4 ways banking regulation is driving innovation in counterfraud analytics
New banking regulations are contributing significantly to innovation in analytics for countering fraud. Regulators are requiring increased scrutiny of banking transactions, lending and business practices to help ensure banks are complying with new and long-standing industry rules. Today, banking regulation is driving technological change and helping bolster the multilayered fraud defenses of banks in four key aspects: identifying suspicious transactions, staying within the law, defending against online fraud threats and complying with pending banking regulations.
Within its Financial Crimes Enforcement Network (FinCEN), the US Department of the Treasury’s Bank Secrecy Act stipulates that financial institutions must report suspicious transactions within 30 days of suspected money laundering or fraud. The Federal Financial Institutions Examination Council (FFIEC) requires reports of single and combined transactions that exceed certain thresholds. While many single transactions may be recognized immediately, analytics are essential for identifying a series of potentially suspicious transactions—particularly those conducted at different times, through different branches or through different bank affiliates—that could signify money laundering.
Analytics can also help banks get to know their customers, which aids compliance with the FinCEN’s Know Your Customer (KYC) requirements, and uncover complex relationships such as people working in tandem to launder money. Collating data from various sources also speeds up a bank’s reporting and internal investigations into suspicious activity.
Staying within the law
Banks must comply with federal and state laws, and failure to do so can be costly. According to a recent CNBC article, US banks were charged with more than $200 billion in compliance fines in the first 10 months of 2015 alone. And a recent CFO article reports how analytics can enable banks to identify violations of lending regulations in their early stages, allowing the institution to quickly remedy the situation. Analytics compares employee and management activity against regulations to ensure that bankers are meeting all requirements. Advanced tools can provide warning to supervisors to alert them of any areas of noncompliance.
Defending against online fraud threats
The FFIEC requires banks to run continuous risk assessments to address emerging online threats and adjust control mechanisms as they evolve. Analytics provides a critical layer of security by detecting new attacks. Banks can use behavioral analytics to look for account activity that is atypical for a customer, including transaction activity and the manner in which a customer navigates the bank’s website. Beyond monitoring behavioral indicators, analytics can also monitor phishing, malware and other threats from a variety of sources.
Further, analytics can help determine the seriousness of a threat by assessing the type of attack and the volume of similar attacks against the institution, the industry and other businesses, as well as a variety of other factors. A single low-level attack may be simply thwarted. However, if hackers are concentrating their efforts and employing highly sophisticated techniques, the bank needs to heighten its response, perhaps even to the point of suspending online transactions for a short period.
Complying with pending banking regulations
Though the final rules have yet to be issued, Section 1071 of the Dodd-Frank Act mandates that banks collect certain data about their small-business customers, including credit application information and any additional data the Consumer Financial Protection Bureau (CFPB) deems essential. The CFDB rule to implement Dodd-Frank Act amendments to HMDA was finalized in October 2015, but the Bureau has yet to release details on how such changes would be executed.. When it does release official guidance, analytics are expected to be critical in helping ensure that banks meet the new rules for data collection and reporting.
Fraud prevention requires ongoing vigilance from banks. Fraudsters continue to evolve their attack methods, attempting to thwart current defenses, hide suspicious transactions and conduct other illicit activity. Analytics tools continue to evolve as well, and they are crucial in helping banks monitor new fraud threat data points to protect themselves and their customers while meeting regulatory guidelines.