In 2018, the World Economic Forum noted that fraud and financial crime was a trillion-dollar industry, reporting that private companies spent approximately $8.2 billion on anti-money laundering (AML) controls alone in 2017. The crimes, themselves, noticed and unnoticed, have become more numerous and costly than ever. In a widely cited estimate, for every dollar of fraud, institutions lose nearly three dollars, once associated costs are added to the fraud loss itself.
Hence, an intensification of the activities of cybercrime and malicious hacking. As a result, rules with regards to financial crime are being revisited, as authorities continuously revise the rules. Within the domain of financial crime, the governments have ratcheted up the use of economic sanctions, targeting countries, public and private entities, and even individuals in accounting for illegal trafficking and money laundering. Because it has become difficult for institutions to fight these financial crimes, leaders are transforming their operating models to obtain a holistic view of the evolving landscape of financial crime. This view becomes the starting point of efficient and effective management of fraud risk.
Risks faced by Banks
Some of the risks faced by banks include the following: vulnerabilities to fraud and financial crime inherent in automation, digitization, massive growth in transaction volumes and greater integration of financial systems within countries and internationally.
The evolution of fraud and financial crime
Fraud and financial crime adapt to developments in the domains they plunder. With the advent of digitization and automation of financial systems, these crimes have become more electronically sophisticated and impersonal. One series of crimes, the so-called Carbanak attacks beginning in 2013, well illustrates the cyber profile of much of present-day financial crime and fraud.
These were malware-based bank thefts totaling more than $1 billion. The attackers, an organized criminal gang, gained access to systems through phishing and then transferred fraudulently inflated balances to their accounts or programmed ATMs to dispense cash to waiting accomplices. These, however, became a syndicated attack on many banks since the attackers vividly understood the cyber and banking environment.
Channels for the activities of cybercrime
Several channels for the operation of financial crime, fraud and cybercrime include automated teller machines (ATMs), credit and debit cards, and wire transfers. The attacks revealed that meaningful distinctions among cyberattacks, fraud, and financial crime are disappearing.
A siloed approach to these interconnected risks is becoming increasingly untenable. As banks begin to align operations to the shifting profile of financial crime, they confront the deepening connections between cyber breaches and most types of financial crime. Banks counter such fraud with relatively straightforward, channel-specific, point-based controls.
Banks that offer a seamless, secure and speedy digital interface will see a positive impact on revenue, while those that do not will erode value and potentially lose business. Modern banking demands faster risk decisions so banks must strike the right balance between managing fraud and handling authorized transactions instantly. The growing cost of financial crime and fraud risk has overshot expectations.
Bringing together financial crime, fraud, and cyber operations
Anti-Money Laundering (AML), while mainly addressed as a regulatory issue, is seen as being on the next horizon for integration. All risks associated with financial crime involve three kinds of countermeasures: identifying and authenticating the customer, monitoring and detecting transaction and behavioral anomalies, and responding to mitigate risks and issues. Each of these activities, whether taken in response to fraud, cybersecurity breaches or attacks, or other financial crimes, is supported by many similar data and processes. Indeed, bringing these data sources together with analytics materially improves visibility while providing a much deeper insight to improve detection capability. In many instances, it also enables prevention efforts.
In taking a more holistic view of the underlying processes, banks can streamline business and technology architecture to support better customer experience, improved risk decision making, and greater cost efficiencies.
From collaboration to holistic unification
There are three models for addressing financial crimes. They are distinguished by the degree of integration they represent among processes and operations for the different types of crime. It has been shown, largely, that organizational and governance design are the main considerations for the development of an operational model. It is entirely feasible that an institution will begin with the collaborative model and gradually move toward greater integration, depending on the design decisions.
Firstly, the collaborative model. In this model, each of the domains of financial crime, fraud, and cybersecurity maintain their independent roles, responsibilities, and reporting. Each unit builds its independent framework, cooperating on risk taxonomy and data and analytics for transaction monitoring, fraud, and breaches. The approach is familiar to regulators but offers banks little of the transparency needed to develop a holistic view of financial crime risk. The model's reliance on smaller, discrete units also means banks will be less able to attract top leadership talent.
