Fighting fraud in fintech: Times of crisis call for heightened vigilance
By Hal Lonas (pictured), Chief Technology Officer, Trulioo.
Planning ahead can be the key to protecting assets, data, and customer privacy
When markets get volatile, investors may panic, putting pressure on financial institutions and raising the risk of a run on a troubled bank’s funds, as the market experienced with Silicon Valley Bank’s failure.
The speed of change during a bank crisis can create chaos, mainly for security and compliance executives. Thousands of customer accounts can be created or abandoned within a few days as people seek to stay liquid in a flight to perceived safety.
During the chaos of a bank run, fraud risk expands precipitously. Fraudsters are always in the background, monitoring for spiked activity and preparing to strike once the landscape changes, especially as fear sets in among investors and customers.
As customers rapidly shift their assets, fraudsters with synthetic identities attempt to onboard at banks, hoping to fly below the radar in the flurry of transactions. However, banks and fintechs can rise to those crisis challenges with comprehensive risk management plans, robust compliance controls, and a steady commitment to business as usual.
Fraud Is a Constant
Fraudsters are always searching for opportunities and work in packs online, sharing information immediately as new vulnerabilities arise. When financial institutions rely on manual verification and vetting, they can introduce the risk of error and become overwhelmed when volume increases, particularly during a banking panic.
The most sophisticated fraudsters operate globally and systematically, setting up fake addresses, false business names, and imitation networks of contacts and partners to make themselves appear real. Then, they develop layered evidence to establish themselves as verifiable people.
Suppose a financial institution verifies a fraudulent identity as real. In that case, the fraudster can use that as a springboard to a broad range of crimes, including taking out a large cash loan and disappearing.
Expanding Attack Methods
Financial institutions face a variety of fraud attacks. Three common forms are identity theft, when a fraudster steals personal identity information with the intent of theft; check and wire fraud, which is direct theft; and of course loan fraud, when a fraudster uses a stolen, fake or synthetic identity for mortgages or cash loans.
Criminals exploit vulnerabilities by trying slightly different tactics with each fraud attempt until they achieve a breakthrough. Fraudsters, for instance, might attempt an account takeover by changing a customer’s personally identifiable information or submitting slightly inaccurate or fuzzy details with the hope they can slip past a financial institution’s defenses. Increasingly these attacks are automated, with machines or bots attempting many variations leading up to a successful attack.
Financial institutions can respond by instituting robust customer re-verification processes. That includes reverifying customers when they change addresses or other personal information.
The Benefits of Automated, Flexible Verification
Automated, flexible onboarding systems powered by machine learning and artificial intelligence are powerful tools in the fight against fraud. They can help financial institutions strike the right balance between security and meeting customer expectations for speed and convenience.
Fintechs and financial institutions, though, can hamstring those systems if they take a piecemeal approach with multiple rigid point solutions that don’t work well together. Moreover, that approach can create security gaps and onboarding friction.
During a financial crisis, fraudsters attack quickly and frequently from every possible vector until they get a breakthrough. Flexible, automated verification workflows through a single platform can keep pace and adjust to fraud challenges.
When a customer risk score is high during onboarding, the workflow can automatically waterfall to additional checks, such as moving from data to document verification. However, customers with low-risk scores can continue through onboarding with minimal friction.
Low Friction, High Security
Flexible onboarding and risk mitigation can position financial institutions to stop fraudsters before they can open accounts and do damage. That approach also can lead to low-friction experiences for good customers. Riskier customers can be presented with higher friction processes as warranted.
When a financial crisis hits, change happens quickly and creates vulnerabilities. Automation can keep pace in instances when manual verification could lead to errors that open the door to fraud and diminish customer confidence.
Identity verification isn’t one size fits all. People, markets, and stages in the customer lifecycle vary and require different amounts of friction to ensure compliance, mitigate fraud and build trust.
Fraud never sleeps. But a full array of verification capabilities through a single platform can help financial institutions fortify their defenses, regardless of market turbulence.