The growth in digital banking and e-commerce, spurred on by the COVID-19 pandemic, provides fertile ground for fraudsters and money launderers to commit crimes anonymously. Fraud and Cybercrimes thought leader, Clive Gungudoo, MoData’s Director of Financial Crimes and Risk Management, highlights five essential controls organisations need to put in place to protect their digital customer journey.
For Clive Gungudoo, educating and informing people about financial fraud and the threat it poses to organisations and individuals is more than just a job, it is his passion. And with more than 25 years’ experience in the field, Clive isn’t just familiar with the various sophisticated methods used to commit fraud, he has expert knowledge on exactly what solutions organisations need to implement to minimise the risk to customers – and to their own reputation.
“Organisations need a layered approach to fully protect themselves and their customers from fraud and money laundering risks,” says Clive. “This means a complete set of non-intrusive financial crime risk management controls can and should be integrated across the digital customer journey to proactively red flag possible fraudulent activity, establish customer trust and ensure compliance to regulatory obligations.”
As Clive explains, while many customers were already utilising online and digital services before the pandemic hit, global COVID-19 lockdowns caused this number to spike significantly, as people were forced, out of necessity, to become digitally active. For many, this was the first time they were utilising online banking and shopping services. “While this business online presence provides 24/7 customer convenience and opportunities for significant revenue growth, it also provides a fertile ground for bad actors – like fraudsters and money launderers – to commit crimes.”
In order for organisations to safely conduct business online and provide their customers with peace of mind they must stitch these five basic controls into their digital customer journey:
1. Dynamic Device Fingerprinting and Risk Analysis
Fraudsters generally use stolen devices or manipulate previously used devices to masquerade as a trusted known user or as a new user, effectively enabling them to remain anonymous.
“As soon as we introduce a new actor, the device – a desktop, laptop, mobile phone or tablet – into the transaction, financial service providers are faced with a trust dilemma – they need to know who is really behind the device,” says Clive. “Dynamic Device Fingerprinting enables organisations to accurately detect cybercrimes such as device and location spoofing, device switching, IP resetting, emulators, fake devices, click farms, botnets, residential proxies, “man in the middle”, “man in the browser”, and remote access attacks – plus other advanced methods used by fraudsters. This real time service provides a fraud score and cyber risk analysis that is channelled back to the business so that they can decide whether to allow, or challenge, the new registration, login or payment request,” says Clive.
2. Behavioural Biometrics
While legitimate and private data can be stolen or sold on the dark web and fake or synthetic identities can be manufactured, each user exhibits specific behavioural patterns which cannot be stolen or duplicated. Behavioural Biometrics is needed to detect and prevent account opening and account takeover fraud by passively and continuously monitoring user behaviour from login to logout.
“Behaviour is unique to each user – whether you’re left or right-handed, the size of your thumbprint, your keystrokes, or time between sessions. Behavioural Biometrics, analyses user behaviour in real time, to detect that your behaviour is not congruent to how you normally transact on your account. It uses mobile motion patterns and takes into account criminal patterns to flag fraudulent behaviour,” says Clive.
3. Document Forgery Detection
Frequently, organisations’ due diligence and credit processes require customers to upload documents digitally. However, skilled fraudsters are able to expertly manipulate documents like IDs, Driver’s Licences, Payslips, Bank statements and other FICA, Proof of Income, Purchase Order and Invoice documents so that the changes cannot be detected by the naked eye.
“There are professional document forgery services available – they are so expertly done that regular checks and balances and manual reviews simply don’t cut it,” explains Clive. “A sophisticated Document Forgery Detection service is essential and can be applied across the customer lifecycle – from customer onboarding to a new credit application, to supply chain finance, insurance underwriting and ongoing due diligence.”
4. Real Time Transaction Monitoring and Strong Customer Authentication
Fraud and money laundering activity is carefully hidden amongst vast amounts of legitimate transactions in the financial system, making it difficult to detect. Legacy systems typically use traditional data and supervised rules and models which reactively generate alarms – many of them false. “This requires organisations to employ large teams to manage this unnecessary workload which ultimately impacts the bottom line,” says Clive.
Real Time Transaction Monitoring allows organisations to be proactive rather than reactive by applying a combination of artificial intelligence and expert rules on big data to detect and prevent new and known fraud and money laundering threats and typologies in real time. “This greatly reduces false red flags – and is much more accurate when it does flag an issue,” says Clive.
5. Advanced Case Management
This service allows organisations’ Fraud, Cyber Intelligence, Anti Money Laundering, Operations and Investigations teams to unify and work more efficiently and effectively in managing, tracking, informing, investigating, prosecuting and reporting fraudulent transactions and suspicious activity. “This service bridges the proactive and reactive realm of financial crime risk management via one central intelligence and response hub – the cost and time savings are significant, more so in a hybrid working environment,” says Clive.
Core to MoData’s promise of helping organisations create a customer journey that is innovative, intelligent, intuitive and safe is MoData Digital Services (MDS), their Software-as-a-Service marketplace for all financial crime risk management operations.
“MDS enables organisations to implement a layered approach and deploy modernised technology that protects their customers and their reputation. Our monthly subscription-based pricing and pay-as-you-use model means organisations can gain direct access to MDS and our innovative products and services with no massive upfront investment,” explains Clive. “As subject matter experts and thought leaders we are continually scanning the market for emerging trends – and we always make sure our technology stack is current and relevant. This means we’re able to give our current and new customers in Africa and the Middle East access to leading global software that fits their market and needs at a competitive price point which includes implementation, professional services and support.”