Martin Rehak CEO of Resistant examines the convergence of cybersecurity and financial crime, the risks it creates and why the use of AI-powered technologies offer the only scaling factor available to organisations focused on minimising one of today’s most alarming criminal trends.
In recent years, financial crime has undergone its own form of digital transformation. Criminals are replacing comparatively inefficient and labour-intensive processes with sophisticated digital technologies, are leveraging vast quantities of compromised personal data and using automated processes to scale criminal activities to unprecedented levels.
At the same time, the integration of financial and cybercrime has continued at pace. From identity photo and document theft or manipulation, through account takeover scams to the persistent threat of card fraud, cybersecurity weaknesses are being exploited to maximise the effectiveness and impact of financial crime.
Indeed, cyber and financial crime are now inextricably linked, with ‘go to’ cybercrime strategies widely used as a method to generate inputs for financial crime. Whether it’s the theft of identities (including elements such as documents and ID photos), credit card numbers or a host of other assets, bad actors routinely harvest this information and use it repeatedly and effectively online to commit a wide range of crimes.
The result is a continuing increase in the scale and impact of both types of crime. Last year, for example, around 49 million consumers in the US alone fell victim to identity fraud, resulting in a total cost of around $56 billion. In addition, Juniper expects merchant losses to online payment fraud will exceed $206 billion cumulatively for the period between 2021 and 2025. As they point out, this represents, “almost 10 times Amazon’s net income in the 2020 financial year.”
Issues such as Buy-Now-Pay-Later (BNPL) and payment fraud, represent just one of the areas of growing concern. Whilst accurately discriminating between real and stolen identities is notoriously difficult, fraud losses from areas such as eCommerce, airline ticketing, money transfer and banking services are predicted by Juniper Research to reach $48 billion by next year.
Scaling up the response to digital crime
These are just some of the issues that are creating a perfect storm where the sheer volume of illegal activity makes it very difficult for organisations and authorities to keep up. Criminals are focused on automating their attacks to increase their chances of success by putting pressure on prevention and detection systems that are struggling to keep pace with the scale of attacks and the resourcefulness of the attackers.
Think of it this way; many legacy fraud prevention systems often rely on labour-intensive processes where over-stretched teams must spend huge amounts of time focused on too few cases. Often, the cases outsorted for review prove to be false positives, further reducing the efficiency of defences. It’s fast becoming a situation comparable to asking email users to manually identify, sort and delete their spam emails. Businesses are making poor use of resources which should be focused elsewhere on more productive and strategic issues that require the insight and experience only a human expert can bring.
Advanced technologies have a huge role to play in addressing the sophistication and volume of financially-focused cybercrime. In particular, AI-powered, automated defences increasingly represent the only scaling factor working in favour of organisations looking to minimise the impact of financial crime at the same time as containing the cost of such prevention.
For instance, AI can be applied to authenticate genuine documents at scale so teams can focus on more sophisticated document fraud. This has the effect of not only increasing detection rates, improving productivity and reducing losses, it also adds friction for the fraudsters whose processes become more costly and inefficient.
Looking ahead, addressing the converging threats of cyber and financial crime using legacy approaches isn’t sustainable. Without safe onboarding processes, for example, that protect individuals and organisations from scalable attacks, financial institutions could find themselves under severe pressure.
In this scenario, they are facing a series of very serious problems. Not only will the cost of acquiring customers and then protecting them continue to increase, but overworked staff will be subject to burnout and the accompanying employee turnover will further harm prevention and detection performance. Additionally, losses to fraud will escalate, whilst increased compliance breaches and associated penalties will have a bigger impact on organisational reputation and profitability.
Some organisations will respond, others already have, by automating additional processes, such as customer service and basic fraud detection. And while the implementation of more automated defences has a role to play in a rounded solution, they are certainly no substitute for technologies that can identify financial crime at scale and with a high degree of accuracy.
Ultimately, organisations that focus on modernising their approach to the converging risks presented by cyber and financial crime will be much better placed to focus on growth. In the burgeoning digital economy and the rapid transformation of the banking and finance sectors, that’s a critical consideration for any organisation that doesn’t want its success derailed by an inability to address crime.
Read the latest edition of PCR’s monthly magazine here: