Scams, the number one type of crime in the United States, continue to threaten financial institutions and their customers. Recently released data from the Federal Trade Commission (FTC) shows that consumers reported losing more than $5.8 billion to fraud in 2021, an increase of more than 70% from the year former. The FTC also shared that of the 2.8 million consumers who reported fraud last year, the most frequently reported category was once again impostor scams, followed by online shopping scams.
Government programs have also been the target of scams over the past year with more than $300 million lost in stimulus check scams and $76 billion lost in Paycheck Protection Program fraud. (PPP). Overall, attempted financial crimes increased by 109%; and although we would like to rid the world of scams, it is impossible. Cybersecurity attacks have become increasingly sophisticated and harder to detect and cybercriminals are becoming more creative in their methods using a combination of technology and social engineering.
It is critical that financial institutions constantly assess growing fraud trends and stay abreast of current threats when evaluating and managing their prevention strategies. For example, rather than targeting institutions directly, fraudsters often prey on the path of least resistance which is that of account holders. This approach is the most difficult to prevent and control on the side of a financial institution. Methods vary but include IRS scams; prizes, sweepstakes and lotteries; internet services; business and job opportunities; and the ultimate spear phishing attack where the fraudster sends text messages to customers pretending to be the financial institution’s fraud or IT department.
What can banks and credit unions do to protect themselves and their customers from fraud?
- Raise awareness: As consumers grow accustomed to threats of fraud, it is essential that they are aware of how these crimes are carried out and how to detect them. Financial institutions should offer advice and raise awareness of the different types of scams, highlighting the reality of fraud and how they can fall victim to it. This puts financial institutions in an advocacy position, strengthening relationships with account holders, building trust and reducing the risk of customers taking the bait.
- Train staff. Implementing training programs within organizations and educating employees about different types of financial crimes and detection mechanisms will prepare staff to detect and report suspicious activity. Financial institutions need to regularly communicate trends and growing issues to employees at staff meetings because attack methods are changing rapidly.
- Develop a plan to fight financial crime. Financial institutions must begin by identifying, assessing and classifying their assets and risks, and then developing a financial crime strategy that meets their needs. To future-proof the business, e-strategy should be part of the financial institution’s long-term business plan, rather than a separate, disconnected component.
- Harness the power of modern technologies. Once financial crime and cybersecurity programs are in place, financial institutions should implement defensive technologies such as encryption, software patches, firewalls, multi-factor authentication, additional validation and real-time monitoring systems to reduce the likelihood of an attack. Modern AI and machine learning technologies can also analyze customer behaviors, track transactions, and report any deviations from usual behavior in real time. Full automation of fraud detection processes will enable fast reaction times, which will reduce risk.
Finally, having backup and recovery programs will help improve data recovery; and regular monitoring and evaluation of these technologies, along with plans against financial crimes and cybersecurity risks, will help make it increasingly difficult for fraudsters to break through.
Fraud is going nowhere. As technologies evolve, new and improved scam tactics will develop with them. It is essential that financial institutions establish a robust risk management program, proactively educate their staff and customers to help prevent fraudulent acts inside and outside their organization, and invest in tools modern cybersecurity. This will not only help mitigate risk, but will ultimately create an atmosphere of trust and reliability within their organization and their customer base.
Rene Perez is a financial crimes consultant at Jack Henry & Associates, leading the firm’s financial crimes portfolio for 13 years. He also contributes to the Federal Reserve Bank Payments Improvement Fraud Task Force. Jack Henry (NASDAQ: JKHY) is a leading SaaS provider primarily aimed at the financial services industry.