Fraud and Risk
Fraud Trends Are Shaping the Banking Industry in 2020

July 20 , 2020

John Lynch

BY John Lynch

SHARE ARTICLE

$68 trillion will transfer over the next decade to a digitally native population. Are you ready for the next generation of wealth?

The truth is, most banks have been slow to react. According to a 2020 finding by Statista, banks’ technology spend will hit nearly $300 billion this year alone. However, these investments primarily focus on the front-end interactions with consumers. On the back-end, some banks are still operating the same way they did 20 years ago in a very manual and analog environment. This leaves even the highest-asset banks susceptible to high-level fraud attacks. The differentiator lies in the ability to orchestrate real-time decisioning and risk mitigation seamlessly within a user-friendly digital customer experience. 

Many banks have taken the “if it ain’t broke, don’t fix it” approach and relied heavily on the branch model. In 2020, the branch model broke. A decade of digital adoption was condensed into a matter of months. 

Fraud Trends

How can financial institutions digitize in a modern banking framework while automating and improving their fraud and verification processes? Our team at Amount has issued over $7.5 billion in digital originations and have learned a few things over the years. Let’s dive deeper into the fraud trends shaping the banking industry in 2020 and beyond.

Application Fraud Rate

Application fraud rate is the number of fraud attempts as a percentage of application volume. Broadly, the blended application fraud rate is between 1% and 2%, but we’ve seen rates as high as 5% across our bank partners over the last year.¹ While these numbers may seem insignificant, it’s enough to inundate an unprepared digital lending program without proper fraud mitigation. Fraudulent actors often present themselves as motivated customers that will do whatever it takes to secure the funds. To understand the true impact of this application fraud, it’s important to see how this fraud manifests itself over time.

Wolves at the door: fraud vs. time

Financial institutions must be ready to confront fraudulent actors on day one. For example, the consistency and relentlessness of fraudulent actors attempting to defraud our bank partners went down over time with implementation of automated fraud and verification but still varied heavily by bank partner.

blended-fraud-rates-by-partner

So what really drives the difference in application fraud rate across these financial institutions? 

While there are a few key factors, we found that fraud rates vary greatly by channel mix. Coordinated fraud overwhelmingly favors organic traffic, whereas family fraud is twice as likely via direct mail or paid advertising channels. Other leading indicators include the bank’s lending footprint itself and the regions in which they lend money.

You have to understand the problem before you can come up with solutions. You need to be identifying the types of fraud and systematically understanding the signs and symptoms of each. It also means differentiating credit losses and fraud losses.

Types of Fraud in the Banking Industry 

Identifying the various approaches  used by these fraudulent actors as well as their prevalence determines how to prioritize solutions based on their financial impact. Let’s break down what we have seen across different categories of fraud.

blog-fraud-types

The opportunistic looter 

Broadly described as one-off crimes of desperation that are not very planned out, these types of fraud attacks are easily thwarted with traditional authentication tactics.

Family fraud 

This type of fraud represents cases of family dysfunction and can include acts of revenge, elder abuse, and more. These fraudulent actors usually take advantage of the access they have to their family member’s personally identifiable information (PII). These are slightly more challenging to prevent because these fraudulent actors have deeper access to the victim, including access to email, phone, bank account, and enough knowledge to thwart knowledge-based authentication (KBA) tactics.

Coordinated fraud 

These are crimes of opportunity, wherein criminals have access to a large pool of identities and probe for weaknesses in fraud mitigation strategy until they ultimately find a loophole and exploit it at-scale.

These highly-sophisticated fraudsters are essentially attempting to crack a safe over a long period of time — months, if not years. We have seen evidence of these criminals essentially “A/B testing” different combinations of inputs to a given lending program — such as loan amount, income amount, employment status, or loan purpose — to find the loophole.

Synthetic fraud

Synthetic fraud is an emerging fraud trend and one that is among the most challenging to detect. It differentiates itself from the aforementioned identity theft patterns because synthetic fraud is technically a “victimless” crime. Synthetic identities are not real people. They are exploitations of the identity gaps in how the credit bureaus operate, new credit files are created against any observed combination of identity elements and do not directly correlate to a true identity.

