Scams, the number one type of crime in the United States, continue to threaten financial institutions and their customers. Newly released Federal Trade Commission (FTC) data shows that consumers reported losing more than $5.8 billion to fraud in 2021, an increase of more than 70% over the previous year. The FTC also shared that of the 2.8 million consumers that reported fraud last year, the most commonly reported category was once again imposter scams, followed by online shopping scams.
Government programs were also a target for scams in the last year with over $300 million lost in stimulus check scams and $76 billion lost in Paycheck Protection Program (PPP) fraud. Overall, financial crimes attempts increased by 109%; and as much as we would love to rid the world of scams, it is impossible. Cybersecurity attacks have become increasingly sophisticated and harder to detect and cyber criminals are getting more creative in their methods by using a combination of technology along with social engineering.
It is crucial that financial institutions constantly evaluate the growing fraud trends and keep up to date on current threats as they assess and manage their prevention strategies. For instance, rather than targeting institutions directly, fraudsters are often going after the path of least resistance which is account holders. This approach is the hardest to prevent and control from a financial institution’s side. Methods vary but include IRS scams; prizes, sweepstakes, and lotteries; internet services; business and job opportunities; and the ultimate spear phishing attack where the fraudster is texting customers pretending to be the fraud or IT department of the financial institution.
What can banks and credit unions do to protect themselves and their customers against fraud?
- Raise public awareness: As consumers become more accustomed to fraud threats, it is paramount that they are aware of how these crimes are executed and ways to detect them. Financial institutions should offer guidance and build awareness of the different types of scams, highlighting the reality of fraud and how they may fall victim to it. This puts financial institutions in a position of advocacy, strengthening relationships with account holders, building trust, and reducing the risk of customers taking the bait.
- Train staff. Installing training programs within organizations and educating employees about the different types of financial crimes and detection mechanisms will prepare staff to detect and report suspicious activity. Financial institutions should communicate rising trends and issues with employees during staff meetings on an ongoing basis, as attack methods are evolving quickly.
- Build a financial crime program. Financial institutions should start by identifying, evaluating, and classifying their assets and risks and then building a financial crime strategy that meets their needs. To future proof the business, the cyber strategy should be part of the financial institution’s long-term business plan, rather than a separate, disconnected component.
- Leverage the power of modern technologies. Once financial crime and cybersecurity programs are set up, financial institutions should implement defense technologies such as encryptions, patching software, firewalls, multi-factor authentication, extra validation tactics and real-time monitoring systems to reduce the probability of an attack. Modern AI and machine learning technologies can also analyze customer behaviors, track transactions and report on any deviations from usual behavior in real-time. Fully automating fraud-detection processes will allow for quick reaction times, resulting in minimized risk.
Lastly, having backup and recovery programs will help enhance the recovery of data; and regularly monitoring and evaluating these technologies along with the financial crimes and cybersecurity risk plans, will help make it increasingly difficult for fraudsters to break through.
Fraud is not going anywhere. As technologies continue to evolve, new and improved scam tactics will develop with it. It is crucial that financial institutions establish a strong risk management program, proactively educate their staff and customers to help prevent fraudulent acts both inside and outside their organization, and invest in modern cybersecurity tools. This will not only help mitigate risk, but it will ultimately build an atmosphere of trust and reliability within their organization and customer base.
Rene Perez is a financial crimes consultant at Jack Henry & Associates, leading the company’s financial crimes portfolio for the past 13 years. He also contributes to the Federal Reserve Bank Payments Improvement Fraud work group. Jack Henry (NASDAQ: JKHY) is a leading SaaS provider primarily for the financial services industry.