A recent review conducted by the Financial Conduct Authority (FCA) has found that some challenger banks have significant weaknesses within their financial crime controls and need to improve how they assess financial crime risk.
The review, which was conducted during 2021, has revealed that, in some instances, challenger banks did not have financial crime risk assessments in place for their customers. It also identifies a rise in the number of Suspicious Activity Reports reported by challenger banks, in turn raising concerns about the adequacy of these banks’ checks when taking on new customers.
The review focused on challenger banks that were relatively new to the market and offered a quick and easy application process. This included six challenger retail banks, which primarily consist of digital banks, and covered over eight million customers.
The review did find some evidence of good practice, for example when it comes to the innovative use of technology to identify and verify customers at speed.
Financial crime controls need to be ramped up
Cyber crime on the rise
Sridhar Iyengar, managing director at Zoho Europe, commented: “Today, cyber crime and fraudulent activity is rapidly on the rise with more sophisticated episodes taking place all over the world. It’s no surprise that challenger banks are being impacted, but being able to verify customers at speed is no use if suspicious activity is being missed. As it stands, money launderers are still able to evade detection by capitalising on the shortfalls within a banks’ technological infrastructure.”
Iyengar continued: “There are many new features that can help make systems more secure or raise red flags early. Companies including banks can now benefit from the likes of Artificial Intelligence-based systems to help identify potential fraudulent activities. Immediate action can be taken and customers will remain sheltered from risk.”
Further, Iyengar stated: “In highly competitive markets such as banking, having modern IT systems in place can make a real difference in terms of providing business value and positively impact customer trust and the customer experience as a whole. For market challengers, this is even more important.”
The growing cyber risk, coupled with the growth of hybrid working, which can potentially add further security risks, makes it imperative for all businesses to assess their current IT systems.
Iyengar concluded: “Keeping operations secure, efficient and compliant with regulations is a different endeavour to what it was just a few years ago, and demands that all organisations modernise their IT systems such that the latter are fit for purpose in the post-COVID business landscape.”
Three-year strategy
Sarah Pritchard, executive director for markets at the FCA, said: “Our three-year strategy highlights our commitment to reducing and preventing financial crime. This is important in terms of creating confidence for consumers and market participants in financial services and in demonstrating that the UK is a safe place in which to do business.”
Pritchard concluded: “Challenger banks are an important part of the UK’s retail banking offer. However, there cannot be a trade-off between quick and easy account opening and robust financial crime controls. Challenger banks should consider the findings of this review and continue to enhance their own financial crime systems in order to prevent harm being done by criminals.”
The latest version of BAE Systems’ NetReveal platform combines the best of advanced analytics and human expertise to enable financial institutions to effectively combat financial crime and fraud in an environment of rapidly evolving regulatory requirements and changing financial crime patterns.
Faced with increasing transactions, evolving regulations, a growing number of payment channels, customer friction, investigation challenges and strengthening privacy regimes, financial crime and fraud investigators are under pressure to make more confident and intelligence-led decisions and do so at an unprecedented pace.
Built on modernised modular technology, NetReveal addresses these challenges by working smarter and faster and supporting an intelligence-led approach:
Smarter: Profiling and detection against transactional data that commonly takes hours to process is now processed within 30 minutes (on average)
Faster: Advanced analytics with machine learning techniques improve operational performance by driving fewer false positives. Integrated Robotic Process Automation (RPA) means that routine tasks are automated, enabling investigators to focus more on high value strategic investigative work. The Real-Time Detection Engine helps institutions to keep pace with sophisticated criminals across growing digital channels
Intelligence-Led: Entity-based investigations deliver efficiency improvements of 20-30% on average by streamlining multiple detections into a single combined alert dashboard. Interactive lists also provide actionable information to adjudicate alerts effectively
Culmination of major investment
Rob Harrison, head of product and solutions for the financial services sector at BAE Systems Applied Intelligence, said: “This release is the culmination of major investment and engineering development of our financial crime platform and suite of solutions. We’ve focused on providing compliance and fraud teams with the latest advanced analytics, technology advancements and productivity improvements.”
Harrison added: “The latest version of NetReveal combines the best of human expertise and advanced analytics which we believe puts financial institutions in the strongest position possible to address the major market challenges of today, namely regulatory complexity and change, evolving fraud patterns, productivity and efficiency pressures and new risk management approaches.”