Because these aren’t real people, these crimes will never be reported. There are two primary types of synthetic fraud: 

  • First-party: Based on the real identity of the applicant with limited changes being made to the SSN or other identity elements. These are often used by individuals to hide a previous history and gain access to credit and credit repair.
  • Third-party: Identities invented out of thin air that have no correlation to the true underlying identity of the criminal. This type of synthetic fraud is used purely to steal funds.

As we studied each category, we found one major theme: fraudulent actors are individualistic and their tactics are often unpredictable. 

Fraud Case Studies

Fraudsters are often counterintuitive. 73% of fraud cases actually made their first loan payment, concealing the crime for a period of time to make the most of the opportunity later. Secondly, 63% of cases took out less than the maximum loan amount they were approved for, a behavior highly indicative of the “safe-cracking” pattern of coordinated fraudsters. 

Case study #1

Our first case study is of a coordinated identity fraud attack that was conducted against a financial institution in the UK.

What happened?

Amount observed a sharp increase in first payment defaults month-over-month. An investigation uncovered a coordinated fraud attack that affected more than 500 accounts.

Fraud ring tactics

Some of the interesting tactics we discovered upon investigation echo the same safe-cracking behaviors outlined previously:

  • 95% of these fraudulent accounts claimed to make £2,500 monthly net income, falling just below a threshold in the partner’s policy that would have required additional diligence.
  • This fraud ring passed KBA at a rate of 98% versus the normal population which passes at a rate of 80%, rendering this authentication tool useless.
  • The fraudsters eluded device fingerprinting flags by swapping their PC card and wiping their cookies repeatedly.
  • The coup-de-gras involved sophisticated fake bank statements that contained overlaid modifying text upon legitimate bank statements to make it appear that the applicant owned the bank account.

Lessons learned

This fraud case study shows that old risk screening tools (device fingerprinting and KBA) proved to be insufficient in isolating the fraud. We also learned that it was critical to have the type of sophistication in document screening processes that could detect fraudulent modifications of original documents imperceptible to the human eye. Finally, we learned that it was extremely important to invest in velocity based alerting that could begin to flag some of the commonalities of these coordinated cases (loan amount, passwords, etc.).

Case study #2

Our second case study showcases a coordinated multi-layer identity fraud attack that was conducted against a leading bank.

What happened?

Amount received a tip on two accounts and leveraged this intel to identify several hundred additional fraudulent accounts that didn’t initially appear to be suspicious at a money center bank.

Fraud ring tactics

The tactics we discovered upon investigation show a highly complex layered fraud that utilized multiple tactics:

  • Virtual machines to make it appear they were applying from a different location. 
  • Voice over Internet Protocol (VOIP) to impersonate customers and newly created emails. 
  • All accounts were making payments and were able to contact the bank to freeze assets on accounts.
  • Accounts were funded due to fraudulent internal bank documents.

Lessons learned

Fraud rings are becoming increasingly sophisticated, complex, and organized, and relaxed fraud checks for opening deposit accounts have become a gateway for future fraud. Qualitative insights must be combined with quantitative analysis to identify highly sophisticated fraud attacks.

Qualitative insights must be combined with quantitative analysis to identify highly sophisticated fraud attacks.

Fraudsters never sleep. Neither should your technology.

If one thing is clear, the fraud trends impacting the banking industry are vast and evolving quickly. These fraud rings are constantly employing new tactics and finding ways to slip through the legacy system gaps that are present in many banks. Based on Amount’s observations, the fraud learning curve is 2-3 years long and extremely unforgiving. The drumbeat of fraudulent attempts is consistent and diverse. The tactics of criminals are as diverse as the individuals committing the crimes. As these criminals continue to evolve, so do we. The fight against fraud and minimizing loss rates never sleeps.

Stop losses. Bring your bank’s fraud and verification processes up-to-speed with Amount 360. Amount 360 seamlessly integrates into your existing origination process via a single lightweight API, and allows you to tailor a fraud and verification policy to best fit your business needs.

DISCOVER AMOUNT 360

Footnotes

¹ Unless otherwise noted in the post, all statistics, findings, images and observations were created by, and belong to, Amount, Inc. The opinions in this article should be used for informative purposes only.

