Financial fraud is a growing concern in the digital age — and scammers have more tools at their disposal to access sensitive data than ever before. Fortunately, technology has also brought forth defense mechanisms and controls that industry leaders can leverage to prevent fraud.
“Fraud is a multi-channel problem,” said Chuck Gallant, Director, Asset Servicing at BNY Mellon, during a breakout session at NICSA’s 2019 Strategic Leadership Forum. “We’re facing web-based fraud, call-center fraud, and fraudulent documents, among other threats.”
Gallant moderated the session, which also featured leaders from Broadridge, Investment Company Institute, Nuance, and T. Rowe Price. Joanne Kane, Director, Operations & Transfer Agency at Investment Company Institute, said 64% of transfer agents and funds who are ICI members reported an increase in fraudulent activity in 2018.
“What’s really scary — and we saw this through the incidences reported — is more than half of those incidences pass authentication, whether it’s phone or web,” she said.
Kane said there’s also a noticeable shift in the role of the perpetrator. “When I started in the industry, I would say 99% of fraud was caused by family members,” she said. “Now it’s identity thieves, fraud rings, unknown parties, foreign actors — family makes up the smallest percentage, which illustrates how things are changing.”
Exploiting Multiple Channels
Mia Puzo, Fraud and Biometric Executive at Nuance, said there’s a growing need to protect all channels, essentially blocking the fraudster’s journey.
“Fraudsters will essentially target the channel with the least amount of resistance,” she said. “For example, they target the call-center agent to change things like email addresses, passwords, and pins; things that allow them to log in to the digital channel, whether it be a mobile app or a website, and then actually commit the fraud.”
By gaining an in-depth understanding of the security landscape, the scammers can plan how they will carry out their crimes. “They’ll gain enough information, they’ll change information, and then they’ll switch to the digital channel to move money,” Puzo said.
Emerging Technologies
Puzo said that Nuance is employing biometric technology in a layered approach to fraud prevention. Conversational biometrics, for example, create a print of an individual’s typical sentence structure and grammar that is complementary to voice biometrics based on sound.
Mark Schlesinger, Chief Information Officer at Broadridge, said behavioral analytics are also being used to detect fraudulent activity based on predicted transactional actions. “There are technologies out there that know your location, where you typically are when you’re completing transactions, and even how you hold your device, the pressure you put on keys, the speed that you type.”
The technology can even detect if you’re making mistakes entering sensitive content. “It knows if you’re copying and pasting your ID and password as opposed to normally typing it,” Schlesinger said. “It knows if you are misspelling your last name multiple times.”
Megan Warren, Global Head of AML, Fraud and Privacy at T. Rowe Price, said there’s a fine line between ease of use and security.
“One of the things we often hear from our business partners is: “the voice of the customer says that they don’t want anything to slow down their access to their funds,” Warren said. “One thing we’ve done is push back a little bit on the voice of the customer questions and make sure they’re current, because most people would be willing to wait 15 more seconds to access their funds in a more secure way.”
Warren also advocates a wisely layered approach to controls. “You can’t rely on one type of control, but there are some that are pretty antiquated that you can do away with, especially when you’re implementing others,” she said.
Note: Although the observations contained in this work represent the best thoughts of the individuals comprising the NICSA panel, they do not necessarily reflect the views of NICSA or any of its member organizations. Matters addressed in this work may touch upon legal or regulatory matters, however nothing herein is intended to be or should be construed as legal advice. You should contact your own counsel in order to obtain legal advice regarding these or any other matters.
Website Design By Branophia LLC