The growth in digital banking and e-commerce, spurred on by the COVID-19 pandemic, provides fertile ground for fraudsters and money launderers to commit crimes anonymously. Fraud and cyber crimes thought leader, Clive Gungudoo, MoData’s Director of Financial Crimes and Risk Management, highlights five essential controls organisations need to put in place to protect their digital customer journey.
For Gungudoo, educating and informing people about financial fraud and the threat it poses to organisations and individuals is more than just a job, it is his passion. And with more than 25 years’ experience in the field, Gungudoo isn’t just familiar with the various sophisticated methods used to commit fraud, he has expert knowledge on exactly what solutions organisations need to implement to minimise the risk to customers – and to their own reputation.
“Organisations need a layered approach to fully protect themselves and their customers from fraud and money laundering risks,” says Gungudoo. “This means a complete set of non-intrusive financial crime risk management controls can and should be integrated across the digital customer journey to proactively red flag possible fraudulent activity, establish customer trust and ensure compliance to regulatory obligations.”
As Gungudoo explains, while many customers were already utilising online and digital services before the pandemic hit, global COVID-19 lockdowns caused this number to spike significantly, as people were forced, out of necessity, to become digitally active. For many, this was the first time they were utilising online banking and shopping services. “While this business online presence provides 24/7 customer convenience and opportunities for significant revenue growth, it also provides a fertile ground for bad actors – like fraudsters and money launderers – to commit crimes.”
In order for organisations to safely conduct business online and provide their customers with peace of mind, they must stitch these five basic controls into their digital customer journey:
1. Dynamic device fingerprinting and risk analysis
Fraudsters generally use stolen devices or manipulate previously used devices to masquerade as a trusted known user or as a new user, effectively enabling them to remain anonymous.
“As soon as we introduce a new actor, the device – a desktop, laptop, mobile phone or tablet – into the transaction, financial service providers are faced with a trust dilemma – they need to know who is really behind the device,” says Gungudoo. “Dynamic device fingerprinting enables organisations to accurately detect cyber crimes such as device and location spoofing, device switching, IP resetting, emulators, fake devices, click farms, botnets, residential proxies, 'man in the middle', 'man in the browser' and remote access attacks – plus other advanced methods used by fraudsters. This real-time service provides a fraud score and cyber risk analysis that is channelled back to the business so that they can decide whether to allow, or challenge, the new registration, login or payment request,” says Gungudoo.
2. Behavioural biometrics
While legitimate and private data can be stolen or sold on the dark web and fake or synthetic identities can be manufactured, each user exhibits specific behavioural patterns, which cannot be stolen or duplicated. Behavioural biometrics is needed to detect and prevent account opening and account takeover fraud by passively and continuously monitoring user behaviour from login to logout.
“Behaviour is unique to each user – whether you’re left- or right-handed, the size of your thumbprint, your keystrokes or time between sessions. Behavioural biometrics analyses user behaviour in real-time to detect that your behaviour is not congruent to how you normally transact on your account. It uses mobile motion patterns and takes into account criminal patterns to flag fraudulent behaviour,” says Gungudoo.
3. Document forgery detection
Frequently, organisations’ due diligence and credit processes require customers to upload documents digitally. However, skilled fraudsters are able to expertly manipulate documents like IDs, driver’s licences, payslips, bank statements and other FICA, proof of income, purchase order and invoice documents so that the changes cannot be detected by the naked eye.
“There are professional document forgery services available – they are so expertly done that regular checks and balances and manual reviews simply don’t cut it,” explains Gungudoo. “A sophisticated Document Forgery Detection service is essential and can be applied across the customer life cycle – from customer onboarding to a new credit application, to supply chain finance, insurance underwriting and ongoing due diligence.”
4. Real-time transaction monitoring and strong customer authentication
Fraud and money-laundering activity is carefully hidden among vast amounts of legitimate transactions in the financial system, making it difficult to detect. Legacy systems typically use traditional data and supervised rules and models that reactively generate alarms – many of them false. “This requires organisations to employ large teams to manage this unnecessary workload, which ultimately impacts the bottom line,” says Gungudoo.
Real-time transaction monitoring allows organisations to be proactive rather than reactive by applying a combination of artificial intelligence and expert rules on big data to detect and prevent new and known fraud and money-laundering threats and typologies in real-time. “This greatly reduces false red flags – and is much more accurate when it does flag an issue,” says Gungudoo.
5. Advanced case management
This service allows organisations’ fraud, cyber intelligence, anti money-laundering, operations and investigations teams to unify and work more efficiently and effectively in managing, tracking, informing, investigating, prosecuting and reporting fraudulent transactions and suspicious activity. “This service bridges the proactive and reactive realm of financial crime risk management via one central intelligence and response hub – the cost and time savings are significant, more so in a hybrid working environment,” says Gungudoo.
Core to MoData’s promise of helping organisations create a customer journey that is innovative, intelligent, intuitive and safe is MoData Digital Services (MDS), its software as a service marketplace for all financial crime risk management operations.
“MDS enables organisations to implement a layered approach and deploy modernised technology that protects their customers and their reputation. Our monthly subscription-based pricing and pay-as-you-use model means organisations can gain direct access to MDS and our innovative products and services with no massive upfront investment,” explains Gungudoo. “As subject matter experts and thought leaders, we are continually scanning the market for emerging trends – and we always make sure our technology stack is current and relevant. This means we’re able to give our current and new customers in Africa and the Middle East access to leading global software that fits their market and needs at a competitive price point, which includes implementation, professional services and support.”
About Clive Gungudoo
MoData’s Director of Financial Crimes and Risk Management has more than 25 years’ experience in the industry, having worked with four major banks, including as Global Head of Fraud Insights and Analytics at Standard Bank Group. As a thought leader, Gungudoo has a passion for digital and anti-financial crime strategies, while innovating alongside clients to deliver the best solutions for their organisation. The combination of his background in IT, risk management and strategy execution enables him to identify opportunities and risks within the marketplace. Gungudoo is able to draw from a range of business experiences to deliver projects that leverage digital technologies effectively. https://za.linkedin.com/in/kumaranclivegungudoo
Share