Data released by various fraud prevention agencies clearly show a dramatic increase in cybercrime and real-time fraud. Should these reports persist at the current rate, the financial services industry is in for some challenging times!
Ultimately, it is the attitudes around fraud that need to change. The institutional practise of covering up fraud is unacceptable. The cost of fraud in the UK, from the Annual Fraud Indicator 2016 report, is £193 billion— four times the previous estimate of £52 million in 2013. The expense is becoming so monumental that banks will have no alternative but to pass the costs through to their clients.
I attended the Worshipful Company of Information Technologists (WCIT) and Digital Policy Alliance (DPA) roundtable on cybercrime and real-time fraud with a cross-section of the financial service industry, the police, and government. The conclusion: Prevention is not easy. A number of concurrent initiatives are required,with an overriding need for urgency to combat this global threat. It also became abundantly clear that cybercrime cannot and will not be stopped using a simple gatekeeper.
There is an immediate need for action on the following fronts:
Some educational requirements include understanding the business model of the criminal gang, where “the crown jewels are” in the organisation, and awareness training to protect organisations and their clients. And if your computer says “unsafe to use,” then it is, so don’t go there. Compliance training should go to every level of the bank, with proof that the training has been completed required to satisfy the bank’s management and the regulators.
Employing the latest technology
This should be used by each and every one of us to combat cybercrime, including:
- The potential use of blockchain technology for trust and reputation
- Prediction using AI and genetic algorithms
- Automating system responses for increased speed of response
- Using real-time, Big Data crunching in-memory computing power
The inside threat
It is vital to identify the “bad actor/bad agent,” or someone with access to the inner workings of the bank. Bad actors are involved in 60% of frauds. Technology must be utilised to minimise this threat. Start with HR information, coupled with social media, and use transactional history that an employee or contractor is involved in. Patterns will emerge. Utilising three-dimensional models, visualisation and predictive analytics increase early detection.
We must look at how we educate, change culture, and enact policy within organisations that may be subject to fraudulent activity. While we should also respect data protection and user privacy, these protections should not also apply to the cybercriminals and fraudsters engaging in fraudulent activities.
For more information on cybersecurity, visit this link.