Julie Conroy, research director for the Aite Group’s Retail Banking practice, commented: “The use of RPA to improve financial crime operations significantly increases accuracy, reduces operational costs and enhances productivity. Given the growing data challenge, having the ability to advance investigator efficiency by reducing repetitive manual tasks, human error and, by extension, the number of false positives ultimately frees up time to focus on more strategic tasks.”
NetReveal is a single integrated platform for money laundering compliance and fraud prevention, enabling financial institutions to benefit from lower total cost of ownership across their compliance and fraud teams thanks to a single solution.
A comprehensive range of compliance and counter-fraud solutions can be deployed either individually or collectively.
Cifas, the UK’s leading fraud prevention service, has released new figures showing a 52% rise in young identity fraud victims in the UK. In 2015, just under 24,000 (23,959) people aged 30 and under were victims of identity fraud. This is up from 15,766 in 2014, and more than double the 11,000 victims in this age bracket in 2010.
The figures have been published on the same day as a new short film, entitled ‘Data to Go’, is launched online to raise awareness of this type of fraud. Shot in a London coffee shop in March this year, the film uses hidden cameras to capture baffled reactions from people caught in a stunt where their personal data, all found on public websites, is revealed to them live on a coffee cup.
Identity fraud happens when a fraudster pretends to be an innocent individual to buy a product or take out a loan in their name. Often, victims don’t even realise that they’ve been targeted until a bill arrives for something they didn’t buy or they experience problems with their credit rating.
To carry out this kind of fraud successfully, fraudsters usually have access to their victim’s personal information such as name, date of birth, address, their bank details and information on who they hold accounts with. Fraudsters gain such detail in a variety of ways, including through hacking and data loss, as well as using social media to put the pieces of someone’s identity together. 86% of all identity frauds in 2015 were perpetrated online.
People of all ages can be at risk of identity fraud, but with growing numbers of young people falling victim, Cifas is calling for better education around fraud and financial crime.
Fraudsters are opportunists
Simon Dukes, CEO of Cifas, said: “Fraudsters are opportunists. As banks and lenders have become more adept at detecting false identities, so the fraudsters have instead focused on stealing and using genuine people’s details. Society, Government and industry all have a role to play in preventing fraud. However, our concern is that the lack of awareness about identity fraud is making it even easier for fraudsters to obtain the information they need.”
Dukes continued: “The likes of Facebook, Twitter, LinkedIn and other online platforms are much more than just social media sites – they’re now a hunting ground for identity thieves. We’re urging people to check their privacy settings today and think twice about what information they share. Social media is fantastic, and the way we live our lives online gives us huge opportunities. Taking a few simple steps will help us to enjoy the benefits while reducing the risks. To a fraudster, the information we put online is a goldmine.”
Commander Chris Greany, the City of London Police’s national co-ordinator for economic crime, added: “We’ve known for some time that identity fraud has become the engine that drives much of today’s criminality, and so it’s vitally important that people keep their personal information safe and secure. In the fight against fraud, education is key and it’s great that Cifas and its members are taking identity fraud seriously and working together to raise awareness of how the issue is now increasingly affecting young people through the launch of this film.”
As part of the campaign, Cifas commissioned a survey with Britain Thinks to find out more about 18-24 year olds’ attitudes towards personal data and identity fraud. The survey found that young people are alarmingly unaware that they’re at risk:
Only 34% of 18-24 year olds say they learned about online security when they were at school
50% of the 18-24 year olds surveyed believe they would never fall for an online scam (compared to the national average of 37%)
Only 57% of 18-24 year olds report thinking about how secure their personal details are online (compared to 73% for the population as a whole)
They’re also less likely to install anti-virus software on their mobile phone than the national average (27% compared to 37%).
Organisations such as the City of London Police, Action Fraud, Get Safe Online, Her Majesty’s Government’s Cyber Streetwise campaign, Financial Fraud Action UK and Cifas members including Coventry Building Society, BT and Secure Trust Bank are all supporting the campaign and sharing the new film across their social media networks.
Cifas is also appealing to youth organisations, schools and universities to share the film so it reaches as many young people as possible.
The Royal United Services Institute (RUSI) has announced the creation of a new Centre for Financial Crime and Security Studies. The Centre will focus on the fields of financial crime, threat finance and financial intelligence.
Organised crime costs the United Kingdom no less than £24 billion per annum. Along with the impact of financial crime on the UK from both domestic and international sources, tackling threat finance is also a key security priority of the UK and international community (as illustrated by the efforts being undertaken to undermine the financial capabilities of ISIS).
