In the era of digital banking and financial services, as well as growth in FinTech and RegTech, banks across the globe are focused on modernizing and digitalizing their operations to survive in the market and enhance customer experience. With the increase in adoption of digital lifestyle by the customers and availability of high-speed internet through mobile service providers and free Wi-Fi in most public places, digital banking and online transactions on the go have become convenient. Additionally, the push for digitalization has intensified during the COVID-19 pandemic. Innovative solutions to overcome the disruptions caused by the outbreak through digital transactions have become the saviors of the financial systems. In addition, digitization of financial systems offers efficiency in service on many aspects such as onboarding a customer, protecting from fraud, regulatory monitoring, servicing and offboarding.
On the other hand, financial crime compliance has also become easier as identifying the source of digitally originated transactions is comparatively easier to track than cash or cash equivalent transactions. Reporting to regulators by the Financial Crime Compliance (FCC) unit in case of any transactions breaching the threshold mandated has become quicker and easier ensuring detection and prevention of fraudulent transactions at online channels in real time. In addition, digital transactions have made it easier to screen the device fingerprint, geo location coordinates of the device used, browser data and other behavior details and contextual data for the customer that can be stored in the bank’s system.
Catching up Versus Staying Ahead
However, criminals in the BFS industry are catching up with the evolution of technology, trying to find loopholes in the system and the ways to exploit them. Identity theft and account take overs have become primary concerns for FIs given the incidents are on the rise during the current non-face-to-face banking environment. The handheld devices, considered to be the convenient banking channel, might become an open book of financial secrets when lost or hacked. The browser on handheld mobile devices stores personal identifiable information (PII) like full name and aliases used, address, email id, passwords, cards numbers, national identifier like SSN, browser history, cookies, cache. The device storage might also contain downloaded bank statements, contacts, device location history (GPS), SMS, emails and recently deleted files.
When one falls prey to scams, the scammers or hackers can swindle the accounts without the knowledge of the victims in time to circumvent the fraud detection parameter deployed by their FI. Device fingerprinting and network IP tracking by the fraud monitoring systems are fooled by the scammers using victim’s own device connected to victim’s own network to siphon their money from their accounts.
Countering the Risk
There is need for a concerted effort from both the customers and the FIs in the digital banking space to counter these risks.
First and foremost, the onus of preventing fraud lies with the customer, which can be ensured by adopting some best practices to seal data leakage and awareness on the ways to evade scams. They should be advised to protect the digital banking device from hacking through phishing or SMS-shing to validate the authenticity of the links received in the SMS or emails before opening, not to use non-secure internet connectivity for banking transactions, use of multifactor authentication for mobile banking apps like a password, biometric or PIN to access and install only genuine banking apps from reliable sources and authenticated banking websites. On the other hand, the FIs need to step up their digital security and fraud prevention strategies to meet the ever-evolving fraud trends in the digital environment.
The first step in controlling fraud attempts by the FIs should be to educate their customers on the scams and trends of fraud in the market at regular intervals. In addition, FIs need to implement machine learning-driven analytical solutions to minimize the false alerts, which might impact customer experience through multiple customer-connects and decline of genuine transactions, etc.
The Road Ahead
Going forward the FIs can deploy linkage analysis combined with social media activity analysis to identify the fraud trends. This will indirectly reduce the friction in customer experience by bringing down the unwarranted connect for transaction authenticity. Cognitive solutions like automated communication with the customer through auto dialer, push message or SMS could be the alternative choice for customer connect.
Additionally, internal audit conducted at regular intervals will help test the effectiveness of controls deployed in stepping up cyber security to protect customer data from hackers and data breaches. Realtime monitoring and quicker turnaround in validating the anomaly with the customer will help minimize the risk of multiple fraud attempts.
While this isn’t an exhaustive list of actions to counter financial crime, this is an evolving space and the FIs need to track the developments in the area to update customers knowledge, processes and controls accordingly.