If you work in the rapidly growing, $67-billion-dollar neobanking industry, you’re probably no stranger to the concept of fraud.
In 2020 alone, nearly 3000 fraud-related complaints were made against two of the top neobanks. And rates of fraud in neobanking are almost double that of credit card companies—averaging a fraud rate of 0.30% versus the historical average of 0.15%.
With neobank statistics like that, one could argue the future of neobanking lies not in achieving growth but in conquering fraud.
To better understand why neobanks need to focus on fraud prevention, we’ll dive into the current state of online fraud and its effect on the neobanking industry:
Before we cover the best strategies for fighting neobank fraud, let’s discuss the reasons why neobanks need to prioritize fraud prevention.
The push for neobanks to combat fraud isn’t just out of self-preservation.
More and more scrutiny is being paid to the compliance measures challenger banks take to ensure criminal enterprises aren’t their primary customers—and facing hefty fines when their practices fail to meet the minimum regulatory requirements.
Neobanks should, ideally, solve the financial wellness problems of an increasingly gig-based, remote economy—not become a lawless playground for financial crime. Pressure was applied to that end in early 2022 when PayPal was forced to disclose that it had 4.5 million fake accounts on its network.
This comes after they lost $6 million to fraud in 2020 alone.
Combine that with the revelation that other challenger banks in Europe are facing fines up to €4.5 million or being dropped by prominent vendors for not doing enough to prevent fraud, and the incentive to better protect against suspicious activity is definitely there.
The state of fraud is ever-changing, especially in the Fintech industry. Many of the prevention measures used by traditional banks are outdated - at least within the digital landscape. Fraud specialists can’t keep challenger banks safe using traditional methods and instead must prioritize measures that apply to the current digital climate.
That being said, neobanks do still need to be prepared to prevent traditional fraud like check deposit fraud; it's just carried out slightly differently online.
As a starting point, here are some of the ways that fraud is changing as challenger banks continue to grow:
- Heightened fraud attacks are the new normal with data breaches and identity theft on the rise.
- Bad actors target challenger banks as a seemingly fast and anonymous way to commit fraud.
- Fraudsters have repopularized check fraud, using the quick transaction processing found with challenger banks.
- Challenger banks with high rates of fraud and false positives saw losses to their revenue, reputation, and customer base.
- Balancing business growth with security measures is now the main priority for challenger banks.
- Challenger banks are legally required to meet new and updated KYC and AML regulations.
- Innovative prevention measures are needed to help meet regulations, including those that use automation.
- Data-driven decisions are now a crucial part of fraud mitigation as a way to detect fraud and reduce false-positive rates.
- Customized, personalized user experiences can help neobanks track fraud using the customer’s profile and transaction history.
Any fraud prevention measures you implement will only work if you know what to look for.
To ensure your neobank and customers are protected, fraud prevention specialists need to be aware of the threats targeting neobanks and what they look like. Fraud is much harder to prevent if your risk and compliance team doesn’t know what types of fraud they’re trying to detect.
Below are some common types of fraud that put neobanks at risk:
It’s no secret that neobanks have struggled with fraud prevention for as long as they’ve existed, but not everyone understands what the core challenges are. Understanding the main challenges facing neobanks is key to learning how your risk and compliance team can better protect your product.
This section will cover the main reasons why many neobanks have and continue to struggle with prevention fraud.
1. Increase in opportunities for online fraud
Digital financial institutions - like neobanks - offer criminals opportunities to test and act on new methods of fraud. This makes neobanks prime targets for fraud, and the data supports this; Fintech companies have a fraud rate double that of credit cards, and triple the amount of debit cards.
Clearly, criminals have set their sights on neobanks with no sign of slowing down. Without the right resources and tools, risk and compliance teams can find themselves unable to compete with the increase in attacks and be faced with successful fraud attempts slipping through the cracks.
