What and how are financial institutions coping with the increase in fraud? What are the risks involved in the age of the internet? These were discussed by panellists led by Babu Nair, Group Publisher, Banking Frontiers.
Panelists
- Vijayalakshmi Muddu, GM – Fraud Prevention & Monitoring Dept – State Bank of India
- Pramod Rao, Head – Fraud & Risk at Axis Bank
- Manish Agrawal, Head Credit Intelligence Control at HDFC Bank
- Sunder Natarajan, Chief Risk Officer at IndiaFirst Life Insurance
- Darshit Sheth, Principal Officer & MLRO at Thomas Cook India
- Ajit Pillai, Country Manager, India – FCC at LexisNexis Risk Solutions
Ajit: Financial institutions participated in the survey which shows the true cost of financial crime compliance in 2022. The respondents were a mix of decision-makers and operational teams. Actionable insights can be derived from the results. Since 2020 the spending on crime has significantly gone up by 24% and stands at around $6.85 billion. The cost has increased on 5 pillars:
- (i) Labour and technology
- (ii) Digital payments and Cryptocurrency
- (iii) Identification and alerts of fraud
- (iv) Pandemic has negatively impacted compliance
- (v) Investment in technology.
The key takeaways from the survey are:
- (i) Digital transformation is a game changer
- (ii) The linkage between the pandemic, digital crime, and an increase in compliance
- (iii) Technology improves compliance processes
- (iv) Robust and accurate data.
Babu: How are banks balancing people and technology in wake of newer compliances?
Vijayalakshmi: Investment in technology has helped institutions reduce the impact of risk. The kind of technology and the intervention point is also critical. We need technological intervention in high-volume but low-value transactions where the manual part is supplemented by technology.
Babu: Your thoughts on the synergy between people and technology?
Darshit: Automation does play role in deriving a conclusion. There is a subjective call that needs to be taken on how much technology to use. It helps whenever technology is placed to do real-time screening and derive and take subjective decisions for the fraud risk team. Readiness and preparedness for the adoption of technology by the organization are the keys.
Sundar: Compliance empowers us and is not a restrictive phenomenon. Compliances are placed to keep the interests of all stakeholders and to have a healthy relationship. Having more compliance officers is not sufficient, compliance has to be embedded into the DNA of the organization. Each process, technology and SOP have to be built on compliance.
Pramod: There has to be clear communication within the organization on the importance of compliance. There has to positive influence around compliance and the employee should not be forced to follow compliance. The financial institutes handle public money hence it is important to comply with regulators.
Ajit: The cost of compliance can be exorbitant unless managed proactively. The cost can be the training of people or technology. If we are able to link the non-compliance to potential business to all the stakeholders, then they will bind together and understand the importance. If all have the vision, then it is easy to make compliance as BAU and the culture of the organization. Secondly, by leveraging data. People are of opinion that compliance can give a competitive edge. During the pandemic, this has been observed.
Babu: What are the new frauds that institutions are coming across?
Manish: It is obligatory for a bank to do compliance. The regulator is also monitoring that certain standards are also met. The digitization in India is revolutionary and is the largest in the whole world. By setting certain parameters, the regulatory body is ensuring this happens in an organized manner. Fraud can be categorised into various buckets, such as payment transaction and loan origination. Each comes with its own challenges.
Babu: What are the insurer’s perspectives?
Sunder: While talking about life insurance there are claims-related frauds which creep in. This has changed over time. Previously it used to be people taking small premium policy and large claim. It transformed into a small premium policy and small value claim so that it passes the initial test. Now they take policy, pay for a couple of years and then commit fraud. This stems from the regulator’s policy which states that if 3 payments are done then the insurance company has to pay. We see a lot of BAU and innovative frauds and have to manage that. It is also better if processes are set up for the prediction of such frauds.
Pramod: Not long ago, compliance was docked under internal audit and not given much importance. Also, the scamsters are innovating with their cheating mechanisms.
