The Proof Is in the Data: How an Integrated Ecosystem Can Help to Combat Financial Crime

Financial fraud continues to be the everlasting thorn in the side of the financial industry – and it’s only getting worse. According to a 2022 report by the Association of Certified Fraud Examiners (ACFE), up to five percent of corporate revenue is lost to fraud every year – that’s an estimated $4.7 trillion globally. Meanwhile, in addition to the onslaught from professional fraudsters the emergence of fraud-as-a-service makes it easier than ever for people driven to the brink of existence by the economic hardship instigated during the pandemic and more recently with rising inflation to engage in fraudulent activities. But what can financial institutions do to stave off the swelling wave of fraud, remain compliant and secure payment processes between themselves, customers and business partners? This blog looks at the key factors that can help you stay ahead of shifting markets and emerging risks.

Typical fraud scenarios

In nearly all cases, third-party fraud is executed by initiating payments or withdrawals from accounts that are not consistent with their owners’ normal patterns of behavior. This is why, when creating solutions, it is critical to focus not on the different types of fraud but on the usual behavior of the account holders, so that anomalies can be detected and flagged accordingly. But before we explain how to achieve this, let’s look at some of the most common fraud scenarios that banks are typically confronted with on a daily basis.

Financial fraud

With remote banking in widespread use and online payment methods as well as mobile wallets such as PayPal, GooglePay gaining traction by the minute, the vast majority of financial fraud cases are now digital.  Exposure of confidential information through scams likephishing emails are already old school. That’s because these types of scam rely on direct contact to further socially engineer the victim – be it in-person, via email or telephone – so they require a high level of effort from the fraudster.  As such they are typically directed towards the high value customers and corporates.

Pharming or man-in-the-middle scams, on the other hand, are executed on a technical level: the fraudster accesses the payment process at some point (hence “in the middle”) to gain access to the payment information being transferred. In this case, the point of entry is an insufficiently secured technical set-up that allows criminals access to the payment data.

But not all criminals attack from the outside. In insider fraud, bank employees acquire access to dormant accounts or scape money from high wealth clients’ accounts in order to exfiltrate funds. Or they harvest data from bank systems to sell for other fraudsters to use. This form of fraud is one of the hardest to detect, because the criminals possess a deep knowledge of the bank’s systems and how to use them to cover their tracks; making the financial services industry one of the top three sectors globally affected by insider fraud¹.

Money laundering

Money laundering has been around for a long time. Large public scandals surrounding implicated banks and the constant threat of terrorism have led to ever-tightening regulatory measures to detect and ideally prevent money laundering before it can even take place, in turn pushing criminals to keep inventing new ways of circumventing detection. Technical progress and digitalization have opened the floodgates for new methods of money laundering. Crypto currencies have made it almost impossible to detect money laundering activities with conventional methods. While banks are typically required to report suspicious account activities and large cash movements, AML laws have been slow to catch up to newer types of cybercrimes, since most of the laws are still based on detecting dirty money as it passes through traditional banking institutions and channels.

It is hardly surprising then that the United Nations Office on Drugs and Crime estimates that global money-laundering transactions account for roughly $800 billion to $2 trillion annually — or 2–5% of the global gross domestic product (GDP)². Most countries have strict AML laws in place as a countermeasure to organized crime and terrorism. Banks that fail to meet their requirements and are found to have enabled money laundering — be it with criminal intent or through mere neglect — face penalties of the severest nature that, in a worst-case scenario, can even mean the end of business.

What are the business drivers of fraud prevention?

In an age where every bank transaction is made digitally, the technical setup is the Achilles heel of the payment system. If it is insufficient or outdated, it has the potential to bring the entire structure down. Fraudsters just love the anonymity and technical possibilities that digital transactions bring — and they are highly motivated to find the loopholes that will grant them access. Having state-of-the-art technology that can flag or even predict suspicious transactions for human scrutiny before they take place has already become a critical business differentiator for banks.

