Martin Rehak, CEO of Resistant AI, explains why combining AI and the human touch is the only way to successfully fight financial crime.
In 2020, an estimated £1.26 billion was lost to fraud in the UK. In the last 13 months, a staggering 449,687 incidents of fraud were reported to the National Fraud and Cyber Crime Reporting centre. It’s clear that the domestic financial services industry has a huge problem – and current strategies to mitigate it are not working.
The financial industry in the UK has, like all industries, seen a huge acceleration in digital transformation over the past two years. The pandemic forcibly increased the pace of the transition to all manner of digital interactions, including online banking. At the same time, Brexit has allowed for greater regulatory freedoms in the UK – bringing with it increased risk.
The attack methods used by fraudsters within the fintech and financial services are becoming ever more complex. New threats are emerging with greater frequency, such as account takeover, where criminals gain access to a user’s account credentials to make unauthorised payments. One of the most common types of fraud in 2021 was authorised push payment (APP), where genuine users are tricked into authorising a payment into an account controlled by a criminal.
Such activity looks genuine to the bank and is quite difficult to combat. Another increasingly popular and hard to detect method is the blending of real stolen personal data with fictitious elements, in order to create a new identity, which can then be used to apply for credit, loans, insurance and more. Criminals creating false identities will often play a long game and may spend months or even years building a seemingly legitimate credit history, making it even harder to distinguish between genuine and fraudulent customers.
With ever more innovative methods of fraud, businesses must try to keep pace with the fraudsters and establish robust measures to keep themselves and their customers safe. In the first half of 2021, £753.9mn GBP was stolen through fraud in the UK. As well as the financial loss, businesses also risk reputational damage and can face fines if they breach anti-money laundering and other such regulations.
The industry is aware it can be difficult to fight fraud whilst balancing customer needs. For example, within the onboarding process businesses aim to make the approach as seamless as possible so as not to put off potential customers. However, this can leave them vulnerable to fraudulent behaviour, as it may come with a reduction in security. If this happens, there is a great chance of reducing customer trust which is something to avoid in a competitive market.
Fighting Fraud With AI
It is crucial that fintech and banks work proactively to address the threat posed by fraudsters and ideally keep one step ahead of them. Traditional responses to fraud detection rely heavily on human intervention. These often involve human analyst teams scanning a vast number of events or applications – many of them perfectly legitimate. This can leave staff overwhelmed and unable to devote significant time to any individual case, often leading to increased false positives; another mistake in the quest to ensure customer retention. By contrast, cybercriminals are frequently able to work on a huge scale which puts the other side at a distinct disadvantage in this cat and mouse game.
To address this problem, many organisations have introduced machine learning (ML) and artificial intelligence (AI) tools, which can monitor and identify fraudulent patterns of activity. These tools offer a much stronger defence by forensically examining customer behaviour during both the identify and verification stage, as well as once transactions start to take place. They can process huge amounts of data in far less time, continuously assessing patterns and building models capable of adjusting rapidly to new fraud methods.
AI uses multiple complex algorithms to detect weak patterns that a human might miss. These will involve suspicious behaviour or anomalies which point to fraudulent activity. Such anomalies might relate to geo-locations, device characteristics, internet providers, suspicious spikes in activity or unusual switching between accounts.
These can then be flagged for a human analyst team for further investigation, whilst the vast majority of genuine operations are processed automatically. The ‘at speed’ nature of AI means these patterns can be spotted in real-time, often before an attack takes place. It can also detect unusual behaviours that might be indicative of a never-seen-before path of financial crime, making it an invaluable tool in the ongoing battle against criminals.
At the same time as banks and fintech companies are realising the strength of AI and ML against fraud, the cybercriminals themselves are also exploiting the benefits such technology offers their operations. Financial services companies should therefore go one step further by adopting sophisticated state-of-the-art document and customer behaviour forensics to uncover synthetic identities, account takeovers, money laundering and other emerging types of financial fraud.
The human element
Investing in AI systems does not mean relying on them completely, there is always a need for the human touch as well. Even with automated fraud detection, largely based on simple rules, human resource is required to implement and maintain such defences. These technologies are not infallible and cannot account for the entire spectrum of human behaviours. Their strength is their ability to accurately flag suspicious behaviour for further human analysis.
This means that analyst teams have far fewer alerts to work through and can dedicate more time to genuine anomalies that are likely to reflect the fraudulent activity. They will receive a complete view of transactions with historical data, real-time analytics and insight. False alerts will be significantly reduced and all confirmed threats can be assessed and appropriate actions put in place to block and deter further fraudulent attacks from those third parties.
- Looking Ahead: 2022 FinTech Predictions and Reflections
- Zilch and Mastercard announce expanded partnership to launch Zilch BNPL card across Europe
- The importance and growth of banking ecosystems
- Is AI taking quality and cost optimization of enterprise services to the next level?
The importance of automation is that it narrows the focus of the investigation, making more effective use of analysts. There is no doubt that financial crime is here to stay and is becoming a sub-set to the entire field of cybercrime. The industry must therefore utilise new technologies and methods to mitigate the risk as criminals become ever more sophisticated. By replacing traditional countermeasures with a combination of sophisticated forensic tools and human experience and expertise, the industry’s ability to fight the threat is greatly improved. Human analysts remain key, but AI allows them to do their work much more effectively.