The information in this post is provided for informational and advertising purposes only. Amount's service may vary for each customer. For more information, email us – brand@amount.com.

1 2
John Lynch

John Lynch

John Lynch is the Senior Director of Fraud & Verification Services at Amount, managing a diverse team of fraud strategy professionals and product development experts responsible for Amount’s risk management platform and fraud detection models. With a background in data science, John sees data as the key to meeting the challenges of digital consumer lending.

Fraud Trends Are Shaping the Banking Industry in 2020

Posted by John Lynch on July 20 , 2020
John Lynch
Find me on:
LinkedIn

$68 trillion will transfer over the next decade to a digitally native population. Are you ready for the next generation of wealth?

 

The truth is, most banks have been slow to react. According to a 2020 finding by Statista, banks’ technology spend will hit nearly $300 billion this year alone. However, these investments primarily focus on the front-end interactions with consumers. On the back-end, some banks are still operating the same way they did 20 years ago in a very manual and analog environment. This leaves even the highest-asset banks susceptible to high-level fraud attacks. The differentiator lies in the ability to orchestrate real-time decisioning and risk mitigation seamlessly within a user-friendly digital customer experience.

Many banks have taken the “if it ain’t broke, don’t fix it” approach and relied heavily on the branch model. In 2020, the branch model broke. A decade of digital adoption was condensed into a matter of months.

Fraud Trends

How can financial institutions digitize in a modern banking framework while automating and improving their fraud and verification processes? Our team at Amount has issued over $7.5 billion in digital originations and have learned a few things over the years. Let’s dive deeper into the fraud trends shaping the banking industry in 2020 and beyond.

Application Fraud Rate

Application fraud rate is the number of fraud attempts as a percentage of application volume. Broadly, the blended application fraud rate is between 1% and 2%, but we’ve seen rates as high as 5% across our bank partners over the last year. While these numbers may seem insignificant, it’s enough to inundate an unprepared digital lending program without proper fraud mitigation. Fraudulent actors often present themselves as motivated customers that will do whatever it takes to secure the funds. To understand the true impact of this application fraud, it’s important to see how this fraud manifests itself over time.

Wolves at the door: fraud vs. time

Financial institutions must be ready to confront fraudulent actors on day one. For example, the consistency and relentlessness of fraudulent actors attempting to defraud our bank partners went down over time with implementation of automated fraud and verification (figure 1), but still varied heavily by partner (figure 2).

So what really drives the difference in application fraud rate across these financial institutions?

While there are a few key factors, we found that fraud rates vary greatly by channel mix. Coordinated fraud overwhelmingly favors organic traffic, whereas family fraud is twice as likely via direct mail or paid advertising channels. Other leading indicators include the bank’s lending footprint itself and the regions in which they lend money.

You have to understand the problem before you can come up with solutions. You need to be identifying the types of fraud and systematically understanding the signs and symptoms of each. It also means differentiating credit losses and fraud losses.

Types of Fraud in the Banking Industry

Identifying the various approaches  used by these fraudulent actors as well as their prevalence determines how to prioritize solutions based on their financial impact. Let’s break down what we have seen across different categories of fraud.

The opportunistic looter

Broadly described as one-off crimes of desperation that are not very planned out, these types of fraud attacks are easily thwarted with traditional authentication tactics.

Family fraud

This type of fraud represents cases of family dysfunction and can include acts of revenge, elder abuse, and more. These fraudulent actors usually take advantage of the access they have to their family member’s personally identifiable information (PII). These are slightly more challenging to prevent because these fraudulent actors have deeper access to the victim, including access to email, phone, bank account, and enough knowledge to thwart knowledge-based authentication (KBA) tactics.

Coordinated fraud

These are crimes of opportunity, wherein criminals have access to a large pool of identities and probe for weaknesses in fraud mitigation strategy until they ultimately find a loophole and exploit it at-scale.

These highly-sophisticated fraudsters are essentially attempting to crack a safe over a long period of time — months, if not years. We have seen evidence of these criminals essentially “A/B testing” different combinations of inputs to a given lending program — such as loan amount, income amount, employment status, or loan purpose — to find the loophole.

