Digital world and the changing fraud landscape – APAC perspective

Sachin Shah delves into the fraud landscape in the APAC region, outlining proactive measures taken to curb and prevent fraudulent activities.

Digitisation is the buzzword for the 21st century. It has not only transformed the whole industry ecosystem in terms of how the business is done but also the way customers are provided with innovative products and how they interact with the business stakeholders. In the last few decades, the brick-and-mortar model of business is vanishing, and the new age digital model has been embraced. Tracing the evolution of digital banking, one can very well witness the pace of embracement of digitisation, especially in the banking industry. It all started with the early automations during 1960s with the use of mainframe computers to automate various banking processes. In the later four decades, the pace of technological innovation was mind-boggling which started with the introduction of online banking in 1990s and mobile banking in 2000s. Today we live in the world of technological integration where technological advancements like blockchain and Artificial Intelligence have resulted into the paradigm shift in the banking industry. The key features of this transformative journey which we all witness in some or the other form are speed, security, transparency, decentralisation, convenience etc. The instant and real-time payments which is now a new norm and the possibility for the mass reach out by leveraging the social media platforms has brought significant commercial benefits for the financial institutions. However, it has also resulted in increased vulnerability to money laundering and fraud.

The increase adoption of digital transformation has made online frauds and scams a big concern for the governments and regulators across the world. As per the available information in the public domain, United Kingdom along reported more than GBP 1.2 billion of fraud losses in 2022 and the banking and finance sector prevented another GBP 1.2 billion worth of fraudulent activity. On further analysis, one will note that there are close to 20 fraud typologies across the globe which are used by criminals and have become a pressing concern for institutions, regulators, and governments equally. A high-level snapshot of these fraud typologies is depicted as below:

These fraud typologies are prevalent in almost all the global jurisdictions and Asia Pacific (APAC) region is not an exception. In fact, some of the countries like India has unique fraud typologies like United Payment Interface (UPI) frauds. Additionally, some of the fraud typologies like phishing, investment scams, mule account frauds are trending in multiple countries like India, Hong Kong, Singapore and Australia and New Zealand.

Scanning the fraud landscape in the APAC region, one can clearly see the interesting themes for each of the countries in the region. A high-level summary of country specific fraud themes will be worth knowing to understand the fraud landscape in the APAC region holistically.

To start with India, the country which pioneered the instant payments by introducing UPI, UPI related frauds are the most prevalent. UPI demonstrates India’s technology leap in the payments domain and recorded 865 crores of transactions valuing 14.07 lakhs crore in March 2023. However, UPI also is turning out to be the easiest way to be scammed. As per the details in the public domain provided by Ministry of Finance, more than 95,000 fraud cases linked to UPI transactions were recorded in 2022-23, an increase from 84,000 incidents in 2021-22. Additionally, as per the Reserve Bank of India report, the value of bank frauds increased by staggering 1626% between 2009 and 2023. Another study by an IIT Kanpur incubated start-up reported that financial frauds accounted for 75% of cyber-crimes in India from January 2020 to June 2023 and UPI and internet banking frauds accounted for more than 50% of these financial frauds. The report also mentions different other typologies of fraud in the Indian context which ranges from social media related crimes (cheating by impersonation, cyber-bullying, sexting, and email phishing), debit/credit card fraud, business email compromise, internet banking-related fraud and other cybercrime categories like online cyber-trafficking, online gambling, ransomware, cryptocurrency crime, and cyber terrorism.

Moving on to Singapore which is not only known to have one of the best regulatory regimes, but also emerging as a regional hub for fraud activities. The key fraud typologies which are prevalent in Singapore are impersonation scam, job scams, investment scams, ecommerce frauds, phishing and malware infection via bank impersonation, SMS, call and social media advertisements. As per the ‘Mid-years scams and cybercrime statistics 2023’ report of the Singapore Police force, scams and cybercrime continues to be a concern in Singapore. During January to June 2023, the number of scams and cybercrimes cases increased by 69.4% as compared to same period of 2022. Out of this, scams accounted for 91.1% of total instances with young adults aged between 20 to 39 being the most vulnerable. The report further mentions the top 10 scam and cybercrime concerns which are (in the order of priority) – impersonation scams, job scams, ecommerce scams, fake friend call scams, phishing scams, investment scams, and malware enabled scams.

Hong Kong is another hub within the APAC region which is emerging as a target for global fraudsters. With the increased digitisation, it is becoming popular targets for online payment related frauds. Additionally, social engineering scams (investment scam, romance scam, payment scam, impersonation), mule accounts, and malicious QR code payment frauds are also some of the major fraud typologies prevalent in Hong Kong. As per the media reports, the overall volume of suspected fraudulent transactions increased by 57% in the H1 of 2023 as compared to the same period of 2022. Similarly, the banking complaints doubled in the first nine months of 2023 with 954 complaints, compared with 555 in the whole of 2022, according to the Hong Kong Monetary Authority (HKMA), the apex regulator of Hong Kong.

