In today's age, technology modernization provides a plethora of benefits to consumers, financial institutions, businesses, and yes, even fraudsters and cybercriminals.
The widespread adoption of digital payments is one of many resources these criminals now have easy access to. Digital payments remain a primary focus for criminals, as a recent study by TransUnion states that the volume of suspected digital fraud attempts in the US has risen by 122% from 2019 to 2022.i
Even though fraud has been an ever-present battle for financial institution's, the playing field has changed. Fraudsters are now utilizing real-time push payments, AI-programs, and doubling down on social engineering endeavors which have been proven to be grossly profitable in their illicit endeavors.
As fraud trends continue to evolve and become more prevalent, developing a robust fraud strategy has become imperative for financial Institutions, but where should they begin?
Work Towards Uniformity
The need for standardization of fraud definitions and attack vectors industry-wide is a crucial aspect of developing an effective fraud strategy foundation.
Attack vectors affect all institutions. Collaboration with other institutions is usually beneficial for both parties, but what happens when the two parties don’t agree on the definition and terms for the same fraud scenario? What was supposed to be a step towards preventing fraud instead results in wrong information, bewilderment, and subpar takeaways.
A tool that aims to bridge this gap is the FraudClassifierSM model developed by the Fraud Definitions Work Group and the Federal Reserve.ii The model was created to address the industrywide challenge of inconsistent classifications by setting definitions of attack vectors. While the adoption of the model is not mandatory, the mere creation of this tool is a significant step toward the unification of institutions. By establishing standardized definitions, financial institutions and regulatory bodies can align their understanding of fraud, enable better collaboration, and achieve clean reporting data.
Avoid Tunnel Vision:
Emerging fraud trends gain publicity and attention because new developments are dually worrisome and exciting. However, focusing on new attack vectors can result in institutions inadvertently neglecting traditional fraud methods. Institutions must be cautious of where resources are being pulled from when developing solutions and processes to combat new fraud methods.
Traditional fraud methods have stood the test of time for a reason—they continue to be successful for fraudsters. If a method continues to be viable, then a slow evolution will occur, possibly overshadowed by a brief sensationalized trend, unbeknownst to institutions.
Financial institutions must not overlook the resilience and adaptability of traditional fraud techniques alongside the new emergence of fraud trends.
Beware of Scams:
Scams pose a different kind of threat to financial institutions, while true fraud typically has a form of monetary restitution, the same can't be said for potential scam losses.
While scams are not a new phenomenon, their sophistication has increased significantly with the arrival of artificial intelligence and language validation tools. Scammers are leveraging language models to tailor approaches and become significantly more successful in their attacks. This development has not gone unnoticed by Financial Institutions, resulting in a close eye being placed on usual scam methods. In the 2023 Jack Henry Strategic Priorities Benchmark Study, respondents listed Phishing and Real-time Payment fraud as the top two security/fraud threats over the next two years. iii
Financial Institutions are rightfully worried as both of the answers listed rely on customer engagement, which institutions don’t have direct control over.
Acknowledging the human element and the susceptibility of account holders is essential. A commitment must be made to mitigate scams by heavily distributing consumer education and prioritizing data security. In creating a strong framework against scams, institutions will lower losses, heighten their reputation, and be well-poised when regulatory changes surrounding liability are mandated.
Become Proactive:
The unofficial mantra of fraud prevention is "Be proactive, not reactive," yet the execution of this philosophy remains challenging to implement.
Institutions must look ahead to what their fraud department's future needs will be, this applies to technology, staffing, funding, succession planning, knowledge expertise, and more. Institutions that fail to make fraud departments a priority early in their conception will suffer from a continuous cycle of reactivity to fraud trends as the area will ceaselessly operate in a catch-up or in-the-moment mentality.
Prioritization should also be given to the continuous evolution of adaptive solutions. Solutions that leverage advanced analytics, AI, and provide communication pathways with other institutions are powerful tools. Adopting new solutions that effectively utilize the vast amount of data elements can create a layered approach that detects patterns and anomalies that indicate fraudulent behavior more effectively than legacy or siloed approaches.
Don't be Scared:
Developing a robust fraud strategy in the existing financial crimes industry is no longer optional—it is an absolute necessity. Investing in a comprehensive fraud strategy safeguards not only financial interests but also positions financial institutions for success against future fraud attacks. Creating an effective fraud strategy may sound daunting, but taking an incremental approach with key focus areas and the intention of gradual expansion will make this task easier.
You also don't need to develop a fraud strategy alone. Engage industry experts and specialists from all levels inside and outside your institution. The fraud industry has expert minds just waiting to be collaborated with, but no one will be able to provide insight if you don’t say anything.
Fraud strategies don’t have to be perfect, but they do need to be adaptive, continuously evolving, and, most importantly - a priority.
i Transunion (n.d.). 2023 State of Omnichannel Fraud. Transunion.com. Retrieved May 22, 2023, from https://www.transunion.com/report/omnichannel-fraud-report
iiThe Federal Reserve (n.d.). FraudClassifierSM Model. Fedpaymentsimprovement.org. Retrieved May 22, 2023, from https://fedpaymentsimprovement.org/strategic-initiatives/payments-security/fraudclassifier-model/
iiiJack Henry (2023, May 25). 2023 Strategic Priorities Benchmark Study. Jackhenry.com. Retrieved May 25, 2023, from https://discover.jackhenry.com/2023-strategic-priorities-benchmark-study
.svg)
