The Rules Race: Staying Ahead in the Face of Evolving Financial Fraud

March 22, 2024
Alex Faivusovich
Head of Fraud Risk

You know the old adage, 'rules are meant to be broken.' Not when it comes to protecting your customer's money. For those guarding the vaults of banks, credit unions, and fintechs, it's clear: traditional fraud-fighting tactics need a reboot. The new standard is flexible, adaptive rules that evolve with the threat landscape. From monitoring day-one account activity to customizing defenses against the latest schemes, Fraud Files reveals some of the latest trends of dynamic rule-making using data from Unit21. 

Monitoring Fraud Over Time & Checking Account Dormancy

This is our fourth installment in Fraud Files, our blog series that shares unique insights based on data from over 4.05B events on the Unit21 platform. In our previous posts, we explored why constant monitoring is so important, including:

Dynamically Evolving Rules Can Address Specific Needs

We know one factor is crucial to understanding fraud: we must monitor account activity, dormancy, and longevity. This is why having a fraud prevention strategy is critical. It allows you to optimize your unique challenges and find where rules can be of tremendous support.

Very little is one-size-fits-all. For example, take the rules definition. Using tools that have a rule-making capability allows users to respond dynamically and tackle the insights mentioned above.

The Dramatic Rise of Rule Creation in 2023-Q2

Our data shows how essential rules have become in financial institutions’ fraud prevention strategies and how rule creation changes over time. This chart offers a quarterly dissection of fresh rule establishments by category, encapsulating transaction methods including ACH, card payments and wires.

A Chart featuring: New Rules Created per Transaction Type. Summary: Most Recent Data shows about 200 ACH, Card and Wire rules created.

A notable observation is the pronounced surge in rule formulation during the second quarter of 2022, as well as the second and third quarters of 2023, spanning several transaction types. This could suggest a pattern of seasonality in rule generation—a hypothesis we plan to closely monitor in the coming year. Even at the “lower” numbers of rules created per transaction type over the past quarter, the pattern is clear: the majority of transactions all saw their rule creation increase.

The reason behind instituting these rules is multifaceted. By tailoring rules to specific transaction types, financial institutions can glean precise insights, enabling them to tailor their defense mechanisms more effectively. Implementing nuanced rules not only sheds light on emerging threats but also enhances our understanding of the evolving fraud landscape, allowing for swift and informed responses.

Recall the surge in ACH fraud in 2022—our dataset mirrors the financial sector's response, as evidenced by the spike in ACH-specific rule creation. In an effort to remain flexible and adaptive, we provide our customers with an operational approach to manage emerging changes and trends:

 Reaction Cycle & Deployment Process, Trends: Analyze recent AML / Fraud cases to spot trends and assess if current measures can prevent them. Typology: Document behavior patterns, and draft early topologies for the threat. Testing: Develop and test identified rules. Production: Deploy strategies in the production environment after stakeholder approval. Reporting: Continuously monitor and optimize production rules and workloads.

Diversification of Rule Creation Across Transaction Types

There's a noticeable distribution of the number of rule creations across various transaction types, including ACH, card, and wire transactions. It’s true; a strong link exists between a perhaps emphasized need to monitor activity and the creation of multiple rules. This diversification reflects the platform's flexibility and the user’s recognition of the multifaceted nature of financial fraud, underlining the necessity of a broad spectrum of monitoring and defensive strategies.

Stack Ranking the Rules Race

The chart unveils a striking "rules race" phenomenon where different transaction types are vying for attention in rule creation. A pronounced stack ranking shift is evident, revealing that while ACH transactions historically led in rule creation, they have been overtaken by card and wire rules, signaling a potential pivot in fraud prevention priorities.

Perhaps this is no surprise, as secuirty.org reported in 2023 a staggering 65% of cardholders have been victims of fraud. Likewise, housingwire.com reported that more than half of all loans in Q4 2023 had at least one risk of wire and title fraud. This increase reflects not just the growing sophistication of fraudsters but also highlights the ongoing challenges that financial institutions face, including Business Email Compromise and AI-enabled phishing attacks, which remain prevalent tactics for wire fraud​.

This rules trend suggests that other financial institutions are quickly adapting to new data on emerging threats or responding to evolving transaction behaviors, redistributing their focus to where it's needed most. The data indicates a vigilant industry reassessing risk in real-time and recalibrating its defenses through dynamic rule creation—a critical move when staying ahead of fraudsters is crucial in safeguarding assets and maintaining customer trust.

Rules Matter - But What Does Data Show to be the Most Important?

While implementing, evaluating, optimizing, and modifying rules are always tailored to an organization's specific needs, staying ahead of the ever-evolving fraud landscape is critical. Data from Unit21 highlights the top-performing rule types, boasting over 80% true positive (fraud detected) rates, falling into three categories:

  1. Post-KYC Monitoring. This set of rules is essential for monitoring the use of personally identifiable information (PII) and existing users' financial instruments. Their primary function is to detect and mitigate fraud rings' activities and prevent ban evasion tactics. These rules are particularly adept at uncovering sophisticated schemes that might otherwise slip through the initial verification processes.
  2. Geographic Focus Rules. Fraudsters often exploit specific geographic vulnerabilities, making these rules invaluable. By utilizing blacklists and incorporating hard-coded logic, these rules can identify and block fraudulent activities that are peculiar to certain countries or regions. This targeted approach allows for a more refined defense mechanism capable of adjusting to the unique threats faced in different parts of the world.
  3. Excessive Use Detection. Rapid spending patterns, an unusually high volume of transactions over a brief period, and card testing behaviors are red flags for fraudulent activity. Rules designed to flag these patterns are crucial in preempting fraudsters' attempts to exploit financial systems. These rules can swiftly identify and halt potential fraud by setting thresholds for what constitutes regular activity.

Each rule category serves as a cornerstone in the architecture of an effective fraud prevention strategy. By understanding and implementing these rules, organizations can significantly enhance their ability to protect themselves and their customers from the threat of financial fraud.

Bespoke Isn’t Just for Fashion - Tailor Your Defenses Against Fraud Threats

Rules engines can go even further with customization that fits specific business needs. What might be a parameter for one organization to be flagged as fraudulent may be blocking legitimate transactions on another. With Unit21’s Fraud Detection Engine, for example, customers can easily customize pre-built rules, workflows, and permissions to adapt to unique changes in company and regulations - whether it’s a wire or ACH transfer. People on the front lines create the defense. And now, customers are using Unit21’s dynamic model builder to create their own rules and typology, without writing one line of code.


The Takeaway

Fraud is hitting every single category, and fraudsters are quickly and efficiently improving their methods. It cannot be stressed enough that it’s imperative to stay steps ahead of them to ensure reduced risk when it comes to your financial institution. Constant vigilance at any time of an account lifecycle, keeping an eye on the “quiet sleepers,” and using an adaptive, tailorable approach to define rules are all powerful strategies to have in your toolkit to fight fraud effectively.

Want to gain more insights about rule trends or writing, testing, and deploying rules in minutes? Book a demo.

Subscribe to our Blog!

Please fill out the form below:

Related Articles

Getting started is easy

See first-hand how Unit21
can help bolster your risk & compliance operations
GET a demo