March 2015 Issue

Our 'Newsletter on Financial Fraud' is your monthly insight into the various new fraud types and methods used by fraudsters globally in the banking space. 

In this issue, we bring to light the effect of banking fraud creeping in and making banks lose millions to this plaguing menace.

Hackers steal up to $1 billion from banks

A hacking ring has stolen up to $1 billion (roughly Rs. 6,215 crores) from banks around the world in what would be one of the biggest banking breaches known, a cyber-security firm says in a report scheduled to be delivered Monday.

The hackers have been active since at least the end of 2013 and infiltrated more than 100 banks in 30 countries, according to a prominent Russian security company. After gaining access to banks' computers through phishing schemes and other methods, they lurk for months to learn the banks' systems, taking screen shots and even video of employees using their computers, the company says.

The hackers seem to limit their theft to about $10 million (roughly Rs. 62 crores) before moving on to another bank, part of the reason why the fraud was not detected earlier. The attacks are unusual because they target the banks themselves rather than customers and their account information, Diaz said.

Most of the targets have been in Russia, the U.S., Germany, China and Ukraine, although the attackers may be expanding throughout Asia, the Middle East, Africa and Europe. In one case, a bank lost $7.3 million (roughly Rs. 45 crores) through ATM fraud. In another case, a financial institution lost $10 million by the attackers exploiting its online banking platform.

Source: India Today

38,000 cyber fraud cases reported in four years in India

As many as 37,721 cyber fraud cases involving Rs 497 crore have been reported by the RBI and CBI in the last four years, telecom and IT minister Ravi Shankar Prasad informed Lok Sabha on Wednesday.

Several cyber-attack techniques are used in engineering these crimes and are normally reported as ATM/ debit card, credit card, internet banking frauds, Prasad said in a written reply to the House. "As per information provided by the Reserve Bank of India (RBI), 10,048, 8,765, 9,500 and 9,362 cyber fraud cases and losses of Rs 38 crore, Rs 67 crore, Rs 78 crore and Rs 60 crore have been reported to the RBI during 2011-12, 2012-13, 2013-14 and April-December 2014, respectively," he added.

In a separate reply, the minister said: "CBI has also registered 46 cases (14 Preliminary Enquiries) and 32 RCs (Regular Cases) relating to cyber-crime in various parts of the country during the last few years that is 2012, 2013, 2014 and 2015 (till date)."

Incidents of malware infections in Indian cyberspace are reported to and tracked by the Indian Computer Emergency Response Team (CERT-In), which works with internet service providers (ISPs) to identify the infected systems and organizations, he said.

Source: Times of India

The card aiming to end Nigeria's fraud problem

Nigeria has a bad reputation when it comes to fraud.

"Dear Friend" emails originating from the country - also known as 419 scams - are among the most notorious in the world, with statistics from Ultra scan AGI suggesting losses from such schemes totaled $12.7bn (£8.2bn) in 2013. And the number of scams is growing by 5% each year.

However, identity fraud is also a serious problem. Nigeria's Inter-Bank Settlements Systems estimates the country's banks lost 159 billion naira ($800m; £515m) to electronic fraud between 2000 and 2013. Faced with its negative international reputation, and local banking losses, the Nigerian government is seeking to address the issue centrally.

Last year, the National Electronic Identity (e-ID) Card was launched in collaboration with MasterCard, with President Good luck Jonathan the first recipient.

The smart card's Match-On-Card technology matches a holder's fingerprint against a profile stored in the embedded chip.

The card is also a travel document, conforming to the same standards as international passports. It contains electronic identification information, as well as Public Key Infrastructure (PKI) technology that allows for document signing, non-repudiation and encryption. The eID card contains users' biometric data, including fingerprints.

"It is addressing the issue of stolen identity. It is helping security agencies verify and fish out who the real culprit is." Aside from its identification features, the card offers can be used as a form of payment. Separated from the other services by a firewall, the payments function uses MasterCard's prepaid technology and is chip and pin certified.

Daniel Monehin, division president for sub-Saharan Africa at MasterCard, says the fact the card has a computer chip embedded protects cardholders from fraud, and protects against the creation of counterfeit cards.

Source: BBC

AML as a Service

Past few months have seen a lot of activity from regulators, bankers and industry bodies alike towards curbing money laundering. Rules are becoming stringent and reporting more accurate. Then there were hefty fines levied on certain banks for non-compliance with AML guidelines.

During our conversation with bankers, it consistently emerged that bankers have AML compliance as one of their top priorities. This is a clear outcome of lot of banks having plugged their technology for AML, leaving the banks which have not yet taken solid steps towards AML exposed to becoming a conduit for money laundering leading to take evasions, black money and terror financing.

However, a major barrier these banks face is that technology investments are CAPEX which means budgeting for these investments at the beginning of financial year. It also necessitates a longer procurement cycle and boardroom discussions with other departments on redirecting budgets towards AML. Second barrier is diversion of resources from revenue generation towards maintenance of AML technology, annual licenses, a project management team to monitor the technology and additional costs to incorporate the changing regulatory requirements. Third barrier is upfront purchase of such technology entrenches the bank with the software vendor, making switching costs very high.

Understanding these concerns of our customers, CustomerXPs has launched Clari5 AML-as-a-Service to help them overcome the above mentioned barriers and provide a safe banking environment.

The first barrier of CAPEX is overcome by changing it to OPEX. This means that banks no longer have to make upfront investment in software, but use the ‘pay as you go’ model of monthly payments. This model of payments is more comfortable to the CIO, CRO and CFO.

Second barrier is taken care by the fact that there is no annual license, no maintenance required by the bank and incorporation of all the additional requirements come as part of the subscription.

Third barrier of entrenching with the software vendor is overcome by the fact that the subscription is monthly which means that banks can switch to other models with all risks covered.

Source: CustomerXPs

Related Blogs and Posts

Subscribe to Our Monthly Newsletter

Get insights & updates from the world of financial crime management in your inbox. Be on our newsletter mail list.

Subscribe Newsletter

©2018. CustomerXPs® Software