In banking protecting customer data is essential and a core value for banks. Over the years banks have evolved in the world of financial services. The move from manual data entry to online banking has sped up and calls for digital automation. As a result, most banking institutions are acquiring innovative technological solutions to ensure business operations. But while the financial Keep on expanding at a rapid pace, the same Tactics and attack methods are changing by cybercriminals to commit fraud.
What is Fraud:
It is the use of deceptive activities to steal Money or asset from a bank or financial intuition
Bank Fraud: aimed at defrauding a financial institution or receiving assets, money credit, etc, from a financial institution by using false information about an individual or organization
What are examples of fraud?
• Money Laundering: the process of making large amounts and transferring money acquired through illegal activities.
• Accounting Fraud: is defined as the intentional manipulation of financial statements in a way that’s intended to falsify data to clear a bank’s lending criteria.
• Wire fraud: this is where a cybercriminal tricks the bank or its customer by carrying out a fake transaction that appears legitimate.
• Credential Stealing /Account Takeover: The Cybercriminal pretend to be the bank’s customer by stealing the data of the original customer without their knowledge and
carrying out illegal transactions through the customer’s account
Sources of Banking Frauds
• External Actors (Outside individual)
• Internal Actors (Staff involvement)
Banking Frauds Finding
This finding is from the 2021 Association of Financial Professionals Payments Fraud and Control survey report, this association conducts an annual survey on banking frauds, and in the 2021 report,
Business Email Compromise: this continues to be the major reason for banking fraud.
Attacks carried out across most banks include
• Email from third parties asking for banking changes, instructions for payment, etc.
• Email from a hacker posing as a bank senior executive requesting fund transfers and hackers as vendors
Outside Individual: Hackers can get access to sensitive information with the help of forged Check, Stolen card, and physical documents through an office visit
Bank of Ghana Banking Fraud 2019 to 2020 report
Staff involvement in banking fraud is a major challenge for a bank in Ghana, with the involvement rate going up by five percent within one year, this may be attributed to the following reason,
• Inadequate staff vetting process
• Weaking internal control system which allows unauthorized staff to access confidential information
• Inadequate remuneration levels for temporary staff resulting in cash suppression fraud by staff
Impact of Banking Frauds
• Bank of Ghana’s Cyber Security Directive issued in 2018, had a major impact on the reduction of cyber e-mail fraud as it decreased by 75% from 2019 to 2020
• The reported value of the fraud was 1.0 billion Ghana cedi in 2020 vs 15.5 million Ghanaian Cedis record in 2019
• Total losses incurred as a result of fraud for 2020 stood at 25.40 million Ghana cedi.
Other major economies
• $3,3 billion (Total fraud losses which made up 34% of total reported cases )
• 2.2 million (2020) reports received by the Federal trade commission in the USA from consumers
• $4.5 Million (Average amount organizations are losing per year due to Online Fraudulent transaction
Top three (3) reported Scams
– Identity theft’
– Imposter scams
– Online shopping scams
205 million (2020) fraud
• Annual online banking fraud losses in the United Kingdom (Highest in last 10 years)
• Almost a quarter of all payment card fraud on UK cards was from abroad.
• Most payment card losses were through remote transaction
Three (3) Steps to reduce banking Fraud
• Make sure the contact detail of all the customers are updated with the bank, including email and secondary phone number
(This will help the bank to reach out to customers immediately, in case of any fraudulent transactions are identified on their Account)
• Perform the mandatory Know Your Customer (KYC) activities for every customer and encourage them to update their Biometric data Touch ID or Face ID if any.
(In case any hacker gains access to a customer’s login information, it will be very difficult to replicate biometric data thereby preventing fraud)
• Encourage the customer to use Multi-factor Authentication (MFA) or Time Password (OTP) based sign-in whiles using mobile banking applications
(Using AI-based software tools to analyze transactions, identify fraudulent calls or messages and highlight fraud patterns or repeated offenders
Bank-Specific Action to Prevent Fraud
– Limit access to online accounts and services and conduct daily account reconciliation to check for any unauthorized transaction
– Verify request for wire transfers by calling or emailing the requester on details registered with the bank.
– Implement two-people authorization and segregate duties for receiving transfer requests and authorization for fund release
Credit Card Frauds:
– Assess transaction activities carried out through credit cards to detect huge volume or huge value transaction
– Use of Artificial intelligence (AI) for analyzing transactions to detect fraud patterns and alert customers accordingly to prevent huge losses
– Check for fraudulent cheques by looking at
i. Missing or Forged detail like address, signature
ii. Mismatching front on cheque
iii. Handwritten addition on the cheque
iv. Any stains or discolorations
Online Account Takeover:
– Limit login attempts for accounts to prevent account takeovers by automated bots
– Implement stand-down periods of last 12 or 24 hours and additional verification of account after several failed login attempts
– Conduct training sessions to educate the customer about different kinds of attacks and best practices
– Provide self-help documentation containing reporting procedures and a helpline to facilitate quick action in case of fraud
How Does Cloud Computing Technology Work