Financial institutions (FIs) were hit from both sides by cybercrime during the pandemic. On the one hand, business processes were disrupted by office closures and back-end IT systems and remote workers were targeted with information-stealing malware, ransomware and other serious cyber threats. On the other, customers were relentlessly targeted by fraudsters as the crisis forced many to try online shopping for the first time. Those same customers are now demanding that their banks do more to educate and protect them.
Unfortunately, recent BAE Systems Applied Intelligence research found a fifth (19 percent) of UK and US FIs weren’t confident in their ability to protect customers in 2020. For those prepared to take a more proactive approach to fraud prevention, there are potentially big wins ahead. Out of every crisis is born potential opportunity. And crises don’t come much bigger than Covid-19.
- Here's our rundown of the best identity theft companies out there
The world goes online
To better understand exactly how cybercrime and fraud affected the industry last year, we surveyed 902 FIs and 2,000 consumers in the US and UK. Unsurprisingly, the picture was one of surging e-commerce use among consumers. With high streets locked down, only 8 percent of respondents claimed they tried to avoid online stores. More importantly, these trends are set to outlast the pandemic. Over a third (36 percent) do all their shopping online now and trips to the virtual store have increased for 33 percent.
Yet where there is money and people, crime isn’t far behind. And digital commerce offers a wealth of opportunity for quick-witted fraudsters. Over a quarter (26 percent) of consumers surveyed said they’d bought something from a fraudulent site over the past year, and half (50 percent) have been victims of cybercrime or online fraud in the past. This chimes with other industry figures. UK Finance claims that fraud losses on UK-issued cards topped £574 million in 2020.
Backed by a cybercrime economy worth trillions, today’s fraudsters are ever more sophisticated, and FIs are increasingly stretched as they attempt to mitigate the impact of cyber attacks on back-end systems and customers. However, in spite of this, our research found that IT security, fraud and risk funding had been slashed by 26 percent on average by FIs during the pandemic. In parallel, over a third of banks warned that budget cuts could lead to the loss of key staff members. So, with tighter financial and people resources, coupled with the relentless, continued wave of fraud, where should banks be focusing their efforts and what should they be prioritizing?
Opportunity is here
Despite these financial headwinds, new opportunities are emerging for FIs to differentiate on the quality of fraud prevention and outreach they can provide to customers. Part of this seems to stem from increased awareness levels among consumers impacted by surging fraud levels during the pandemic. Almost three-quarters (72 percent) said they’ve noticed an increase in malicious activity over the past 12 months and around a quarter (23 percent) are now more concerned about cybercrime than they are physical crime.
The result? Over half (53 percent) of consumers now think it’s the job of FIs to protect them from cybercrime — more so than the government (47 percent), the police (34 percent) or even themselves (40 percent). A majority also want more transparency from their banks about the risks they face online, as well as guidance and educational content. Over 80 percent claimed they now consider how proactively FIs address cyber protection when changing providers.
- Keep your organization safe with the best business antivirus solutions right now
The new battle for hearts and minds
Banks can start to capitalize on these emerging trends with outreach programs and enhanced customer education, of course. But they must back this up with improved protection to stop fraudulent transactions in their tracks. That may require a refresh of existing solutions.
Static rules-based approaches to fraud prevention are increasingly incapable of keeping pace with the complexity and speed of modern fraud patterns. Many either add too much friction to the customer journey or allow false negatives to sneak through, both of which can have major financial and reputational implications.
On the other hand, predictive analytics and machine learning systems monitor for suspicious behavior and can be continually optimized to evolve as fraud patterns evolve. They crunch huge volumes of structured and unstructured data to provide a 360-degree view of each customer, from which more accurate judgments can be made about the risk posed by each transaction. Only those deemed high risk need to be escalated for manual review or additional authentication, which keeps customer friction low. This kind of intelligent risk-based approach will put banks in pole position when delayed strong customer authentication (SCA) rules that have been further delayed until March 14th 2022, as part of the new rules under the second payment service directive (PSD2).
Further advantages come with self-service capabilities, allowing in-house staff to fine-tune detection models for greater agility, and cloud-based deployment to support today’s distributed workforce and accelerate the roll-out of new capabilities. Continuous monitoring and automation of transaction blocking, incident assignment and reporting take the pressure off stretched internal teams and helps to streamline operations. This can also help to lower total cost of ownership, as can platforms that combine fraud prevention with anti-money laundering (AML) compliance features.
Over three-quarters (77 percent) of FIs surveyed were worried about the continued rise of cybersecurity and fraud threats over the course of this year. By channeling these concerns into a proactive overhaul of existing cybercrime strategy, there’s a great opportunity to differentiate by meeting the demands of a new generation of fraud-aware customers.
- These are the best accounting software right now
Simon Viney, Cyber Security Financial Services Sector Lead, BAE Systems Applied Intelligence