The recent Payments Canada SUMMIT event gathered a host of payments experts, with dedicated presentations and discussions focused on risk and fraud prevention. The spirit across all discussions was that strengthening defenses across the payments ecosystem through process, technology, and industry collaboration is more important than ever.
If you weren’t able to attend the conference, do not despair. Here are the five key lessons from the SUMMIT and key action items.
1. Cheque Fraud Makes a Comeback
While paper cheques and open banking have been familiar financial services staples, both were key topics of discussion at the SUMMIT, and for very different reasons.
The Payments Canada SUMMIT highlighted the re-emergence of an old favorite for fraudsters: cheque fraud. This includes a wide range of tactics, including counterfeit cheques, duplicate deposits, NSF (Non-Sufficient Funds) cheques, and organized fraud rings.
Cheque fraud’s somewhat unexpected comeback can be explained by the pandemic, which resulted in government agencies issuing benefit cheques. This quickly created new targets and opportunities for fraudsters. Additionally, while cheques only accounted for 2% of all non-cash payments in Canada in 2022, they covered 28% of the total value paid. In other words, while cheque usage is declining, their overall value remains high.
Thanks to analytics, managing the detection of duplicate deposits within individual institutions is relatively straightforward. However, detecting fraud across different institutions remains a challenge without industry collaboration. The 90-day notification window for detecting and charging back duplicate deposits adds risk for receiving institutions.
How Canadian Banks Can De-Risk Digital Transformation
Accelerate Digital Transformation and Conquer Fraud Risks in Canadian Banking Unlock the full potential of your Canadian bank’s digital transformation. […]
Key Takeaway: How Canadian Banks Can Address Cheque Fraud
Given the large volume of cheques in circulation in Canada—over 400 million per year—it’s crucial for financial institutions to continue investing in fraud prevention measures.
Collaborative solutions, such as those provided by organizations like Symcor, help by consolidating data from multiple banks to identify and enhance cheque fraud prevention beyond simple risk scoring. Utilizing broader data sets, including consortium data, provides richer insights for fraud analytics. Additionally, implementing inbound payment and cheque monitoring strategies is essential for effectively managing deposit risk.
2. Open Banking Progress
Cheque fraud isn’t the only classic getting a fresh look. Open Banking legislation was another key point of discussion at the SUMMIT.
Although Open Banking is not new globally, it has lagged in Canada due to the lack of a regulatory framework. That appears to be changing as the Canadian government plans to introduce legislation to implement an Open Banking framework, that will detail Open Banking’s governance, scope, criteria, and technical standards.
While Open Banking promises improved financial products and experiences for consumers, it also introduces new fraud risks, such as data breaches, identity theft, and sophisticated social engineering attacks. Canada’s financial institutions must anticipate new fraud patterns and adapt their defenses accordingly to protect against emerging threats in the Open Banking environment.
Key Takeaway: Conduct an Open Banking Readiness Assessment
Canadian banks should conduct a thorough readiness assessment focused on fraud controls for their open banking preparation efforts. This involves evaluating existing protections and identifying potential new fraud scenarios that could emerge from the Open Banking framework.
By proactively assessing their capabilities, banks can ensure they are equipped to handle the increased risks associated with Open Banking, safeguarding both their operations and their customers’ data.
3. Fraud Prevention Has to Be Multi-Layered
Fighting fraud necessitates collaborative efforts both internally and externally. Within financial institutions, cross-departmental collaboration is key, requiring alignment between threat intelligence, cybercrime prevention functions, and fraud detection teams.
Multi-layered strategies, including tactics like multi-factor authentication and behavioral biometrics, enhance fraud prevention across customer journeys. Improved information-sharing platforms empower call centers to address emerging fraud patterns effectively.
Moreover, fraud prevention begins at customer onboarding, leveraging Know Your Customer (KYC) data to enhance protection efforts. Aligning KYC datasets with customer application data establishes a baseline for comparing transactional flows.
Collaboration extends beyond institutional walls, emphasizing the importance of data sharing in combating fraud. Access to broader consortium data presents additional signals for fraud detection, augmented by robust analytics and AI risk scoring engines to maximize effectiveness.
Key Takeaways: Banks Need to Consider a New Fraud Prevention Lens
Banks must adopt agile approaches to swiftly adapt to evolving fraud landscapes, integrating cross-sector information sharing and leveraging advanced technologies like artificial intelligence to enhance customer education and response strategies. Core components of the strategy should include:
- Data-Sharing: Information-sharing between financial institutions, telcos, intelligence agencies, and law enforcement is necessary to build a true data ecosystem
- Cross-Border Collaboration: Banks must take the opportunity to collaborate at an international level, given that fraudulent money typically flows across borders
- Invest in Education: Banks must continue investing in customer education, including leveraging Artificial Intelligence to deliver personalized and proactive fraud prevention messaging.
