fraud prevention.