How to monitor activity to counter fraud

By James Richardson | 3 May 2017

In the second of a two-part review of cyberfraud and risk management approaches, James Richardson, Head of Market Development Risk and Fraud for Bottomline Technologies, reviews the benefits of advanced activity-monitoring to provide the highest levels of fraud prevention

The first part of this payments security review looked at how a comprehensive fraud prevention approach needs to extend well beyond identity authentication and intrusion protection in order to safeguard against the full threat profiles the global financial community faces.

Recognising that 78% of fraud losses involve insider employees (KPMG), focusing solely upon strengthening our digital perimeter defences against unauthorised access overlooks the significant internal ‘authorised’ vulnerabilities. This second instalment expands upon the steps organisations can take to counter the threats we face.

Inside the house

To the financial institutions charged with protecting other people’s money, fraud poses a monumental risk. An increasing number of banks have faced significant financial loss and reputational damage because of payment fraud and cyber-crime. Understanding that a clear majority of fraud is initiated internally or in collusion with third parties, financial institutions face considerable challenges to address a highly complex threat environment.

You may have adopted for the highest levels of security to protect your networks and systems from external cyber-assault, but how can financial institutions further protect themselves from malicious insider activity?

Simply put, without visibility into authorised users' behaviour and end-to-end payments life-cycle monitoring, organisations are missing critical layers of defence and are unable to effectively stop fraud and data breaches before they happen. Process-wide user behaviour monitoring and payments analysis systems go far beyond securing the ‘borders’ of your organisation, and can deliver unparalleled risk-mitigation, visibility and real-time alerts based on user activity.

Highly sophisticated technology is available today that can provide a virtual ‘surveillance camera’ of process activities. These powerful fraud prevention capabilities form a critical and effective infrastructure for combating internal fraud and information leakage, enabling proactive defences against internal and external threats, rather than mere ‘after-the-fact’ responses.

Automated detection

With the ability to non-invasively record, monitor, and analyse authorised user activities across all your major payment applications and processing platforms, behaviours or trends that deviate from established norms can be flagged and even automatically stopped. These capabilities could have prevented some of the recent payment fraud cases that have hit the headlines over the past twelve months. The most common issues leading to payment fraud, such as payment instructions being initiated by users at odd hours, for anomalous amounts, at significantly increased volumes, or benefiting unfamiliar recipient accounts, need never be a worry.

Any review of enhancing your existing fraud detection capabilities should include ensuring that automated blocks can be made in real time, with security officers able to receive instant alerts so they can act on suspicious behaviour as it occurs. Detecting fraud at the end of day is already too late.

Fraudsters are utilising increasingly sophisticated tools and technologies to counter established defences and security systems. A flexible, configurable and comprehensive user monitoring methodology provides a highly agile and versatile detection environment to counter the evolving threat landscapes we face.

Behaviour monitoring

What is the likely impact on your employees following the introduction of this level of automatic detection capability? Creating user accountability can have a positive impact in helping to foster a secure and transparent environment for staff. Several case studies confirm that once users are aware system actions are being monitored, unauthorised activity is deterred and prevented.

The insights from implementing such a comprehensive fraud prevention approach can provide several risk-management benefits:

  • • Creates accountability among authorised users
  • • Shifts from transaction tracking to human behaviour monitoring
  • • Increases organisational security with central visibility into user behaviour across all sensitive applications
  • • Acts on suspicious behaviour as it occurs, rather than reacting after crimes and fraud have been perpetrated
  • • Can reduce investigation time significantly and improve its effectiveness in identifying, analysing, and documenting suspicious behaviour

With user behaviour monitoring, financial institutions have been able to prevent fraud and improve productivity through increased speed of investigations. Any evaluation of monitoring capabilities should ensure all applications (including legacy systems) can accommodate non-invasive data inspection, with a common set of reports and dashboards that combine information across systems.

Costs of complacency

With growing rates of financial fraud, it is important that your existing risk mitigation and fraud prevention systems are regularly reviewed. A comprehensive cyber fraud and risk management approach can ensure you keep your finances, your data and your business reputation secure. The costs of complacency can be significant – in many instances the direct financial impact from fraud can be eclipsed by the severe reputational damage that can follow from highly publicised exposure.

External intrusion prevention and user authentication best-practices should of course be followed, but this needs to be viewed as an outer base layer to a more comprehensive security approach. Can your organisation afford anything less?

Download your copy of the 5 Keys to Staying Ahead In a Fast-Moving Threat Environment whitepaper by Bottomline Technologies to learn more.

Become a bobsguide member to access the following

1. Unrestricted access to bobsguide
2. Send a proposal request
3. Insights delivered daily to your inbox
4. Career development