Tailoring technology: fighting fraud amid adversity

March 2021  |  FEATURE  |  RISK MANAGEMENT

Financier Worldwide Magazine

March 2021 Issue

Financial fraud, ever-present in business in the ordinary course of events, has accelerated on account of the coronavirus (COVID-19) pandemic and placed financial institutions (FIs), among many others, under tremendous pressure to combat all manner of fraudulent activity.

In short, the pandemic has been a godsend for fraudsters. Across the globe, hastily designed loan schemes and job-support measures – including the US’ $2.5 trillion Coronavirus Aid, Relief, and Economic Security (CARES) Act and the UK’s Bounce Back Loan Scheme – have allowed fraudsters to take advantage of weaknesses and avail themselves of billions.

“The CARES Act established the Payment Protection Program (PPP) and expanded unemployment benefits, which opened access to over a trillion dollars in federal aid,” explains Chuck Pine, a partner at BDO. “As a result, criminals have sought to obtain these funds illegally through fraudulent PPP loans or unemployment benefit applications and subsequently launder their illicit gains through the US financial system.”

Furthermore, with the US having recently introduced fresh COVID-19 stimulus – a $900bn ‘last-minute’ pandemic relief package – there would appear to be further opportunities for fraudsters to line their pockets, with the new legislation likely to be equally susceptible to the unscrupulous.

“While the focus of the international community has been on fighting the pandemic and its economic impact, at a local level, nefarious actors and regimes have made hay,” observes Piers Rake, managing director of financial services at FTI Consulting. “Criminal networks adapted, new relationships were forged, and new technologies utilised.

“In some parts of the world, organised crime stepped up efforts to take control of local economies, offering loans and financial support to businesses, where the state could not, or would not,” he continues. “The associated tainted fund flows are entering the financial system and cross-border payments will be tainted by these illicit funds.”

In the UK, the National Crime Agency (NCA) has reported that around £100bn in illicit money is in or transacts through the UK. At a national level, we must look at the huge amounts of money governments have made available to support businesses,” suggests Jonathan Benton, founder and chief executive of Intelligent Sanctuary. “Sadly, as to be expected, this has been exploited – particularly the smaller business loans. While much of the money loaned by governments will be bad debt, a significant amount is either opportunistic fraud or organised crime.”

Boiled down, in order to tackle burgeoning financial fraud, from whatever quarter, FIs need to be aware of evolving fraud typologies, such as synthetic identity fraud and first-party fraud, while also staying abreast of any number of COVID-19-related scams, and be vigilant when implementing proactive preventative measures.

Prevention amid COVID-19

While never 100 percent foolproof, a well-structured fraud prevention programme can do much to mitigate the risk of financial fraud. The programme must also overcome the particular challenges posed by COVID-19, which has massively impacted how FIs interact with clients and how they perform controls.

“There is no silver bullet for FIs when it comes to preventing financial crime,” asserts Federica Taccogna, senior managing director of financial services at FTI Consulting. “In fact, is it even possible for one institution, standing alone, to prevent financial crime from occurring? Almost certainly, no.

Underpinning much of the financial crime being perpetrated is blockchain technology and cryptocurrencies, the emergence of which has established myriad new financial crime risks for FIs.

“Start by getting the basics right,” she continues. “Most of the largest money laundering scandals we hear about, those that wipe out shareholder value, destroy reputations and result in massive fines, would have been avoided had institutions conducted effective customer due diligence as part of a strong control framework.”

In addition to effective due diligence, the basic steps of a fraud prevention programme, according to CRI Group, should also include ensuring that staff members know the warning signs of fraud. The hiring process should accentuate thorough background investigations and an anonymous fraud reporting system for employees, customers and contractors. However, since the outbreak of COVID-19, in many instances these basic components have been compromised.

“The largest obstacle COVID-19 presents has been the need to reduce the threshold of know your customer (KYC) and due diligence, as money had to be loaned at unprecedented rates and, as such, levels of checks had to drop,” says Mr Benton. “What may have previously taken a week or more to secure funds was now taking hours, or even less.”

In the view of Matthew Nunan, a partner at Gibson, Dunn & Crutcher UK LLP, the ongoing nature of the pandemic requires FIs to reassess and refresh their risk and control frameworks. “With COVID-19 changing business execution and control methods, FIs need to look again at their risks and recognise that in some areas residual risk will almost certainly have increased. They have to then consider whether it is now outside their risk tolerance and have a plan for dealing with that. However, as the pandemic continues toward its second year, temporary risk acceptance becomes less easy to justify.”

Tech: a double-edged sword

Technology is an essential component of a fraud prevention programme, but very much a double-edged sword. For while advanced technologies can help FIs to reduce the time it takes to detect fraud, they also provide fraudsters with the means of perpetrating ever more sophisticated scams.