Darshit: We have noted that fraudster has a lot of opportunities to cheat a customer at various levels. This can in a way attributed to completely digital transactions. To identify this fraud as external or internally by the employee has to be dealt with on a case-to-case basis.
Vijayalakshmi: We need to identify the point where the customer is not inconvenienced and also be able to stop the fraud. As we move ahead with product launches the marketing team announces the best features in products. We might be looking at the possible opportunities who are our future business associates but potential fraudster is also looking at the embedded features of the product and sees the highest vulnerable feature to exploit. While designing the product it has to be kept in mind that the cheater is part of our audience. In fact, he is intently listening so that he can target the institution or the client.
Babu: How are organizations preparing themselves against the advancing scams?
Sundar: The fintech community has become a necessity in today’s world. Change is not easy and has its challenges. Fintechs don’t have the baggage and make change easy. A BFSI company might try to break down a problem into smaller bits and issue it to different fintechs, making it faster to solve the issue.
Pramod: Fintechs are agile and innovative. They can be compared to any other digital company focusing on bringing innovation. While banks are caught in their own structured legacy systems and find it difficult to deliver in a short time. It is better to engage with fintechs which has been delivering in a short time. Another important part of this whole amalgamation is that banks are answerable to the regulatory authorities. There has to be a clear definition of where the bank’s work stops and fintechs take over.
Vijayalakshmi: It has been an eternal question of whether to make or buy the solutions. Fintechs are like partners who provide agile solutions. They can be subjected to compliance as well as security and tailored to the organization’s core values. This model suits the banks as there is less burden of investment. They have to just install the interface portion at their end. It is easier if roles and responsibilities are defined. Fintechs focus on creativity and speed which needs encouragement helping banks focus on doing business.
Ajit: A partnership in which both can lean on each other’s strengths is a good idea. As banks lend their expertise, fintechs bring innovation and swiftness. Customers often voice out that the amalgamation is missing.
Babu: What is the new innovation that provides minimal intervention and intrusion into the customer but maximizes compliance?
Darshit: The latest observed trend identified is awareness among customers. They know what kind of products they want to get and about compliances. That has reduced the reluctance from customers in sharing the information and hence condensed the friction. Fraud risk management has increased in most organizations and people are more aware of the risks involved. They are well prepared to safeguard their own data.
Manish: UPI is a great example of frictionless engagement for the customer. In the future SMS and OTP verification is going to give way to something advanced. Multifactor and silent authentications are going to come. With advanced technology at their disposal, fraudsters are also going to up their game. And we should be prepared for eventualities.
Babu: How can one combine information from data sciences and clarity on information along with risks?
Vijayalakshmi: Customer profiling helps in knowing the person behind the transaction. For example, as a bank, we know the time-of-day customer does most of his transactions. AI and ML learn from previous transactions. Some set of rules is placed which validate with customer pattern. And proactively we can predict out-of-character transactions. Newer technologies are already in place and horizons are being expanded.
Sundar: Digitisation of public records like death records available online can make difference in the future. These are signalling a change in the claims process. For example, an airline delay message from the airline will trigger the claim. Many claims get unclaimed, as the nominee doesn’t sort them. But digitization can trigger the claim for various policies from a variety of vendors.
Manish: We are happy that false positives are going to reduce. With AI coming into the picture the efficacy will improve and the time spent by the compliance team on false positives.
Pramod: How well you integrate data and behaviour to make a sensible combination is going to determine the success of the technology.
Babu: What is the next step in simplifying financial crimes?
Ajit: Knowing the customer is not just about the confirmation of their physical identity. We have evolved to understand the pattern to test the validity of transactions or behavior. Compliance officers have a bigger role in business development. With sharper insights, early frauds can be detected and can add value to growth. They now have a bigger role in product design and solutions. With Fintechs becoming more aggressive on credit card payments, payment processes have to catch up. Compliance is now not seen as a supporting cast and has a bigger role in synchronization across the organization.
______________________