Bank fraud: 2016 review and 2017 predictions

By Mark Gazit | 23 December 2016

Financial fraud is on the rise, and government agencies, law enforcement and the private sector seem unable to stop it.

According to official figures released by Financial Fraud Action UK, more than 1 million incidents of financial fraud – payment fraud, online banking and check fraud – occurred in the first six months of 2016 (compared to 660,000 during the first half of 2015).

Throughout 2016, SWIFT officials have grappled with a series of cyber attacks. In February, attackers used SWIFT codes to break into the account of the Bangladesh central bank and send fake payment orders to the Federal Reserve Bank of New York, leading to the theft of $100 million. Some of the money has been tracked down and retrieved, but $81 million is still missing.

ATM fraud is on the rise, with over $40 million accounted theft. Throughout the world, ATM fraud has grown from a virus to a full-fledged epidemic. In the past 12 months, we have seen the trust and convenience of the ATM channel under attack from both new and old techniques.

Mitigating fraud and related cybersecurity issues are also among the major issues facing banking providers in 2016. More consumers are using digital services and online accounts more often. And with the higher dependence on e-banking, mobile payments, and the ability to conduct banking through social networks, the risks will continue to rise. While most people prefer mobile, each new service or market attracts cybercriminals. When opening new channels for banking, financial institutions will have to address the risk of hackers inflicting financial losses and damaging their reputation.

Cyber attacks will continue to threaten financial institutions in 2017. Hacking attempts, losses, and prevention expenses will increase with the rise in mobile banking applications, financial call centre vulnerabilities, and sophistication of social engineering attacks.

Because of these challenges, it seems that financial institutions will be busy focusing on little more than internal issues – compliance, security and the bottom line – leaving little room for new customer-facing initiatives that could improve the experience.

There is some good news as well. 2016 has been a groundbreaking year for banking and financial services, as they are learning how big data can help transform their business. Now, with an eye towards 2017, financial services are changing their environments to leverage the benefits of big data.

Eight bank fraud predictions for 2017

1. Mobile banking fraud will continue to increase. Smartphones and new mobile banking applications will increasingly become targets for hackers. Smartphone attacks will target the information on the device, as well as the data the device can access and the messages it receives. The payments systems will be hit with malware attacks on the devices and the apps they are running.

2. We will see more account takeover and identity theft. Next year’s identity thieves will open new accounts and take over more existing banking and credit card accounts. Hackers will target other types of accounts besides credit cards, including Amazon, PayPal and eBay.

3. Regulatory pressures will continue to grow, but might reach a tipping point. Regulations will be counterweighted by operational costs and customers’ rising expectations on the “speed” of commerce. The solution: analytics will play a bigger role in sophisticated anti-financial crime monitoring. Since it requires multiple changes across multiple layers of the ecosystem, this will be a gradual shift.

4. As regulation deepens in complexity and scope, the cost of compliance will continue to rise. According to new figures from WealthInsight, global spending on AML compliance is set to grow to more than $8 billion by 2017 (a compounded annual growth rate of almost 9 per cent).

5. Fraud rings will proliferate. Fraud rings are resulting in major financial losses. Early in 2016, an international criminal syndicate was able to successfully impersonate bank officers at over 100 banks around the world to net as much as $900 million in stolen funds. Last year the Boleto Fraud Ring siphoned $3.75 billion from Brazilian banks. Over time, fraud rings will be more difficult to detect as many specialise in one aspect of fraud.

6. Social media omnipresence will increase risk. Banks are becoming more forward thinking by using social media platforms to optimise the customer experience and enhance their service offerings. For example, Turkey’s DenizBank offers its customers access to their accounts via Facebook. One of the largest private sector banks in India recently launched a multi-social payment app, allowing customers to transfer money through social media channels. However, there are many risks associated with this.

7. ATM malware will continue to evolve. Hackers will gain the ability to target ATM hardware from multiple vendors.

8. The key AML issue = addressing de-risking. Banks are dropping businesses in fear of enhanced regulatory scrutiny, while policymakers are stepping up their scrutiny of terrorist financing prevention. “There is no greater issue for the AML community in 2016 than addressing de-risking,” said John Byrne, executive vice president at the Association of Certified Anti-Money Laundering Specialists. “Failure to do so will harm prevention of human trafficking, drug trafficking, terrorism and of course, financial inclusion.

Mark Gazit, CEO, ThetaRay