Mergers & acquisitions in the fraud prevention space – the last 12 months overview

In order to keep up with all the changes and challenges in the industry that made their presence felt in the last 12 months, and to satisfy the need to stay above both competitors and fraudsters, some industry players have partnered, collaborated, invested in others, merged or acquired other businesses. 

However, to have a better overview of the main deals and the reasons behind them, we have decided to depict some of the most significant mergers and acquisitions in the fraud space, in the last 12 months. In this M&A article, we discerned between companies that focus on solutions aimed to secure digital transactions (e.g. fraud prevention platforms) and companies that focus on financial services and regulated entities that need to rely on KYC, identity, and compliance mechanisms to prevent fraud and other types of system abuse. 

The context 

The current pandemic situation has proven to be challenging for many players operating in the payments industry. We see a growing number of online transactions, as lots of people have been forced to make a shift towards more and more digital channels in a bid to maintain social distancing and avoid contact. The lockdown forced people to carry out their daily banking and shopping activities online, while businesses that were new to the online channel, such as the case of many brick and mortar merchants, had to accommodate to the new normal. On the consumer side, this move to the digital world brought along a new vulnerable group of users, including the elderly who need to learn how to transact online; minors engaging in remote learning; and subscribers looking to access online entertainment and streaming services. Fraudsters may attempt to lure these less tech-savvy consumers into criminal activities or steal their identities in a bid to use them on fraudulent ventures. 

What is more, criminal groups take advantage of the chaos provoked by the pandemic. As there are more transactions, the number of online fraudulent acts is also growing because not only fraudsters get access to online channels easily, but they are also opportunistic and come up with new different methods to do their jobs. Therefore, online fraud is on the rise, fraud has become increasingly sophisticated, and scammers continue to innovate new ways to defraud honest businesses. 

Fraudsters seem to have all the tools that facilitate their work, especially now, and they do not hold back. They constantly elevate their game with advanced tools and go directly for merchant’s accounts with complex account takeover (ATO) attacks; they use strategies like synthetic identity fraud, SIM card swaps; they gather personal information, credentials, and credit card numbers which they then use on the dark web. 

At the same time, financial institutions face some issues as well – lots of people have remained without a job either because their employer closed or lost the business due to the coronavirus pandemic. KPMG reports that, during this period, companies around the globe apply for emergency loans or government-backed support, which makes them a target for fraudsters.

Bad actors do not lose any opportunity for illicit activities: they pose as legitimate businesses or individuals seeking for financial assistance, so they use information in the public domain to make fraudulent claims on government schemes. There are also fraud and credit risks associated with the bounce back loan scheme (BBLS) – a new scheme designed to enable businesses to access finance more quickly during the coronavirus outbreak. The head of the British Business Bank emphasised upon the extensive reliance on customer self-certification and the corresponding fraud risk as being a key concern, and considered that the scheme is ‘vulnerable to abuse’ by participants in organised crime. 

In addition, for those banks that had to close their branches, the online channel became the go-to channel. However, those that don’t have a well-developed online channel are at risk, because bad actors circumvent controls to introduce illicit proceeds into the financial system. So, activity supervisors and compliance teams need to re-assess what is unusual or suspicious. Some are forced to work remotely, so they no longer conduct on-site investigations, but they are reduced to desktop analysis, while others even employ online verification and authentication tools that they’re not familiar with. As such, since fraudsters will try to pose as legitimate individuals or businesses, or try to infiltrate financial systems, it is crucial for businesses to invest in digital onboarding and identity verification mechanisms to prevent fraud and money laundering.

KPMG reported that there has been noticed an increase in phishing emails and in call centre fraud. In the first case, the emails received may seem to come from banks, but they are either a lure asking for customers’ account information or a malware that downloads onto one’s system when the link is clicked. In call centre fraud, bad actors engage in social engineering, asking questions on social media platforms to obtain information that is further used to impersonate legit customers with their bank or to make a false insurance claim. 

So, fraudsters perfect and scale their operations; but businesses need to uplift their defences as well as to respond to these threats correctly. The growing number of sophisticated attacks are forcing companies to invest in their security services, and to search for specific solutions to meet the challenges. Moreover, businesses are required to stay compliant with the new upcoming regulations (PSD2, SCA), and avoid any types of fines or reputational risk. This also drives the need to add more capabilities. As they are pushed towards implementing solutions that offer SCA, solution providers need to come into help. 

This wider acceptance of digital processes and online transactions translates into the need for more tailored and safer services to a wider range of people. At the same time, safer services mean better tools to prevent fraudsters from abusing financial systems and compromising the KYC/AML checks. How can this be achieved? By investing in robust data-led solutions that are meant to manage fraud, identity, and compliance risks. LexisNexis reports that ‘in an increasingly digital world, data is king’, therefore, it is important now more than ever to rely on KYC, identity, and compliance tools that are designed to detect and prevent bad actors from abusing the system. 