2. Difficulty managing regulatory requirements
The increase in fraud in challenger banks has resulted in the implementation of many new regulatory requirements that neobanks must adhere to. Updates to KYC/KYB standards and SAR reporting guidelines are introduced regularly, which can be difficult for neobanks to track. This also makes it hard to ensure workflows are updated to reflect these changes in adequate time.
While compliance measures might seem tedious, these regulations were implemented as guidelines to improve security. Making an effort to stay on top of applicable regulations and incorporate the minimum standards as quickly as possible gives risk and compliance teams the assurance that they’ve done their best to combat fraud.
3. Cost cuts hurt risk and compliance teams
A big mistake that some neobanks have made is to prioritize their business growth over security efforts. This has resulted in more time and money spent on marketing efforts, leaving risk and compliance teams understaffed and underfunded.
Risk and compliance teams need to have a sufficient number of staff members and access to the right preventative tools and methods to properly implement fraud-prevention strategies and manage confirmed cases of fraud in due time. Failing to properly support these teams can result in many fraud attempts going undetected and unreported.
4. Desire to speed up customer onboarding
The neobanking market is incredibly competitive. As a result, neobanks have felt pressure to make their customer onboarding experience as quick and easy as possible to appease the millennial and Gen-Z markets. However, this is what has allowed many criminals to gain access to their services.
Vulnerabilities in the onboarding process have made way for increased instances of identity theft, among other types of fraud. This is due to the process not being face-to-face and offering quick access to services. Risk and compliance teams need to integrate strong security measures within the onboarding process. Otherwise, more criminals could pass themselves off as legitimate customers and remain undetected until it’s too late. The challenge is that you still need to offer a frictionless experience for customers.
5. Loss of monetary resources due to fraud
Neobanks that want to increase their risk and compliance efforts might be unable to if fraud has already taken its toll on the company. According to a study by Juniper Research, it is predicted that merchants will lose over $206 billion between 2021 and 2025 to online payment fraud. Clearly, fraud is an urgent issue, which is why neobanks should build their fraud prevention departments and invest in risk and compliance tools from the start.
The financial loss felt by unsecured neobanks is much greater than what would be spent on risk and compliance measures early on. Neobanks that put time and money into recruiting a team of fraud prevention specialists and upgrading their preventative solutions will better protect their finances and maintain enough resources to continue fighting fraud.
Some neobanks have learned the hard way that fraud won’t simply go away if you ignore it. Fraudsters are not slowing down, so your neobank needs to prepare itself to fight back by making the right investments and expanding your security measures. Effectively combatting fraud isn't just about knowing what to do, but also what to avoid doing.
These are some of the best practices for neobank fraud detection and prevention that risk and compliance teams should follow.
1. Invest in risk and compliance
In the early days of a new neobank, the company might believe their resources are better spent on business growth. It’s important to remember that expanding your risk and compliance team and supporting their work early on will provide your neobank with an incredible amount of value over time.
Fraud prevention isn’t just about stopping fraud from happening - it’s also about reducing the overarching cost of fraud, which can have a significant impact on your neobank. By equipping your risk and compliance team with the right fraud detection software, your neobank will be able to better prevent fraud and reduce false-positive rates, growing more revenue as a result.
2. Strengthen your KYC/KYB process
Many bad actors have targeted neobanks for fraud due to perceived weaknesses during the virtual onboarding process. As a digital service provider, your neobank has a responsibility to ensure you truly Know Your Customers (KYC) and Know Your Business (KYB) when they apply to open a bank account. By strengthening the KYC/KYB process, your risk and compliance team can be sure that more good users are accessing your services.
In order to create a more secure onboarding experience, you need to establish workflows that utilize advanced identity verification methods. There are several tools available that support this type of automation, such as ID document verification and data source integrations. Adopting these additional levels of security at the start of the user journey will help your risk and compliance team improve verification and keep accounts secure. It's never a bad time to adopt a risk and compliance solution to help with automation and lighten the operational load on your teams.
