The dynamic transformation of enterprise fraud management ecosystems

With the ongoing advancements in technology, new regulatory mandates and the changing tactics of fraudsters, Enterprise Fraud Management (EFM) is always trying to stay ahead of the curve.

The last few years have shown this trio of trends can align to create a perfect storm within the EFM landscape.

Legacy EFM ecosystems no longer stand up against market forces and the changing landscape they face today. With financial institutions facing challenges from all sides, EFM strategy’s need to evolve. There is no single solution that is sufficient to address the vast number of fraud typologies that target these organisations.

While some research firms have attempted to analyse the “big picture” in the EFM vendor landscape, criteria remains largely focused on first-generation system architecture and fraud management capabilities. But you can’t manage what you can’t see. Financial institutions are struggling to improve fraud detection capabilities in areas where existing EFM systems are failing to deliver, resulting in increased fraud losses and high false positives.

Fraudsters’ shifting tactics: Global surge in authorized push payment fraud (APP)

Perhaps one of the most profound recent market shifts that has had a direct impact on enterprise fraud management as we know it is the global emergence of authorized push payment (APP) scams. Stories of victims losing their life savings to scammers have dominated headlines in recent years, catching the attention of both regulators and consumer advocacy groups and fuelling heated debates about the standard of care financial institutions must assume.

APP scams take on many forms, but one of the most common is the bank impersonation scam. These scams typically originate with a text message or phone call where the scammer pretends to be from a bank’s fraud department and is contacting the consumer to warn them of a fraudulent or suspicious transaction. The scammer then attempts to manipulate the consumer into transferring their money into a new account that has been set up by the bank to “protect” their money. The account, however, is actually a mule account controlled by the scammer.

In the UK, APP scams continue to be the top form of financial fraud impacting banks and consumers. With APP, fraud results in losses averaging £500 million per year since 2019.

So, why is this change in fraud tactics so important? There are several reasons, including:

· Legacy fraud detection technology is not designed to detect APP scams. In these types of scams, the fraudster deceives the legitimate user to make the

payment. Thus, traditional authentication checks that rely on device, location and network parameters will not deliver high-risk signals.

· These payments are mostly considered authorized, leaving many consumers to bear the loss. While many countries have some mandate for financial institutions to bear responsibility for unauthorized transactions, APP scams are often viewed as “authorized” payments, regardless of how the consumer was deceived. Thus, banks are not typically responsible, and any customer reimbursement is entirely voluntary.

· Mule networks have risen in tandem with APP scams. The role of mule accounts is a central, but often overlooked, component of the entire fraud ecosystem. Without a mule, APP scams (or any type of fraud for that matter) is not possible. If you can’t send the money, you can’t steal the money. As APP scams proliferate, mule networks have sprung up at an alarming pace to allow fraudsters to launder their stolen money. This has created an increased burden on banks and a renewed focus from regulators on the money laundering problem.

Regulatory mandates: Increased scrutiny and liability for receiving banks

The rise in APP scams combined with the increase in supporting mule networks has caught the attention of regulators. The most prominent action taken to date is the mandatory liability shift announced by the UK Payment Services Regulator (PSR) in 2023. Under the new rules, expected to go into effect in October 2024, payment service providers will be required to reimburse customers in full for any APP fraud losses, with both sending and receiving firms sharing 50:50 liability.

Prior to the mandate, UK firms operated under the Contingent Reimbursement Model (often simply referred to as “the Code”). As of 2023, APP scam reimbursement rates in the UK were 62%. The goal is to bring it to 100% in 2024 under the new rules.

Following the UK’s lead, many countries are signalling they are ready to take similar action by recognising that while scams are a problem, mule account management is an equally significant part of the fraud epidemic. Potential liability shifts provide banks with more incentive to implement mule controls.

Cyber fraud fusion centres on the rise

Regulatory action is typically the biggest driver of change for financial institutions. As some countries start to take steps to push financial institutions to implement proactive mule detection controls, the anti-money laundering (AML) function will be flipped on its head. Controlling for mule accounts will no longer just be a downstream practice where investigations take place post-payment. Real-time detection controls will be necessary, thus expanding the responsibility of the fraud team and forcing increased collaboration between fraud, AML and cybersecurity teams.

Today, most financial institutions are lagging when it comes to better coordination and integration between their fraud and AML functions. According to a Forrester study, 69% of financial institutions report that the number of days spent on AML investigations has increased. In addition, three out of four responded that financial risk to their organization increases significantly with each additional day needed to investigate financial crimes. Despite the inherent risks, less than 10% of financial institutions noted that their fraud and AML functions are fully integrated.

While collaboration and information sharing has become pivotal, financial institutions are also faced with the pressure to consolidate technology and reduce the number of vendors with whom they work. This is evidenced by the growing number of financial institutions investing in cyber fraud fusion centres to create a centralized environment that aligns the data, technology and operational capabilities of traditionally siloed teams. According to Gartner, by 2028, 20% of large enterprises will shift to cyber fraud fusion teams to combat internal and external adversaries targeting the organization, up from less than 5% today.

Given the complexity of cybercrime and the differences in financial institutions and their unique requirements, EFM strategy requires a layered approach and flexibility in the solutions that support it. A layered defence allows financial institutions to address

different aspects and stages of fraud attempts across the digital lifecycle and cross-verify suspicious activities to increase confidence in risk decisions.

The importance of behavioural biometrics intelligence within the EFM ecosystem can no longer be ignored given customer adoption and success. Many forward-thinking institutions have implemented the technology to bolster or complement existing EFM systems, detect emerging fraud types and elevate customer safety in digital banking.


About the Author

Jonathan Daly is BioCatch CMO. BioCatch is the leader in Behavioral Biometrics which analyzes an online user’s physical and cognitive digital behavior to protect individuals and their assets. Our mission is to unlock the power of behavior and deliver actionable insights to create a digital world where identity, trust and ease seamlessly co-exist. Leading financial institutions around the globe use BioCatch to more effectively fight fraud, drive digital transformation and accelerate business growth. With over a decade of analyzing data, over 60 patents and unparalleled experience, BioCatch continues to innovate to solve tomorrow’s problems.

Featured image: Adobe

more insights