Fraud prevention and detection: a shield to keep fraudsters at bay 

The second half of 2019 started with a boom in terms of new innovations and acquisitions. F5 Networks, a US-based company that specialises in application services and application delivery networking (ADN), acquired Shape Security, a company that offers a fraud prevention platform to banks, airlines, retailers, government agencies, and more. The company also provides sophisticated bots, fraud, and abuse defences, and it specialises in protecting against credential stuffing attacks. As F5 wanted to better protect applications across multi-cloud environments, the company’s decision to acquire Shape Security was inevitable. The deal was agreed at USD 1 billion.

In August 2019, Razorpay, an India-based paytech/fintech company, acquired NCR-based AI company Thirdwatch. Thirdwatch designed an AI platform to prevent real-time fraud in ecommerce companies, which led Razorpay to this strategic deal, as it wanted to increase its efforts at both improving payment experience and avoiding fraudulent transactions with the help of AI, ML, and Big Data. 

Data and advanced analytics company LexisNexis Risk Solutions acquired a number of companies to obtain new fraud detection and risk assessment capabilities, as well as to augment organic growth. 

In 2018, its parent company, RELX Group, closed the acquisition of ThreatMetrix for USD 817 million in cash, in a bid to allow companies around the world to protect themselves against existing and emerging fraud, risks, and financial crime with new innovative solutions; and to enable a comprehensive approach to fraud and identity risk management. 

In January 2020, LexisNexis agreed to purchase NortonLifeLock’s ID Analytics, a deal that is expected to close in Q1 2021 for USD 375 million. The aim is to help with the delivery of risk insight via a combination of proprietary data, patented analytics, and near-real-time cross-industry consumer identity behaviour. 

In March 2020, LexisNexis acquired Emailage, a fraud prevention and risk management solution provider that operates in this space. As now part of the Business Services group of LexisNexis Risk Solutions, Emailage’s email and digital data attributes network, inquiry data, and confirmed fraud feedback will complement LexisNexis’ expertise in contributory data management and linking technology. 

LANDRY et associés, a multidisciplinary firm specialising in risk and performance management, grasped the opportunity to expand into the Canadian market. This was possible with the completion of NexuWeb’s acquisition – an ecommerce security and development services company. NexuWeb offers anti-fraud services and it has an expertise in credit card bank fraud and cryptos. LANDRY benefits from the opportunity ‘to become a leader in the Canadian market in fraud prevention and protection of cryptocurrency transactions’, as well as from an array of ecommerce services, such as infrastructure security, content delivery acceleration, and fraud prevention and cryptocurrencies. 

In June 2020, the payments testing and consultancy company FIME unveiled the acquisition of CETECOM US’s payment activities. CETECOM is an independent test and certification service provider. What FIME did through this move is actually enabling the US payment ecosystem to define, design, deliver, and test new digital payments products. Both teams will work together to support the acceleration of digital payment technologies in the US, from authentication solutions around biometrics and EMV 3DS, through to card, mobile, and softPOS contactless payments. 

Identity authentication platform Prove (formerly Payfone) – a customer identity platform that provides mobile and digital identity authentication solutions for businesses – unveiled the acquisition of mobile authentication lines of business from Early Warning Services – a fintech company owned by seven of US largest banks, whose goal is to empower financial institutions to make confident decisions, enable payments, and mitigate fraud. This move continues an initial partnership started in 2013, agreed upon the delivery of authentication solutions to the US financial services industry. As per Prove’s CEO, the acquisition will accelerate the ‘growth and penetration into financial institutions around the globe, positioning Prove as the global standard for customer identity and authentication’.

A glimpse into a world of identity, KYC, and financial crime compliance 

Moody’s Analytics, a unit of Moodys Corporation, which helps capital markets and credit risk management professionals, acquired risk analytic solution company RiskFirst. This move proves profitable for Moody’s because RiskFirst’s platform addresses the US and UK defined benefit pension markets, offering solutions for the institutional investment market. With this acquisition, Moody’s extends its range of risk solutions to the institutional buy-side. 

The spring of 2020 also brought new deals. Acuant, a provider of identity verification solutions across the global market, finished the acquisition of its strategic partner IdentityMind. This means that Acuant’s Trusted Identity Platform for identity proofing and verification is currently combined with IdentityMind’s Digital Identity Platform for identity creation, risk scoring, transaction monitoring, and regulatory compliance (KYC and AML). By merging these two platforms, Acuant’s newly evolved identity platform will now provide building, proofing, verifying, and maintaining digital identity services, making it a complete identity management solutions package. 

In September this year, identity verification platform IDnow revealed the decision to sign an agreement for the acquisition of Wirecard Communication Services, which is part of the Wirecard Group. The acquisition has various objectives: first, to facilitate the service quality of IDnow products; second, to further increase the responsiveness for customers; and third, to cut waiting times. 