Other South-East Asian countries are not behind in the overall threat landscape of fraud. Due to their peculiar socio-economic conditions, these countries like Myanmar, Cambodia, Philippines etc. are posing greater challenges to the regulators and governments. Due to the abject poverty and the increased penetration of digitisation among these countries, the south-east Asian countries are becoming a hub for human-trafficking. On a deeper analysis, it will be interesting to note that lot frauds and scams are connected to the human-trafficking crime in these countries. As per the estimates from United Nations, over 1,20,000 people are being forced to work in scam centres in Myanmar along at any point of time and another 1,00,000 or more in Cambodia. Many of these people are victims of the jobs scam which is a major concern for these countries where there are minimal employment opportunities. Ecommerce frauds is another prevalent typology in the south-east Asian countries where fraudsters, based out of countries like Malaysia, Vietnam, and Indonesia, target the sellers of electronic items like smartphones, computers, and semiconductor chips. They deliver these illegally obtained goods and deliver it to freight forward companies to re-package these stolen merchandise in the same containers they use to transport legitimate merchandise. It is estimated that USD 700 million is lost in these fraudulent sales. Another fraud typologies noted in the south-east Asian countries are similar to that of other jurisdictions, i.e., phishing, mobile malware, money-siphoning apps, social-media scams, investment scam, romance scam and malicious QR code payment related frauds.

All these fraud landscape across APAC region indicates to only on direction and that is enhanced focus on fraud prevention and mitigation initiatives and strategies. The biggest comfort on this is that institutions and the regulators across the APAC region are aware of this landscape and are already taking several actions to fight out this menace.

Regulators in the APAC region is seriously pursuing fraud mitigation strategies at a country level. India, Hong Kong, and Singapore are the examples where the recent initiatives of the public-private partnership in implementing the information sharing platform has caught the attention of the global audience. India in 2019 operationalised National Cyber Crime Reporting Portal to provide a centralised mechanism to the citizens for online reporting of all types of cyber-crime incidents. Additionally, Citizen Financial Cyber Frauds Reporting and Management System (CFCFRMS) has been developed as a part of ‘National Cybercrime Reporting Portal’. This module provides an integrated platform, where all stakeholders including the LEAs of States/UTs, all major Banks and financial intermediaries, payment wallets, crypto exchanges and ecommerce companies work in tandem to ensure that quick, decisive, and system-based effective action is taken to prevent the flow of money from victim’s account to cyber fraudster’s account.

Monetary Authority of Singapore (MAS), apex regulator of Singapore also operationalised similar initiative known as COSMIC. This platform is known as – ‘Collaborative Sharing of Money Laundering/Terrorism Financing (ML/TF) Information & Cases’ and it has been developed together with six major banks in Singapore. The objective of this platform is to allow FIs to securely share with one another information on customers who exhibit multiple ‘red flags’ that may indicate potential financial crime concerns, if stipulated thresholds are met. This will make it easier for FIs to detect and thereby deter criminal activity. Hong Kong is not behind and the Hong Kong Monetary Authority (HKMA) which is the apex regulator for Hong Kong launched the Financial Intelligence Evaluation Sharing Tool (FINEST), in June 2022 with the support of Hong Kong police. Drawing parallel to COSMIC platform, FINEST also is a secure electronic platform allowing the five major retail banks to share information where there are indications of criminal activity. It will be pertinent to quote the ‘inSight’ article published on HKMA official portal on 23rd January 2024 which rightfully mentions the objective and significance of such platforms. The article elaborates that along with the digitisation of financial services, criminals have also adapted and are using technology to deceive people online, leading to a global increase in digital frauds. Further, one thing which is essential in combating financial crime is prompt passage of information, both between law enforcement agencies and financial institutions, and within the financial sector, especially banks.

Such regulatory stance clearly demonstrates the willingness of the regulators across the APAC region to combat financial crime including frauds. Additionally, the operationalisation of such public-private information sharing and reporting platform are not only setting the best practices in the APAC region but also acting as benchmarks at global level.

To conclude, APAC region is taking the lead at global level in-terms of fraud prevention and control. By treating it as a national priority, one can be assured that the days are not far when the regulators will be successful in their endeavour to strike the right balance between the two important and legitimate objectives: incremental adoption of digitisation of financial services while protecting citizens from financial crime.

About Sachin Shah

Sachin Shah is a financial crime compliance subject matter enthusiast, having more than 23 years of experience working with some of the world’s top financial institutions. He has held senior positions assisting financial institutions in mitigating financial crime compliance risk.

Sachin is a passionate writer and has more than 15 global publications to his credit.