February 2015 Issue

Our 'Newsletter on Financial Fraud' is your monthly insight into the various new fraud types and methods used by fraudsters globally in the banking space. 

In this issue, we bring to light the effect of banking fraud creeping in and making banks lose millions to this plaguing menace.

CustomerXPs & EY to jointly help banks fight enterprise fraud risks

CustomerXPs, a provider of enterprise fraud management products, and EY, an assurance, tax, transaction and advisory services firm, have joined hands to assist companies with the detection, prevention and management of fraudulent transactions and activities across multiple business lines within the banking industry.

According to the company, the alliance brings the forensic expertise of EY’s Fraud Investigation and Dispute Services (FIDS) practice supplementing the cross-channel/cross-product fraud management solutions of CustomerXPs ‘Clari5 Enterprise Fraud Management’ to deliver optimum solutions to clients.

The partnership will equip banks with a real-time 360 degree view of their customers, employees, branches and external entities, using transactions and activities done across business lines and channels. It will also mitigate risks related to fraud such as internal fraud, identity theft, account takeover, credit card fraud, fraudulent transactions around card not present (CNP), mass compromise etc.

The combined capabilities of EY Fraud Investigation & Dispute Services and CustomerXPs can enable banks to gather and prioritise requirements related to Fraud Management and Anti-Money Laundering, project management services for solution implementation, define and refine scenarios and extent of business coverage.

"Fraudsters have been exploiting the potential lack of coordinated and timely response by banks to single channel or multi-channel fraud schemes. Traditional systems and frameworks were designed to address specific fraud risks, products or delivery channels. As the need to connect these silos becomes more relevant today, a more strategic and enterprise-wide approach is needed. This is where the combination of EY FIDS knowledge and experience along with CustomerXPs’ software solution will provide our clients a unique edge over fraudsters," said Amit Jaju, director – Forensic Technology & Discovery Services at EY.

Source: First Post

How to assess and monitor fraud risks in the banking sector

Fraud is a significant threat facing entities everywhere. Globally, regulatory bodies as well as associations are driving awareness among organizations through multiple initiatives. 

Today, assessing, improving, and monitoring fraud risks are key elements of an effective internal control structure. Frequent surveys, with varying findings, indicate that fraud is prevalent and any organisation that fails to protect itself appropriately faces not only tangible losses but also intangible losses such as negative impact on brand, reputation and image of organisation leading to erosion of investors' confidence.

In the recent past in India, the fraud uncovered in the banking sector has been worth crores and has brought the problem to the doorstep for most organizations. During the National Conference on Financial Fraud, Reserve Bank of India highlighted that the amount involved in the frauds reported by the banking sector in India has increased from Rs.2038 crore during 2009-10 to Rs.8646 crore during 2012-13, an increase of 325%. It was also highlighted that while 82.5% of fraud by number are reported by private sector banks and foreign bank groups, 83% of total amount involved in fraud are reported by the public sector banks.

Most banks in India continue to use piecemeal anti-fraud solutions that focus on specific lines of business or channels. Typically, banks will have one AML or fraud detection solution for core banking system, another for credit cards/ online transactions and yet another for loan and advances. The biggest challenge with this set-up is that these systems work in silos and are not easily integrated. This results in high cost for the banks, not just due to disparate IT infrastructure and license fees, but also in potential losses, as a 360 degree fraud risk view of customers is not available.

How can banks or financial institutes make fraud framework more robust?

The key to a robust fraud risk control framework is following a three pronged approach: 

Informed fraud governance: Top executives and board of directors, apart from general questions, should ask questions specific to potential fraud risk. Anti-Money Laundering (AML), fraud detection and prevention, Know Your Customers (KYC) and regulatory compliance should be part of board room discussion.

Initiatives should be taken to write well-defined anti-fraud/AML policies and procedures, aligned to regulatory guideline, to convey the expectations of the Board and senior management regarding managing fraud risk.

Skilled resources: It is important to have dedicated and well trained fraud and AML team who can be made accountable for fraud detection and prevention.

Integrated team: In the Indian context, most banks have separate departments for AML and fraud management. In some cases, the fraud detection and prevention is entrusted to the business line operations. e.g. the credit card department would monitor and respond only to credit card related transactions. Even if the same customer has an internet banking account or a debit card, any alerts for those would be routed to the respective service line teams, without any information being shared between these teams. This often leads to incomplete view of the fraud risk.

Integrated Anti-Fraud Solutions: Banks should decide on the right anti-fraud and AML solution based on their business lines, customer base and future plans. Banks offering services through multiple channels should consider investing in an enterprise-wide, integrated anti-fraud and AML solution, which would cover multiple business lines and banking channels Reducing inefficiencies: Process and system based inefficiencies should be reduced by taking up initiatives like data quality, data lineage, data maturity, enterprise data warehouse. Banks can have common data definitions like common data field that identify various transactions - ATM transaction, online fund transfers NEFT, RTGS, Mobile payment - made by same customer.

With rising instances of high value fraud, there is urgent need to improve the system of monitoring, control and supervision. Active involvement of board in defining anti-fraud policies in line with regulatory guidelines, monitoring of audit processes, improved exchange of information between all stakeholders, setting up of an efficient and holistic way to combat fraud are all necessary to combat this threat effectively.

Source: The Times of India

64% of South Africans face online theft in 2014

Almost two thirds of people in South Africa have faced online threats involving attempted money theft, according to a survey by Kaspersky Lab and B2B International. According to the survey, 64% of users locally faced financial cyber-attacks during 2014, with 10% of respondents reportedly losing money as a result.

When explaining how they lost the money, 14% of respondents in South Africa stated that hackers had stolen their money by gaining access to their payment services accounts, 20% believed they had fallen for fraudsters’ tricks and entered their credentials on a fake website and 8% were sure that their logins and passwords had been intercepted by malware.

The average amount stolen from each user was $190, but one victim in five lost over $1,000 to this type of online fraud.

The quickest way of digging into users’ wallets is to gain access to their accounts for payment systems, online banking or online shops that store bank card data, the study noted.

During the year, many users’ online accounts – email, social networking, etc. – were hacked. This was reported by 19% of respondents.

In addition to being used by cybercriminals to send spam and malicious URLs, compromised accounts can be a source of financial losses. Information that can be found in a user’s mailbox often includes account credentials sent by payment services and online stores in response to registration and password recovery requests.

Source: Business Tech

UAE bank clients targetted by scamsters

Fraudsters are targetting UAE bank clients by trying to steal money from their accounts through e-mails, prompting banks to issue an alert to their customers. In messages texted to their customers, banks in the UAE said users of online bank services are the main target and asked clients to regularly check their accounts. “Phishing e-mails are circulating to banking clients in the UAE, including online services customers,” Dubai-based United Arab Bank said in a text to its clients. “Do not share any account details or select the links in such e-mails and regularly check your accounts for fraudulent activity if you receive any suspicious e-mails or feel you have been a victim of fraud,” the text message said.

Source: Emirates 24/7

Related Blogs and Posts

Subscribe to Our Monthly Newsletter

Get insights & updates from the world of financial crime management in your inbox. Be on our newsletter mail list.

Subscribe Newsletter

©2018. CustomerXPs® Software