Fraudsters are slipping through the cracks in the banking system. This is because banks are playing catch up to the fraudster’s playbook instead of one-upping them.
There is, of course, light at the end of this fraud tunnel for banks. It involves working smarter rather than harder.
The first step in working smart is to heed the Reserve Bank of India.
India’s banking regulator in an analysis of the vintage of frauds reported in FY23 and FY24 found that there is a significant lag between the date on which the fraud occurs and the date on which the bank’s radars detect it.
This “lag” is the window that banks can capitalise on. It can be used to decisively stamp out a bad-faith actor within the bank’s ecosystem.
How can banks pull this off?
The moment, a suspicious transaction is red-flagged, banks can go the extra mile and deploy automated guardrails. These guardrails can stop the criminal elements in their tracks, and greenlight the good guys.
However, for this, banks need to step up and strengthen their fraud detection capabilities.
Evolution of banking frauds
Over the decade, banking frauds have witnessed a rapid and drastic evolution. The MO now is far more digitally sophisticated. The fraud is also strategically layered under a complex stash of seemingly innocent transactions.
No matter how precisely and carefully the con is crafted, it does, thanks to the digital medium, leave behind a trail of fraudulent breadcrumbs, or fraudcrumbs.
Fraudcrumbs are small, seemingly insignificant indicators of fraudulent activity that may appear across a borrower’s history or during specific transactions. These are early warning signs that, when pieced together, reveal a larger pattern of fraud.
Smart banking solutions can strengthen the fraudcrumb radar, and proactively prevent them before they become a full-blown, god-awful mess.
A basket of fraudcrumbs
Fraudcrumbs are a-plenty. And, unfortunately, so commonplace that one might almost be forgiven for not noticing them in the first place. However, therein lies the problem. Far too many banks end up greenlighting fraudcrumbs or treating them lightly. This, of course, is music to the fraudster’s ears: It is as loud and clear a signal as can be that a smooth getaway —after pulling off the con — is quite within reach.
Here is a list of common but oh-so-fatal fraudcrumbs:
- Inconsistencies in KYC documents: So many frauds could have been prevented if only KYC compliances were executed diligently and without any procedural compromise. Unfortunately, field-level officers often play fast and loose with these strict guidelines leading to avoidable scams. There are so many instances where borrowers provide a false Aadhar and/or fake PAN card, and eventually run away with the loan amount.
- Red flags in financial statements: This one is a common feature in many middling SME and MSME banking scams. The entrepreneur builds up heavy sales volumes for his company by transacting with a bunch of dummy firms. Heavy sales volumes and a swelling top line nudges banking officers into believing that the firm’s business is thriving and the order pipeline is healthy, when it is anything but. A recent example is that of Mandhana Industries, a bank fraud case amounting to ₹975 crore, where the bank’s director and other family members find themselves under the Enforcement Directorate’s glare.
- Multiple loan applications: Shady borrowers know the ins and outs of the banking system. Loan stacking involves one borrower filing multiple loan applications. It is legal when a borrower does it to assess which bank can offer the best rate. This is known as credit shopping. However, it quickly moves into illegal territory, when the borrower makes multiple applications and raises loans from different banks, with no intention of repayment. In a day and age of instant credit, loan stacking has become an epidemic.
- Unusual employment history: This one is self-explanatory. Suspect borrowers have an erratic employment trajectory. Their resume (if there is one) is punctuated by long spells of unemployment or employment with unverifiable workplaces. Forged experience certificates are also commonly seen.
- Behavioural patterns: Sociopathic and psychopathy tendencies recurrently show up in the professional and personal histories of criminals. There is a thrill to the crime, the prospect of getting away with it, of fooling people at large that the con man finds so irresistible. More often than not, suspect borrowers have a criminal background.
The pain points for banks?
A fraudster has no bigger ally than the lax due diligence systems of a bank. The looser they are, the better it is for the con man. Sadly, fraud detection systems as they exist currently are, by and large, ineffective.
Reliance on several of these gate checks has delivered dismal results.
