Financial criminals have become increasingly sophisticated. From data breaches and money laundering to cryptocurrency payments for ransomware attacks, the complexities of financial fraud call for AI’s adaptability and power.
The proliferation of financial fraud in the U.S. during 2020 and into 2021 has far reaching effects. Major banks have shut down legitimate bank accounts for suspected fraudulent stimulus payments. Consumers and businesses are falling prey to call center scams, account takeovers and micro deposit fraud that extract funds from both traditional and cryptocurrency accounts.
Meanwhile, financial service institutions remain responsible for protecting consumers from large-scale fraud. ATM and payment card fraud, and money laundering reached all-time highs as in-person banking decreased during the pandemic.
Growing financial fraud in the U.S.
Consider these areas of concern about financial fraud:
- Organizations in the U.S suffered 1,473 cyber attacks in the past year, leading to 164.6 million successful data breaches
- 71 percent of all data breaches are financially motivated
- Commerce data breaches account for 80 percent of payment-card-related investigations
- In 2017, banks were the target of 47 percent of financial data breaches
- Nearly $1 billion is paid to ransomware scammers each year (FBI)
- 92 percent of ATMs are vulnerable to hacking
- Eight out of 10 U.S. citizens are concerned that businesses are unable to secure their financial information
- 66 percent of businesses falling victim to data breaches aren’t confident they can recover
Using machine learning and AI to tackle financial fraud
Chris Merz, Vice President, Security and Decision Products, Mastercard, recently participated in a panel discussion with Prag Sharma, Global Head, Artificial Intelligence Center of Excellence, Citi Group, and Jane Lee, Trust and Safety Architect at Sift. They discussed the use of machine learning and artificial intelligence (AI) to combat payment fraud and money laundering, including a look at new technology-based financial services and differing challenges of crypto wallets and cryptocurrency. Scott Hamilton, Contributing Editor at Finextra, moderated the session.
The session, Tackling the new frontier of fraud with machine learning, produced six key insights into using AI to detect financial fraud in 2021.
Insight 01 — Transactions are all about data
With the majority of banking transactions occurring online, whether ACH, wire transfers or other technologies, they all come down to securely transferring data from one party to another. The average cost of a data breach in the past year was $3.92 million annually per company across all sectors. In the banking industry, however, the cost of cyberattacks was $18.3 million per company in the same period.
“More digital data is pushing us to use more digital technologies and newer technologies such as blockchain and/or machine learning to make these transactions more robust and let them fly faster across the whole world,” says Prag Sharma of Citi Group. “When we talk about machine learning and digitization, we are really talking about data.”
That volume of data leads to a need to personalize data. Personalization allows the AI to respond or process standard tasks to deliver the best results and experiences for users.
Look for the outliers
At Citi, they can look at six or 12 months of a client’s data to know how they interact with their accounts. If a client starts to behave differently, the AI flags that as an outlier. Sharma says it may not necessarily indicate financial fraud, but it’s important to review outliers as warning signs that could signal an impending cyberattack.
Fraudsters are becoming more sophisticated and using better technology to launch massive attacks and account takeovers with regularity. Account takeover and identity fraud cost financial institutions (FIs) $16.9 billion in 2019 alone. In response, FIs are increasingly using AI for digital authentication and fraud detection, while keeping customers’ needs at the forefront.
“If that outlier happens to be fraud, you want to provide what we call ‘dynamic friction,’ the right amount of friction for the activity. For good activity and good users, that has to be seamless… or they’re going to go elsewhere,” says Jane Lee of Sift. “It’s a very saturated market; they’re going to quickly go to a competitor.”
Insight 02 — AI identifies patterns in financial data
So how are those outliers identified? It’s a matter of pattern recognition by the AI solution in place. One of the advantages of machine learning is its continuous ability to automatically update as behaviors change over time.
Chris Merz of Mastercard uses the example of one shipping address for goods from multiple payment cards. If the AI recognizes dozens of payment cards connected to one address, it isn’t necessarily a bad thing. That address may be a retail outlet where consumers pick up online orders. The AI solution will learn this at authentication and remember it for future transactions to that address.
AI makes sense of the enormous amount of data in an organization. It analyzes information from across networks, deriving patterns and anomalies within nanoseconds.
Insight 03 — Data sharing and collaboration recognize widespread fraud
Financial fraud is an industry-wide problem and combating it tends to be collaborative, leading to better insights.
“That said, there’s still a need for improved, faster feedback,” Merz says. “We have a fraud and loss database that all issuers contribute information to.”
Issuers often report the first fraud they find, even though there may be more. They don’t always give the reasons for declines, so other issuers don’t know if fraud was suspected.
Merz believes merchants could be more forthcoming but want to protect their customers’ data or feel a sense of protective ownership. The issue, Merz says, is the potential of masking bigger problems.
“Merchants don’t necessarily have the network view that we do. If we get the actual anchor information, such as the billing address, shipping address and so on, we can see if it’s being used elsewhere,” he says. “This might be a legitimate customer, but there may be something going on that the customer doesn’t know about that we see elsewhere on the network.”
Insight 04 — Real-time detection is key
While Mastercard has used real-time detection for over a dozen years, the current trend of account takeovers and ransomware increases demand for this capability. Many scams lead to money being ported into crypto wallets. The issue is that once a transaction completes, there is no record and therefore no opportunity for manual review – crypto wallets are untraceable. AI catches suspicious transactions before they complete.
“The more real time business is getting, the more you have to get away from manual processes,” Merz says.
Sharma adds “Machine learning could be the missing piece in ensuring more payments are real time by doing some complex checks as the payments go through the system, beyond simple rules.”
Insight 05 — Anti-money laundering (AML) is a major player in financial fraud
The panelists all agreed that AI is the perfect tool to deal with the complexities of money laundering. The ability to access hundreds of data points simultaneously enables AI to prevent money laundering in real time.
“The notion of collaborative data sharing is really key here,” says Merz. “AML is only as good as how holistic your view is.”
He adds that fragmentation exists even within individual FIs. While the demand deposit accounts (DDA) side of the business may perform reviews, their data is rarely compared to that of the payments side. This siloing of departments enables money laundering to go unchecked.
Insight 06 — Use AI for the right purposes, at the right time
It’s important to recognize that AI doesn’t solve every problem. Sharma emphasizes that AI solves a subset of problems based on having the right data available. Further, that data must be labeled correctly to be useful.
“My perspective is 1) you should be using machine learning and AI to combat fraud and other activities within your organization,” Sharma says. “And, 2) are you using these in the right ways to get the maximum impact with these technologies?”
In other words, are you “right sharing,” sharing both information and insights? Merz explains data needs to be shared in a way that’s compliant with standards and regulations while giving the other party the opportunity to leverage it.
“It’s sharing the right data in the right way so you can still protect your customers as they move throughout the transaction lifecycle,” he says.
Sophisticated financial fraud needs sophisticated AI detection
Fraud becomes increasingly complex and sophisticated each year. Online transactions are increasing substantially, cryptocurrency is rising in popularity and fraudsters have access to their own advanced technologies.
Digital currency presents new challenges. The anonymity of users makes it ideal for ransomware payments and money laundering. Meanwhile, fraudsters are upping the ante of eCommerce fraud and account takeovers.
Learn how one global acquirer used AI for fraud prevention, anti-money laundering and credit risk management in our Worldpay case study.