Now is the time for banks’ fraud risk managers and operations teams to rise to the occasion and protect against criminal activities.
The global health crisis and related financial pressures are creating important human and business impacts and challenges. Yet, the situation presents an opportunity for bank’s fraud risk managers and operations teams to rise to the occasion and protect both their customers and institutions from criminal activities.
While fraudsters are expected to ramp up their attacks, hoping to catch banks at a disadvantage, legitimate customers are drastically altering their banking and spending habits, making it more difficult to discern fraudulent activity. We can also expect fraud operations teams to experience a reduction in capacity due to remote work and disruptions in their daily life.
In response, banks are encouraged to increase their flexibility and responsiveness to the situation, making the most of fraud controls already in place while evaluating options to augment those controls with quick-hit improvements.
Banks should also take this opportunity to protect and support customers by providing timely information about fraud threats and easing controls that create too much friction for the current banking environment.
Protect the customer
Banking customers are living through unusual circumstances that drive a desire for information and create a sense of urgency, causing them to lower their guard. Consequently, banks should ramp up efforts to help customers protect themselves.
Adjust fraud strategies
Fraud risk teams should respond quickly to altered banking habits and increasing attack rates. They should make the best possible use of the tools already available and adjust the balance between fraud risk and customer experience to emphasize the needs of legitimate customers.
Shifting an operation’s workforce to work-from-home, combined with disruptions to everyone’s daily routines, can impact the team’s ability to work at full capacity. Banks should make on-the-fly adjustments to balance fraud alert workload across the team and adopt a continuous improvement approach to implement incremental changes.
Actions banks can take now to protect their customers
Phishing schemes and malware attacks aren’t new, but the current situation and the public’s accompanying need for information have created a perfect smokescreen for fraud schemes. Banks are encouraged to launch customer awareness campaigns quickly via online, mobile and e-mail channels to remind customers about ways to spot and avoid common fraud schemes.
In light of the expected growth in fraud attacks, encourage customers to use the account safeguards provided by the bank—multi-factor authentication, account alerts, push notifications to mobile apps and trusted device registrations.
We are observing an increase in consumer scams, in the form of fake charitable organizations and fraudsters claiming to provide access to government programs. Banks should encourage customers to verify the legitimacy of an organization before donating/buying and actively provide tips on how to identify scams.
Messaging to customers about avoiding phishing/SMiShing attacks that harvest online banking credentials or install malware should be reinforced. Fraudsters like to take advantage of the desire for information to lure people to malicious sites, and “news” offered about the current crisis is likely to receive broad interest.
Business Email Compromise (BEC)
Banks should remind small business and corporate customers to verify emailed payment requests, via a different channel, with the person requesting the disbursement. BEC schemes are not new, but everyone’s operating environment has changed dramatically. Financial concern, and in some cases distress, has created a new urgency for businesses, and remote work has distanced people from their co-workers. This is contributing to an environment where spoofed/compromised emails requesting payments are more likely to be actioned without the normal due diligence. Consider lowering dollar thresholds for delaying/reviewing suspicious first-time payments from business accounts.
In my next blog in this series, I will discuss actions you can take to adjust your fraud strategies in response to the pandemic crisis.
At this critical time, when you are challenged to protect your staff while providing critical services to your customers, Accenture has created a hub of our latest thinking on the pandemic. You can visit our COVID-19 hub here.
To learn more on this topic and how Accenture can help you, please contact me.