In all of this work, partnership engagement between the public and private sectors can significantly enhance efforts in this field.
Commenting on the announcement, Professor Michael Clarke (RUSI’s director general) said: “The Centre is another example of RUSI being at the cutting edge of research on security issues. We add analytical value to policy studies. This new Centre will be a critical link between finance and Government and I welcome Tom Keatinge to the Institute. His experience will further strengthen our expertise on terrorism, organised crime and cyber security.”
Keatinge, who will head up the new Centre for Financial Crime and Security Studies, is a former managing director in the Financial Institutions Group and head of European public sector client coverage at JP Morgan.
Professor Michael Clarke: director general at RUSI
Understanding of criminal threats
Donald Toon, director of the Economic Crime Command at the National Crime Agency, said: “Strong academic research can add substantially to our understanding of criminal threats and help shape an effective response from law enforcement, regulators and the private sector alike. I very much welcome this initiative from RUSI which promises to provide a focal point for research into the problems around financial crime.”
John Cusack, global head of financial crime compliance at Standard Chartered, added: “I’m delighted that RUSI has decided to establish a new Centre for Financial Crime and Security Studies. The Centre is set to provide valuable contributions and be seen as a credible partner for all in the private or public sectors who wish to advance the debate and contribute to improving the effectiveness and efficiency around financial crime solving.”
Matthew Allen, director of financial crime at the British Bankers’ Association (BBA), commented: “A key part of identifying and stopping crime networks centres on understanding how they operate. This new Centre will provide the sort of vital insight that can help target responses and close in on the criminals. The BBA looks forward to working closely with RUSI on this initiative in order to help protect customers and ensure a safe financial system.”
Much-needed research focus
Based at RUSI, the Centre will comprise a dedicated team recruited from across finance, law enforcement and academia. The formal launch takes place at an event in the New Year.
The Centre will be based within the National Security and Resilience Studies Group at RUSI.
“The Centre will bring much-needed research focus and capacity to support the work of Her Majesty’s Government, other international Governmental partners and the private sector in addressing the challenges posed by financial crime and illicit finance in all of its forms,” explained Tom Keatinge.
*RUSI is an independent Think Tank for defence and security. A unique institution founded in 1831 by the Duke of Wellington, the organisation embodies nearly two centuries of forward-thinking, free discussion and careful reflection on defence and security matters
Data-driven identity crimes – ie frauds carried out using a victim’s identity details to obtain new accounts or take over existing ones – accounted for over 45% of all the confirmed frauds identified in the first three quarters of 2014. These figures issued by CIFAS continue the pattern seen in recent years, underlining the severity of the challenge facing consumers and businesses.
While identity fraud existed before the proliferation of online services, the use by online crooks of data such as passwords and e-mails or personal data harvested through hacking attacks and social engineering can now be considered the ‘norm’ in terms of fraud.
The 45% figure may represent a small decrease from some of the proportions recorded in previous years, but identity crimes represent as strong a challenge as ever to the financial well-being of organisations and consumers.
CIFAS’ communications manager Richard Hurley commented: “For the modern fraudster, knowing somebody’s personal or financial details is a licence to print money and the continuing preponderance of such data-driven financial crime must serve as a warning. Defeating it means we have to demand that organisations do more to handle our data securely, and ramp up their fraud prevention efforts accordingly. Individually, however, we also have a responsibility to look after our own details. Without doing so, we are effectively handing access to our bank accounts to a complete stranger.”
Data-driven identity crimes – ie frauds carried out using a victim’s identity details to obtain new accounts or take over existing ones – accounted for over 45% of all the confirmed frauds identified in the first three quarters of 2014
Victims of fraud must not be forgotten
Since 2010, there have consistently been over 100,000 instances of victimisation each year. The figures for 2014 to date indicate that this year will repeat the pattern, with almost 90,000 victims of identity crime already pinpointed by the organisations using the CIFAS National Fraud Database.
“Fraud is far from a victimless crime,” noted Hurley. “Not only do the victims suffer an immediate financial cost but they also have to contend with the time taken to sort out the mess left behind and the worry caused by not knowing how the fraudster managed to steal their details. While it’s understandable that a financial cost is always asked for in relation to fraud, it must be remembered that fraud has a far more lasting and personal impact upon victims. It’s one that cannot be summed up in terms of monetary value alone.”
While fraud may never be eliminated, figures such as these – and the patterns of recent years – prove that UK plc must become more aggressive in its approach to fraud prevention.
