Business

Automation leaves financial institutions exposed to fraud

Published

3 weeks ago

November 10, 2023

Technological advances mean that financial institutions are automating the handling of documents to remove manual work, improve accuracy and make better decisions. In the rush to gain such efficiencies, however, many institutions could be leaving themselves wide open to fraud – and not even realise it.

By Jan Syrinek

Product Manager at Resistant AI

Documentation is necessary, but no financial institution wants to be bogged down with manual work that is costly, time-consuming and error prone. So, when technology vendors come a-knocking offering to automate their document-handling processes, it is a no-brainer. Automation cuts costs, improves accuracy and creates efficiencies for financial institutions, but… it also does the same for fraudsters.

The business of automating documents is booming, and various early-stage technology providers have successfully raised funds in the last couple of years. In fact, according to Deep Analysis, the level of investment by venture capital firms in intelligent document processing companies is unprecedented (https://www.deep-analysis.net/intelligent-document-processing-market-analysis-2022-2026/ ). There are over 400 companies in this space, and according to Deep Analysis’ research, the market size is set to double from US$2 billion in 2022 to US$4 billion in 2026.

For financial institutions, the technology is attractive and there are numerous use cases. In the banking business, for example, it could be used to streamline the assessment of documentation in loan applications, verifying identification during know-your-customer checks, or handling trade finance documentation. And there are other applications in the support functions of organisations, such as marketing, IT and finance.

Consultancy Roland Berger analysed^[1] more than 50 use cases of the technology for banks and identified seven examples that have the most potential, with up to 80% efficiency gains. These are billed as ‘no regrets’ moves for banks to automate and include applications for automated data extraction and document processing as well as for fraud prevention and anti-money laundering (AML) compliance.

These two use cases, however, should be linked. By pressing ahead with document automation and not considering the risks of fraud and financial crime, banks could be sowing the seeds of their downfall. Compared to other organisations, the risks for financial institutions are much greater – because that’s where the money is. Get this wrong, and banks are at risk of being defrauded of vast sums of money. They could also be facilitating heinous crimes by organised gangs – such as human trafficking and slavery – which in turn could also result in a business-ending fine from the authorities.

These issues have arisen because of the rapid developments in technology. Optical character recognition (OCR) has made it possible to scan paper documents – with unstructured data – and convert them into text. Meanwhile, robotic process automation (RPA) has automated repetitive tasks by setting up rules for the robot to follow. And intelligent document processing (IDP) – as the name suggests – is more intelligent and can automate the whole document-handling process, using machine learning to train itself on the best course of action. Added to this is the buzz surrounding generative artificial intelligence (AI) and its ability to create natural language and produce multi-media content.

These technologies are a boon for financial institutions – and also to criminals who are exploiting them to launch automated attacks at scale. Preventing fraud and financial crime has to go hand-in-hand with any document automation; one without the other could be leaving the door wide open for increasingly-sophisticated fraudsters.

One line of attack is during customer onboarding where fraudulent identity documents are used to open bank accounts for the purposes of money laundering. Given the advances in automation, this can be done repeatedly – and at scale.

At Resistant AI, we have seen cases where a single bank statement was edited and resubmitted nearly 1000 times to a single institution over 90 days— with slight modifications made to names, addresses, and numbers — for attempted account openings. This practice makes it easier to substantiate stolen identities that can be bought on the web for as little as US$10. It is also easy to buy document templates online – for bank statements and pay stubs for proof of income, utility bills and leases for proof of address, and business licences and permits for proof of business operation – without even needing to go on the dark web. The financial system is being flooded with such false documents, which institutions are automatically processing.

This kind of mass serial document fraud is a real risk to financial institutions, particularly if they have automated their document processes: intelligent document processing can read, transcribe and analyse documents but can’t determine whether they are authentic. Greater automation allows criminals to ‘fuzz’ the system: constantly submit various document alterations to test the system for vulnerabilities. Instead of ‘hacking in’, now criminals are ‘hacking through’ automation systems by overwhelming the controls that are in place with false documentation.

While fraudsters are using the same templates over and over, some financial institutions may not even realise the scale of the problem. Banks may be bombarded with fraudulent documents and not even know it because on the face of it, the documents look genuine—and even if one instance is caught, it is hard for humans to share exactly what they saw. AI, however, can reveal how the creases on an energy bill are exactly the same for dozens of versions. Or maybe a photo submitted for identification was taken on an iPhone 6 but submitted by another kind of device. Perhaps the shadows in the selfie background are the same for other onboarding applications. These are just some of the hundreds of red flags that the right kind of AI can detect – signs that would otherwise be invisible or ignored.

