Fraud prevention solutions for financial institutions

The three current primary drivers for financial institutions to enhance their fraud detection framework are:

(1) the changing economic environment due to COVID-19;

(2) rapid transition to internet and mobile banking channels; and

(3) increasing focus from regulators.

We understand that banks have long been encouraging customers to adopt digital banking as it helps to lower costs and is convenient as it provides services 24/7. However, there was no way of knowing how aggressively that trend would hasten because of COVID-19.

Our research indicates that global cases of financial scams, social engineering and digital/payment fraud in the banking sector have increased considerably as criminals are finding new ways of stealing money from banks. According to an FBI Internet Crime Report, 57% of fraud committed online were related to the manipulation of human behaviour. Closer to home, some 3,906 complaints were lodged to the Cyber999 Help Centre during the movement control order (MCO) period from March 18 to June 30, 2020 - an increase of more than 90% compared to the same period the previous year. Reported cases involved cyberbullying, fraud, cyber intrusions, hacking attempts, misuse of personal data, online scams, etc. Additionally, we also see significant increase in cases like Macau scams, Nigerian romance scams, and even the use of mule accounts. 

Given the current COVID-19 situation and its impact on the economy, there is a high chance that fraudsters will become even more creative with their schemes and we will continue to see a high number of fraud cases over the next few years.

The situation has not escaped the attention of the regulators around the world. Increasingly, regulators are asking financial institutions to enhance their defenses to prevent, detect, and respond to fraud risks. Bank Negara Malaysia (BNM) updated its Risk Management in Technology (RMiT) policy last year with the goal of guiding financial institutions in Malaysia to combat the rise in cybercrime. This policy specifically talks about the need for automated fraud detection system to monitor all financial transactions by leveraging heuristic behavioural analysis. 

As we work with our clients, we have seen how inadequate fraud risk management models obstruct their response from properly protecting themselves, especially with a rapidly evolving fraud landscape. Banks relying on rules-based systems are leaving themselves vulnerable to fraudsters running away with their money and their reputation. Instead of focusing on rules-based approaches, banks should leverage on artificial intelligence (AI) based fraud solutions  to curb fraudulent instances. Effective fraud detection systems leverage multiple strategies to combat fraud. Machine Learning algorithms, both supervised and unsupervised, without overfitting or black boxing the solution, provides a way forward. These systems are capable of building dynamic user profiles by correlating data from various banking systems to identify anomalies in real time and help block suspicious transactions or activities. 

Deloitte is working with its clients in the region in their digital transformation journey to ensure the technology choices they make are sound and meet the regulator’s guidelines.