CIFAS CEO Simon Dukes explained: “While many organisations have put in place robust and comprehensive strategies designed to combat online crooks, and have empowered their customers to do the same, that doesn’t mean all organisations have done so.”
Dukes concluded: “Surely now every organisation and individual must recognise that if they don’t co-operate with others in terms of identifying and implementing good practice, data sharing and responsible online behaviour then they instantly become the weakest link in the chain. This means that they encourage fraudsters to continue their crimes, in turn damaging us all individually and collectively.”
A pioneering financial crime alert system will see 12 Government and law enforcement agencies warn banks of the latest threats in a bid to safeguard the accounts of millions of customers.
Working with preferred technology partner BAE Systems Applied Intelligence, the British Bankers Association (BBA) will launch the Financial Crime Alerts Service as part of a new approach towards combating a wide range of financial crime threats.
The new alerts service will allow the sector to react more swiftly than ever to major incidents and permit industry financial crime professionals to spot emerging problems and threatening criminal trends.
Anthony Browne, CEO of the BBA, said: “This alerts system is a powerful new weapon against fraudsters, cyber criminals and other crooks intent on stealing our customers’ money. Receiving real-time alerts from both domestic and international bodies, including the National Crime Agency (NCA) and 11 other Government and law enforcement agencies, will provide vital intelligence for the army of staff banks have already hired to combat these threats. This service is a shining example of how banks and Government can work together to benefit all customers.”
Anthony Browne: CEO of the BBA
Real-time intelligence pooled from partner agencies and Government bodies will be shared with expert banking officials in place to tackle fraud, financial crime and other violations.
This work builds on the successful arrangement already in place between banks and the National Fraud Intelligence Bureau that has prevented over £100 million of fraud losses through successful and targeted information sharing.
When the initiative goes live (which is planned for early 2015), the BBA Financial Crime Alerts Service will include warnings on terrorist financing, money laundering, bribery and corruption, cyber and e-crime, fraud and emergent, thematic and strategic reports.
Donald Toon, director of the Economic Crime Command at the NCA, commented: “Collaboration between law enforcement and the private sector is key to reducing the impact of economic crime. Alerts to industry are a key part of this, and I very much welcome the BBA’s work in this area.”
IBM has introduced new software and services to help organisations use Big Data and Analytics to address the $3.5 trillion lost each year to fraud and financial crimes. Through sophisticated business expertise and analytics, organisations can adopt an holistic approach to address the financial losses caused by fraud while at the same time protecting the value of their brands.
As part of today’s news, IBM has launched its ‘Smarter Counter Fraud’ initiative, drawing on the expertise and innovation from more than 500 fraud consulting experts, 290 fraud-related research patents and $24 billion invested in IBM’s Big Data and Analytics software and services capabilities since 2005.
The initiative actively extends IBM’s leadership in Big Data and analytics and Cloud to help public and private organisations prevent, identify and investigate fraudulent activities.
Today’s announcement comes at a time when a new generation of criminals are using digital channels – such as mobile devices, social networks and cloud platforms – to probe for weaknesses and vulnerabilities.
The pace of this threat continues to accelerate. Identity fraud impacted more than 12 million individuals in 2012, resulting in the theft of nearly $21 billion. Each day, the US healthcare industry loses $650 million due to fraudulent claims and payments.
IBM’s Counter Fraud Infographic
Holistic approaches to countering fraud
To address these complexities, IBM is delivering new software that allows organisations to gain better visibility and take a more proactive, holistic approach to countering fraud. This includes the ability to aggregate Big Data across a variety of internal and external sources – including mobile, social and online – and apply sophisticated analytics that continuously monitor for fraudulent indicators.
The new offerings feature advanced analytics that understand non-obvious relationships and co-occurences between entities, new enhanced visualisation technologies that can identify and connect fraudulent patterns closer to point of operation and machine learning to help prevent future occurrences based on previous attacks and behaviors.
Leading analysts estimate that market demand for fraud and risk solutions is quickly accelerating. According to Gartner*, 25% of large global companies will have adopted Big Data analytics for at least one security or fraud detection use case, up from 8% today, and will achieve a positive return on investment within the first six months of implementation by 2016.
IDC estimates that the market for financial crime solutions alone will be nearly $4.7 billion in 2014, with a 5.5% CAGR over the 2014-2017 forecast period**.
Adapting to emerging threats
“With today’s news, IBM is applying many of the same tactics, techniques and procedures used by the intelligence and law enforcement communities to help commercial organisations take a holistic view of this growing and pervasive threat,” said Robert Griffin, vice-president of IBM Counter Fraud Solutions.
