April 2014 Issue

Our 'Newsletter on Financial Fraud' is your monthly insight into the various new fraud types and methods used by fraudsters globally in the banking space. 

In this issue, we bring to light the effect of banking fraud creeping in and making banks lose millions to this plaguing menace.

Employee fraud rampant in Nigeria as banks lose billions

Despite stricter internal control processes as stipulated by the Central Bank of Nigeria (CBN), employee fraud is still rampant in the country.

Data released by the CBN indicated that the amount stolen by bank employees increased by a whopping 60.8 per cent to N3.8 billion in the first half of 2013 compared to the N2.5 billion stolen in the corresponding period of 2012. The data contained in the Economic Report for the first half of 2013 also indicates that the employees attempted to steal a total of N22.4 billion during the period compared to N7.1 billion attempted theft in the corresponding period of 2012.

According to the CBN, the frauds were carried out through diverse means including fraudulent withdrawals from customers' accounts, suppression and conversion of customers' deposits, theft, illegal funds transfer, cheque defalcations, and fraudulent ATM withdrawals. The apex bank stated that a total of 759 complaints were made by the banking public against deposit money banks (DMBs) in respect of excess charges, conversion of deposit, unauthorized deductions, among others, in the first half of 2013.

According to the apex bank, measures such as implementation of stricter internal control, improved technology audit to routinely check employees' activities and a more thorough approach to hiring employees for highly sensitive areas of operation have been recommended to the banks to mitigate the increased operational risk as a result of these frauds.

Source: allAfrica

Banks in India focusing on compliance to deal with frauds, says report

More and more banks are focusing on having an efficient system in place to save them from fraud-based risks, says a report from PwC.

"The domestic banks seems to be well-prepared and equipped to deal with fraudulent activities, taking suitable measures and initiatives to secure themselves from risk," PwC said in a report released at the CII banking technology summit here.

The report, which was based on responses from 24 public, private and foreign banks, said almost all the respondents have a strong and resilient regulatory compliance framework in their banks. 

It said the challenges that bank face pertaining to fraud detection are related to huge volumes of data aggregation and integration to cull out the relevant data.

According to the report, 63 per cent of banks are fully compliant with the RBI-mandated automated data flow requirement and have their implementation plans in place. 

The report said banks have faced some operational challenges in their NPA automation process and three-fourths of banks are in the process of implementing NPA automation.

Thirty-eight per cent of the banks feel technology has played an important role in bringing improvements in operational efficiency.

Source: Silicon India

Fraud and Corruption Trends to watch out for Banking Institutions

Fraud may be a moving target, but banks of all sizes are under closer scrutiny than ever in the current year for potentially fraudulent actions. Advisory firm EY, has identified several key themes on the fraud and corruption front for this year.

According to EY, Global regulators and the Department of Justice will continue to press large, global financial institutions on the issues of money laundering, trade sanctions and bribery and corruption, stressing the need for robust program controls, sophisticated monitoring systems and knowledgeable personnel at the watch. The regulatory scrutiny is now moving beyond the traditional banking sector into non-banks, including credit card issuers, insurance providers and gaming enterprises, prompting the need to seriously review and enforce their compliance programs and controls.

Fortunately for financial institutions, their investments in big data and analytics to provide greater customer and transactional insights are likely to start paying off on the fraud front, according to the EY forecast, which suggests, "The opportunity to leverage 'Big Data' in the context of compliance and anti-corruption will allow companies to ask new questions." Data analytics, traditionally the domain of marketing and sales, has effectively migrated into the realm of internal audit, compliance, and corporate oversight. Companies now have opportunities to use forensic data analytics for proactive monitoring of business data. Organizations will be able to develop a better understanding of the risks and rewards of forensic data analytics and how these techniques can be used to transform data to help detect potential instances of fraud and implement effective fraud risk mitigation programs.

EY also emphasizes that the burden of dealing with cybercrime, fraud and other breaches will not be limited to IT, security functions or operations. It "will become part of a General Counsel's responsibility set," the EY report predicts. "These risks are requiring immediate and planned responses organized by inside and outside counsel. Additionally the potential shareholder impact, risk due to state-run and industrial cyber-espionage, loss of highly valuable IP, unique business process, or client data elevates the responsibility of cyber-security to a Board level exercise."

Source: Banktech

Additional authentication in banking transactions- Are you thinking it right?

Consider a scenario where an existing customer of the bank has been using the same laptop for accessing internet banking for the last 2 years. Now when she does online funds transfer for the rent payment this month, does the bank need to challenge this transaction through the additional authentication (e.g. one time password they have sent to mobile)? Probably not!

The bank in this case has got all the information and positive indicators to come to a conclusion that this is genuine routine transaction. Then why does the bank need to challenge this obvious low risk transaction leading to degraded customer experience and additional costs for the bank itself? The bank in this case lacked a knowledge based software system which can provide this right intelligence at the time of transaction processing.

On the other hand, consider the scenario where a fraudster had stolen the bank account credentials of a customer and guiled the bank and customer to steal the passwords. He then changes the mobile number registered for that bank account; adds new payee and performs funds transfer immediately to one of his bank accounts leading to a sweep of balance in the customer’s account. Fraudster could do this despite additional authentication challenges given by the bank’s internet banking system during the transaction processing despite each of these financial and non-financial transactions performed by the fraudster being risky.

The reason for such frauds could be the predictability of the fraud monitoring systems in place. Many banks around the world have implemented 2-factor authentication software that triggers additional second factor authentication for financial transactions performed by the customer through direct channels. After a careful study of the systems, the fraudster could understand the authentication measures taken for a particular transaction irrespective of the fact that who is doing the transaction. What the bank lacks in such scenarios is the intelligence that can deduce account/customer behavior patterns and forecast the risk associated with a transaction and can take the right action (challenge/decline/allow) at the right time. How handy would a system that can balance the three crucial aspects of cost, customer experience and risk when processing financial and non-financial transactions. This where the advanced risk based authentication systems gain favor. Advanced risk based authentication software can provide the real-time fraud risk intelligence for every transaction considering the customer/account behavior patterns and advice whether to allow, decline or challenge the transaction.

Enterprise wide implementation of advanced risk based authentication software for all direct channel transactions is critical for banks to fight rampant menace of identity fraud and account takeover fraud across the world. This is all the more vital for banks in countries and environments where customer’s knowledge of fraud and fraud schemes is lower. 

Source: CustomerXPs

Related Blogs and Posts

Subscribe to Our Monthly Newsletter

Get insights & updates from the world of financial crime management in your inbox. Be on our newsletter mail list.

Subscribe Newsletter

©2018. CustomerXPs® Software