Why are banks so open to cybercrime and fraud?
The risk of fraud in financial services is much larger and harder to define than in other industries, meaning that banks have the most to lose. Fraud is costing businesses across the world US$5 trillion each year, according to research from Crowe in conjunction with the Centre for Counter Fraud Studies at the University of Portsmouth.
Banks will always be the number one target for cybercriminals, as that is where the money is kept. As a bank you have to protect your customer’s money, their information and your reputation. But the environment today is radically different – regulation, financial climate and competition from fintechs is far more intense and forces you to transform under an intense pressure on your margins. At the same time, the attackers get more sophisticated, they have learned to target complex environments and use financial innovation, such as blockchain and instant payments, against us.
Have financial crime threats increased recently?
Absolutely. Today’s attackers are clever and constantly change their attack methodology and identities. They are using more sophisticated tactics which makes it difficult for cyber security teams to keep up.
Over the past 12-18 months, we’ve seen an increased online presence for many businesses, widespread remote working and new schemes for payments such as Buy Now Pay Later. Criminals have taken advantage of any weaknesses in these systems and exploited them for their own gain.
Particular areas of concern include synthetic sign up where a criminal combines stolen data with false information to create a new identity and account takeover where a malicious third-party gains access to a user’s account details.
However, the challenge is to ensure the utmost levels of security without making the on-boarding process for new customers cumbersome. A trusted customer experience will boost brand reputation and help to build a loyal customer base.
How is Artificial Intelligence helping to combat financial fraud?
This is where it gets interesting. The combination of AI, automation and the human brain is the strongest form of defence against cybercrime. Sophisticated AI is able to predict, detect and defer financial crime by using multiple algorithms to detect weak patterns with minimal latency.
Continual assessment of transactions alerts teams to potentially fraudulent activity taking place. These anomalies could be behavioural, device characteristics, geo-locations, unusual switching between accounts and much more. Fraud and cyber analyst teams are inundated with alerts, many of which can be false. By narrowing the focus of investigations, the analysts only have to investigate genuine priority alerts.
The intention is to find a problem before it becomes a threat and today’s AI powered solutions are able to detect advanced fraud and manipulation earlier and faster. Similarly, these financial automation oversight engines are adept at identifying previously unidentified vulnerabilities and gaps in third-party systems that are ripe for exploitation.
Another area that AI comes into play is in the detection of forged documents. 1-20% of documents in the application and onboarding process can be subject to manipulation such as forged bank statements, modified invoices and amended pay slips. By protecting automated processes that use unauthorised documents from third-parties, banks can be sure no digital documents are forged.
Financial crime will always be with us. The challenge is to find it as it shifts its methods and changes its targets. Capabilities are required that can detect known criminal practices and recognise never seen before emerging patterns of financial crime. By working with the right expertise, exploiting advances in cutting edge AI, it is possible to spot different types of threats or attack vectors and respond to them before it’s too late.