Data in motion can assist fraud detection, anti money laundering

Data in motion can assist fraud detection, anti money laundering

Fraud is, regrettably, on the rise. UAE authorities seized $691 million in assets and confiscated assets worth $596 million in the 12 months to the end of July 2022 as part of a renewed push in anti-money-laundering, AML and countering the financing of terrorism, CFT. This is a phenomenal leap forward from the five-year period from 2013 to 2018, when reported recoveries stood at an annual average of $25 million.

But we must also recognise that much of the surge in recovery was due to a spike in criminal activity during the pandemic, when fraudsters saw their opening and took it at scale. According to one report, two in every five UAE consumers experienced attempts to defraud them online during this period.

Things have not improved. The emergence of the hybrid office, new ways of banking, shared devices, the rise of crypto, and a smorgasbord of other factors have meant that the mega-dirham investments in protections are simply not enough to stop all fraud. It is only now that we are starting to treat the modern financial criminal as anything more than a lone opportunist.

Fred Crehan, Area Vice President, Emerging Markets at Confluent

Only now have we begun to realise that fraud is an industry. It has different organisations with different specialisms that partner up to hijack, steal, and ransom. And if the BFSI sector is to stand against them, it will need stronger arrows in its quiver.

Fraudsters are adaptable. They take to new technology like ducks to water. Entire underground sub industries supply them with cloud services, machine-learning models and mass-communication systems that threaten even the largest global brands. They employ social engineering to trick victims into disclosing sensitive information that allows gangs to dodge security measures. There is a new popular saying in cybersecurity: They do not hack in; they log in.

Legacy challenges

So, what is the solution? The UAE banking sector is a leader in service innovation, from chatbots to e-branches. We cannot stop this train. Nor would we want to. It adds immeasurable value for customers. This leaves intervention and defence, but we already know that point solutions do not, in isolation, meet the standard needed to eradicate fraud. We have been down that road and seen for ourselves that fraud is alive and well.

Collaboration would help, but often we find information silos even within a single organisation, so to inspire industry-wide unity would be challenging at best. Nonetheless, partnerships and collaboration have the most promise. The criminals themselves have shown us the value of working together. We must have open lines of communication between all stakeholders. And we must initiate a shift to proactive tackling of fraud rather than waiting for the criminal to make off with the funds before opening an investigation.

Silos prevent contextual analysis. Legacy infrastructure and territorial habits among departments conspire to create a situation where the organisation may be in possession of all the pieces of the puzzle but cannot assemble them into a picture. Any investigation conducted by automated means will only be as effective as the data it can access. If a fraudster can slip under the radar simply by spreading their activity among entities that do not communicate with one another, then it is hard to see how they could ever be brought to book.

Data in motion

Investigators, human or machine, must be able to pick up on discrepancies like a transaction originating at an unusual time in an out-of-the-ordinary location. These datapoints may not give enough of a picture on their own, but when combined with the presence of a new recipient and a recent password change, they might indicate activity worthy of a red flag. Context is everything.

In BFSI uses cases, data is often not available in real time because of regulations or common practices surrounding transactions. When it does become available, it will be in different formats from different data sources. This calls for more collaboration between data custodians so that evidence can be aggregated and analysed cohesively as it becomes available.

We must move from a transaction-centric, data-at-rest processing model to a data-streaming architecture that can support a real-time, event-driven approach powered by AI that gets smarter the more cases it investigates. Otherwise, we are condemned to be forever investigating fraud after the fact.

Every bank, every clearing house, every crypto exchange, every organisation with skin in the AML, CFT game must build a proactive system capable of detecting anomalies in real time and empowering preventative actions up to and including the blocking of a transaction. This requires rich data gained through continuous collaboration, leading to contextual views of a stakeholder’s domain. Sophisticated machine-learning models must be available to assign useful threat scores to anomalous activity. Timely supply of data that allows all of this will ensure that AML compliance officers and fraud investigators can efficiently decide where to concentrate their efforts.

FSI entities are currently finding it difficult to keep pace with criminals, never mind remain one step ahead. As fraudsters up their game, those that would stand against them must stop bringing feather dusters to the swordfight. We must routinely get to know not just the basic data of the transaction but the full circumstances behind it, customer location, devices, software, travel patterns, recipients, social network, associated parties, be they friends or bad actors, favourite shopping haunts, and active subscriptions.

The data is out there. But if it is not all available at the right time in the right context, then the fraudster slips through our fingers yet again. And given the potential costs to the system, we can ill-afford such repeated escapes.

Click below to share this article

Browse our latest issue

Intelligent Tech Channels

View Magazine Archive