Banking fraud is on the rise as criminals become increasingly sophisticated. To effectively predict and detect fraudulent activity, banks must recognize the wide range of tools at criminals’ disposals and the technological and social developments that are making fraudsters’ jobs easier. With the challenges to Swiss banks being generally no different to those in other countries, our global survey takes a look at how banks identify, assess and address fraud risk – and the critical role played by their fraud operating model.

In this year’s Global Banking Fraud Survey, we surveyed risk, investigations and group security professionals at more than 40 retail banks around the world. Gaining their views on the most common types of fraud and the challenges faced, we add our own insights into how banks can mitigate threats, manage security in a digital age, and deploy their resources to optimize fraud risk management efforts.

Cyber and data breaches: Digital transformation is changing the banking landscape, giving rise to new threats. Cyber criminals can obtain access to personal information via data breaches, using these data to gain a customer’s trust via scams or to take over their account. Routes include setting up SMS authentication with phone porting, IP masking, phone spoofing, or voice recognition to record and use victims’ voices to bypass controls. To respond, banks need to update their fraud risk frameworks, use technology, and look to the next generation of prevention and detection solutions.

Social engineering: This results in unauthorized access to customer bank accounts (taking over a bank account by using personal information), and authorized payments where a customer is coerced into transferring money to an account controlled by a fraudster. Scams particularly impact the elderly, the socially isolated and lonely, financially vulnerable, youth (e.g. via employment or lottery scams) and businesses where a finance team member receives an email purporting to be from the CEO or CFO requiring a funds transfer. The US FBI reported that business email compromise scams resulted in losses of more than USD12 billion between 2013 and 2018.

Evolving digital channels and faster payment processing: The move to digital banking means less customer face-time, both at more established banks as well as through challenger digital banks delivering products solely via digital channels. Customers also typically hold less cash nowadays due to the ease of digital banking and cashless payments – causing bank branches to close, and further reducing in-person interactions.

Open banking: This is likely to impact fraud risk due to likely higher transaction volumes for fraud detection; reliance on the security of third parties to protect customers’ banking information access through APIs; and fraudsters gathering more data to present a fuller picture of a customer’s accounts.

1. Fraudsters are shifting focus from account takeovers to scams where customers are exploited as a weak link. Banks need to do more to educate and protect customers.
2. The potential harm of insider fraud can be as great, if not greater, than external fraud, given the ability of employees to exploit weaknesses in controls to target the most valuable assets of a bank. Banks should continue to take a proactive approach to detecting insider fraud.
3. As more countries implement Open Banking, banks must enhance their ability to analyse big data within this environment and navigate through Application Program Interfaces (APIs).
4. Methods used by internal and external fraudsters continue to evolve. There is a growing need for banks to ensure the operational efficiency and effectiveness of digital fraud controls, used advanced data analytics and human expertise to predict, prevent and detect fraud.
5. Technology is not enough on its own. More than half our respondents report that false positives hamper efficiencies in fraud detection. Banks must plan beyond the technology to achieve results and optimize performance in their fraud operating model across governance, people, processes and technology.

Fraudsters will continue to move with the times. They can quickly change and adapt their approaches. Banks must become similarly agile. A robust fraud navigator tool can assess the maturity of bank operating models holistically across governance, people, processes and technology.

This can help banks to respond to new threats and embracing new approaches and technologies to predict and prevent fraud. And thereby protect customers but also their own reputations and financial positions.

Read the full report: Global Banking Fraud Survey (PDF)