“The mechanisms for financial fraud change over time and there is an increased use of technology and a range of alternative banking platforms to move and obfuscate the origins of illicit funds,” says Mr Rake. “Technology is also being used by bad actors to target FIs’ payments systems and the supply chains servicing them – something that has been flagged by law enforcement as a material threat, because it threatens the resilience of the entire system.”

Underpinning much of the financial crime being perpetrated is blockchain technology and cryptocurrencies, the emergence of which has established myriad new financial crime risks for FIs. Indeed, almost immediately upon their introduction and circulation, cryptocurrencies transacted via the blockchain became appealing to fraudsters, due to their anonymity, real-time fund settlement and decentralised nature.

Of course, what makes FIs such attractive targets for fraudsters is the significant amount of sensitive data they hold about clients, staff and the environment in which they operate. To protect such data, Mr Nunan suggests that FIs adopt a holistic approach to data analysis. However, with data being stored in different systems and formats, the challenge is to bring it all together to create one source and analyse that with smart technology.

The good news for FIs is that such technology is readily available. The likes of artificial intelligence (AI) and machine learning (ML) can be used to interrogate huge amounts of transactional data, to identify anomalies, patterns and networks that would otherwise be impossible to find.

However, while a boon for fraudsters, blockchain’s distributed ledger technology is also a useful tool for combatting financial crime. “The decentralised, unmodifiable ledger of transactions on a blockchain make it easier for FIs to analyse and evaluate vast amounts of transactional data,” explains Mr Pine. “In addition, the transparency of the most popular blockchains can assist FIs in identifying fraudulent transactions.”

Maintaining posture

As threats continue to evolve and regulatory scrutiny intensifies, FIs need to monitor fraud typologies so that robust regulatory and reputational posture is maintained and financial losses mitigated.

“Plan ahead so you are ready when something goes wrong,” advises Mr Nunan. “Fraudsters are constantly changing and developing new threats. “How FIs react when issues arise is key and will influence the regulatory response. FIs need to develop a scenario plan and develop a playbook in advance, because they may not have time to do it when a crisis is unfolding.”

The development of a playbook is, without question, dependent on FIs staying current on new and emerging financial fraud typologies. This starts at the top with an FI’s board of directors, who are responsible for setting compliance culture and tone.

“The board is tasked with appointing a compliance officer, who must ensure they maintain sufficient knowledge of evolving financial crime trends and relevant regulatory guidance and enforcement actions,” says Mr Pine. “FIs should formalise this requirement to ensure the board of directors and compliance officer have the resources needed to monitor emerging risks and establish processes and controls to mitigate those risks.”

The reality, unfortunately, is that it typically takes failures for FIs to collectively learn about a typology. “Technology can be used to our advantage in that sense,” asserts Ms Taccogna. “For example, traditional transaction monitoring systems identify anomalous transactions by comparing actual behaviour to a prescribed or expected one. This means that unless we know of a concerning typology, we will not see it.

“Unsupervised ML can help in identifying behaviours that we do not see with the naked eye,” she continues. “Also, behaviours are hardly ever seen in a single transaction or even dataset. AI and advanced technologies can help ingest and enrich data and make analysis more efficient and effective.”

Imperative

As the financial fraud landscape continues to evolve and threats become more complex, FIs need to ensure that their fraud prevention measures adapt accordingly, underpinned by technology and operational efficiency.

“Financial fraud is a game of cat and mouse – bad actors are always one step ahead, and FIs are constantly chasing and identifying new typologies,” notes Mr Pine. “I am confident FIs will leverage new technologies to keep pace with emerging threats, but they must ensure that these technologies are operating as intended.”

However, before leveraging any new technologies, Mr Pine believes it is important for FIs to conduct initial and ongoing model validations for all technology platforms they utilise to combat financial crime. In addition, they should conduct ongoing rule tuning and optimisation of their financial crime monitoring models to tailor the model output to their own unique risk profile.

“The fraud threat landscape is increasingly complex,” says Mr Rake. “FIs need to be more agile in order to keep up with the challenges ahead. While cost-cutting is not the answer in and of itself, approached correctly, improving operational efficiency and leveraging technology where appropriate to optimise key processes, can also drive better outcomes.

“And this is not a one-off exercise,” he continues. “FIs need to continue to review the adequacy and effectiveness of their control environment, to assess whether it meets the current threats and regulatory expectations, and identify where improvements can be made. This is an imperative, not a ‘nice to have’.”

© Financier Worldwide

BY

Fraser Tennant

©2001-2024 Financier Worldwide Ltd. All rights reserved. Any statements expressed on this website are understood to be general opinions and should not be relied upon as legal, financial or any other form of professional advice. Opinions expressed do not necessarily represent the views of the authors’ current or previous employers, or clients. The publisher, authors and authors' firms are not responsible for any loss third parties may suffer in connection with information or materials presented on this website, or use of any such information or materials by any third parties.