Our 'Newsletter on Financial Fraud' is your monthly insight into the various new fraud types and methods used by fraudsters globally in the banking space.
In this issue, we bring to light the effect of banking fraud creeping in and making banks lose millions to this plaguing menace.
With compromised credit cards and data breaches dominating the headlines in the past couple of years, it's hard not to have some concern about fraud. Technology such as EMV promises to make some payments safer, but experts predict fraud will remain a growing problem for years to come.
Data breaches totaled 1,540 worldwide in 2014 -- up 46 percent from the year before -- and led to the compromise of more than one billion data records. 12% of breaches occurred in the financial services sector; 11% happened in the retail sector. Malicious outsiders were the culprits in 55 percent of data breaches, while malicious insiders accounted for 15 percent.
32 data records were lost or stolen every second in 2014.
North America was the continent most affected by data breaches in 2014, accounting for 1,164 or 76 percent of breaches in the world. The United States accounted for 1,107 of those breaches -- 72 percent of breaches in the world. Next in line were the United Kingdom (8 percent), Canada (4 percent), Australia (2 percent), Israel (1 percent) and China (1 percent).
Fifty-four percent of data breaches in 2014 related to identity theft, 17 percent aimed at financial access and 11 percent sought account access. The remainder was considered nuisance attacks or attempts to get at intellectual property or classified information.
Most card fraud occurs in the United States. In fact, a 2015 research note from Barclays stated that the U.S. is responsible for 47 percent of the world's card fraud despite only accounting for 24 percent of total worldwide card volume.
The high level of debit and credit card fraud in the United States also impacts other countries. Among U.K.-issued cards in 2015, 35 percent of fraud-related losses occurred in the United States, compared to 10 percent in France and Australia, 9 percent in Canada and 6 percent in Germany.
Cross-border fraud occurs when criminals use a consumer's credit or debit card data in one country to make fraudulent transactions in another country. In 2014, 47 percent of fraudulent cross-border transactions on U.K. credit cards took place in the United States.
The U.S. is implementing EMV, and once it becomes widespread, counterfeit card fraud should drop here, too. But as in other countries, other types of fraud -- especially card-not-present (online) fraud -- will probably grow.
An estimated 17.6 million persons, or about 7 percent of U.S. residents age 16 or older, were victims of at least one incident of identity theft in 2014, the Bureau of Justice Statistics (BJS) announced today. These statistics were similar to those in 2012.
Identity theft is the attempted or successful misuse of an existing account, such as a debit or credit card account, the misuse of personal information to open a new account or the misuse of personal information for other fraudulent purposes, such as obtaining government benefits or providing false information to police during a crime or traffic stop.
In 2014, the most common type of identity theft was the unauthorized misuse or attempted misuse of an existing account—experienced by 16.4 million persons. Victims may have experienced multiple types of identity theft. An estimated 8.6 million victims experienced the fraudulent use of a credit card, 8.1 million experienced the unauthorized or attempted use of existing bank accounts (checking, savings or other) and 1.5 million victims experienced other types of existing account theft, such as misuse or attempted misuse of an existing telephone, online or insurance account.
Most identity theft victims discovered the incident when a financial institution contacted them about suspicious activity (45 percent) or when they noticed fraudulent charges on an account (18 percent). The majority of identity theft victims did not know how the offender obtained their information, and 9 in 10 identity theft victims did not know anything about the offender.
Other findings include-
Following the recent case where the chairman of a Mumbai-based private firm was booked in a Rs 231-crore cheating case, a senior CBI officer has suggested that bankers make use of voice analysis technology to identify such fraudsters and prevent such offences.
Keshav Kumar, CBI's joint director in Mumbai, had an interactive session with senior executives of several private and government banks at a workshop organized by the Centre for Advanced Financial Research and Learning (CAFRAL), affiliated with Reserve Bank of India (RBI) last month. He told them that use of layered voice analysis (LVA) can be a helpful tool to prevent fraud cases.
The LVA software can trace deception by a person during interviews; it analyses voice and emotion to provide clues whether a person is lying or giving genuine replies. The CAFRAL had organized the two-day workshop on digital forensics and cyber crime. Kumar was requested to share his expertise over the issue with participants.
"Preventive vigilance and preventive forensics are advisable to minimize financial risk factors. The technology can help bankers get an idea about the loan seeker's intention before approving the amount. It can also be used for in-house vigilance," said Kumar.
Source: The Times of India
Banks throughout the world are recognizing that fraud has become sophisticated and more and more pervasive. Potential projected global fraud losses related to occupational fraud are estimated to be more than $3.5 trillion.
While direct losses due to fraud are startling, the actual loss incurred is much higher in terms of loss of productivity, loss of customer confidence and attrition, notwithstanding losses due to fraud that goes undetected. Attacks against operational systems and infrastructures such as online banking and e-commerce can result in direct loss of business or revenue. Any kind of intrusions into information systems can result in massive theft of sensitive data or customer information.
Such enormous pressure on banks from fraud incidents and financial crime comes at a time when financial services organizations must deal with a new and expanding regulatory environment. Thus, the current environment is putting the banks’ fraud management capabilities into question.
Traditional fraud management systems have never been able to keep up with the sophistication of fraud across channels. The combat systems work in silos similar to a starfish and have the capability of monitoring frauds across only a single channel at a time. Thus, such systems are ineffective at identifying and combating cross-channel frauds. Banks should move away from silo based systems to take into account channel-specific fraud management techniques that have the ability to share information with other channels for combating cross-channel fraud.
The Problem with Current Fraud Management Solutions
Fraudsters on the prowl are constantly increasing their sophistication level rendering many fraud detection systems ineffective at identifying fraud. While rules-based systems are adept at spotting fraud patterns, it runs the risk of flagging many legitimate customers while fraudsters can use trial and error to discover ways to circumvent the system.
In addition, too many false positives, lack of speed in transaction authentication and inefficient investigative processes drive up operational costs, as banks are forced to increase spending on enterprise financial crime management against sophisticated attacks.
The amalgamation of organized crime and new and ever-changing types of fraud – in addition to heightened regulatory requirements – have led banks to pursue new techniques for preventing and detecting fraudulent activity.
According to Deloitte, around 30 percent of their survey respondents indicated that it took them 6-24 months to detect fraud. Close to 22 percent of survey respondents said they could recover only up to 25 percent of the fraud loss amount. These statistics indicate a move towards reliance on multiple channels, including technology based channels, to detect fraud, as indicated by a significant percentage of respondents.
Thus, moving over to advanced fraud management systems that overcome all these challenges is vital. Any negligence in awarding this area proper attention would ensure financial, reputational, and punitive risks.
The challenges discussed above have led to the extreme need of discarding age old fraud management systems that follow the starfish approach of working in silos, without any sharing of real-time information across different channels. Banks have a variety of risk functions to identify different kinds of risks. Each risk function varies in capability and how it coordinates with other risk functions. A central goal, and challenge, of any fraud management system is improving this capability and coordination, while integrating the output to provide a unified picture of risk for stakeholders and improving the organization’s ability to manage risks effectively.
Archive Section[-]  2017