Financial crime, fraud and hacking soared during the pandemic as criminals took advantage of behavioural changes during three strict lockdowns. In fact, fraud and cybercrime jumped by nearly a third in the last twelve months.
Time for City A.M. to catch up with financial crime guru Richard Wood, a former Morgan Stanley fraud manager who became CEO of economic crime solution provider Synectics Solutions in January of last year.
For the last 30 years, the company has been working to prevent financial crime, fraud and money laundering and helps clients such as the Cabinet Office, a range of City banks and telecom providers to increase customer identification and financial inclusion.
What is the scale of fraud and financial crime in the UK and how does it affect businesses and consumers?
Fraud is big business. It’s estimated that UK losses to fraud amount to £52bn each year. On the flip side of that, it’s thought that twice that amount is prevented because of the way that UK businesses have focused on fraud and risk management.
The truth is that we’re all indirectly impacted by fraud and financial crime on a daily basis. When you’re applying for insurance, for example, a good portion of the premium is actually the provider recouping losses from fraudulent claims. The same practices are applied across the banking and finance industry – losses need to be recouped and that means hitting the pockets of everyone.
So how can this happen?
Although Brits are pretty well educated on fraud and financial crime, people seriously underestimate their chances of falling victim to it. We’ve seen the effects of that over the last 18 months, with increasing numbers of people falling victim to authorised push payment fraud scams, or being recruited as money mules over social media.
Trust and confidence are incredibly important to the success of our financial sector.
Ultimately, there is a personal and individual impact, as well as the significant monetary impact that we all experience through higher premiums, or high interest rates on our loans. Mitigating the growth of fraud and financial crime is a complex challenge that we must collectively address.
What sectors are most susceptible to fraud?
Fraud transcends sectors, from misapplied social tariffs within the utility sector and overstated insurance claims, through to serious and organised fraud involving criminal networks that operate across countries. It’s pervasive and affects everyone.
The spectrum of fraudulent activity, from opportunistic to highly organised, will naturally target industry sectors perceived to be the most vulnerable to attack or with the weakest defences. As one sector improves its mitigation measures, fraudulent activity will evolve in terms of the attack vector used or displace to another sector.
This is why it’s absolutely essential that private and public organisations come together to collaborate and share best practice, data and intelligence to achieve the common goal of fighting it.
It seems Covid and fraud are partners in crime?
The pandemic accelerated trends we’d already started to see, with increasing adoption of digitalised platforms for customer engagement. In part, this was responsible for a change in fraudster modus operandi, which increasingly targeted the digital space. Phishing emails, smishing, that is SMS phishing, and other social engineering techniques became more prevalent.
We also saw fraudsters “regress” back to old MOs. In the vehicle insurance world, for example, we saw an increase in the number of claims, despite lower vehicle volumes on the road, demonstrating a move back to ‘crash for cash’ schemes.
Arguably the biggest impact can be felt in the number of people falling into the “vulnerable” category, as a result of the economic stress that Covid has caused.
Those who are now without jobs, or have been put on furlough, might find themselves more susceptible to fraud, or being influenced by financial criminals, particularly if they’re under financial duress.
What role does data play in identifying and disrupting fraud and financial crime?
The role data plays in fighting financial crime is critical. The Darwinian approach adopted by financial criminals is often multiple steps ahead of the industry, adapting, evolving and changing as our own behaviours and habits develop. The transition away from the high street bank branch to using digital only accounts is a great example of this and, particularly, demonstrates the centrality of the role data plays. Most financial services are provisioned without seeing the end consumer.
Using advanced technology, such as the latest predictive analytics, combined with shared intelligence, is one of our few robust defences that allows us to mitigate this criminal activity. The data footprints left behind can be excellent predictors for training our data models to identify future fraudulent behaviour. We can filter out potentially bad customers who are blocked and marked for further investigation, while fast-tracking the 99 per cent that are good customers, removing friction from their interactions with, for example, banks and insurers.
So a combination of tech and data?
Almost any interaction within financial services can benefit from the use of data to reduce these risks, harnessing the power of data to drive meaningful insights at any point in a customer’s journey.
Yet the size of this challenge to prevent economic crime still remains huge and is estimated to cost the UK £37bn a year.
And that figure is set to increase as a result of the pandemic. Quite simply, data is one of the few effective weapons we have to effectively fight it, and its real value is unleashed when we pool our data resources together with the latest technology.
You told me earlier that sharing data amongst public and private sector organisations is incredibly important. Why?
As alluded to above, economic criminals are often highly intelligent and adept at circumventing many control systems that our financial services industry deploys. Collaboration is key to addressing this challenge, where the data assets shared amongst public and private organisations are collectively much more capable at mitigating many of the attack vectors we encounter.
Whilst this collaboration naturally makes life much more difficult for the fraudster, genuine customers benefit significantly in terms of more accurate decisions, faster onboarding journeys and improved interactions and response times from service providers.
The government’s Economic Crime Plan specifically highlights collaboration as a key driver for fraud and financial crime defences. How important is collaboration in your opinion? And how can organisations collaborate with one another in a post-GDPR world?
The fraud problem is far too big to be solved by any individual organisation acting on their own. We know the answer to the fraud problem is undoubtedly in syndicating data and sharing intelligence – across sectors. Without this, organisations continue to operate in siloes reducing the efficacy of our collaborative efforts.
Collaboration is what underpins all activities to prevent fraud and organised financial crime.
GDPR is a significant benefit, ensuring robust controls and governance, providing trust across industries and helping to ensure every organisation is focused on treating their genuine customers fairly.
You said that capturing, interpreting, and using data is key to informing key strategic decisions. From that data, what trends are emerging across specific financial services sectors, such as banking and insurance?
The growth in digital onboarding across the banking sector has illustrated the need for companies to include the right levels of due diligence pre-application. The most topical example of this is BBLs, where the tight time-scale and pressures led to some banks having significant exposure to organised crime gangs seeking to exploit their loan application processes. The National Audit Office has already estimated losses of between £15bn to £26bn and hasn’t ruled out increasing this number.
In some cases, the suspected fraud exposure in the loan portfolio is an order of magnitude higher than what would normally be expected.
The Civil Liabilities Act, aka ‘Whiplash reforms’, which came into force in May, seems to be unrelated to fraud on the face of it, but we’ve seen a tangible change in personal injury claims since its introduction. The reforms mean that PI claims can no longer be settled without medical evidence and a fixed tariff for injuries has been introduced, so the commercial appeal of claiming for whiplash has greatly diminished. Instead, we’re seeing PI claims presented for lower back, legs, arms, hands and even psychological injuries which are not covered in the Act and therefore excluded from the fixed tariff.
We’re also seeing the “crash for cash” scams are more focused on prestige brands and much newer vehicles (under three years old) versus the older low-value vehicles used in years gone by, so that fraudsters can achieve total loss pay-outs from vehicle insurers but also GAP insurers too.
Finally, how important do you consider fraud prevention to be in the scale of an organisation’s priorities? Is fraud just a cost of doing business, or are there underlying risks associated with fraud?
Fraud prevention is more than a cost imperative, it’s a moral and regulatory imperative too. For this reason, it does feature very highly in the scale of most organisations’ priorities. Consumers want to know that their accounts are screened against account takeover fraud, that their identities are not being fraudulently used to open other accounts, and that their friends and family are protected from criminal gangs targeting them to facilitate transactions or engage in money laundering.