- Access New Data Sources: Legislation changes impacting data sharing, such as the current Federal budget discussion to access Canada Revenue Agency (CRA) data for income validation, must be incorporated into the financial institution’s fraud prevention strategy.
4. Banks are Setting Up Their Scam Defenses
One of the most compelling moments from the SUMMIT was when a panel member stated, “Those who are in fraud, are there not for the money, but for the desire to build a financial system free of bad actors.”
This quote is truly impactful at a time when 90% of Canadians are concerned about scams and fraud. Nearly three-quarters (73%) said they feel vulnerable to being a target.
In Canada, like the US, banks are making strides to self-regulate and do what’s right for their customers, what’s right for their mission, and what helps to keep communities healthy and financially secure. To fight scams effectively, however, banks need to upgrade their processes, systems, and training for their personnel. This includes updating classifications and definitions, reimbursement policies, technology consumer education, agent education, and skill sets to achieve active prevention.
It is clear that we cannot solve today’s scam problem with yesterday’s toolsets. Traditional business cases for investment calculate returns over time. However, scam investment cases need to be articulated differently to succeed in getting attention and traction.
Key Takeaways: Make Scam Prevention a Top Investment
Some fraud leaders successfully pitched scam investment cases by focusing on several key strategies:
- Emphasize Scam Prevention’s ROI: Develop a robust business case for scam prevention, emphasizing strategies beyond reducing fraud losses, such as minimizing client fraud exposure. Reframe the narrative around scams by highlighting total fraud exposure, including losses affecting customers, regardless of liability.
- Put a Human Face on Scams: Incorporate a client-centric approach by sharing real stories, examples, and quotes to make the issue tangible.
- Highlight the Public Relations Opportunity: Consider the operational costs associated with investigating scam cases and managing public affairs. Analyze the impact of fraud on client loyalty and potential future business, particularly when cases become public, and clients share their experiences.
- Focus on Collaboration: Promote collaboration among financial institutions in Canada, emphasizing the sharing of observed patterns and schemes to prevent scams and highlighting lessons from other industries, like legal and telecommunications, regarding digital identity practices.
5. The AI Debate Continues
Artificial Intelligence continues to present a complex landscape in the ongoing battle against fraud. While financial institutions are increasingly adopting AI technology, it’s also empowering fraudsters, especially through Generative AI, which can create convincing deep fakes of individuals, including their voices and videos.
These fakes are then utilized across various channels, enabling sophisticated scams like fake Zoom meetings or deceptive emails purportedly from high-ranking executives. Fraudsters are becoming more efficient and cost-effective with Generative AI, scaling larger and higher-quality attacks with less investment.
In the Merchant Acquiring realm, AI-driven deep fakes pose significant challenges, allowing fraudsters to impersonate business owners and manipulate payment processes. Detecting such fraud requires advanced contextual data and AI-enabled analytics, especially as voice deepfakes are notoriously difficult to spot. While financial institutions exercise strict controls over AI usage to protect data privacy, technologies like facial recognition and voice authentication undergo rigorous scrutiny before implementation.
Key Takeaway: Leverage GenAI Opportunities
Financial institutions have opportunities to leverage AI for fraud prevention, including Generative AI (GenAI) for operational improvements.
- Risk Strategy Development: Utilize GenAI to develop risk strategies, including generating summaries of strategies, creating rule sets from text descriptions, and generating reports on emerging fraud patterns.
- Fraud Operations Enhancement: Employ GenAI for fraud operators by providing text explanations for fraud alerts and offering recommendations for questions to ask end customers during fraud or scam alerts.
- Fraud Coaching: Implement GenAI for training and educating fraud agents and operators, enhancing their capabilities in fraud detection and prevention.
- Governance and Compliance: Utilize GenAI to generate initial drafts of governance and compliance reports, streamlining the reporting process and ensuring adherence to regulatory standards.
Conclusion
Fraudsters are innovative. But banks have the opportunity to enhance customer protections by focusing on data-sharing, multi-layered fraud prevention, advanced technology, and more. Scam prevention, meanwhile, requires a new level of investment that needs advocacy from fraud and scam prevention professionals. Bringing process, technology, and industry collaboration will be critical to strengthening defenses across Canada’s payments ecosystem.