In the digital-first banking and retail era spawned by the pandemic, fraud has become overwhelmingly cyber-enabled. Leading drivers of losses for financial institutions (FIs) include identity theft, account hijacking, business email compromise (BEC) scams, and customer credential phishing.
This blog will cover the COVID-spawned fraud typologies that have caused recent challenges with anti-money laundering practices and highlight how financial organizations can embrace a FRAML approach via cloud-based regulatory technology (Regtech).
First Comes Fraud, Then Comes Money Laundering
The hyper-digitization of fraud, which the Treasury identified as the most considerable predicate offense for money laundering in 2018, has further transformed anti-money-laundering (AML) compliance. Moreover, novel illicit finance typologies have proliferated during the pandemic, leaving legacy suspicious transaction filters at many firms in the dust.
With scammers looting some $170 billion from government-sponsored COVID-19 relief programs in the US and American consumer fraud losses shooting up 70% to hit $5.8 billion last year, legacy silos place FIs at a disadvantage.
FRAML is the Compliance Zeitgeist of the Post-Pandemic Era
In this environment, regulatory announcements that factor fraud and AML have increased by more than 500% globally. This has led to 10-15% of bank personnel in compliance roles today.
The need for an integrated FRAML (fraud and AML) compliance paradigm has thus become essential. Regulators are increasingly alerting firms to this issue. These compliance silos have been the status quo because of the inherent operational polarities that divide anti-fraud and AML. The former is predicated on preventing theft in real-time before the FI gets robbed.
On the other hand, the AML model is comprised of identifying suspicious activity and accounts and reporting this information to the Financial Crimes Enforcement Network (FinCEN).
While a Chief Risk Officer typically heads fraud departments, AML divisions are overseen by a Chief Compliance Officer. And unlike fraud, there is no urgency for AML systems to stop illicit funds in transit unless the beneficiary is a sanctioned person or entity.
The overall push and pull between the prevention and detection mandates of these risk frameworks also guide the system's design underpinning their respective technologies.
Historically, this technological divergence has made integrating anti-fraud and AML functions prohibitively complicated, resource-intensive, and expensive. But there are some similarities in their operating models that can serve as a base for the transformation process.
The most notable feature anti-fraud and AML technologies have in common is their real-time detection capability. Increasingly powered by some form of rules and models, both compliance technologies are wired to help automatically flag and help investigators analyze transactions.
Over the last two years, the explosion of online banking, mobile payments, and cryptocurrency adoption has also accelerated the development of more agile and frictionless Know Your Customer (KYC) technologies that collect, verify, and approve customer account information in real-time.
This KYC innovation, which has made account-opening at Fintech and mobile banking platforms so rapid and frictionless, has also created a holistic framework for customer data collation in the cloud. Specifically, this shift has automated and collated identity verification, KYC, and anti-fraud checks into an integrated customer profile, readily transmissible via secure API feeds in real-time.
The upshot of this technological leap forward is that the effective implementation of a new FRAML compliance paradigm has become fully accessible and feasible for most FIs.
This digital shift has vastly expanded the AML attack surface. While the Treasury's 2018 National Money Laundering Risk Assessment identified fraud as the most significant predicate offense for money laundering, the agency's definition of fraud encompasses various fraud subcategories, including healthcare fraud and securities fraud.
These schemes are not as relevant to more cyber, stimulus, and crypto-related frauds that proliferated during the pandemic, though the enforcement of securities laws is starting to pick up in DeFi and NFTs.
Many pandemic fraud conspiracies, like stimulus schemes and romance fraud scams, were further propelled by decentralized money mule rings moving stolen proceeds with Venmo, Ca$hApp, and other instant payment channels.
Credit card frauds and account opening scams enabled by fake identities, specifically of the synthetic variety, have been particularly vexing for FIs. Synthetic ID fraud entails scammers using a combination of natural and phony personal information to create artificial personas that still manage to deceive onboarding filters at FIs, passing as real people.
In April, SentiLink, an anti-fraud vendor specializing in synthetic ID threats, said that this attack vector represents the fastest-growing type of identity scam, accounting for 85% of all ID fraud cases nationally. A 2020 estimate pegged synthetic ID fraud losses at $20 billion. At the same time, FIs have been bombarded with transactions linked to ransomware payments and business email compromise (BECs) scams. While ransomware attacks doubled last year, notching $620 million in identified payouts, an amount that crypto-compliance firm Chainalysis described as a low-ball estimate, BEC fraud siphoned at least $43 billion over the last six years, according to the FBI.
Laundering Fraud Earnings Through the System
To effectively move fraud proceeds through the banking system, masterminds behind these cyber-enabled scams often recruit large networks of money mules, exploiting their greed, pandemic-era financial desperation, or youthful naivete to move fraud proceeds on their behalf. An excellent example of this methodology is the Nigerian unemployment scam ring that defrauded US states out of at least $36 billion in 2020.
