Now that 2023 is upon us, we’re following up on last week’s post ranking our top ten most popular content. Numbers five through ten show our readers’ appetite for new information about fraud from reading the warning signs of insider threats to the unique aspects of data as it gains traction as a fraud detection and prevention tool.
Unfortunately, fraud gets a lot of attention. Fortunately, our Nick Griffin is on the case. This post, published during National Insider Threat Awareness Month (NITAM), details the thinking behind the internal and external bad actors that have made insider fraud the most important story in this category from the past year. According to Griffin, “enterprise case management needs to be a core competency. ECM has several definitions depending on the type of fraud being investigated but suffice to say that it’s best understood by comparing today’s fraud landscape to the analog days of payment and fraud activity. When an enterprise was visited by fraud it took a mix of automated detection, disparate information sources and human effort to track down and investigate fraud. ECM done properly these days will allow investigators and analysts to manage and track all cases within a single automated system for creating and managing alerts, cases of suspicious activity and support for suspicious activity reports.”
In the thick of the Russia-Ukraine conflict this post from early September detailed the need for alternative cross-border payments networks. Eli Shoshani, Bottomline’s head of the APAC region, had a front row seat to the evolution of these networks. “Before the current crisis, most companies could make payments to another company without complicating it with a central bank’s involvement,” he wrote. “Not anymore. Here’s an example: When the crisis first hit, we were contacted by representatives from the central bank in Mongolia. Not only were they cut off from their correspondent banks in Russia, they were also cut off from any kind of payments networks or cloud services. In essence: Mongolia couldn’t pay or get paid. The Mongolian banks are heavily dependent on Russia. The oil, gas and the power of the electricity of Mongolia comes from Russia. So it's not just the cross-border lines. Our team was able to accommodate their payment needs and flipped their network easily. My advice – regardless of where in the world you are or what kind of company you run – is to be aware of the complexities at central banks, as well as member banks, and ensure you’re not solely reliant on that infrastructure alone.”
Our research efforts around fraud and financial crime showed that effective fraud protection and case management solutions can help banks and businesses address minimal human and technological resources, inadequate employee training, and inefficiencies in their investigation and reporting processes. Done properly, ECM will allow investigators and analysts to manage, track and report all suspicious activity and fraud cases within a single automated system. By the numbers, our research with ECM consultancy Themis showed that 71% of survey respondents had a case management solution in place in their company, with 39% having a commercial off-the-shelf solution and 32% having a home or custom-built solution. Of those without a solution, 71% said they plan to invest in one within the next two years. We recommended a more urgent approach to ECM as 42% of all companies responding to the survey encountered fraud during the past year, and 27% lost more than $1 million in the process.
Short answer: No. But it is a question we heard frequently during 2022 and is a legitimate concern. “Instant payment networks have rules outlining the timeframes for conducting transactions (often within 10 seconds) but offer exceptions when suspicious or fraudulent activity is detected, wrote Bottomline’s Ruud Grotens. “You can imagine that when the added element of secure customer authentication was discussed during the introduction of the EU’s Open Banking legislation, PSD2, stakeholders felt there was too much focus on anti-fraud measures and not enough attention on the customer experience. So businesses were concerned that secure customer authentication would cost them a large percentage of their online business. It didn’t, and therein lies a lesson for those who believe anti-fraud measures will slow real-time payments.”
In researching developments around International Fraud Awareness Week, our Nick Griffin came across an excellent report from Carnegie Mellon University that detailed the specific risks banks faced from insider fraud. His interview with the report’s author Sarah Miller yielded the following quote about the variations among bad actors: “First let me say that there is no one profile,” Miller said. “That’s one of the things that’s unique here. It fascinated me that we saw employees that aren't just tenured but also in some sort of management position. And obviously with those positions of authority comes certain privileges and a level of trust. There was a case I read about recently, just in my own research, where somebody at a credit union intentionally implemented a faulty bank secrecy program so that they could engage in money laundering. And I've seen other cases where an executive intentionally misled their direct reports to manipulate a situation or further a scheme. That’s not something commonly seen in other sectors.”
Related topicsFraud Prevention
Bottomline Technologies helps make complex business payments simple, smart, and secure. Corporations and banks rely on Bottomline for domestic and international payments, efficient cash management, automated workflows for payment processing and bill review, and state of the art fraud detection, behavioral analytics and regulatory compliance solutions.