Aite’s Inaugural Financial Crime Forum kicked off in Charlotte a couple weeks ago. In attendance were representatives from some of the largest banks and credit unions, including Citi, Wells Fargo, Ally, SunTrust, BB&T, US Bank, Navy Federal and more! The agenda spanned the industry’s most relevant topics and trends, allowing for plenty of interesting discussions. Here is a brief recap of some takeaways for our fraud fighting community.
Multi-Channel —> Cross-Channel
A combination of breached records, consumer expectations and customer journey complexity has produced an incredibly challenging financial fraud environment. While all these factors carry significant weight, an interesting distinction emerged when exploring customer journey.
While managing risk in multiple channels is a must, understanding risk across channels is a bit of a separate challenge. The latter requires maintenance of a complete risk profile as customers navigate from one channel to another, blurring channel lines and providing the most holistic view. When a customer deposits a check with their phone, makes a debit card purchase in-store and later transfers money on-line, you should capture that data every step of the way and continually refresh your risking profile.
To add complexity, there is such a wide spectrum of fraud use cases to solve. Identity proofing, account authentication, transaction monitoring and beyond. The vast landscape of channels and use cases forces banks and FI’s to patrol a seemingly boundless space of risky events.
Bot or Brain?
There were some good discussions around automation and advanced analytics – opportunities to help address the challenging fraud environment.
Robotic Process Automation (RPA) is an interesting opportunity to streamline operations. Basically, automating tasks that don’t require a human brain. Most use cases revolved around data gathering as an element of AML operations, although other applications are surely present. Before introducing RPA, it’s important to have a strong understanding of your process flows. Not all processes can be easily standardized and therefore may not be a good fit for RPA. You should also assess the effectiveness of your current processes. Turning a sub-par process over to a bot simply provides you poor results – faster.
As we venture down the continuum of automation, we collide with advanced analytics. And the buzziest of all buzzwords – machine learning. For all the hype, machine learning has tremendous application in financial fraud detection. However, there is a wide spectrum of sophistication, application and performance.
Contextual behavioral analytics is where machine learning presents the most opportunity. In other words, understanding entities and events on a behavioral level where you can establish individual profiles. This helps analytics move from static if-then statements, to a dynamic, contextual understanding of behavior. This level of advanced analytics helps authenticate across multiple channels and use cases. It has been particularly effective combatting ATO and application fraud, two of the most challenging fraud problems for banks and FI’s.
When Aite interviewed 28 executives from 20 of the largest North American FI’s, they asked “What types of fraud represents your biggest priority for investment over the next couple of years?” The infographic below outlines the results, with ATO (18) and Application Fraud (10), taking the gold and silver.
Customer Friction v. Customer Assurance
It’s widely agreed that the less friction across a customer journey the better. Therefore, when implementing fraud controls the clear challenge is providing secure authentication that doesn’t interfere with customer experience. However, there is an interesting debate on when and where a certain amount of friction is necessary. Some customers like knowing their bank is keeping an eye on their security. Some of them even prefer to be involved in some parts of authentication, ensuring they are appropriately being protected.
Fraud prevention is still a game best won in a friction-free environment. However, having a deep understanding of your business, customers, controls and alerts will serve you well. It will reveal how you can leverage risk-based authentication for a passive, pleasant customer journey. While not ignoring the appropriate time to step up authentication or deliver timely alerts.