Cyber and data breaches: Digital transformation is changing the banking landscape, giving rise to new threats. Cyber criminals can obtain access to personal information via data breaches, using these data to gain a customer’s trust via scams or to take over their account. Routes include setting up SMS authentication with phone porting, IP masking, phone spoofing, or voice recognition to record and use victims’ voices to bypass controls. To respond, banks need to update their fraud risk frameworks, use technology, and look to the next generation of prevention and detection solutions.
Social engineering: This results in unauthorized access to customer bank accounts (taking over a bank account by using personal information), and authorized payments where a customer is coerced into transferring money to an account controlled by a fraudster. Scams particularly impact the elderly, the socially isolated and lonely, financially vulnerable, youth (e.g. via employment or lottery scams) and businesses where a finance team member receives an email purporting to be from the CEO or CFO requiring a funds transfer. The US FBI reported that business email compromise scams resulted in losses of more than USD12 billion between 2013 and 2018.
Evolving digital channels and faster payment processing: The move to digital banking means less customer face-time, both at more established banks as well as through challenger digital banks delivering products solely via digital channels. Customers also typically hold less cash nowadays due to the ease of digital banking and cashless payments – causing bank branches to close, and further reducing in-person interactions.
Open banking: This is likely to impact fraud risk due to likely higher transaction volumes for fraud detection; reliance on the security of third parties to protect customers’ banking information access through APIs; and fraudsters gathering more data to present a fuller picture of a customer’s accounts.