Instead of sending their money to an established brick-and-mortar bank, the network used emerging digital-only bank products like Ca$hApp and Greendot. Greendot is a depository channel for neobanks like Bluevine; an FI flagged at high-risk for Paycheck Protection Program (PPP) loan fraud. From these funnel accounts, the term used for drop accounts used in geographic locations that are distinct from where the beneficiary is domiciled, designated cash-out mules would withdraw large sums of cash from ATMs. They would then ship bricks of hard currency back to the ringleaders in Nigeria, according to the USA Today report.
Mules, many of whom are young adults or students and are increasingly being recruited on popular social media apps and online job boards, may assist fraudsters by surrendering complete access to their bank accounts or agreeing to receive funds for them in exchange for a small fee.
The emergence of sophisticated, Fintech-savvy Nigerian fraud rings highlights the growing transnational dimension of cyber-enabled financial crime. Beyond unemployment fraud, Nigerian groups like 'Silver Terrier' are also masters of BEC fraud.
According to cybersecurity firm Group IB, this crime group successfully compromised over 500,000 companies over the last three years. To obtain the credentials of victim accounts, the syndicate has leveraged various free malware tools and fake web domains to serve as command-and-control addresses for the malicious software. According to Group IB, the malware scraped victim authentication data from "browsers, email, and FTP clients."
After compromising victims' email addresses, the gang pushed out emails around the world in the regional language of their targets. Then, according to Group IB, it distributed malware "under the guise of purchasing orders, product inquiries, and even COVID-19 aid impersonating legitimate companies," according to Group IB. Investigators have not disclosed the total dollar amounts stolen by the group, but global authorities have captured 12 members of the Silver Terrier this year, including the fugitive leader of the Nigerian gang, last month.
The relative ease through which more sophisticated fraudsters can digitally hijack business accounts to transfer stolen funds again highlights an AML attack surface that has been vastly expanded by cyber-enabled fraud.
Similarly, according to industry tracker Nielson report, the credit card industry suffered $25.58 billion in losses in 2020. How credit card scammers obtain victim credentials are just as cyber-enabled as the Silver Terrier gang, sometimes even managing to control victims' online devices remotely.
A recent survey from the Association of Certified Fraud Examiners (ACFE) and consultants Grant Thornton also found that vendors' and sellers' cyber-enabled fraud and payment fraud are the most anticipated increase this year. In this threat landscape, investing in compliance transformation and integrating FRAML risk framework is essential to safeguarding FIs' bottom line.
The Urgency for FRAML Transformation
As American FIs and Fintechs deal with the onslaught of cyber-enabled wire fraud and increasingly flag customer accounts suspected of smurfing funds, barriers between fraud and AML only compound inefficiencies for compliance teams.
By transitioning to a FRAML model, FIs can cost-effectively integrate real-time fraud-decisioning via APIs in the cloud to prevent funds of heightened risk for theft from leaving hacked customer accounts and stop follow-on 'layering' transactions before they happen.
This framework preserves depository revenues and optimizes AML efficiencies, saving FIs time and money in the process. FRAML also enables FIs' AML teams to perform their usual OFAC scans when processing transactions while implementing real-time, AI-powered fraud detection to mitigate the risk of being another unwitting mule in the broader laundering chain.
Conceptually, the paradigm shift FRAML promises is an evolution from a retrospective AML compliance model to a preventative one, deploying AI to ensure that decisions about suspicious activity are as accurate as possible.
Embracing a predictive approach to AML enables dynamic transaction monitoring powered by AI, the agile updating of alerts, and a highly accurate alert-to-SAR conversion ratio. Armed with holistic KYC data feeds in the cloud, FIs can now make decisions about a transaction's fraud and AML risk score at a galactic scale that factors a customer's entire known digital fingerprint.
This assists in avoiding unnecessary friction for customers, who may have otherwise been flagged as a false positive in a less-evolved regtech era.
How Unit21 Helps with FRAML
A FRAML approach provides three key benefits:
- Cost savings through loss prevention and enhanced data-sharing efficiencies,
- Heightened visibility into evolving financial crime schemes, and
- The ability to discover novel suspicious typologies and actors while unlocking new detection capabilities.
Unit21's no-code, cloud-based solution removes the burden of costly transformation projects and engineering deployments for FIs seeking to create FRAML synergies.
This agile, end-to-end SaaS solution empowers compliance teams by integrating ID verification,
transaction monitoring, and case management with one-click SAR reporting to FinCEN in one system. Unit21's holistic design helps FIs enhance account data aggregation and analysis for better transaction insight.
This solution also provides management-level reporting and analytics to help compliance teams disentangle themselves from low-priority cases and focus on the most critical-risk issues.
Beyond accelerated no-code deployment and fluid data exchange, Unit21 also offers clients the perfect medium between customization and automation, with purpose-built rules and workflows that can be re-tuned and tested as needed.
Best of all, Unit21 is fully composable and integrates easily with other financial SaaS solutions.
With 70% of banks looking to establish FRAML synergies in the next three years, according to a BAE Systems study, Unit21 can help FIs keep up with the transformative compliance zeitgeist awakened by the pandemic. Get in touch to see the platform in action.