Secondly, a partially integrated model for cybersecurity and fraud. This model has been widely used. Many more institutions seem to be now working toward this model, in which cybersecurity and fraud are partially integrated as the second line of defense. Each unit maintains independence in this model but works from a consistent framework and taxonomy, following mutually accepted rules and responsibilities. The approach remains, however, consistent with the existing organizational structure and little disrupt current operations.
Finally, in this fully integrated approach, financial crimes, fraud, and cybersecurity operations are consolidated into a single framework, with common assets and systems used to manage risk across the enterprise. The unified model also captures the benefits of scale across key roles and thereby enhances the bank’s ability to attract and retain top talent. The disadvantages of this model are that it entails significant organizational change, making bank operations less familiar to regulators.
Strategic prevention: Threats, prediction, and controls
The idea behind strategic prevention is to predict risk rather than just react to it. To predict where threats will appear, banks need to redesign customer and internal operations and processes based on a continuous assessment of actual cases of fraud, financial crime, and cyber threats. To arrive at a realistic view of these transgressions, institutions need to think like criminals. Crime takes advantage of a system’s weak points. Current cybercrime and fraud defenses are focused on point controls or silos but are not based on an understanding of how criminals behave. For instance, if financial institutions tighten their defense on the protection of consumers, branch operations among others, crime will be evident in the domain of technology.
Adopting the mindset and behavior of the criminals
Banks will be able to trace the migratory flow of crime by looking at particular transgressions or types of crime from inception to execution and exfiltration and by mapping all the possibilities. By designing controls around this principle, banks are forced to bring together which improves both efficacy and effectiveness.
Ensuring the efficiency of scale and processes
The integrated fraud and cyber-risk functions can improve threat prediction and detection while eliminating duplication of effort and resources. Consistent methodologies and processes (including risk taxonomy and risk identification) can be directed toward building understanding and ownership of risks.
Data, automation, and analytics
Through integration, the anti-fraud potential of the bank’s data, automation, and analytics can be fully realized. integrating the data of separate functions, either both internally or externally, banks can enhance customer identification and verification. More appropriately, machine learning and artificial intelligence can enable predictive analytics when supported by the right source of information.
Ensure consumer experience and digital trust
Meaningful improvements in customer satisfaction help shape customer behavior and enhance business outcomes. Digital trust is fostered by unified risk management against fraud, financial crime, and cyber threats. When banks ensure topmost security to consumers, which has often been sidelined, trust is heightened for the bank.
How to proceed
There is the need for banks to inquire into questions relating to activities and processes, people and organization, data and technology, and governance when designing their journey toward a unified operating model for financial crime, fraud, and cybersecurity.
Most banks begin the journey by closely integrating their cybersecurity and fraud units. As they enhance information sharing and coordination across silos, greater risk effectiveness and efficiency becomes possible. To achieve the target state, they seek, banks are redefining organizational “lines and boxes” and, even more important, the roles, responsibilities, activities, and capabilities required across each line of defense.
Most have stopped short of fully unifying the risk functions relating to financial crimes, though a few have attained a deeper integration. A leading US bank set up a holistic “center of excellence” to enable end-to-end decision making across fraud and cybersecurity. From prevention to investigation and recovery, the bank can point to significant efficiency gains. A global universal bank has gone all the way, combining all operations related to financial crimes, including fraud and AML, into a single global utility. The bank has attained a more holistic view of customer risk and reduced operating costs by approximately $100 million.
As criminal transgressions in the financial-services sector become more sophisticated and breakthrough traditional risk boundaries, banks are watching their various risk functions become costlier and less effective. Leaders are therefore rethinking their approaches to take advantage of the synergies available in integration. Ultimately, fraud, cybersecurity, and AML can be consolidated under a holistic approach based on the same data and processes. Most of the benefits are available in the near term, however, through the integration of fraud and cyber operations.