Faster than the speed of crime: how cloud-enabled fincrime strategies are helping firms fight back

The volume and complexity of financial crime has surged. In a webinar convened by Risk.net and sponsored by NICE Actimize, experts in this field explored five themes around safeguarding your institution and customers from fincrime with the speed and agility of the cloud

As global events such as the Covid-19 pandemic destabilise long-held business practices, profound risks are ever present and financial crime threats continue to become more dynamic and fast-moving. Financial criminals continue to improvise, making it critical for firms to move ‘faster than the speed of crime’. And, with regulators worldwide requiring firms to absorb the cost of financial crime, the pressure is on to identify, manage and mitigate risk more efficiently.

After more than two years of a pandemic-altered work environment, organisations have learnt many lessons, one being that financial criminals do not take a break. In fact, they continue to hone their skills over time. Bad actors have pursued opportunities that emerged from remote working environments on unprotected computer networks. As we move forward, financial institutions must become more predictive and prepare better for waves of attacks against their organisations, assets and customers.

In a Risk.net panel convened in partnership with NICE Actimize, experts discussed how the cloud can mitigate modern financial criminal risk, why now is the time to transition to the cloud, and its impact on data aggregation in modern banking and financial institutions. Five themes emerged:

1. Arm your defences

Faster payments and digital acceleration play a key role in creating environments that fraudsters and cyber criminals constantly abuse. By taking advantage of these weaknesses in fraud prevention and authentication programmes, bad actors have been able to conduct scams, commit faster identity theft and gain access to sensitive data at an alarming rate.

Geopolitical tensions and war could also mean dealing with attacks from multiple vectors. Ever-evolving fraud vectors and complex fraud risk, terrorism financing and money laundering risks affect all channels and products of an organisation.

Cenk Ipeker said: “Not just from a cyber attack perspective, but from a financial crime perspective – the attack vectors in terms of account takeovers or synthetic identity come from many different sides.

“Instead of using one channel to create a fake identity or a fake account, [bad actors] are using multiple channels, from emails to text to phone channels all at once. So, it’s getting increasingly complex and in real time.”

While financial institutions already had risk frameworks in place to safeguard systems, they are now conducting additional impact analysis to make them pristinely secure amid the probability of increased potential attacks considering growing geopolitical tensions and future pandemics.

2. Ascertain complexities around cloud and crime

Every organisation needs to answer a few basic questions: How are cyber criminals getting in? And what is the main point of entry?

The move to digitisation and cloud has meant transforming an enterprise that was traditionally perimeter-based – where you’re either inside the wall, outside the wall or have a trusted point of entry through the wall – into one that now has information systems’ data outside of the wall and requires virtualisation.

So, while firms can keep bad actors out of the physical boundary, keeping them away from the virtual boundary in the cloud is another challenge. Experts say that 5G technology will only exacerbate the problem. A decade from now, a great deal of infrastructure will be on a software-defined network with no real hardware, including router switches, virtual private networks and wi-fi in play, which makes the entire ecosystem increasingly complex and vulnerable to cyber attacks.

The traditional siloes of risk – fraud, cyber, information security and anti-money laundering (AML)  – are now breaking down, and firms are encouraged to look at risk more holistically and enhance security frameworks through that holistic lens.

Ipeker said: “[The] first phase is: do we know who [customers] are by virtue of how they access? The second level: is do we know who they are, based on their behavioural patterns? Are they making normal transactions? Is there a bill they are paying every month to their electricity vendor?”

He added that, taking all the information and data points together to frame an overall risk profile brings strength and balance, but firms must constantly evolve what data points they are collecting, which today is usually facilitated through a cloud provider.

3. Digital transformation-led vulnerabilities

Accelerated digital transformation and shifting work patterns have meant more people working on the go, but this creates additional security issues for businesses. For instance, with post-pandemic travel resuming, more people are at airports, waiting for flights, and working while doing so without using security measures such as a privacy screen. This makes them vulnerable to bad actors who can steal their sensitive information on the spot. SMS phishing is also a growing trend where crypto- and bitcoin-related bad actors can send fake offers to extort sensitive information and money.

So what strategies and practical tools can help firms effectively tackle fincrime? Ipeker said firms are beginning to step up investments in analytics and new technology. “There is a lot more emphasis on data science and machine learning, both from an AML and fraud detection side. Firms are becoming more amenable to looking at things holistically in terms of the industry, having more of a consortium concept of sharing an analytic model or sharing best practices across the industry. So, there’s a lot more collaboration than there was a few years ago.”

The panel noted that it was also important to share data in real time. Data is the cornerstone, including the quality and integrity of that data. Analytics is only as strong as the data used for it. So having good governance around data used for analytics helps with risk identification to better manage evolving risks.

4. Effective data aggregation and analytics are key

The cloud’s role in data aggregation and analytics is growing rapidly. While the cloud can help speed up the process and create opportunities to find insights, users must also be aware of potential vulnerabilities related to information security.

Firms must exercise strong governance around how the information is flowing to and from the cloud. Firms must also understand security practices that external cloud vendors have put in place, to get a sense of comfort around having data on the cloud that potentially could be vulnerable to those attacks.

Ipeker said: “The amount of new real-time data you have to gather is increasing significantly, and a lot of that is coming through the cloud via an application programming interface.”

Thus, developing a strategy for managing data within the cloud, having a strategy for data handling, data structure, as well as the protection and correct classification of the data, is essential.

5. Best practices: holistic data strategy for tackling fincrime risk

Firms must exercise a holistic data strategy for the cloud. Data encryption of the highest level for the most sensitive data is key. Once data is hosted on the public cloud, anyone hosting the data has the ability to unlock it, decrypt it and conduct foul play, warned panellists. “The road to heaven or hell is based on your data, and how you manage it,” said Ipeker.

“If security of the cloud and classification of data is in place, there is an opportunity to utilise cloud and data analytics together to identify the trend of these steps, and then use that effectively to enhance our own risk frameworks in fincrimes to minimise the events before they occur.”

Furthermore, the panel said, active monitoring and identification of threats is a key element and, once threats are identified, sharing them internally with other teams to intelligently mitigate risk on their end is very helpful. Hypervigilance is key.

“The leverage we have is really the diligence of the people we work with, but also giving them the tools to be extremely agile, and proactive and be able to anticipate risks,” Ipeker said. “A lot is tied to the technology you use, the people you employ, the processes you have in place to allow for that agility and innovation.”

In summary

In a constantly altering digital and cyber security environment, organisations must always be prepared for the next wave of potential cyber attacks.

Fincrime and the bad actors that commit that crime won’t stop improvising but, by adopting a holistic approach to identifying risk and employing better governance practices around data aggregation and cloud, firms can effectively and efficiently tackle fincrime at its source, before reputational damage is done.

Watch the webinar, Staying ahead of financial crime: powered by the cloud

 

Sponsored content