Synthetic fraud

Synthetic fraud is an emerging fraud trend and one that is among the most challenging to detect. It differentiates itself from the aforementioned identity theft patterns because synthetic fraud is technically a “victimless” crime. Synthetic identities are not real people. They are exploitations of the identity gaps in how the credit bureaus operate, new credit files are created against any observed combination of identity elements and do not directly correlate to a true identity.

Because these aren’t real people, these crimes will never be reported. There are two primary types of synthetic fraud:

  • First-party: Based on the real identity of the applicant with limited changes being made to the SSN or other identity elements. These are often used by individuals to hide a previous history and gain access to credit and credit repair.
  • Third-party: Identities invented out of thin air that have no correlation to the true underlying identity of the criminal. This type of synthetic fraud is used purely to steal funds.

As we studied each category, we found one major theme: fraudulent actors are individualistic and their tactics are often unpredictable. 

Fraud Case Studies

Fraudsters are often counterintuitive. 73% of fraud cases actually made their first loan payment, concealing the crime for a period of time to make the most of the opportunity later. Secondly, 63% of cases took out less than the maximum loan amount they were approved for, a behavior highly indicative of the “safe-cracking” pattern of coordinated fraudsters.

Case study #1

Our first case study is of a coordinated identity fraud attack that was conducted against a financial institution in the UK.

What happened?

Amount observed a sharp increase in first payment defaults month-over-month. An investigation uncovered a coordinated fraud attack that affected more than 500 accounts.

Fraud ring tactics

Some of the interesting tactics we discovered upon investigation echo the same safe-cracking behaviors outlined previously:

  • 95% of these fraudulent accounts claimed to make £2,500 monthly net income, falling just below a threshold in the partner’s policy that would have required additional diligence.
  • This fraud ring passed KBA at a rate of 98% versus the normal population which passes at a rate of 80%, rendering this authentication tool useless.
  • The fraudsters eluded device fingerprinting flags by swapping their PC card and wiping their cookies repeatedly.
  • The coup-de-gras involved sophisticated fake bank statements that contained overlaid modifying text upon legitimate bank statements to make it appear that the applicant owned the bank account.

Lessons learned

This fraud case study shows that old risk screening tools (device fingerprinting and KBA) proved to be insufficient in isolating the fraud. We also learned that it was critical to have the type of sophistication in document screening processes that could detect fraudulent modifications of original documents imperceptible to the human eye. Finally, we learned that it was extremely important to invest in velocity based alerting that could begin to flag some of the commonalities of these coordinated cases (loan amount, passwords, etc.).

Case study #2

Our second case study showcases a coordinated multi-layer identity fraud attack that was conducted against a leading bank.

What happened?

Amount received a tip on two accounts and leveraged this intel to identify several hundred additional fraudulent accounts that didn’t initially appear to be suspicious at a money center bank.

Fraud ring tactics

The tactics we discovered upon investigation show a highly complex layered fraud that utilized multiple tactics:

  • Virtual machines to make it appear they were applying from a different location.
  • Voice over Internet Protocol (VOIP) to impersonate customers and newly created emails.
  • All accounts were making payments and were able to contact the bank to freeze assets on accounts.
  • Accounts were funded due to fraudulent internal bank documents.

Lessons learned

Fraud rings are becoming increasingly sophisticated, complex, and organized, and relaxed fraud checks for opening deposit accounts have become a gateway for future fraud. Qualitative insights must be combined with quantitative analysis to identify highly sophisticated fraud attacks.

Frausters never sleep. Neither should your technology.

If one thing is clear, the fraud trends impacting the banking industry are vast. These fraud rings are constantly employing new tactics and finding ways to slip through the legacy system gaps that are present in many banks. Based on Amount’s observations, the fraud learning curve is 2-3 years long and extremely unforgiving. The drumbeat of fraudulent attempts is consistent and diverse. The tactics of criminals are as diverse as the individuals committing the crimes. As these criminals continue to evolve, so do we. The fight against fraud and minimizing loss rates never sleeps.

Stop losses. Bring your bank’s fraud and verification processes up-to-speed with Amount 360. Amount 360 seamlessly integrates into your existing origination process via a single lightweight API, and allows you to tailor a fraud and verification policy to best fit your business needs.

DISCOVER AMOUNT 360

Topics: Fraud and Risk