Teams – fighting financial crime and winning together

When explaining the evolution of Homo Sapiens and the rise of humans, Israeli historian Yuval Noah Harari mentions in his book Sapiens: A Brief History of Humankind that collaboration and storytelling are top traits that have led to human evolution success

The Sapiens secret of success is large-scale flexible cooperation. This has made us masters of the world. But at the same time, it has made us dependent for our very survival on vast networks of cooperation.

As collaboration among people fosters success, the opposite can also happen – working in silos can lead to a lack of results, redundancy, frustrations, tiredness, and so on. Narrowing down the topic to the way teams interact at the financial institution (FI) level, there are several cultural and organisational differences among financial crime, fraud, and cybersecurity teams that often lead to a separation of their work, results, and effects. But the line between economic crime and cybercrime is blurring and is already non-existent in the minds of the criminals behind those attacks. As the fight against financial crime gets siloed, what can FIs do?

Mastering the wave of digitalisation, meeting the needs of businesses and customers, and stopping the increased sophistication of criminals demand a holistic approach to fighting the proliferation of threats in this new world. As a result, convergence between cyber, fraud and financial crime operations (and teams) to eliminate economic crime is fast becoming a new and much-needed reality.

Who are these teams?

• Cybersecurity teams are managing information security, technology resilience, and some aspects of data privacy controls.

• Financial crime teams predominately focus on anti-money laundering (AML), anti-bribery and corruption (ABC), anti-tax evasion and sanctions monitoring.

• Fraud teams take on insider threats and financial fraud activities such as social engineering, credit or debit card fraud and money mules transporting currency illegally.

What is currently happening?

2020 allowed fraudsters to rejoice at the rapid shift to digital banking and commerce while consumers got swindled by purchase, impersonation, money mule schemes, and account takeover scams. According to PwC’s Global Economic Crime and Fraud Survey 2020, fraud has cost companies USD 42 billion in 2020, and yet all too many organisations are failing to respond effectively, with only 56% investigating their worst incident, and just one-third reporting it to the board.

Employees, partners, and customers are now fully remote and always online, as well as external culprits, which raises significant risks. According to a webinar from Radar Payments, called Anatomy of the New Fraudster, the ‘fraud cake’ is split among external fraudsters (39%, out of which 26% are customers, 24% hackers, and 19% vendors/suppliers) and internal fraudsters (37%), with collusion between internal and external of 20%. Collusion can damage a company’s risk management strategy, profit, reputation, leaving it vulnerable to threats.

During the COVID-19 pandemic, with many of us home alone with uncertainty about our financial future, and millions of teachers, students, caregivers, etc. spending the better part of their day with their screens to keep them company, various types of online fraud have flourished. Let’s name a few:

• Benefits fraud – in the US and Canada, hundreds of millions of dollars were lost due to unemployment fraud. Through previous hacks, scammers had names and information of people, so they used those to apply for unemployment benefits in someone else’s name and had the money directed to an account which they controlled.

• Fraudulent applications being made for small business loans – difficulty in accessing capital through loans during a recession has pushed some individuals and companies to make use of financial programs to get funds quickly.

• Romance fraud – as people are locked in and lonely, there is more chance for this type of fraud. A scammer might use the virus as a reason why they can’t meet in person.

• Counterfeiting of goods – during the COVID-19 pandemic, new websites selling fake COVID-19 home test kits and offering unconfirmed and often incorrect advice on the treatment of COVID-19 were created for the express purpose of profiting from the pandemic.

Online investment opportunities coordinated by cybercriminal groups including Forex trade platforms, binary options, and online crowdfunding.

Many of these issues have been accelerated by intense online activity caused by the current pandemic, massive smartphone adoption, access to the internet, etc. Even before COVID-19, we could spot a change in customer financial behaviour and the tools with which customers access and manage their finances. Innovative payment methods/experiences such as account-to-account payments, use of cryptocurrency and QR codes, increased adoption of mPOS, biometrics and contactless payments, and others offered by fintechs are now emerging as the standard way for consumers to interact with financial service providers. Still, increasing digitalisation and less direct interaction with customers stressed the need for strong know-your-customer (KYC) processes, as weakened KYC regimes increase the vulnerability of financial services to be used for various criminal activities including online banking fraud.

