How can financial institutions in Asia Pacific fight Financial Crime 4.0?
GBG, a global technology specialist in fraud and compliance management, identity verification and location data intelligence, recently launched the GBG Intelligence Center in Singapore.
With the realization of Industry 4.0, we are faced with a hyperconnected and digital world, which also offers the financial services industry new ways to leverage technology and transform customer experience with a data-centric approach.
However, it also spells the growing complexities of financial crime patterns, also known as Financial Crime 4.0. Designed to enhance fraud detection, the GBG Intelligence Center’s capabilities are designed to enable financial institutions (FIs) in the region to scale and future-proof themselves against emerging financial crimes.
To discuss the emergence of financial crime 4.0 and how financial institutions are evolving to safeguard themselves, CybersecAsia interviewed Dev Dhiman, Managing Director of APAC, GBG.
After a year of accelerated digitalization, the growing complexities of fraud is concerning. What is your take on Financial Crime 4.0?
Dev Dhiman: 2020 catapulted financial institutions (FIs) forward in their plans, implementation, and optimisation of technology. The pandemic has forced organisations to step up their digital transformation journeys and reflect the impact of how consumers and businesses have shifted to digital-first ways of living and working. The financial services industry is also becoming smarter and ecosystems are also expanding by collaborating with third-party service providers to offer a wider range of services to customers.
However, with each industry revolution, level of sophistication and complexities of financial crimes will correspondingly evolve. During Industry 1.0, fraud was as simplistic as loan defrauding or unauthorized sale of goods. Fast track to Industry 4.0, we are in the era of smart technology. The pervasiveness of digitally connected devices and personal data sharing resulted from massive use of social media, IoT, eCommerce, cyber-physical world to achieve immediacy of transactions.
Just last year alone, a PwC report found that more than two in five companies in Singapore experienced fraud over the last 24 months; with nearly a quarter (compared to 13% globally) indicated that their losses exceeded USD 50 million.
New emerging financial crime patterns, enabled by these new technologies, coined as Financial Crime 4.0 by GBG, encapsulates the mega evolution of financial crimes and emerging fraud typologies spurred by the current state of hyperconnectivity in today’s landscape.
In this new age, we are seeing socially engineered first-party fraud, cyber engineered fraud and hybrid use of social and cyber engineered fraud all working together and seamlessly coordinated by international crime syndicates. Fraudsters are increasingly agile, skirting around fraud measures – instead of deploying bots, they are creating human farms to do manual applications. The mining techniques are sophisticated, and the fraud execution is almost flawless at times.
Is enough being done to combat the risks and threats – by governments, FIs and technology solution providers?
Dev Dhiman: It is encouraging to see that, over the past couple of years, regulators are getting more stringent and enforcing stricter penalties. However, as digital adoption accelerated, it also resulted in a record year for financial fraud. A McKinsey research found that FIs lose nearly three dollars for every dollar of fraud (once associated costs are added to the fraud loss itself), and in 2018, the World Economic Forum noted that fraud and financial crime was a trillion-dollar industry. To further complicate matters, fraud and financial crimes today can effortlessly adapt to the “vibrant” environment of the threat landscape.
As regulators put into place more safeguards, banks will also need to comply with the maze domestic and international regulations that are evolving constantly. This forces banks to reassess current gaps in their systems and look into how to manage any issues that might arise.
In Singapore, the government has been proactively working to strengthen FIs’ fraud prevention and detection tactics – from forming a Cyber Security Advisory Panel (CSAP) to ensuring that its Technology Risk Management (TRM) Guidelines keep up to date with the changing landscape.
In Malaysia, the central bank passed the RMiT policy in 2020, which mandated new governing standards and guidelines for technology risk management and cyber risk management for FIs. To enable them to meet these new requirements with end-to-end fraud and cyber risk management solutions, we worked very closely with the banks to help put into place systems to meet these new requirements.
The work to fight fraud and prevent it from happening never ends. What seems adequate today would have a shortfall tomorrow, in a changing dynamic world of fraud – FIs have to constantly innovate and effect new measures to combat fraud. With the launch of GBG Intelligence Center, we provide a platform and comprehensive capabilities for FIs to leverage enriched data intelligence on identity verification, biometric verification, mobile and IP, email, location, cyber endpoint threat, credit risk, and relationship association to augment fraud detection and accuracy, as well as any bespoke systems which are required.
How will FIs in APAC be driven to evolve in 2021 to meet the key challenges and demands of fighting financial crime and digital fraud?
Dev Dhiman: As technology and digitalisation continue to be key focus areas in the years ahead, it will also play a crucial role in the fight against the rise of Financial Crime 4.0. To be able to effectively address the key challenges in the years ahead, there are four key ways that FIs will be expected to evolve in 2021:
- Digital customer experience expectations with applied AI will continue to skyrocket. In 2021, FIs and fintechs will continue racing to deliver instantaneous services through new financial products. To take CX to the next level, there is a probability that the financial services sector will explore the replication of successes from other industries.