3. Create an automated infrastructure with data
While improving security during the onboarding process is very important, it’s also crucial for risk and compliance teams to leverage solutions that monitor for fraud at all levels of the customer experience. Specifically, your team needs to be able to properly detect and analyze potential instances of fraud within transactions.
Your neobank’s entire infrastructure should incorporate fraud detection in the most scalable way possible. Fortunately, this is where automation and advanced technology can be used to help your team make data-driven decisions. By using data rules that detect when transactions match examples of fraud, your risk and compliance team will be alerted to potential fraud attempts and can use accessible data sources to determine if fraud is actually occurring, reducing false-positive rates.
4. Commit to meeting regulatory requirements
FinCEN and other governing bodies have implemented new and ever-expanding regulations as a way of protecting customers, which includes prevention measures and SAR guidelines. While your neobank is legally required to meet the minimum standards, they also create the opportunity for your risk and compliance team to secure your neobank’s digital framework.
It’s important for your team to stay on top of newly introduced and updated regulations that apply to your neobank and assess your workflows for gaps in risk management. Your team should also regularly test your workflows to confirm you’re meeting minimum standards, and determine where adjustments can be made to better meet requirements for strengthening fraud prevention and detection within your digital framework.
While implementing preventative measures is all about looking towards the future, fraud prevention specialists can look to the past to understand where some of the biggest vulnerabilities lie.
Despite their age, neobanks and other fintech companies have already been hit with plenty of fraud attempts, some of which resulted in major financial losses. To help your team determine the best ways to strengthen your fraud detection system, here are three example scenarios of neobank fraud and the steps to take to prevent them from happening to you.
1. Fake Paypal Signups for Bonuses
To boost account openings, Paypal gave a small signup bonus to those who opened new accounts. Fraudsters took this as an opportunity to make a large number of fake accounts in order to pool those small signup bonuses together and cash out a large amount from the payment provider. This resulted in multiple accounts from the same IP address and geographic location.
How to solve the problem:
With an onboarding orchestration solution, you can create a rule that looks for unusually high account openings in any city or account openings where the country associated with the IP address doesn’t match the country associated with the account. The unusual volume of openings in inconsistent locations would have triggered these rulesets and could have assisted in catching these 4.5 million fraudulent accounts.
2. Zelle for Social Engineering
Zelle had an issue with fraudsters using social engineering to trick innocent victims into sending them money. To avoid detection, these bad actors were spoofing Zelle accounts and faking ownership of emails and phone numbers.
How to solve the problem:
Create rules that look for money being sent from new devices compared to the typical devices. Let’s say we usually expect customers to use no more than 3-4 devices for transactions. It would be odd if all of a sudden a user was associated with a larger number of devices than we would expect.
3. Romance Fraud
A type of fraud in which people are duped into sending money to criminals who convince them they are in a genuine relationship. We touch on this in-depth in our romance fraud blog. Platforms such as Monzo and Revolut are no stranger to these bad actors.
How to solve the problem:
By implementing transaction monitoring, users can create a rule that looks for money moving between entities that typically don’t do transactions together. Look for entities with a spike of incoming transactions compared to the amount we expect them to get in a one-month period to identify criminals.
Fraud Prevention for Neobanks: Final Thoughts
Now that you understand why neobank fraud happens, how fraud is evolving, and some best practices for fraud prevention, your team can start to implement strategies to effectively, efficiently, and affordably reduce fraud losses for your company. Unit21 can help scale your efforts - or start your neobank - with our risk management and transaction monitoring solutions.
Stay abreast of the most current fraud trends to make sure you protect against fraud. There are new threats emerging constantly, so it's important to know what threats you face.
Schedule a demo with us today, and we’ll be happy to chat about how we can improve your fraud detection processes, and integrate it within your broader fraud and AML program. Until then, see how we helped Lili reduce fraud loss by 50% for a real-life example of our work.