The complexity of these types of criminal activities have revealed that distinctions between cyberattacks, fraud, and financial crime are disappearing, and thus at the company/business level, it takes shared data, analytics, insights, and joined expertise from cyber, financial and fraud teams to tackle key threats. For instance, to identify mule accounts and prevent money laundering, one bank has combined fraud predictive analytics tools and cybersecurity intelligence to detect internet protocol (IP) addresses and payment patterns. IP addresses were used to track down a criminal network exploiting ecommerce platforms to test stolen credit cards and e-wallets.

Another example is illustrated by the case of Carbanak attacks, where cyber criminals used techniques like social engineering, malware, money mules, etc. to steal money from banks, bypassing SWIFT systems. The investigation that caught them included fraud, financial crime/money laundering, and cyber teams.

How can collaboration/communication be improved?

According to McKinsey, there are three ways of collaboration:

• collaborative model – involves a collaboration of financial crime, fraud, and cybersecurity teams, where each group maintains their independent roles, responsibilities, and reporting. This approach is familiar to regulators but can lead to gaps or overlaps among the teams and fails to achieve the benefits of scale that come with greater functional integration. For most banks, this model represents the status quo.

• a partially integrated model for cybersecurity and fraud – is built on collaboration between cybersecurity and fraud teams. Even if each group works from a consistent framework and taxonomy, following mutually accepted rules and responsibilities, it maintains independence in this model. The disadvantage, however, is that transparency is not increased since separate reporting is maintained. Yet, many institutions are now working toward this model.

• unified model/integrated – consists of a single framework, where all teams adhere. Due to common assets and systems used to manage risk across the enterprise, this model has a single view of the customer and shares analytics. As this approach entails significant organisational change, bank operations become less familiar to regulators.

When we talk about teams, one cannot miss the communication aspect. There are many situations when cyber and financial crime/fraud teams use jargon that can sound foreign to cyber teams, whose own high-tech talk about malware and attack vectors can mean little to fraud investigators. Or when teams are dealing with common threats, but they don’t know it as they work in silos. To improve communication lines and collaboration among these teams, experts from KPMG suggest finding a common language by ensuring that each team is familiar with the others’ drivers and business settings. Also, it helps to hold joint meetings to develop joint working groups and key performance indicators on common threats. Furthermore, breaking down the silo mentality and developing cross-functional ways of working, while mapping industry best practice standards and regulations fosters good collaboration among cyber, fraud, and compliance teams.

And lastly, aggregation of customer information that comes from the closer collaboration of the groups will generally heighten the power of the institution’s analytic and detection capabilities.

KYC–AML utility

To spot fraudulent actors and transactions quicker and to address regulatory pressure and money-laundering scandals, the banking industry could benefit enormously if they were part of (would build) shared KYC – AML utilities. According to McKinsey, this fundamentally different way of managing know-your-customer-anti–money laundering (KYC–AML) compliance can reduce risk in the banking system, by improving both the effectiveness of KYC–AML processes and operational efficiency.

Besides enabling financial institutions to attain a more complete picture of their customers, these systems enable member banks to apply targeted solutions that improve AML operations and the efficiency of select AML processes. If barriers such as member consensus, project complexity, and data privacy can be overcome by working collaboratively with regulators and advancing compliance through innovation, this KYC–AML utility stands as a reliable weapon against financial crime.

The point of all these? Collaboration among teams improves threat prediction and detection while eliminating duplication of effort and resources. Furthermore, by finding a common language, breaking down the silo mentality and developing cross-functional ways of working, leveraging data and technology to support the integration of systems and operational transparency, financial institutions are better equipped to navigate the tumultuous sea of financial crime.

This editorial was first published in our Financial Crime and Fraud Report 2021 - How to Fight Fraud and Master KYC, Onboarding & Digital ID, which provides a comprehensive overview of the major trends driving growth in fraud prevention, identity management, digital onboarding and KYC, transaction monitoring, financial crime compliance, regtech, and more.

About Mirela Ciobanu

Mirela Ciobanu is a Senior Editor at The Paypers and has been actively involved in drafting industry reports, carrying out interviews, and writing about innovation in payments and fintech. She is passionate about finding the latest news on AI, crypto, blockchain, DeFi and she is an active advocate of the need to keep our online data/presence protected. Mirela has a bachelor’s degree in English language and holds a master’s degree in Marketing. She can be reached at mirelac@thepaypers.com or via Linkedin.