By Omri Kletter, VP, Cyber Crime and Fraud Management at Bottomline
Fraud is increasingly riding the digital wave to become a brutally effective form of modern crime and corruption. Almost one year on from the beginning of lockdown in the UK, it’s time to look ahead at what fraud trends will shape the industry as we continue to grapple with the new normal created by the Covid-19 pandemic.
Catastrophic loss becomes more of a risk
The concept of catastrophic loss is simple: an impact of such magnitude that is difficult to predict and therefore rarely self-insured. The arrival of the Covid-19 pandemic is one example of a critical event that can trigger catastrophic loss. However, when it comes to fraud, we increasingly see cyberattacks causing devastating losses, not just in financial terms but also in terms of lost reputation. In our fast-paced digital world, a small error, whether malicious or accidental, can have disastrous consequences, especially for vital financial institutions regarded as ‘too big to fail’. Looking ahead, we expect to see a noticeable rise in attacks that could cause multi-million-dollar global damage.
Higher risk from internal and real-time payments
Real-time payments have become a common fixture of consumer banking in recent years, with millions of consumers happily transferring what can be large sums of money at the touch of a button. Clearly, this is exposed to considerable risk, which explains why many banks now include multiple warnings or additional authentication when processing payments. However, when this style of payment moves into the B2B sphere, the risks multiply and insider fraud becomes a real issue. Following the 2008 crash, insider fraud soared. We expect to see similar patterns following Covid-19, where household circumstances have changed, personal pockets impacted, and loopholes in business payment processes, systems or environment present the perfect opportunities for exploitation. PwC reports that nearly half of reported incidents resulting in losses of US$100 million or more were committed by insiders, showing the catastrophic risk they represent.
Regulators are expecting banks/corporates to do more with less
The number of payments regulations facing financial services companies continues to grow, to the point where organisations are finding it challenging to keep up with the pace. At the same time, regulators are expecting banks to take more responsibility and, in turn, the banks are expecting that corporates take more accountability than they do today. By transferring some of the risk and responsibility of payment vetting to the corporate customer, bank refunds will not be made available to those that make careless or poor payment processing decisions.
Corporates must do more to meet compliance and protect themselves
Comfortingly, corporates no longer want to rely on the banks to solve their problems or be reliant on the banking industry for fraud protection. The 2020 Business Payments Barometer highlighted that more than half of financial decision-makers agree they should be doing more to mitigate against fraud, and over 70% are willing to take more responsibility when it comes to sanctions checking. The evolution of the payment landscape will give them the technology and tools they need to meet these goals and become more independent. It will be interesting to see how these percentages swing in the 2021 report.
The growing pain of false positives
Living through the pandemic, we have all become aware of the scourge of false positives and how they can disrupt research by creating alerts on the wrong things. The good news is that the technology that weeds out false positives is getting easier to use, whereas previously older fraud prevention software demanded technical skills at a high level. Moreover, we will soon see the arrival of ISO 20022, a messaging standard for electronic data interchange between financial institutions, which will help drive down false positives. We’re also witnessing an increase in proactive fraud monitoring and prevention, rather than post-fact auditing and correction, which helps reduce the incidence of false positives.
The rise of analytics
With the introduction of ISO 20022, we’ll see more payment-related information shipped within the payment transaction. Being able to mine this aggregated data will provide a better understanding of payment processing behaviours and give deeper insight into the unique payment trends likely to influence the future needs of banks and corporates. Given the richness of this data, forward-looking organisations have a real opportunity to radically change the way they use this data and screen their transactions. Combining new ISO20022 data with advanced technology could result in significantly reduced false positives, and far greater intelligence on payments.