In the face of this automated onslaught, financial institutions need to do better. As they automate their document-handling, they need to do this in tandem with their risk controls and ensure they are not leaving themselves wide open to attack.

^[1] https://www.linkedin.com/search/results/content/?keywords=roland%20berger%20banking%20use%20cases&sid=cx5&update=urn%3Ali%3Afs_updateV2%3A(urn%3Ali%3Aactivity%3A7096073383712313344%2CBLENDED_SEARCH_FEED%2CEMPTY%2CDEFAULT%2Cfalse

Up Next

How technology can help asset managers amid the FCA’s social media crackdown

Don't Miss

Open banking: empowering consumers to take the reins on their finances

Business

Revolutionizing Risk: Innovative Derivatives to Support the Evolution of Commercial Space

Published

1 day ago

December 2, 2023

admin

By Grant Gryska, Co-Founder and Director of Markets at Allocation.Space

The space economy continues to expand rapidly, crossing $500bn in revenue in 2022, 78% of which came from the commercial sector[1]. Major developments like the successful test launch of SpaceX’s massive Starship are set to radically change the cost of getting mass to orbit, unlocking new possibilities for business in space.

This growing market presents outsized opportunities for investors, insurers, and businesses. But, as enterprises extend their reach beyond Earth’s atmosphere, risk management tools must evolve to meet the new and unique challenges they face. A new generation of derivative instruments is emerging to support the commercial space sector while complementing traditional insurance models.

A Paradigm Shift in Risk Management

Traditionally, space ventures were funded by governments and international space agencies — institutions that were able to absorb risk and ignore bottom-line concerns. The arrival of private space companies such as SpaceX, Vast, and Blue Origin represents a material shift in the trajectory of commercial space. National interest is no longer enough; space ventures must also turn a profit, which means managing risk. These enterprises are pushing the boundaries of what is possible, requiring a comparable evolution in financial tools to support their endeavors.

Grant Gryska

We’re now seeing a new generation of companies building platforms to host derivatives that enable enhanced risk management for the space industry. By hosting these products on a Swap Execution Facility (SEF), the aim is to bring pricing transparency and efficiency to the sector via a centralized venue. Unlike traditional insurance, which often relies on predefined policies and premiums designed to mitigate specific critical loss, swap contracts do not require proof of any actual loss or attribution, broadening the universe of potential participants in this growing market.

Derivative Instruments for Commercial Space

Derivative instruments tailored for the commercial space sector will help mitigate risks and enhance financial flexibility as the barriers to entry come down and competition increases.

Space Weather Derivatives (SWDs): With satellite anomalies demonstrating a 74% correlation[2] with geomagnetic disturbances caused by the solar wind, these products will become invaluable in managing revenue loss due to these disruptions. SWDs will ensure a smoother execution of space missions and terrestrial applications such as power grid management.
Space Derivative Contracts (SDCs): SDCs allow investors and companies to hedge against price fluctuations in space-related assets. Whether it’s fuel, space-based resources, or payload rate indexes across launch platforms and locations, these products provide a means to lock in prices, offering stability in an otherwise volatile market.
Space Options (SOs): Like traditional financial options, SOs provide the right, but not the obligation, to buy or sell a space asset at a predetermined price and time. This allows investors to capitalize on favorable market conditions while limiting downside risk.
Space Risk Swaps (SRS): SRSs enable entities to exchange or transfer specific risks associated with space activities. For instance, a satellite operator concerned about launch delay or orbital debris may enter an SRS with a risk-taking party, effectively transferring the risk to them. These products diversify risk and encourage collaboration among industry players providing complementary services like debris mitigation.

Complementing Traditional Insurance: Bridging the Coverage Gap

While traditional insurance remains a fundamental component of risk management, derivative instruments offer a more nuanced approach targeting the risks to revenue. These products provide a level of risk granularity that traditional insurance may lack or be unable to cover economically, which has left 99% of LEO (Low Earth Orbit), and 73% of MEO (Medium Earth Orbit) and GEO (Geostationary Orbit) satellites uninsured on orbit as of 2022[3]. This is crucial in an industry where risks to launch platforms, satellite technologies, and commercial objectives can be highly specific and variable.

The Future of Space and Derivative Instruments

There’s a growing cluster of companies looking to transform the financial products and venues supporting the commercialization of space. The derivative instruments being developed with the help of space industry players will provide a forward-looking and adaptive approach to risk management for space, complementing traditional insurance models.