Fraud prevention and AML are costly and resource-intensive for financial institutions. But in this case, a dollar spent really does equal a dollar saved. Monetary losses, eroding customer trust and severe penalties for failure to meet regulatory legislation may cost them much more dearly in the long run. Staying ahead of shifting markets and new risks is not optional — if banks want to stay in business but also excel against non-bank competition such as fintechs, it is imperative. At the same time the transition of legacy payment systems to ISO20022 is an ideal time to introduce new dynamic controls. This maximises consistent payment integration flows and the additional data it brings.  By improving risk mitigation across all financial crime controls to help manage financial crime compliance, financial institutions can reduce workloads through false-positive alerts and reduce time spent investigating fraud, thereby cutting operating costs related to fraud mitigation.

The solution: secure payments modernization in a fully integrated data ecosystem

The implications are clear: financial institutions must make their siloed and fragmented data accessible to utilize it for the detection of unusual patterns that can be indicative of criminal behaviors, and this process must be as automated as possible while creating only the absolutely unavoidable minimum amount of false positives. But how do you achieve that?

Financial institutions receive data from a variety of sources: customer profiles, transactions, business processes, customer service experiences and external sources, such as third-party vendors. This data is an important resource to identify risk factors such as fraudulent activities or money laundering — but only if it is made available in an accessible form. However, all this valuable data is often stored in many different formats and in various locations within a bank, making it difficult — if not impossible — to access and mine it in a meaningful way. This inability to harness valuable data for effective financial crime risk mitigation and analysis is often at the root of continuing fraud and AML deficiencies in financial institutions.

The joint 2022 survey by SEEBURGER and leading research and advisory firm Celent “Ready Or Not – Here It Comes: There’s No Hiding From ISO 20022” found that one of the main benefits expected from ISO 20022 across all roles was improved fraud mitigation. Implementing ISO 20022 capabilities on an agile, secure and scalable integration platform can enable banks to manage FRAML (fraud and AML) with more granular monitoring options.

The ongoing migration to the ISO 20022 messaging format will introduce standardization, structure, and greater richness in payments data. In a fraud prevention and AML context, areas of particular interest are:

Transaction Monitoring

Traditionally, banks were able to gain only a basic amount of payment information during the payment process. With ISO 20022, they can capitalize on additional remittance data, including structured information on debtors and creditors. This creates an unbroken chain of information that makes following the trail of laundered money much easier than in the past. More encompassing and complete payment fields will significantly improve the identification of patterns, so that specific combinations of risk characteristics can be automatically flagged for further investigation. The deeper understanding of end-to-end payment flows in such a comprehensive data ecosystem supports investigative teams in achieving more robust risk coverage.

Fraud monitoring

Complete and higher-quality data supports real-time monitoring to identify complex fraudulent payments, thereby making fund recovery faster and more efficient. The additional wealth of data helps to improve existing fraud monitoring controls and to isolate weaknesses.

It is of vital importance for financial institutions to make the mental shift from thinking about their data in separate silos that do not touch: only when brought together can these separate data sets form a comprehensive data ecosystem. When combined with cutting-edge fraud and money-laundering detection technologies such as machine learning, robotic process automation and artificial intelligence, this data ecosystem enables banks to unlock the full potential of their data.

Conclusion

An intelligent, predictive fraud prevention and AML program on an agile, secure and scalable integration platform enables financial institutions to embrace smarter and faster financial crime prevention, detection and investigation. Better intelligence from higher-quality data helps to establish holistic risk profiles of customers, accounts and transactions — freeing investigative teams to focus on the real problem cases instead of wasting time on false positives.

How SEEBURGER and SAS can help

Together, SEEBURGER, a market leader in business integration, and SAS, a leader in analytics software and solutions, have developed a joint solution to address all the complexities and challenges of modern-day payments integration. In this combined solution, the SEEBURGER BIS Platform addresses the onboarding of corporates and business partners and their secure data exchange, including self-services for testing and configuration of payment formats, such as ISO 20022, validation and transformation aspects of the payments integration process, application integration and reconciliation of the payment data. SAS’s capabilities in fraud detection and prevention, anti-money laundering (AML) and security intelligence support all the prevention and detection-related activities, including machine learning and alert investigation, centralized around the enriched payment data.