Banks need to know their customers (KYC) – but they need to know their enemies (KYE), too. Banking has changed dramatically in the past two decades, and adversaries have evolved to match. From mobile apps and contactless to wearables, technology has transformed how and where we bank – and how and where criminals act.
The industry must move fast and think smart to stay ahead of those who seek to subvert it. Financial crime is increasingly sophisticated, global and varied. And it is very often cyber enabled. Pinning down typical perpetrators is harder than ever.
We are seeing increasing collaboration between groups of criminals across the wider landscape of serious and organised crime – something we have profiled before. Attackers' ingenuity in identifying and exploiting new banking vulnerabilities is also growing. We are encountering both new types of fraud – including video and mobile takeover – and a resurgence in older methods, such as counterfeit cheques.
It has never been more important to build insight into the range of adversaries banks face – and the best ways of thwarting them.
Banks need to know their customers (KYC) – but they need to know their enemies (KYE), too. Banking has changed dramatically in the past two decades, and adversaries have evolved to match. From mobile apps and contactless to wearables, technology has transformed how and where we bank – and how and where criminals act.
The industry must move fast and think smart to stay ahead of those who seek to subvert it. Financial crime is increasingly sophisticated, global and varied. And it is very often cyber enabled. Pinning down typical perpetrators is harder than ever.
We are seeing increasing collaboration between groups of criminals across the wider landscape of serious and organised crime – something we have profiled before. Attackers' ingenuity in identifying and exploiting new banking vulnerabilities is also growing. We are encountering both new types of fraud – including video and mobile takeover – and a resurgence in older methods, such as counterfeit cheques.
It has never been more important to build insight into the range of adversaries banks face – and the best ways of thwarting them.
With so many possible methods of committing financial crime, the list of adversaries is very long, says Nick Ryder, Professor in Financial Crime at the University of the West of England. “The scary thing is that it can be anybody. It’s reasonable to suggest that anybody with a mobile phone or access to the internet can be a terror financier,” he says.
While financial organisations, regulators and law enforcement agencies cannot expect to create a definitive list of criminals, they can identify characteristics and patterns of behaviour common to different types of fraudster. These insights may not offer the whole picture, but they provide solid ground on which to build strong but agile defences.
One threat to which banks and law enforcers must pay careful attention is white-collar crime and insider fraud, says Ryder. “One of the problems here is that companies can be reluctant to bring charges against the individual because of the bad publicity that will arise. So in some cases they will just dismiss them.” Of course for those investigating fraud in the short and long term this is not helpful.
Creative criminals will find new ways to disguise their activity. Ryder suggests banks look closely at seemingly legitimate operations – “...things like people testing their online security. This is a growth area for criminals.” Putting a stop to security testing to halt a single attack vector does more harm than good. “From a government and national security perspective it’s crucial to have security up to date,” he says.
Banks also have a duty to communicate about fraudster behaviour with their customers. “Banks really need to make their consumers more aware of things like sophisticated email scams claiming to be from the ‘Inland Revenue’, for example. If people are new to the internet then they’re going to be susceptible.”