As the commercial space sector continues its trajectory beyond Earth, these innovative financial tools will play a pivotal role in ensuring a robust and resilient financial ecosystem for companies participating in the space economy.

[1] https://www.spacefoundation.org/2023/07/25/the-space-report-2023-q2/

[2] Choi, H. S., J. Lee, K. S. Cho, Y. S. Kwak et al., 2011, Analysis of GEO spacecraft
anomalies: Space Weather relationships, Space Weather, 9, S06001.

[3] https://spacenews.com/connecting-the-dots-space-insurers-toast-another-profitable-year

Business

2024 Payments Predictions

Published

2 days ago

December 1, 2023

admin

Alan Irwin, Vice President of Product & Solutions Europe, Global Payments:

Open banking in 2024 will be all about the consumer

“2023 has been a huge year for open banking adoption, surging 68.2% from the previous year to hit 4.2 million users in the UK in July. Open banking enables consumers to provide third-party providers (TPPs) with secure access to their payments account, meaning that payments can be made through these TTPs directly from their payments account and without the need for cards.

“With more people using open banking for payments, in 2024 consumer expectations of open banking are likely to increase dramatically. Consumers will demand higher levels of speed, convenience, and security around open banking as a payment method. As a result, there will be a renewed focus on the availability and performance of APIs and user interfaces. Without improving these features, TTPs will see growth in open banking payments stagnate and even struggle to compete with digital wallets and standard cards.

“2024 will also see a stronger emphasis placed on consumer protection from fraud and scammers. With £239.2 million lost to authorised push payments (APP) fraud in the first six months of 2023, security is front of mind for businesses and their customer bases. A key differentiator for open banking and card payments is the liability protection offered by cards through the disputes and chargeback processes. Merchants and consumers alike want the power to protect themselves with tools and processes to limit financial exposure. As such, to grow in the coming year, TTPs will need to develop and implement enhanced risk and fraud prevention tools to help drive confidence in the payment channel and mitigate concerns around exposure.”

Competition between old and new banks will intensify around convenience

“Growth in consumers’ desire for a financial ‘super app’ experience will put a great deal of pressure on traditional financial institutions and increase competition between neobanks and legacy banks in 2024. A financial ‘super app’ is a single mobile application that can be used to manage all aspects of your financial life, including services that range across savings, investments, mortgages, and payments, for example.

“Neobanks, such as Revolut, are creeping into ‘super app’ territory: providing a range of services, from shopping discounts and savings pockets to instant currency conversions and stock investing, all on a single mobile application. So far, these developments are almost exclusively in the consumer banking space. However, in 2024 we will see the neobanks push their payments offerings further up the value chain into the B2B world, challenging traditional banks on another front.”

Ecommerce checkout enhancements

“In 2024, payments providers and their clients will place a fresh emphasis on customer experience, as demand for convenient and slick payment processes continues to increase. Currently, 69.57% of online shopping carts are abandoned and less than one fifth (17%) of retail, leisure and hospitality transactions are made through digital wallets, showing that much more needs to be done to offer smoother payment infrastructure online and in-store. As such, in 2024 businesses will focus on customer experience as a means of increasing customer loyalty and slashing cart abandonment rates in the process. Moving away from slow, clunky payment experiences to offer customers the ability to pay for something with a few clicks through biometrics, which allow customers to pay with a simple face or fingerprint scan, and digital wallets, which store customer payment information, is the primary method that businesses should be using as we approach the new year to tackle this issue.”

Data Storage and Keeping Customers On-Site

“Providing a top-quality payments experience will go hand-in-hand with ensuring that consumers feel safe at the checkout, especially with soaring cybercrime. In 2024 we’re likely to see more use of card data storage and tokenisation to further reduce cart abandonment rates as they allow consumers to store their card details for future use, making their next purchase at the ecommerce store much faster. Network tokens in particular, which are tokenised payment details saved for a specific card and merchant pair, drive higher approval rates for merchants and offer a more secure form of payment than raw card data entry. In addition to this, continuously updating customers’ card data further reduces friction in the checkout and drives better cart conversion.

“What’s more, customers are also put off payments when they are redirected to another (3rd party) site to complete it, as it is unfamiliar to the rest of the checkout process, often doesn’t carry the merchant brand and thus deemed insecure. Therefore, reducing site changes as much as possible and using clear branding and UX to ensure customers are aware that they’re still on this same site is key to instilling a sense of security. Similarly, real-time data validation built into the payment form can prevent bad data from being entered in the first place, such as invalid PAN, expiry date, or security code, as well as keeping out bad actors from spamming through card data en masse.”