By Cheam Tat Inn
SOUTHEAST Asia is seeing a rise in digital fraud. This is because advances in technology, including high speed internet, have transformed the payments market, giving financial institutions (FIs) unprecedented access to consumers.
Unfortunately, these developments have brought with them “new age” hackers who have unleashed new threats, exposing FIs and their customers to the risk of online data fraud.
In Malaysia in particular, we see an increase in the possibilities of digital fraud for several connected reasons. Firstly, the country’s e-commerce market has grown rapidly in recent years. Next, Malaysia has a high internet penetration rate and a growing smartphone penetration.
Another key factor is that the country is seeing an increasing use of digital payments – the digital wallet or e-wallet payment system has proven extremely popular among Malaysians. The new-age consumer is spending more time on “virtual platforms” and prefers digital conversations. Everyone is looking for a cashless and seamless experience.
These trends have been accelerated by the pandemic. Online shopping has boomed as trips to physical stores have become difficult or even impossible, resulting in record e-commerce sales. This may have been a blessing during the crisis but there has also been an increased frequency of fraud attempts.
In this increasingly digital environment, fraud is shifting drastically from counterfeit card capabilities towards harder-to-identify fraud schemes of social engineering, cyber intrusions, and account takeovers. Even though the names of the payment methods may vary, criminals are attacking economies in ways many countries are under-prepared to address.
The disruption caused by the pandemic and restrictions on ‘normal’ business procedures may result in previously undetected fraud coming to light. One in three Malaysian respondents to a recent survey said their organisation had experienced an incident of fraud over the last 12 months or expected more incidents of fraud in the coming months.
The impact of the pandemic has placed heavy pressure on companies and individuals, which may cause some to rationalise illegal or unethical behaviour as a means to ‘safeguard the company’ or ‘protect jobs’.
Also, the ‘new normal’ can mean changes to controls and monitoring processes, leading to greater opportunity for fraud. Organisations should thus be prepared for an increased risk of fraud.
A recent publication by the Association of Certified Fraud Examiners (ACFE),”Fraud in the wake of COVID-19”, highlights cyber fraud, fraud by vendors or sellers, and payment fraud as the top three frauds that are expected to rise in the coming year.
Organisations need to manage risks during the movement from traditional payment methods to the new digital options. Data and advanced analytics can be highly beneficial in the fight to overcome digital fraud and financial crime.
For example, it is critically important for financial institutions to understand all payment entry points. Protecting these entry points from digital fraud can be quite complicated and tedious.
The critical first steps are to start processing all data streams in real time and to combine identity management and transaction monitoring to not only identity fraud that has occurred, but to stop it even before it occurs.
The risks to financial institutions are not only of monetary losses. Their reputation is also at stake, if cases of fraud cause a breakdown of trust among customers leading to damaged credibility.
It is therefore imperative for organisations to diligently combat fraud, not only to mitigate potential losses but to avoid excessive caution that can discourage them from taking full advantage of the benefits of digital platforms.
On the other hand, investing in digital security solutions will become a market differentiator, creating business value for companies that take a proactive stance.
There is no doubt that digital fraud is increasing in frequency and sophistication. The constantly evolving strategies used by criminal networks threaten to outpace the technologies used to detect them.
Along with social engineering, phishing and identity schemes, the growing range of digital payment methods is tilting the balance in favour of the fraudsters. New payment mechanisms, for example, are particularly vulnerable due to the often-ineffective risk mitigation controls put in place when they are launched.
To combat the complexity of criminals’ attack vectors in real time, financial services organisations need layered technology and analytic capabilities. The approach must work to prevent and detect fraud, while also being able to orchestrate investigation activities.
Automated actions and predictive case management powered by artificial intelligence and machine learning can dramatically speed up the analysis of data to signpost fraud, freeing staff for more productive activity.
Using data for real-time analytics and automated actions will be crucial to success in the new world of digital business. Capabilities will depend on technological maturity, but ingesting and analysing as much real-time data as possible will enable organisations at every stage to make effective decisions. – Feb 2, 2021
Cheam Tat Inn is SAS Malaysia’s managing director.
The views expressed are solely of the author and do not necessarily reflect those of Focus Malaysia.