Fraud is a global problem estimated to cost £3 trillion a year – that’s approximately £450 for every man, woman and child on the planet. Everyone is vulnerable, no matter where they live or what they do – and we are all worse off for it.
The fraudsters come in all shapes and sizes, from international cyber-gangs to the lone worker at a bank. What is common to all regions is that the criminals are adept at looking for and taking advantage of opportunity. As soon as fraud-mitigation steps take effect in one area they find another.
This summer, NetGuardians looked at fraud around the world to try to find regional characteristics that could help those trying to fight it. The result is a series of three incisive reports focusing on Africa, Asia and Europe.
Written by our risk and fraud specialists – who drew on their own first-hand experiences – the pieces examine the contextual landscape, the prevalent types of fraud and how the battle is playing out. What we found are huge regional differences, where the size and style of opportunity varies according to culture, public awareness and legislation. We also found common problems.
The rapid adoption of mobile phones and mobile banking across Africa and Asia has been a boon for fraudsters. Not only did it open up a whole new banking channel to corrupt, but the speed at which banks rolled out their services was often faster than they could secure their networks and offers.
The opportunity has been made all the greater by the fact that there has been so little time to educate the public on safe mobile-banking practices. This has left them vulnerable to phishing exercises as well as SIM switching and ID theft.
While organized crime is heavily involved in fraud in all three regions, its modus operandi takes into account the social, structural and legal landscape in which each gang operates.
In Europe, for example, gangs have industrialized their operations, creating tools to help access bank accounts via phishing exercises or device takeover. They also focus on invoice fraud and on contactless payments, a relatively new method of paying that many service providers have yet to secure effectively.
In Asia, their focus is mobile-phone fraud thanks to the enormous popularity of m-banking, payment apps and the general public’s lack of awareness of how to protect itself. The scale is incredible, with estimates suggesting that 72 percent of Vietnam’s smartphones are infected with malware or viruses harvesting information that helps fraudsters to steal money.
In Africa, gangs exploit the want of a well-developed anti-fraud culture to expand beyond mobile-phone and card fraud to recruit staff either working at or recently made redundant from banks. Exploiting the poor economic state of many African countries, they will pay for inside information such as IP addresses, but will also reward staff to cover up or participate in fraud.
But internal fraud isn’t limited to organized crime. In every region, financial institutions suffer from staff acting alone.
In Europe, the problem for private banks often lies with relationship managers who exploit their knowledge of the bank’s processes as well as of customers to steal millions, often over a number of years.
In Asia, the lack of systematic anti-fraud systems has left the region’s financial institutions with the lowest trust scores globally. It’s a similar story in Africa, where poor management oversight has almost created an open field for anyone wanting to defraud a bank from the inside. They know they are highly unlikely to get caught.
In Africa, corruption is a huge problem. Many countries’ economies are struggling, pushing up unemployment, even among graduates. This leaves the population open to temptation – and approaches from third parties, including organized crime.
It’s not just current and former bank staff that can be corrupted. Members of the law-enforcement agencies are also paid by criminals to hamper investigations, turn a blind eye and stop cases from coming to court. The upshot? The criminals carry on, aware that the risks are low.
The challenge is different in Asia, where corruption is seen by 63 percent of the population as widespread. Here, rather than stemming from organized crime, corruption is often tolerated by management who are under intense internal pressures to meet targets. Nearly one-in-two people said their senior management would turn a blind eye to bribery, for example, to achieve revenue targets.
In every region, those successfully fighting fraud are using technology that includes machine learning, Big Data and artificial intelligence to stay at least one step ahead. No longer just buzzwords, these technologies are proving effective by building up a detailed picture of acceptable transactions in every region. They are capable of spotting new types of fraud as they emerge, making it easier to identify all kinds of suspicious behavior – internal and external – across entire banking systems.
When used in tandem with other anti-fraud measures, systems using machine learning, for example, have been shown to be five times more accurate than those that don’t.
Fraudsters are opportunistic and innovative, able to quickly take advantage of what is often a patchy response to mitigation. When traditional controls do work, the criminals simply move their focus and resources to a new type of fraud or target a different region.
The application of modern technology along with traditional anti-fraud controls is the most effective way of stopping the criminals. It not only spots established frauds but also new types of activity and is not reliant on management oversight. This makes its protection holistic and constant. When accompanied by investment in law enforcement, training and public education to develop a widespread anti-fraud culture, it puts fraudsters on the ropes. And this makes us all better off.