“These technologies allow line of business leaders to quickly adapt to emerging threats across the entire organisation. Our new initiative puts Big Data and analytics into the hands of those tasked with defending their organisations from financial losses, protecting the brand and delivering exceptional customer service.”
IBM is unique in its ability to combine market-leading software, services and research capabilities to address the full spectrum of fraud and financial crimes – from tax evasion, money laundering and cyber attacks to threats from inside the organisation. For example, the new offerings can detect cross-channel mobile fraud and prevent cyber crime enablers like phishing scams. They can enable an insurance company to review thousands of claims in real-time to flag potentially fraudulent activity while processing legitimate claims faster, or help a global bank more accurately detect and investigate money laundering activities to meet regulatory compliance.
Details of the new software and services
IBM’s new counter fraud portfolio builds on the company’s unmatched R&D investments and the recent acquisitions of Cognos, i2, SPSS, Q1 Labs, Trusteer and SoftLayer.
The new software and services include:
Counter Fraud Management Software
A single offering that brings together IBM’s Big Data and analytics capabilities to help organisations aggregate data from external and internal sources and apply sophisticated analytics to prevent, identify and investigate suspicious activity.
It includes analytics that understand non-obvious relationships between entities, visualisation technology that identifies larger patterns of fraud and machine learning to help prevent future occurrence based on previous attacks.
To enhance these capabilities as new threats emerge, IBM has also launched a new counter fraud intelligence task force – IBM Red Cell – that will work in tandem with the IBM X-Force unit to continuously research trends, develop strategies and deliver enhancements to the software and services R&D Team.
Counter fraud service offerings
Industry-aligned services that combine IBM’s consulting, software and technology expertise to help clients improve their counter fraud programs, including:
· Outcome-based Accelerators: Evaluate an organisation’s counter fraud capabilities and provide rapid prototyping to demonstrate business value for enterprise-wide protection.
· Target Operating Model: Design organisational constructs, operational governance and technology architecture to better detect to fraud and respond and investigate exposures.
· Scale and Manage: Fast implementation of strategies and technological dimensions to customise and run counter fraud programs tailored for each client.
Fraud discovery assets
A portfolio of customisable, research-developed assets that use analytics to discover fraud, waste, abuse and errors in data intensive industries and functions. These assets analyse an organisation’s internal data to measure behaviour and then compare the results within specific peer groups to identify anomalies that indicate suspicious activity.
Based on the results, an investigation recommendation is made.
The assets are available across industries for enterprise-wide discovery. The fraud discovery assets will be available in the cloud, enabled by IBM SoftLayer, with focus on the following areas:
· Medical Fraud: Discovers fraud during provider, beneficiary and internal employee profiling using IBM’s Fraud Asset Management System (FAMS).
· Insurance Claim Fraud: Enables insurers to detect suspicious activity for claims submitted by vendors, brokers and individuals using IBM’s Loss Analysis and Warning System (LAWS).
· Public Tax Fraud: Empowers Governments to address tax gaps by uncovering tax evasion activities and filing inaccuracies using IBM’s Tax and Audit Compliance System (TACS).
· Occupational Fraud: Helps organisations discover fraud for accounts payable, travel and expense claims and other fraud committed by employees.
Counter fraud as a service
IBM will offer four levels of counter fraud capabilities as a service – including Hosting, Application Management, Behaviour Modelling and Scoring and Analytics and Referral Generation – that use a subscription-based model to give clients flexible choices that match their business needs and technical requirements.
IBM’s Counter Fraud Center of Competency gives clients global access to expertise including fraud industry experts, advanced analytic capabilities and technical implementation services.
London Borough of Camden: Case Study
IBM has a long history of working with hundreds of counter fraud clients such as the London Borough of Camden in the UK, which is using IBM Big Data and Analytics technology to streamline processes, improve services, reduce tax fraud and increase revenue.
Working with IBM, Camden has been able to create a ‘Residents’ Index’, in turn uniting information from multiple services to create a single, consistent view of all resident data (including the services they’re accessing).
“Information we once considered unobtainable is now within our grasp,” said Hilary Simpson, head of ICT business partnering at the London Borough of Camden. “We have identified at least a dozen specific examples where a Residents’ Index based on IBM Big Data and Analytics technology can help us. We have estimated that the solution could help to cut single person council tax discount fraud by 5%, potentially delivering major savings for our borough.”
TheSecurityLion 