Problem Shared. Problem Solved.
Five steps to tackle silos, and target financial crime.
This guide explores how to break down the silos and barriers standing in the way of modern, effective anti-fraud measures. And it lists the steps that must be at the front of the C-suite’s mind when addressing the challenge of silos. Read on and discover how you can transform your financial-crime-fighting approach.
The shifting landscape of modern banking is anchored by a digital bedrock. And it’s from this core that new possibilities bubble up to the surface for banks. But this evolution represents both opportunity and threat for you. For all the positives, such as fostering a close relationship between banks and customers, the digital world creates fissures in your security, opening you up to the ever-evolving perils of fraud, money laundering and cyber compromise.
These vulnerabilities are magnified by silos. Banks traditionally depend on internal borders for confidentiality, compliance and fraud prevention. And yet, conversely, by maintaining these divisions and silos, the financial sector is preventing the sharing of critical threat intelligence and security insights. In short, silos are being exploited by cyber criminals to turn what you might perceive to be your best defense against you.
This guide explains how, by adopting a cooperative, uniform and universal approach, you can significantly improve your resilience to cyber attacks and fraud, without additional outlay. And it explores the benefits of common operating models, open data sharing and industry-wide collaboration.
1
Start with Data
When it comes to the data stored by a financial institution, there are two certainties: that there’ll be plenty of it, and that it won’t be uniform.
- Addressing data discord represents real opportunity.
- Both practical and human data elements need to be considered.
- Data insights can uncover risk exposure.
Silos are often innocently and unknowingly created by disparate processes, systems, and teams – each storing and using data differently. Addressing that data discord represents a real opportunity to bring down silos. But it can create real headaches too, such is the inevitable upheaval required to solve this challenge.
Compliance, fraud and cyber teams first need to convene and acknowledge the opportunities that breaking down silos can create. That in itself is an immense task. It requires numerous teams and systems to align in order to gain a holistic view of the data your organization retains. Then, the practical and human elements governing how data is arranged and used need to be considered.
But once this interdepartmental group arrives at a consensus, it can then work to explore how data held in other silos could improve performance or efficiency across the organization. And these same insights can also be used to uncover the level of risk a bank is exposed to.
2
Tackle Specific Use Cases
Generating that commitment to collaborative working is a huge first step. Now you need to prove that step was worth taking. So, look to prove an immediate and measurable win.
Few financial institutions will be ready to take a leap into the brave but ultimately unknown silo-free world. Show your theory works and you’ll be better positioned to demonstrate value and build momentum.
Compliance departments will often spot these sinister entities first, but they can be relevant to other teams across a bank too."
Find an ideal candidate to exhibit your frictionless approach – like mule accounts, for example. Compliance departments will often spot these sinister entities first, but they can be relevant to other teams across a bank too. Help your compliance team to share intelligence, information and data with the fraud department, and the mule account in question can be blacklisted. And just like that, you’ve got your proof of concept – the foundations on which you can build further silo-less initiatives.
3
New Channels
As interactions with your customers shift from in-branch to phone, online and mobile banking, opportunities for criminals flourish. These new channels create the potential for fraud, theft and money laundering to be committed at scale.
- With new channels, opportunities for criminals flourish.
- It's crucial to supplement and improve data with modern tools.
- Transformed customer insight is often an additional benefit.
The challenge is that ageing systems which pervade throughout the banking sector simply aren’t set up to handle the demands and pressures created by new channels. Often the result of mergers and acquisitions, many banking IT platforms are rigid, cumbersome and incapable of identifying the nuanced early indicators of compromise that are specific to new channels.
It’s crucial, therefore, for your organization to supplement the data collected by established systems with that gathered by modern, fit-for-purpose tools. There’s no denying that aligning the data collection processes to span both in-branch and online channels is a significant challenge. The results will be worth the toil however, with transformed customer insight often an additional (and welcome) benefit.
4
Become Entity-Centric
Tracking and reporting on individual episodes of compromise, fraud and money laundering can lead to a narrow and ill-informed view of wider security patterns.
By combining insights from the compliance, fraud and cyber teams and adopting an entity-level perspective, more robust and valid conclusions can be drawn (and shared).
An entity-centric view will help you to communicate more relevant information and trends to the wider industry as well as benefitting your own organization. You’ll be able to identify patterns of behavior which can alert you earlier to criminal activity taking place.
An entity-centric view will help you communicate more relevant information and trends to the wider industry and your own organization."
Adopting an entity-centric approach has a few convenient added benefits. One of the most prominent is that you’ll be in a better position to evaluate the risk you’re currently exposed to across lines of business.
An entity-centric view can help you to dig up hidden patterns or relationships (previously concealed by silos) that present a risk to your organization. For example, you can identify high-credit-risk customers, who can be monitored more closely by fraud and compliance teams.
Breaking down silos makes it easier to implement alerts for specific entity profiles. That means you’ll be better placed to understand the impact of certain activity across multiple lines of business, and therefore able to more accurately identify whether illegal practices are taking place.
5
Uniform Threat Detection
A single, common detection engine helps to break through data barriers and detect threats across multiple datasets, silos and stores.
- Stakeholders must work together to identify common data formats, methodologies and sources.
- Embracing a uniform approach enables your organization to more effectively detect suspicious activity.
Aspiring to adopt a uniform threat detection system demands all stakeholders work together to identify common data formats, methodologies and sources.
After arriving at this understanding, fields can then be standardized, and the necessary alert thresholds set. Enterprise architects can help here, by building and managing a virtualized data model.
Embracing this uniform approach enables your organization to more effectively detect suspicious activity throughout accounts, transactions and across individuals or groups.
One step at a time...
Unifying Compliance, Fraud and Cyber Security to tackle crime will take time – but it's perfectly possible to see a change within three months.
Find out more using our timeline (available below) showing how a financial institution could begin implementing the recommendations of this guide in 100 days. So, take that initial step and establish the collaboration, communication and cooperation to create a united defense against financial crime.
Problem Shared. Problem Solved.
Download the full report for practical advice on implementing each step.
Please send me financial crime insights and updates from BAE Systems.
By submitting this form, with opt-in ticked, you consent to BAE Systems processing your data for profiling to provide you with further marketing communications and tailored, relevant ads. You may unsubscribe at any time using our preference hub or clicking unsubscribe in our emails. To find out about how we use and protect your data, visit our privacy policy.