- Cross-vertical collaboration and consumer data drill-down are re-shaping the standards of digitalization. Akin to collaborations amongst major enterprises demonstrated that investment across industries can work together effectively to serve customers at scale, for instance, Grab recently teamed up with Singtel to launch a digital banking license in 2022; FIs have already reinvented partnerships to form new market propositions, and this openness and innovation would spill over into fraud management. It will propel them to leverage an expanded ecosystem to layer their data with intelligence from specialists in various technologies to equip FIs more effectively with appropriate fraud prevention capabilities as the world becomes increasingly digital-first.
- Expanding availability of shorter-term credit offerings across SEA. The rise of Buy Now, Pay Later (BNPL) businesses and products has disrupted the credit landscape with shorter-term credit services for everyday purchases, faster or no credit checks, instant approvals, and “zero interest”. FIs need to remain vigilant in how BNPL products are rolled out, credits are distributed, and debts are managed. This ease in obtaining credit can lead to more exposure to higher risk borrowers.
FIs focusing on growing their BNPL offerings need to build in stronger measures to onboard consumers who have the ability and intent to pay back what they have borrowed while keeping the standards of BNPL experience to ensure this revenue stream does not go sideways in the long term.
- Mobile-first technology and data intelligence as fundamental building blocks for dynamic digital onboarding and transacting. Mobile devices are widely used to accelerate the digital onboarding and transacting process. FIs are automating the identity verification journey and streamlining biometric and facial verification, document verification and data match altogether in instant KYC.
Mobile devices can do more than enabling the identity verification process. Especially in SEA, with a huge “underbanked” or “unbanked” segment, they are excluded from many traditional financial services. FIs have begun to ascertain the quality of consumers with limited identity documentation, or thin file clients, by leveraging their mobile phones as a personal identity verification device. These alternatives offer data intelligence which FIs could use to fill gaps in physical records, providing assessment and validation to the authenticity and quality of consumer profiles and borrowing intent of these untapped segments.
Beyond 2021, what does the future of fraud prevention and management look like amidst ongoing digital transformation?
Dev Dhiman: If 2020 was the year of digital transformation and adoption, 2021 and beyond will see FIs expanding the use of newer channels like QRcode and experimenting with entirely new ones like voice and AR/VR to provide financial services. With the opening of each new channel, FIs would need to be equally ready to enable fraud prevention and detection on those channels.
Digital customer experience would remain a major focus, such as creating simplicity, speed in access, ease of use, and streamlining the onboarding and transaction journey. To fulfil each of this consumer benefit, fraud and compliance technology would need to be optimised in order to achieve its own breakthrough to meet higher expectations yet remain robust in keeping out bad actors.
Looking ahead, it will be crucial to drill down to every single touchpoint that an organisation has across the customer journey to ensure that there are no gaps for bad actors to infiltrate its systems. While facial recognition is now one of the more secure modes of identity verification, it too, needs to evolve from its current iteration. Today, active liveness appears to be a default practice, but it also creates opportunities for fraudsters to hijack the process, as this process involves taking multiple frames and performing multiple uploads. Newer technology like passive liveness single frame is touted as a step-up from the current practice.
In the era of Industry 4.0, every equipment can become a smart device – your buildings, your consumer appliances, your furniture, and even children’s toys. Fraudsters are mining data in a very sophisticated way and fraud execution can almost be flawless at times. Fraud prevention and management needs to be steps ahead to keep up with these changes and innovations.
What will GBG’s Intelligence Center set out to achieve in the region, especially with FIs?
Dev Dhiman: As the region looks at further strengthening FIs’ fraud prevention and detection tactics, there is still much to be done to reduce the instances of fraud happening. The 2020 PwC report also found that half of Singapore respondents do not investigate incidents; limiting the analysis of root causes of the incident and reducing the effectiveness of other responses.
Understanding these challenges and landscape, we developed the Intelligence Center to help organisations better validate, verify and assess profiles, behaviours and intent of individuals and entities across branch, web, mobile and app, and transform raw data points to data intelligence, to enhance fraud detection and accuracy.
The Intelligence Center, one of the core modules of GBG’s fraud engine, the Digital Risk Management and Intelligence platform, currently has nine categories of fraud detection enhancement capabilities, which range from Digital Credit Scoring to Endpoint Security and Identity Association and Verification. It also has the flexibility to connect to any bespoke systems or solutions required by the FI.
We also know that FIs spend, on average, 30-35% of their time procuring and integrating new technology, which reduces their speed to launch new financial services. For organisations already using GBG’s fraud engine, the Intelligence Center can be easily integrated to facilitate in adding new solutions quickly to help them be more agile in gaining digital trust with their consumers and strengthen their defences against bad actors.
Already, 7 customers have deployed our GBG intelligence Center capabilities. In Indonesia, we are working with a BUKU 4 state-owned bank, and in Australia, we count several top-tier banks, a ‘buy now pay later’ (BNPL) company, consumer financial services firms, a building society, and a leading insurance firm as our clients.