Fraud adapts to developments in the domains it pillages and plunders with the advent of digitisation and automation of financial systems. This criminal activity has become more electronically sophisticated and impersonal. Thus, technological advances have become a central force in bolstering the abilities of fraudsters to exploit the weaknesses of potential victims, enabling offenders to capitalise on a lack of preventive knowledge by certain groups, and opening these groups to criminal exploitation.

The rise of a reality in which customers interact almost entirely through digital channels rather than contacting bank staff directly has fast become a significant differentiator of customer experience. Electronic phishing, the fraudulent attempt to obtain sensitive information by disguising oneself as a trustworthy entity via electronic communication, is on the increase more than ever.

This form of victim exploitation has quickly evolved beyond original low-skill schemes that relied on casting a wide net and the frequency of all types of phishing has risen dramatically in recent years. Meanwhile, modern banking demands faster risk decisions (such as real-time payments) so banks must strike the right balance between managing fraud and handling authorised transactions instantly. Massive growth in transaction volumes and the greater integration of financial systems within countries and internationally are other additional considerations, too.

As a result, fraud, detected and undetected, has become more numerous and costly than ever.

For purposes of detection, interdiction, and prevention, whilst many institutions used to draw a distinction between fraud and financial crime, boundaries are blurring. What’s more, the distinction is not based on law, and regulators sometimes view it as the result of organisational silos. Nevertheless, financial crime has generally meant money laundering and other criminal transgressions, including bribery and tax evasion, involving the use of financial services in support of criminal enterprises. It is most often addressed as a compliance issue. Fraud, on the other hand, generally designates a host of crimes, such as forgery, credit scams, and insider threats, involving deception of financial personnel or services to commit theft.

As the distinction between the categories of financial crime, fraud and cybercrime, has become less relevant, financial institutions need to use many of the same tools to protect assets against all of them.

Important initial steps for institutions embarking on an integration effort are to define precisely the nature of all related risk management activities and to clarify the roles and responsibilities across the lines of defence. These steps will ensure complete, clearly delineated coverage—by the business’s functions (first line of defence) and by risk, including financial crime, fraud, and cyber operations (second line)—while eliminating duplication of effort.

The following countermeasures: identifying and authenticating the customer, monitoring and detecting transactions and behavioural anomalies, and responding to mitigate risks and issues, whether taken in response to fraud, cybersecurity breaches or attacks, or other financial crimes, are supported by many similar data and processes.

From a consumer point of view, the same principles apply, and vigilance is again key to identify fraudulent activity. One should keep in mind some simple and basic tips to avoid being scammed. When receiving a call or SMS, one should always assume first that it might be malicious. Customers should never give out personal information to unverified third parties, and if in doubt, the best practice would be to call back the institution using the genuine number obtained from official sources.

In taking a more holistic view of the underlying processes, banks can streamline business and technology architecture to support a better customer experience, improved risk decision-making, and greater cost efficiencies.

Issued by Bank of Valletta p.l.c., 58, Triq San Zakkarija, Il-Belt Valletta VLT1130. Bank of Valletta p.l.c. is a public limited company regulated by the MFSA and is licensed to carry out the business of investment services in terms of the Investment Services Act (Cap. 370 of the Laws of Malta).

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.