The Fraud Landscape in 2021
After the year that changed everything, what will the key drivers of fraud and fraud prevention be in 2021? Read on to hear about the potential fraud trends and developments in how to combat fraud, along with changes in the regulatory landscape.
Regulatory interest in fraud has been increasing in the UK and Europe, and is set do the same in the U.S. The level of stimulus fraud experienced on both sides of the Atlantic will be the main driver, as $100 billion of fraud usually attracts politician’s interest. Regulation will concentrate on mule accounts, as without them many frauds could not be perpetrated. The Estonian regulator has already mandated real-time inbound payment profiling and the Contingent Reimbursement Model (CRM) in the UK is driving this, too. Expect to see further pressure from regulators in this space during 2021. In a similar vein, there will be further focus on authorised fraud, for both paying and beneficiary banks and Fintechs. In the UK, the current voluntary rules are likely to be made mandatory, as the large banks seek regulatory capture. This will start to gain traction with other regulators, particularly in Europe, although this may be a part of PSD3, and may take some time to come about.
There will like be both regulatory and commercial pressure to move from open banking to open finance. As PSD2 in Europe only covers payment accounts, the pressure will build on savings, mortgages and on into pensions and investment providers. Financial services organizations will be lobbying for this to include big tech, putting the customer at the center. Of course, this may also make life easier for fraudsters. However, for those firms that show they can improve both customers’ finances and security by using the power of a true single view of the customer will see the benefits of more business and lower costs.
However, for those firms that show they can improve both customers’ finances and security by using the power of a true single view of the customer will see the benefits of more business and lower costs.
As the stimulus payments start to dry up in H2 2021, fraudsters will shift their focus back to remote banking and payments frauds such as account takeover and e-commerce. The level of compromised card data and digital credentials is huge, and as lockdowns recede allowing unhindered movement for mules to cash out, Organised Crime Groups (OCGs) will attack via this vector again.
Couple this with the increase in real-time payments, request to pay or for payment and all the users who are new to digital security will make this an attractive avenue for fraudsters.
As the volumes of genuine transactions continue to grow extremely fast after several years’ worth of growth in just a few weeks during 2020, authentication improvements will be key in 2021. The ability to undertake risk-based authentication in digital and e-commerce will help combat the pressure on decline rates.
One area we are likely to see more exposure is in the SME and corporate space, where the desire to support more working from home means that remote access to payments for corporate treasury and payments teams will increase. Without the right education, training, authentication and fraud detection in place, fraudsters will look to abuse this avenue.
In terms of authorised frauds such as business email compromise, OCGs will continue to bring technology to bear in the form of voice or video deep fakes. This will make these schemes even more sophisticated, so organizations will need to continue to help protect their corporate customers from these attacks.
Application and First-Party Fraud
Moving back to the changes that COVID-19 has wrought, the acceleration of digital banking and payments that occurred during 2020 means consumers and businesses are demanding end-to- end digital account opening and digital servicing.
As many banks digitised their existing paper and branch processes, this created either control gaps, poor experiences or both. Often, this has meant that good quality, genuine customers went elsewhere while fraudsters persevere, leading to static or increasing fraud rates, but with lower sales.
To drive market share without suffering identity theft, synthetic ID and first-party fraud, organizations will be investing in solutions that identify, verify and score applications up front, with links to multiple data sources.
With the additional lockdowns in Europe and a new President in the U.S. looking to tackle COVID-10, it’s safe to expect continued stimulus packages in 2021. Therefore, fraudsters will continue to attack SBA loans and unemployment benefits as they did in 2020. Hopefully, firms will have improved on their capabilities to stop both the money leaving in the first place, as well as identifying mule behaviour before the money leaves the banks.
The acceleration of digital banking and payments that occurred during 2020 means consumers and businesses are demanding end-to-end digital account opening and digital servicing.
Consolidation of End Points
Moving on to infrastructure and systems, there are a few trends at play. Financial services organizations (FSOs), particularly the largest, will be working hard to consolidate systems and build out their roadmaps to truly enterprise fraud management systems.
As the fraud trends above have shown, the majority of frauds are interlinked. Therefore if a bank’s data
is removed from its silos, the improvement in prevention can be huge. Some organizations are sitting on 20-30 point solutions, as many vendors only provide one specific function. With device profiling, behavioral biometrics and telco data among a plethora of point solutions and around 150 vendors in the wider ecosystem, managing this from cost, complexity and risk perspectives will be a key area for FSOs. Calling these services as an API from within a hub offers a solution to these challenges.
Banks will be looking to rationalize these systems, and as such, should review whether the additional complexity and cost bring the required level of benefits. This will be part of a move to enterprise architecture, to improve the integration, for example with Kafka streaming. Alternatively, these functions may be met by the use of Marketplace ecosystems directly within the enterprise solution.
The move to enterprise solutions is not just in prevention and detection, but also in case management. Providing agents all the information makes for better decisions and lower fraud. It also allows for greater automation to provide improved customer experiences, which COVID-19 has shown are required now that volumes of digital banking and e-commerce users have increased in 2020. This includes automation of many fraud processes so the simplest can be undertaken without agent involvement, freeing up resources for more complex frauds and dealing with customers.
A key plank in this transformation is cloud. This is not just lower running costs, but flexibility. The elasticity is perfect for speeding up model building. Upgrades are easier and up time using Kubernetes is quicker and safer.
The ability to support large amounts of data and remove silos is also key. Further, the ability to get to market quicker are all reasons driving adoption, as well as many FSOs and regulators gaining a better understanding of the risks and how to mitigate them.
In addition, there will be an increase in terms of collaboration and collective intelligence. Cloud will help power removing silos between firms, just as we have seen accomplished with enterprise fraud management systems.