Manual oversight: Over the years, this aspect has shown itself to be, immensely, susceptible to manipulation. Human resources often fail to catch subtle fraudcrumbs concealed in large data sets. What’s more, biases and prejudices are naturally baked into human reasoning. Con men know how to game them, and win over the trust of unsuspecting bank officials.
Siloed systems: The bigger our systems, the greater the need for them to communicate with each other. However, inter-departmental communication puts additional pressure on the existing banking digital infrastructure, not to mention the capex spending required for modernising such systems. Consequently, many banks shy away from making the tough choice and continue operating with decades-old technology, where different compartments don’t exchange data. This means that one arm of the bank is in the dark about what the other arm is doing, amplifying the bank’s vulnerabilities.
Absence of real-time monitoring: With real-time monitoring, the scales could tilt in banks’ favour. However, lacking these tools, banks stay behind the curve even as fraudulent transactions are executed repeatedly.
How can banks up their game?
Fraud detection and prevention is a complex operation with many moving and changing parts. Solutions addressing fraud detection are equally complex, akin to jigsaw pieces, which work only if they fit together seamlessly.
Some of the best practices in the banking ecosystem involve:
- Upgrading fraud detection systems: This solution concerns itself with upgrading behavioural analytics, which primarily focuses on customer behaviour. This involves monitoring the devices from which the customer accesses digital banking, and from where. Any deviation from the regular devices, location or transaction amount can be flagged and verified by the customer.
- Bank statement analyzer: A bank statement analyzer is an analytic tool that absorbs large amounts of data and delivers instant insights about the health of a business. Immensely useful during due diligence and underwriting, it also spotlights the creditworthiness of the business and flags off fraudulent backgrounds or transactions.
- Document tampering check: Of late, there has been a massive surge in forgeries in salary certificates, bank statements, bank reconciliation statements, and more. What’s distressing is that video and document editing tools are frequently being used to fool bankers. New-age detection tools can flag off these forgeries while conducting granular checks on 20 parameters including fonts, formats, and pixel density.
- MSME verification: Legally speaking, MSME is a large label that includes all kinds of organisations under its ambit, ranging from micro, and small to medium enterprises. A banker should ideally be able to pick out the right candidate for business credit. Handsome discounts, easy loan accessibility and government support all await the well-oiled MSME but the catch here is that shady MSMEs can also dress their financials and fool bankers. This is where MSME verification tools come in handy.
MSME verification tools separate the wheat from the chaff by running a battery of tests on the firm’s financials. Other filters like PAN checks, GST verification, Udyam verification, court record checks, MCA verification, import-export verification, EPFO checks, CIBIL checks and more are also conducted.
- Enhanced due diligence: It involves employing machine learning to deduce recurrent patterns in large data sets. Deployed intelligently, this tool can be used against fraudsters and in identifying high-quality value-adding customers.
- Cross-department collaboration: As the name suggests, greater communication and information flow between departments can help boost fraud detection capabilities.
- Real-time monitoring: No defence like a strong offence. Imagine a con man receiving a call in real time asking him to verify a transaction or authenticate his KYC documents. Prevention is better than cure.
- Cross-referencing multiple data streams: Bank documents, KYC documents, salary certificates, professional trajectories, property papers, ownership documents: Banks hold a minefield of informational strands that are usually left static, instead of being cross-referenced to create a dynamic profile of the customer. Referencing across documents and data points can enrich customer profiles segregating great borrowers from the good ones, and the good ones from the bad. The database benefits further as the bad ones are further separated from the criminals.
- Automated red flagging: Any banking transaction or volume that runs contrary to the customer’s profile is red-flagged, and authentication is demanded for the same. Verification failure leads to the transaction being junked. In the best-case scenario, the transaction cancellation prevents fraud from occurring, and in the worst-case scenario, it is deemed to be a minor inconvenience by the customer.
IDfy’s bank offerings bunch together best-in-class solutions for your bank. Our offerings leverage AI capabilities and machine learning models — powered by big data analytics — to spotlight transactions that match recurrent fraudulent patterns. They can also be seamlessly integrated into the bank’s technological framework, empowering the bank with real-time monitoring.
To know more about our offerings, write to us at shivani@idfy.com.