Logo for Global Anti-Scam Alliance (GASA) - Key Takeaways from recent GASA Global Anti-Scam Summit

Over 200 participants gathered both in person and online to attend the recent Global Anti-Scam Alliance’s Global Anti-Scam Summit. Attendees represented a wide range of countries, organizations, and industries. They included representatives from government agencies, law enforcement organizations, and consumer protection bodies – all of whom were eager to learn the latest financial crime trends. For those unable to attend the event, here are the key takeaways from the Global Anti-Scam Alliance (GASA) conference.

GASA Takeaway 1: Industry-wide Issues with Scam Reporting

One attendee, a Dutch police official, provided a sobering perspective on the current state of the industry’s efforts to combat online scams. He stated, “In terms of scams, everybody is busy mopping water off the floor while the tap is still running.” 

This analogy effectively illustrates the need for a more comprehensive approach for the industry to turn the tide on scams. While there have been notable initiatives and individual successes, the issue’s root remains unaddressed. Some of the challenges addressed over the two days included:

1. Scam Reporting is Piecemeal

One glaring issue is the fragmented nature of scam reporting. Numerous organizations and bodies exist to which people can report suspicious activities, but there’s no overarching, coordinated effort. This piecemeal approach leaves gaps in the system, with the need for a better, more streamlined method to report problems such as suspicious website registrars.

2. Verification is Challenging

Even when individuals report scams, verifying and enforcing actions against perpetrators can be incredibly challenging. Some consumer awareness organizations, for example, primarily rely on consumer reports and these claims need to be checked. This lack of agility in verifying and acting upon reported scams hinders the industry’s ability to protect potential victims effectively.

3. Law Enforcement Faces Hurdles in Prosecution

Legal action against scammers often takes much longer than it should. Bureaucratic hurdles and regulations like the General Data Protection Regulation (GDPR) play a role in this delay. While GDPR was designed to safeguard people’s privacy, it has also made it difficult for law enforcement agencies to share and act upon critical information swiftly. As a result, less than 1% of fraudsters face prosecution, and many continue their illicit activities unhindered.

GASA Takeaway 2: Data Sharing Fears

Another pivotal topic discussed at the conference was data sharing. The consensus was clear: the industry needs to improve data-sharing practices. The Anti-Phishing Workshop Group (APWG) participants emphasized the importance of sharing data about suspicious websites, phone numbers, and other relevant information. 

However, despite this acknowledgment, there was significant hesitation among members to share information. The prevailing concern was the perceived risk and downside, including the fear of making mistakes.

All banks recognize the benefit of accessing a consortium and its shared data pool. If banks are suspicious of an individual, they check against any existing consortium reports. However, many are reluctant to contribute data due to privacy regulations. 

In other words, the risks of sharing information often outweigh the benefits of accessing information. Given existing regulations on data sharing and privacy, the industry needs clearer guidance on how to share scam data responsibly.

GASA Takeaway 3: Elusive Definition of a Scam

The conference also shed light on the challenge of defining what constitutes a “scam.” Different countries and industries often define scams in their own terms. 

For instance, Singapore classifies various scenarios, including ATO (Account Takeover), malware, and romance scams, as scams. In contrast, the UK and the US categorize scams as authorized online fraud where the payment was made by the account owner. Other types of fraud are deemed not to be scams and are defined as unauthorized transactions. 

The fundamental question that arises is whether the industry should work towards global cross-industry common standards or accept separate definitions. If common standards are to be established, the challenge lies in determining what these standards should be, especially considering the diversity of industries and countries.

Singapore Sets a Positive Industry Example

Amidst the challenges and questions surrounding the fight against scams, Singapore’s approach offers a glimmer of hope. Last year, Singapore established the Scam Command Center, a real-time action task force that brings together banks, telecommunications companies, and law enforcement agencies. 

The task force aims to intercept scammed funds before they leave defrauded accounts. Remarkably, this initiative has successfully recovered a substantial portion of defrauded funds, providing much-needed relief to victims of scams.

The Post-conference Action Plan

Every workshop, including the GASA conference, typically results in a follow-up plan. At this event, it was announced that a consultation paper would be published in the coming weeks to gather feedback and lay the foundation for the industry’s next steps. The conference has set the stage for the industry to take action, learn from positive examples, and drive change in the ongoing battle against scams.