By Mike Urban, Director, Financial Crime Risk Management, Fiserv
In recent years there has been an explosion in both banking access channels and real-time payment methods meaning that monitoring financial transactions and ensuring that they are secure and legitimate has become increasingly challenging. Criminals are taking advantage of this huge increase in volume and are using ever evolving methods of attack including malware and Distributed Denial of Service (DDoS) to compromise technology systems. This challenge is only set to increase with the growth of mobile banking (with users expected to exceed 1 billion by 2017) presenting its own unique set of challenges. Fighting payments fraud has become one of the greatest challenges for financial organisations across the globe.
The Threat
The introduction of the Faster Payments Scheme in the UK in 2008 enabled phone, internet and standing order payments to move quickly and securely, almost at the touch of a button, 24 hours a day. While this had positive benefits on both vendors and consumers it unsurprisingly led to increases in online banking fraud losses.
In the past year wire fraud incidents alone have led to million dollar losses at institutions in multiple locations and industry experts to speculate that an attack could potentially have a systemic impact on a major financial institution in the near future. Financial crime has become an arms race between banks, risk managers and criminals. Financial institutions must have robust prevention and detection strategies in place in order to protect both themselves and their clients against this threat.
In addition, the explosion of access channels in payments– through online, mobile, apps and increasing transaction volumes have escalated the rate of false positives from standard fraud detection rules. This places an additional burden on institutions as more time has to be spent conducting additional research and checks before approving or denying a transaction, reducing operational efficiency and driving up costs.
The Defence Tools
Leading the fight against payments fraud is Big Data analytics which play a critical role in helping institutions adapt their existing crime-fighting strategies to meet the techniques of fraudsters. Real-time analytics to detect crime have now become essential to combat fraudsters who are using rapidly evolving attack scenarios, exploiting multi-channel vulnerabilities and compromising payments systems on an expanded scale.
Strategies to combat financial crime today are, in many ways, similar to the approaches employed by financial institutions when digital payments were first introduced years ago. Predictive analytics have long been a powerful weapon in the fight against criminals, and variations of other financial crime fighting techniques – behaviour monitoring, network analysis, pattern recognition and profiling – have been key components of banks’ fraud detection strategies for decades. But today, Big Data is changing the game.
While banks have been employing these strategies for decades, what Big Data has done is to enable banks to deploy real-time analytics on a massive scale to meet these growing threats. Big Data analytics systems can also integrate data from external sources, helping to create a much bigger picture of the customer and their behavior. Financial fraudsters are becoming increasingly sophisticated and daring, raising the potential for serious disruption to the entire financial system. Financial institutions must have effective, real-time crime detection analytics in place.
The Defence Strategy
To meet the financial crime risks that could accompany real-time payments, institutions must implement a financial crime risk management strategy that employs a multi-faceted analytic approach to detecting and mitigating financial crime. A range of techniques are used to detect financial crime but the core of any analytics system is built around behavioural profiling. By profiling and tracking the behaviour of an individual account from initial client onboarding, through to transaction monitoring and customer management, it becomes possible to detect unusual account activity. A combination of behavioural profiling, real-time detection scenarios and predictive analytics provides the most accurate results. Big Data enables financial institutions to provide these services on a scale that simply wasn’t possible even five years ago.
The stage at which an institutions’ fraud prevention and detection systems will flag a transaction as potentially fraudulent depends on the risk profile of the individual or organisation involved and the defences that financial institutions have in place at any point in time need to be flexible enough to react to evolving typologies of financial crime. Such rapid change requires technologies, models and solutions that can be focused on preventing specific fraud attacks. What’s more, financial institutions must be empowered to effect this change themselves based on their changing risk exposure.
Financial institutions must be able to demonstrate to their customers and shareholders that they can manage the risks arising from payments fraud and other types of financial crime. They must be able to demonstrate to customers that they have adequate safeguards in place to protect both confidential information and financial assets. They must also be able to demonstrate to regulators that they have robust systems in place to prevent financial crime. Big Data analytics tools which combine behavioural profiling, real-time detection scenarios and predictive analytics are fast becoming the industry standard, enabling banks that employ these tools to make informed and accurate decisions quickly and flexibly.