Locks on the door “aren’t enough” to fight financial crime says Fiserv
Jeroen Dekker: learning about customer behaviour is a good way to better control risk
Financial crime specialist Fiserv has just launched its Financial Crime Risk Management platform, which aims to help financial institutions to ward off financial crime and slash their risk.
According to Jeroen Dekker, senior product manager, financial crime risk management solutions at Fiserv, the best way to do that is to help banks to understand the customer, and make systems as independent and as flexible as possible so that financial institutions don’t have to go back and ask the vendor every time they need to change something.
“Locks on the door aren’t enough,” said Dekker. “Whatever locks the bank will put in place, they will be broken. So we look at how customers behave. Are they behaving normally? For example, if you have a customer who never ever leaves the UK and suddenly he appears in Saint Petersburg, Russia in the middle of the night withdrawing cash from an ATM, that’s probably worth investigating and maybe blocking.”
Major financial institutions have suffered a series of fines in recent times for failures in KYC and AML procedures. In December last year, HSBC was fined £1.2 billion for failures relating to its Mexico business, which was found to be involved in helping to finance criminal drugs gangs. Separately, Barclays was fined £182 million for failures relating to illegal international sanctions breaches back in 2010. So they are naturally a bit jumpy about the risks of fraud and the danger of falling foul of the regulator – a fact that was underlined by Barclays’ High Court battle over the closure of small remittance providers earlier this year.
For Dekker, the main point is learning about customer behaviour, both at the individual level and at the group level as society itself changes and adapts to technology. That means keeping hold of the right documentation, and understanding the context of an action. An anomaly on its own is not necessarily bad, he adds. For example, a customer using a phone to pay for the first time is not necessarily an issue, but if that customer is aged 95 and has never logged onto internet banking before, their sudden frequent appearance on a mobile device changing address and password details could be a problem.
In response, Fiserv has just launched the latest version of its Financial Crime Risk Management platform, which claims to be able to help financial institutions to “model, detect, investigate and resolve” risks across crimes, channels and product lines. Fiserv’s technology was already in use by financial institutions, but the latest update promises to add the ability to learn not just the behaviour of customers across their accounts, but also of specific devices or organisational units, such as a mobile or a laptop, as well as an ATM or a particular bank branch. The idea is to detect anomalies, use list matching and alerts to keep track of cases and reporting, and incorporate alerts from other systems to drive up risk-based authentication and support due diligence.
“Customers may sign up online, and might rarely go into a branch, if ever,” said Mike Urban, director of financial crime risk management solutions at Fiserv. “Those kind of customers are growing in number, and that means if you’re a bank you don’t know the customer so well compared to a face-to-face relationship. Yes, they have to enter a lot of data and there are checking points, but given the extent to which data is compromised over the last ten years it’s not foolproof. The challenge needs to be managed in new ways.”
Earlier this year, the UK government came under fire over a report published by the Cabinet Office and Detica, which estimated the cost of online crime at £27 billion. The report was mocked by the House of Commons Home Affairs Committee, which recommended that the government “publicly distance itself” from the document. Regardless of the true figure, the Committee also urged that banks should report all cases of fraud to law enforcement agencies and punishments should be substantially increased.
