Banks, financial institutions and real-time payment providers will need to continuously evaluate their processes to ensure that their response to new criminal threats is effective
NOWADAYS, it is common to read of someone who has lost thousands of ringgit because he or she was conned — a victim of the notorious “Macau scam” or hacking of an online bank account — or defrauded by criminals on digital payment platforms.
A segment of the population has opted not to use digital payment platforms because of concerns over the security of transactions, but the reality is digital payments are here to stay. Indeed, they will only get more prevalent in the future.
As digital payments and real-time money transfers become more and more common, the incidence of fraud is sure to rise.
According to forecasts by Juniper Research, fraud losses for money transfers are set to rise at a rate of 20% or higher every year, and to reach US$10 billion by 2023 due to the global increase in instant payment platforms.
However, as the digital payment industry gets more advanced and the use of its platforms becomes more widespread, so too will the fraudsters and hackers.
How then can industry players and regulators keep up with the criminals?
Subhashish Bose, business segment leader of fraud, security and compliance at FICO, advocates industry collaboration as one of the ways digital payment platform providers can ensure they stay ahead of emerging fraud trends.
“For example, in Australia, the New Payments Platform (NPP) brings together top security and fraud experts from participating banks to collaboratively manage, monitor and undertake activities aimed at combating any NPP-related fraud,” he says.
“These banks also openly share intelligence and fraud activity trends with each other and regulatory bodies to help prevent and detect losses as well as collate relevant data to understand the types and volume of NPP fraud and scams.”
FICO is a company that uses big data and mathematical algorithms to predict consumer behaviour through its analytical software and tools. Its solutions are used across multiple industries to manage risk, fight fraud, build more profitable customer relationships, optimise operations and meet strict government regulations.
While real-time payments have proved to be quite successful in China due to coordinated policy efforts to protect banks and consumers from fraud, when it comes to security, the only way forward is to streamline fraud detection processes and eliminate unnecessary alerts, says Bose.
“Banks, financial institutions and real-time payment providers will need to continuously evaluate their processes and leverage artificial intelligence and machine learning to ensure that their response to new criminal threats is effective,” he says in a written reply to questions by The Edge.
Kenanga’s chief regulatory officer wants regulators to intervene
Maheswari Kanniah, group chief regulatory and compliance officer of Kenanga Investment Bank Bhd, opines that for fraud detection to be improved across all banks and financial institutions in Malaysia, a more level playing field must be provided for the banks, big or small, with the involvement of regulators.
Speaking to The Edge on improving fraud awareness among banking staff, Maheswari says the smaller banks might be struggling to keep abreast of new technology that the bigger banks can afford to have, which allows them to detect fraud more efficiently.
“For example, if it is an anti-money laundering system, I am of the opinion that the regulators must identify who the vendor is, and for economies of scale, negotiate the pricing and provide a level playing field for all the banks to improve fraud detection,” she says.
Since 2015, Kenanga has collaborated with the Association of Certified Fraud Examiners (ACFE) in a bid to improve staff awareness of fraudulent activities across the board. The collaboration allows Kenanga to tap the ACFE’s expertise in fraud detection, awareness and prevention, and to impart the knowledge to its staff.
In addition, Maheswari has introduced games and hands-on activities, which allow Kenanga staff to learn and update their understanding of fraud, instead of using mundane, run-of-the-mill emails and e-tests.
Every year, the investment bank also nominates two employees to undergo ACFE certification to become fully certified fraud examiners. At present, it has five ACFE-certified fraud examiners, including Maheswari herself.
Cross-border digital payment loopholes can be exploited
Southeast Asia is home to some of the fastest-growing mobile payment markets. According to Global Consumer Insights Survey 2019 conducted by PwC, the region is leading the customer shift to mobile payments globally.
The survey found that Vietnam has seen the highest growth in mobile payments in 2019, with the percentage of consumers using these services rising to 61% from 37% last year. About 40% of Malaysian consumers use mobile payment systems, according to the survey.
As Southeast Asia is a region consisting of 10 countries with increasing people-to-people, business and trade relations, cross-border payments are also rising. Cross-border digital payment platforms such as Tranglo and TransferWise have set up shop in the region.
However, the complexities of cross-border payments with no one single regulatory body governing transactions in Southeast Asia mean that there is only a slim chance of recovery once the money has left the bank.
Bose says this gap makes it highly attractive for fraudsters or hackers because the industry is rapidly transforming with new non-bank digital players such as payment aggregators and financial technology firms entering the market.
“Real-time payments are often irrevocable and enable illicit funds to be moved through a complex maze of accounts swiftly. This is exacerbated by a lack of visibility once payments cross borders or systems,” he says.
“Any loopholes that can be exploited allow criminals to commit theft, launder money, finance drug trafficking and conduct terrorism and other nefarious activities.”
To ensure that security is tightened, whether for domestic transfers or cross-border, payment providers need to take an enterprise-wide, layered, customer-centric approach to address fraud in real time, he adds.
Given that there is an estimated 80% overlap in software functionality between legacy fraud and anti-money laundering systems, Bose notes the convergence of fraud detection and anti-money laundering platforms and teams is also a significant trend. “Reducing redundancy and streamlining both processes will allow banks to eliminate unnecessary alerts and make high priority investigations more efficient.”
He also stresses the need for education and vigilance on the part of the user.
Payment providers should take the initiative to roll out consumer education campaigns, providing customers with information and tips on how to protect themselves against the risks of real-time payments, he adds.