NICE Actimize, a provider of financial crime, risk, and compliance solutions, acquired Guardian Analytics, an AI cloud-based financial crime risk management solution provider. By combining both companies’ fraud and AML capabilities, they believe businesses will be empowered to adopt solutions that best protect their assets and customers. NICE wanted ‘to make sure financial institutions and consumers are protected in a way that’s cost-effective and intuitive’. The plan is to offer AML and fraud capabilities in the cloud for financial crime and compliance coverage, analytics and ML solutions that adapt to new attacks and allow higher detection, lower false positives, and a 360-degree view for operational efficiency.

Regulatory DataCorp (RDC), a risk intelligence company and a provider of AML and KYC data and due diligence services, was acquired by Moody’s Corporation. This agreement is meant to complement Moody’s 2017 acquisition of company data provider Bureau van Dijk (BvD) by deepening its information portfolio and analytical capabilities through the addition of RDC’s comprehensive dataset. The deal extends RDC’s global presence to a broader group of financial institutions, corporations, insurance companies, and government agencies served by Moody’s Analytics and BvD. 

Accuity, a global provider of financial crime screening, payments, and KYC solutions, and part of RELX, announced the acquisition of Apply Financial Limited (Apply Financial), which offers payments validation solutions to both financial institutions and corporates using the cloud and API’s. Via this deal, Accuity supports its strategy of providing banks, corporates, non-banking financial institutions (NBFIs), and fintechs with global and domestic payment and account validation solutions that reduce payment processing costs while increasing the speed of transactions. Apply Financial believes that they ‘will be able to share industry expertise, […], and collaborate on innovative solutions that will support the industry now and in the future’. 

Refinitiv, a provider of financial markets data and infrastructure, signed an agreement to acquire digital identity, payments verification, and fraud prevention company GIACT. Via the addition of GIACT’s fraud prevention capabilities, Refinitiv broadens its digital identity verification and document proofing solution, dubbed Qual-ID. GIACT reports that together, both companies, ‘will bring to market a unique platform that can address the complete customer lifecycle, regardless of industry’. Thus, customers will also be offered an end-to-end fraud prevention, identity verification, and compliance platform that addresses money-laundering risks in addition to preventing monetary loss through fraud.

Final notes 

If we are to look into the future and consider some trends that most likely will be seen in 2021, what exactly can we see

Well, firstly, we can see without a doubt the impact of the global lockdown that has changed everyone’s lifestyle. Not only has the pandemic accelerated the move towards digital channels, but consumers have had to adapt to new ways of shopping, while merchants have had to reconsider their payments and delivery infrastructure. Many businesses started to collaborate with more and more delivery companies to provide customers with their bare necessities and to meet their expectations and conveniences. 

This means that companies will continue to invest in state-of-the-art tools to protect their good customers and block bad actors. Solution providers will invest in and acquire more capabilities to widen their datasets and improve their data analytics features. The tricky part, however, is that fraudsters will watch everything, and they will also want to create more sophisticated tools to outsmart solution providers. Therefore, to stay one step ahead of fraudsters, we will likely see more acquisitions in 2021: just as LexisNexis did, for instance – businesses will collaborate to increase and leverage their datasets and offer advanced analytics. 

Secondly, COVID-19 has also accelerated the rate of digital adoption in financial services. This will not stop here either. The move towards a digital economy implies one’s trust in the technology that is meant to provide a safe environment for transactions. This is why reliance on robust KYC and compliance tools to prevent money laundering and fraud is a must. Thus, companies will continue to focus on financial services and regulated entities that need to rely on identity tools. Also, let’s consider one more important thing that will change the game for all players: the new upcoming regulation (PSD2) that raises the compliance questions – Who will be ready? Who will have the best compliant suits? 

In addition, biometric payment cards, for instance, are expected to become a huge trend towards the use of multi-factor contactless transactions in the aftermath of the pandemic. The reason for this is the fact that COVID-19 has already driven a significant shift in consumer spending habits, and there is a visible surge in ecommerce. At the same time, governments bodies are urging consumers to limit the use of cash in favour of digital payment methods. This does not mean that the concerns about fraud will diminish, but biometric cards, which require a fingerprint scan on a card, are expected to make fraud more difficult, as criminals would have to create a synthetic print. The question here is: who will embark on the journey of creating these preventive solutions? And most importantly, who will partner, merge or drive these acquisitions? With one step closer to 2021, we should only wait and see what’s coming next.

This editorial was published in the Fraud Prevention in Ecommerce Report 2020/2021, the go-to source in securing transactions while offering a frictionless customer journey.

About Simona Negru

A graduate of English Language and Literature studies, with an MA in American Studies, Simona is always on the lookout for the best and new stories to capture. A passionate content editor, Simona is keen on discovering and sharing all the relevant topics on payments and commerce, as well as online security and digital identity, all while finding the hottest trends in the industry for The Paypers’ readers.