Fighting financial crime always feels like an uphill battle. Fraudsters, money launderers, and terrorists never stand still. They evolve, constantly seeking new ways to commit their crimes. Digital acceleration, growing adoption of faster payments, and increasing consumer expectations for friction-free experiences have all expanded the wealth of opportunities for exploitation.
For financial crime executives, legacy rules-based systems and control mechanisms are becoming less effective at keeping pace with the escalating threat landscape. Moreover, these leaders are asked to strike an optimal balance across risk mitigation, regulatory compliance, customer experience, operational expense management, and organizational growth.
In the last decade, the industry has come a long way in elevating the breadth and depth of financial crime prevention and detection capabilities, including the proliferation of expanded risk intelligence, advanced analytics, machine learning risk models, and behavioral biometrics, to name a few.
However, the bad guys are responding in kind. Many are diversifying their tactics and automating their attacks against financial services firms, merchants, businesses, and individual consumers. Organizations can’t afford to only protect against previously identified attack vectors—they must stay abreast of new and improved ways to fight the criminals.
As part of its core mission to uplift the industry’s endeavors against financial crime, Aite-Novarica Group hosts an annual Financial Crime Forum as a collaborative event for fraud and anti-money laundering (AML) leaders at financial services firms and merchants. During the two-day virtual forum in 2021, strategic advisors of Aite-Novarica Group’s Fraud & AML practice moderated 18 interactive panel discussions with industry experts and thought leaders to explore innovative approaches and techniques to counter the evolving risk landscape.
Some of the key insights from the event included:
- Attack vectors are constantly evolving. Although social engineering, scams, and credential stuffing have been around for many years, fraudsters are applying new twists. Fraudsters recognize that it’s easier to defeat individual consumers’ predictably poor security practices than to overcome the hardening security controls at many firms. Less knowledgeable than veteran digital users about the nature and prevalence of scams, digital newbies tend to be particularly susceptible to financial predators. Phishing, application fraud, and scams are all up as a result.
- Digital channels are becoming more critical than ever. A large North American bank noted experiencing more than a 25% increase in digital banking compared to pre-COVID-19 pandemic levels, with 70% of that increase coming from its mobile channel. Shadowing the industry’s digital acceleration, crime rings are taking advantage.
- No silver bullet exists. Effective financial crime defenses require a multidisciplined approach. An effective fraud and authentication strategy mandates a multitude of layered solutions and an ability to analyze all relevant risk signals in real time or near real time. Moreover, organizations should look for diverse mechanisms to empower their customers to make informed decisions about how they will participate in the security of their account.
- Risk identification forms the foundation of financial crime controls. And that starts with having quality data. A solid data strategy is essential, and it must encompass both internal and external sources. This includes close coordination to ensure that internal data is clean and unified so that all units are working from and analyzing the same version of the truth. After constructing a solid data strategy, orchestration comes into play. Digital identity is increasingly becoming instrumental, including connection and session metadata, device identity and reputation, behavioral biometrics, and email and mobile phone tenure and reputation.
- Robust financial crime defense mandates enterprise sharing of data. AML and fraud executives recognize that it’s incredibly important to build abilities to share intelligence and develop a more holistic customer view. Massive amounts of data are available; intelligently bringing it into decisioning can enable a delicate balance between risk mitigation with customer friction reduction. As new data inputs emerge, organizations will need a flexible platform that can incorporate these sources so changes can be made on the fly.
- Properly deployed, advanced analytics can solve numerous obstacles. With increased data sets, advanced analytic tools can create elevated data structures as well as better connect and understand the relationships among data attributes. Yet the importance of human intuition shouldn’t be ignored.
- Customer experience is a huge consideration. Fraud executives need to instill tools that can appropriately “dial” the level of friction to an event’s estimated risk level. In defending against account takeover, many firms are deploying passive authentication approaches, such as behavioral biometrics and device authentication. Active customer participation is triggered only for the riskiest transactions. When designing controls, FIs need to be mindful of differences across customer demographics.
- Regulation must be viewed as a ceiling, not a floor. Firms that view meeting regulations themselves as the goal will always be in catch-up mode with respect to the threat landscape—and at a disadvantage as a result.
Aite-Novarica Group is excited to get back to in-person events this year! We will be hosting our fifth annual Financial Crime Forum We invite all financial crime practitioners to join our Fraud & AML strategic advisors and a litany of industry experts as they explore the latest trends and best practices in fraud, AML, and authentication. Interested in attending? Register for the Financial Crime Forum here!