We’ve known for a while that fraudsters have taken advantage of the Covid-19 pandemic to steal from Australians and Australian banks. Last month, we got to see the true scale of the problem.
According to the Australian Banking Association, more than A$175 million was lost to fraudsters through scams in 2020, and the situation deteriorated further at the start of 2021. In the first two months of the new year, fraudsters stole nearly A$43 million worth, putting the total for the year on track to hit more than a quarter of a billion dollars if nothing changes.
Among the sadly all-too-common dating and investment scams were new ones that take advantage of people’s vulnerability caused by the pandemic. For the first time, the fraudsters have impersonated the Australian Taxation Office and posed as government bodies conducting Covid-19 contact tracing to get hold of information that helps them access bank accounts, for example. In the current difficult economic climate, we also expect to see a rise in internal bank fraud as staff, forced to work from home out of colleagues’ sight, are tempted to break the law – although there are no numbers for this yet as they typically only come to light in 12-18 months after the event.
The sad truth is that these losses are avoidable and banks could be doing more to prevent them. Not only does the stolen money fund other criminal activity, but the losses erode profitability and trust, further weakening a sector that is already suffering the effects of Covid-19.
Last year, aggregate cash profit of the four major banks fell by 36.6 percent thanks to increased competition from non-banks, the continuing low-interest environment, high loan-loss provisions, and the sale of their insurance and wealth management businesses. This year, growth and profitability are expected to be down further.
Fraud is an area where banks can efficiently and effectively act to prevent losses, protecting themselves, their shareholders, and their customers.
Raising awareness of a growing issue
Fraud happens in Australia because fraudsters can easily get away with it. We’ve heard industry insiders attribute its recent rise to a number of factors. These include carelessness on the part of customers – passwords regularly kept in contact lists on mobile phones, for example – perhaps exacerbated by banks’ willingness to absorb the losses and reimburse customers. In addition, many bank processes remain manual, increasing risk. Furthermore, lockdowns and social-distancing measures mean more people are using remote banking services and online shopping. This has dramatically increased the attack surface upon which fraudsters can work.
But it’s not just the banks. The regulatory environment is guidance-based and doesn’t always follow best practice adopted elsewhere. In Singapore, for example, MAS advocates the real-time use of behavior analytics and machine learning algorithms to establish a baseline of normal behavior against which suspicious or anomalous transactions can be compared. This has yet to be adopted by the watchdog in Australia. At the same time, banks are failing to incentivize their own staff to stop fraud.
While there doesn’t appear to be any imminent change in regulations, the truth is that both banks and the public need to be more alert to the risk of fraud – even as the pandemic recedes. The Australian Banking Association has launched a campaign to raise awareness, highlighting the scale of the problem and providing links to websites that set out how to recognize, avoid and report scams. The message is starting to hit home. Within months of the pandemic starting in March/April, we saw a jump in inquiries about how to address fraud, and it is now commonplace for banks to protect themselves from insider fraud with user session time-outs and by analyzing browser histories to profile transaction patterns and scenarios.
This shift is welcome. But there is still a long way to go. We’re finding that banks will ask for advice but try to execute changes or even develop solutions on their own. The problem with this is that successful fraud mitigation and prevention is a complex challenge that demands experience. A specialist provider with a track record of working with many banks has far more experience than a single bank can accumulate and so will provide better insight.
A smart solution
Greater process automation is part of the answer, but banks must also work together in a market utility approach – one where collaboration brings greater benefits than working solo. Artificial intelligence works by learning from data. The more data it receives, the better it learns. Using AI-powered software and sharing relevant transaction data, where permissible, banks will swiftly learn about customer behavior, allowing them to distinguish between high-risk, anomalous transactions and low-risk ones. And with the ability to leverage many data sources, AI can help build preventative measures that will protect the bank ahead of attacks.
Solutions such as those from NetGuardians provide this analysis in real time. This means banks can stop high-risk transactions before funds leave the account. They have a Collective Intelligence service where client banks can use NetGuardians’ community data to further enhance their fraud prevention. They also have a good track record of cutting the number of false alerts, helping reduce investigation time and costs, while their managed learning ability means they can spot new frauds. But just as importantly, the success rate provides an excellent customer experience – blocking only frauds and not bona fide transactions – helping to build loyalty.
To protect and create wealth, rather than see it syphoned off by criminals, banks must do two things: deploy AI-driven anti-fraud solutions and educate the public. In each case, we have the tools and programs to help. In a year, when analysts expect Australian banks’ profits to fall further, installing them seems like an easy win.