Fintech startups aim to disrupt current practices and to do it fast. The emerging business model requires product managers find a buyer need, put out a minimum viable product, and iterate change in response to customer use.
However, all this innovation—especially with entrepreneurs who have more tech savvy than experience in financial services—opens opportunities to defraud. Knowing what to look for can help investors and operations managers properly identify risk and reduce the vulnerability to financial crimes.
One enormous change in modern financial services is that clients can open accounts and send money without ever having met an adviser face to face. ClearVest CCO Sara Malak of New York City loses sleep over how her firm can be sure it’s dealing with who it thinks it’s dealing with. ClearVest, a platform that provides independent advisers with access to alternatives and commodity managers, facilitates manager choice and online enrollment to enable client onboarding.
Though its client advisers do have personal relationships with clients, ClearVest has an electronic-only relationship with the investor. Despite this, the platform has a fiduciary responsibility to investors: It must comply with know-your-customer and anti-money-laundering (AML) regulations and protect itself from false identities.
While ClearVest has brought advanced technology to the onboarding process, the process isn’t finished until human and machine insights are combined to determine whether the funds coming in and going out belong to the person whose name is on the account. Even after all the checks—making sure the IP address and signature matches the user, and the bank account information is consistent—ClearVest may still need to flag certain situations. “Say a form comes in with the name Imelda Marcos,” says Malak. “The machine is not smart enough to recognise if it’s a different person with the same name as the famed leader or an intent to defraud. But sometimes the machine just does better because it finds information quicker.”
Identity fraud is made easier by the amount of personal data we post online every day. Even seemingly benign sources are vulnerable. Consider the fate of the 600,000 people who had work history, social security numbers, photo IDs, and contact information listed at joblink.alabama.gov. After the site was hacked, the follow-up analysis was unable to determine how much and whose information may have been exposed. Events such as this increase the risk of fraudulent transactions being introduced to investment companies and other financial institutions. As a result, online banks must go through their identity check procedures thousands of times a day.
Cross-border differences in regulations and cultural mores add opportunities for absconding with other people’s money. Jan Beranek, principal of Beranek Consulting Group, a P2P fintech/marketplace-lending consulting firm in San Francisco, previously served as director of operations, risk management, and quality assurance at leading online lender Lending Club, where he implemented the organisation’s quality control function.
He now leverages his knowledge and experience to consult for global fintech providers and sees gaps available for exploitation. He points out that online lending is slow to take off in Europe, where people still have traditional relationships with banks. In the US, online lending took root because individuals can’t get loans from banks anymore; in the EU, the market is small (and thus competitive), regulation is not consistent across countries, and there’s no credit bureau.
China, in contrast, is a huge market, and many Chinese citizens’ first computer was a cell phone. With almost no banking infrastructure and even less access to financial services for individuals, China’s consumer financial services market has been captured by such mobile apps as WeChat and Alibaba. Each app performs multiple functions for users: WeChat, for example, can make online payments, is linked to a bank account into which paychecks are directly deposited, and is integrated with Bloomberg Tradebook, Yelp, LinkedIn, PayPal, and ticket and hotel purchases. Compared with the US, there are many more opportunities—and many more threats. “In China, they offer an app, and everything is mobile, including the process of opening the account,” says Beranek.
This mobile-only relationship with money transfers and transactions combined with card-not-present credit purchases keeps those charged with preventing fraud extremely busy. According to online fraud-protection company iovation, in July 2013, roughly 25 per cent of its monitored transactions among subscribers in the financial services industry originated from a mobile device; in 2016, mobile traffic represented nearly 42 per cent of all transactions. Based on these statistics and the incumbent risks associated with card-not-present transactions, iovation predicts that US retailers and financial institutions will lose $7.2 billion due to fraud by the end of 2020.
As part of the ongoing movement to inhibit and prevent fraud, an entirely new industry has sprung up. Regulation technology (regtech) addresses problems from cybersecurity to identity verification to banking and securities regulations.
Artificial intelligence and machine-learning applications are also coming to the rescue. Mindbridge allows users to upload their data and run an application to quickly detect problem patterns and anomalies. Croudify applies machine learning to credit modeling, applying a neural network to the data and flagging whether the applicant is lying and thereby speeding up the process of identity verification. “This fraud detection is a big asset to managers that do a lot of loans,” says Agarwal. “We’re building a platform that lets risk management become an asset for the credit side.”
Faster identity verification lets lenders do more business, and accurate data opens another opportunity. Croudify expects to offer ratings on individual loans that allow investors to do an apples-to-apples comparison. The ratings also help investors know how to weight loans in a portfolio. These tech-enabled services solve some of the problems that new fintech companies have. “We’re working with the new platforms to develop ecosystems,” says Agarwal. “We hope that by working with us, they’ll grow assets faster, from the tens of billions to the hundreds of billions.”
ClearVest is developing a completely different approach to fraud prevention, packaging the security work it does into content that can be learned and applied by others. “We see the need with colleagues and vendors to have a kind of academy to advise on these things,” says ClearVest’s co-founder Peter Murrugarra. “We’re thinking there’s even a need for a certification that people could pass to prove they know what they’re doing.”
Cynthia Harrington, CFA, is principal at Cynthia Harrington & Associates, a Los Angeles-based firm that provides executive coaching for investment professionals.
A longer version of this article is available from CFA Institute Magazine.