Topics In Demand
Notification
New

No notification found.

Blog
Fraud Prevention During COVID-19. Best Practices For Financial Institutions.

April 23, 2020

1088

0

 – Alok Kumar, Product Line Manager, Clari5 (CustomerXPs)

Given the response strategies to the COVID-19 pandemic implemented by federal, state and local governments globally, consumers’ behavioral changes during this phase, and Financial Institutions’ (FIs) staffing and mobility constraints, fraud prevention must be tackled in a different manner.

The Change in Environment

Due to restrictions on physical movements, there is an inability of consumers to physically verify any claims that may be made related to their organizations or intents. The best that people can do is to call friends and family on the phone to confirm what a fraudster has claimed.
In addition, with minimal social contact outside of immediate family, and often not even that, victims can fall prey more easily to a smooth-talking fraudster. Psychologists have reasoned that “any stroke (+ve or -ve) is better than no stroke at all”. (Stroke here refers to an interaction between two humans.)

FIs have their own BAU challenges related to their contract employees, regular employees, connectivity in offices, transportation logistics. This has considerably impacted services in call centers – generally the first port of call for a customer to contact an FI.

The other challenge is IT services continuity. Most financial transactions, if not all, are routed via electronic channels and any downtime will shake consumer confidence and make them more vulnerable to overtures of fraudsters.

Overcoming the Challenges

FIs must take special care / increase the risk score levels for these patterns at the time of COVID-19.

Impersonation Fraud

Impersonation could be of an employee (usually a senior person which the target would defer to without asking too many questions). Fraudsters have plenty of time on their hands and gladly explore options for phishing via LinkedIn, Facebook and other social media. At the FI end, patterns must look out of funds transfers being made to new payees for the first time.

Similar Accounts / Payment IDs Fraud

Account names, UPI Ids, SWIFT Codes with names similar to published disaster relief account names, UPI Ids and SWIFT codes have mushroomed in the times of COVID-19 and unsuspecting good samaritans trying to help end up become victims. Text analytics services that allow for inexact / fuzzy / AI-based text matching algorithms should be useful in this scenario to track / trap fraudsters.

Government Schemes Fraud – akin to Lottery Fraud

From the PPP schemes in the US to India’s PMCares scheme, governments of most countries have devised new schemes and plans to help small businesses and senior citizens with their cashflow needs. However, fraudsters are taking advantage of potential beneficiaries’ gullibility and desperation to obtain assistance.

While fraudsters making physical inspection of houses in the guise of medical personnel cannot be controlled by an FI, an electronic transaction that has a lottery fraud like pattern (e.g. multiple small deposits for an “initiation fee” in a very short period followed by a large withdrawal or account closure) should be actively tracked to detect these kind of frauds.

Lower Volume Thresholds

Transaction volumes are already way lower than regular volumes of previous months or during the same time in previous years. Therefore, patterns that rely on volume need to be set to lower trigger thresholds.

Grey/Blacklisting of Fraud Initiating Accounts and Customers

Due to travel restrictions, it is not very easy to open new accounts at this time, thus fraudsters are likely to try out their frauds on various different targets with the same customer ids and accounts. Active greylisting / blacklisting of beneficiary accounts whenever frauds are detected is a must-have for preventing additional frauds by the same entity.

Link Analysis / Money Trail

Greylisted / blacklisted fraudsters may have multiple aliases but they can be detected using money trail or demographic linkage via link analysis AI applications. These must be leveraged to expand the coverage of blacklisted entities. This will be very effective because it’s very difficult to open new accounts / customers at this point in time.

Transactions where the Beneficiary is a new Account / Customer

Collusion / connivance during the lockdown phase can have a fraudster opening a new account or a new customer getting created. As these are fewer in number adding pattern detectors, where the beneficiary’s account or customer id is opened during the lockdown period, it will help curb employee-abetted fraud.

A black swan event like the Covid-19 pandemic requires not drastic, but certainly a different set of measures to detect and prevent fraud.
In a time of uncertainty, there is a high chance that customers can quickly lose confidence in the banking system at the slightest instance. The last straw can very well be an FIs inability to prevent fraud. This can potentially result in anything from switching to cash-only to panic buying to bank runs – eventualities that would have far greater consequences. So, it’s not just a fiduciary, but a social and moral responsibility of FIs to ensure that every possible step is taken to prevent fraud and retain customer confidence during this challenging time.


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


© Copyright nasscom. All Rights Reserved.